Configure Apache reverse proxy in front of cyrange

Jan 24, 2022 by Thibault Debatty | 2869 views

Cyrange

https://cylab.be/blog/198/configure-apache-reverse-proxy-in-front-of-cyrange

In a previous blog post, we showed how to install cyrange cyber range web interface using docker-compose. So now the cyrange Docker container is exposed on port 8080 on your server, and the guacamole container is exposed on port 8081. In this blog post we show how to configure Apache as a reverse proxy in front of your containers.

Prerequisites

Before we start, you will need a domain name that points to your server. For the example below, we will use cyrange.mydomain.com.

Apache installation and configuration

Install apache web server:

sudo apt-get install apache2
sudo a2enmod proxy
sudo a2enmod proxy_http

Create the configuration file /etc/apache2/sites-available/cyrange.conf for cyrange. Don’t forget to modify the servername (cyrange.domain.com) to match your domain name:

<VirtualHost *:80>
	ServerName cyrange.mydomain.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html/

	<Location / >
		Order allow,deny
		Allow from all
		ProxyPass http://127.0.0.1:8080/
		ProxyPassReverse http://127.0.0.1:8080/
		ProxyPassReverseCookiePath	/	/
	</Location>

	# guacamole
	<Location /g/ >
		Order allow,deny
		Allow from all
		ProxyPass http://127.0.0.1:8081/guacamole/ flushpackets=on
		ProxyPassReverse http://127.0.0.1:8081/guacamole/
	</Location>

	<Location /g/websocket-tunnel>
		Order allow,deny
		Allow from all
		ProxyPass ws://127.0.0.1:8081/guacamole/websocket-tunnel
		ProxyPassReverse ws://127.0.0.1:8081/guacamole/websocket-tunnel
	</Location>

	ErrorLog ${APACHE_LOG_DIR}/cyrange.error.log
	CustomLog ${APACHE_LOG_DIR}/cyrange.access.log combined
</VirtualHost>

Enable your configuration:

sudo a2ensite cyrange
sudo service apache2 reload

Cyrange configuration

In the directory where you installed cyrange, modify cyrange.env to indicate the new URL of the app:

APP_URL=http://cyrange.mydomain.com

Restart cyrange containers:

docker-compose down
docker-compose up -d

Test

The cyrange web interface will now be available at http://cyrange.yourdomain.com

cyrange

Next step

Now that apache is properly configured, you should configure https, for example using letsencrypt.

This blog post is licensed under CC BY-SA 4.0

This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept