root/trunk/README.proxy

Running the CryptoBox behind a proxy

This describes how to setup the CryptoBox webserver behind a proxy webserver
(e.g.: apache or lighttpd).



-=-=-=- apache in front of the cryptobox-server (cherrypy) -=-=-=-


The following section describes how to configure an apache2 webserver to
forward requests to the cherrypy server of the CryptoBox.


1) Required modules
        - proxy
        - headers
        Both module should be part of usual default installations of apache2.
        Activate these modules. For debian you should run: a2enmod MOD_NAME


2) Configuration directives
        The following example should help you to create your own proxy configuration
        for apache2.
        
                ProxyRequests Off

                <Proxy *>
                        Order Deny,Allow
                        Allow from all
                </Proxy>

                <Location /cryptobox/>
                        ProxyPass http://localhost:8080/
                        ProxyPassReverse http://localhost:8080/
                        RequestHeader set CryptoBox-Location /cryptobox
                        # uncomment the next line for ssl-enabled virtualhosts
                        RequestHeader set X-SSL-Request 1
                </Location>
        
        Now you should restart apache2.


3) Testing
        Now you should point your webserver to the proxy host and check if
        the CryptoBox layout ist displayed properly.



-=-=-=- lighttpd in front of the cryptobox-server (cherrypy) -=-=-=-


In this section we do the same as above, but with lighttpd.

Your lighttpd config should contain something like this:

        # selecting modules
        server.modules = ( "mod_scgi" )

        scgi.server = ( "/cryptobox" =>
                ((  "host" => "127.0.0.1",
                        "port" => 8080,
                        "check-local" => "disable"
                ))
        )