Your Nexus behind a reverse proxy on CentOS

When you install Nexus behind security rules which only permit traffic on port #80 or #443 you may be interested into using a reverse proxy as httpd. Here the steps ...

First choose a domain name, then install httpd, finally configure a virtualhost ¹ and check the selinux rules

echo "<my_ip> localnexus localnexus.mydomain" > /etc/hosts
mkdir /etc/httpd/logs/localnexus
yum install -y httpd
vi /etc/httpd/conf/httpd.conf
ProxyRequests Off
ProxyPreserveHost On
<VirtualHost *:80>
  ServerName localnexus.mydomain
  ServerAdmin admin@localnexus.mydomain

  AllowEncodedSlashes NoDecode

  ProxyPass / http://localnexus:8081/ nocanon
  ProxyPassReverse / http://localnexus:8081/
  ErrorLog logs/localnexus/error.log
  CustomLog logs/localnexus/access.log common

If you have a message like

[proxy:error]pid xxx Permission denied: AH00957: HTTP: attempt to connect ...

then you may have to consider the selinux setting rules for http_contrack² :

/usr/bin/setsebool -P httpd_can_network_connect 1

[¹]: sonatype: Check sonatype info sonatype

[²]:  check the selinux rules for httpd reverse proxy on stacloverflow : permission denied

Afficher les commentaires