Configure Apache reverse proxy in front of cyrange

Jan 24, 2022 by Thibault Debatty | 404 views

cyrange

https://cylab.be/blog/198/configure-apache-reverse-proxy-in-front-of-cyrange

In a previous blog post, we showed how to install cyrange cyber range web interface using docker-compose. So now the cyrange Docker container is exposed on port 8080 on your server, and the guacamole container is exposed on port 8081. In this blog post we show how to configure Apache as a reverse proxy in front of your containers.

Prerequisites

Before we start, you will need a domain name that points to your server. For the example below, we will use cyrange.mydomain.com.

Apache installation and configuration

Install apache web server:

sudo apt-get install apache2
sudo a2enmod proxy
sudo a2enmod proxy_http

Create the configuration file /etc/apache2/sites-available/cyrange.conf for cyrange. Don't forget to modify the servername (cyrange.domain.com) to match your domain name:

<VirtualHost *:80>
    ServerName cyrange.mydomain.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/

    <Location / >
        Order allow,deny
        Allow from all
        ProxyPass http://127.0.0.1:8080/
        ProxyPassReverse http://127.0.0.1:8080/
        ProxyPassReverseCookiePath  /   /
    </Location>

    # guacamole
    <Location /g/ >
        Order allow,deny
        Allow from all
        ProxyPass http://127.0.0.1:8081/guacamole/ flushpackets=on
        ProxyPassReverse http://127.0.0.1:8081/guacamole/
    </Location>

    <Location /g/websocket-tunnel>
        Order allow,deny
        Allow from all
        ProxyPass ws://127.0.0.1:8081/guacamole/websocket-tunnel
        ProxyPassReverse ws://127.0.0.1:8081/guacamole/websocket-tunnel
    </Location>

    ErrorLog ${APACHE_LOG_DIR}/cyrange.error.log
    CustomLog ${APACHE_LOG_DIR}/cyrange.access.log combined
</VirtualHost>

Enable your configuration:

sudo a2ensite cyrange
sudo service apache2 reload

Cyrange configuration

In the directory where you installed cyrange, modify cyrange.env to indicate the new URL of the app:

APP_URL=http://cyrange.mydomain.com

Restart cyrange containers:

docker-compose down
docker-compose up -d

Test

The cyrange web interface will now be available at http://cyrange.yourdomain.com

cyrange

Next step

Now that apache is properly configured, you should configure https, for example using letsencrypt.