Diff for "Running/RemoteAccess"

Not logged in - Log In / Register

Differences between revisions 7 and 8
Revision 7 as of 2009-08-14 13:43:51
Size: 9558
Editor: kfogel
Comment: tweak again
Revision 8 as of 2009-08-15 23:22:37
Size: 3550
Editor: maxb
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
||<tablestyle="width: 100%;" colspan=3 style="background: #2a2929; font-weight: bold; color: #f6bc05;">This page tells you how to run Launchpad so you can access it from other machines. [[Help|Ask for help]] right away if you run into problems. || ||<tablestyle="width: 100%;" colspan=3 style="background: #2a2929; font-weight: bold; color: #f6bc05;">This page tells you how to modify a development Launchpad so you can access it from other machines. [[Help|Ask for help]] right away if you run into problems. ||
Line 4: Line 4:
<<Anchor(change)>> These instructions assume that you already have Launchpad working for local access, and now you want it to be accessible from other machines on the same LAN.
Line 6: Line 6:
= Changing Interfaces = == IP Addresses ==
A full Launchpad development setup requires two IP addresses on the local machine, on which to run two HTTPS listeners - one for main Launchpad, and one for Loggerhead (code browsing) of private branches. As most developer workstations have only one non-local IP address, and as the second one is only required for Loggerhead on '''private''' branches, you may well not bother to set up an additional IP address. If you do want to do this, identify a suitable IP address, and add it to your machine's network configuration now.
Line 8: Line 9:
Assuming you already the Launchpad running and you want it to be accessable from your external network. == Amending the Apache configuration ==
These instructions assume that you are using the Ubuntu packaged Apache 2.2 in Intrepid or later. Hardy users see the "Notes for Hardy" subsection.
Line 10: Line 12:
We'll be doing 4 steps to make it accessable from the outside. This includes installation of a simple DNS server so you can resolve the subdomains correctly.  * Delete the `NameVirtualHost 127.0.0.88:80` line
 * We are assuming that the line `NameVirtualHost *:80` appears precisely once elsewhere in your Apache configuration - it should be present in `/etc/apache2/ports.conf` by default, check this is true
 * Change all `<VirtualHost 127.0.0.88:80>` lines to `<VirtualHost *:80>`
 * Change the `<VirtualHost 127.0.0.88:443>` line to `<VirtualHost _default_:443>`
 * If, as mentioned above, you are opting for the simple option of just using one IP address:
   * Change the `<VirtualHost 127.0.0.99:80>` line to `<VirtualHost *:80>` too
   * Comment out the entire `<VirtualHost 127.0.0.99:443>` block
 * Or, if you did allocate a suitable second IP address:
   * Change the `<VirtualHost 127.0.0.99:80>` line to `<VirtualHost a.b.c.d:80>`
   * Change the `<VirtualHost 127.0.0.99:443>` line to `<VirtualHost a.b.c.d:443>`
 * Change all the `Allow from ...` lines to admit whatever address range you want
Line 12: Line 24:
''''For this tutorial i'm assuming that you have the ability to sudo as root'''' Restart your Apache server.
Line 14: Line 26:
=== Notes for Hardy ===
 * The `NameVirtualHost *:80` line does not appear in `/etc/apache2/ports.conf` but instead `NameVirtualHost *` appears in `/etc/apache2/sites-available/default`. Delete it from there and add `NameVirtualHost *:80` to `ports.conf`. As a consequence of doing so you'll probably have to update any other `<VirtualHost *>` sections in your config to say `<VirtualHost *:80>`.
Line 15: Line 29:
First, we're going to change the network interfaces. For this to work we need static IP addresses assigned to the server. == Amending the hosts file ==
When you ran `rocketfuel-setup`, your `/etc/hosts` file was configured with many launchpad.dev DNS names mapped onto a pair of local IP addresses. Change them both to the non-local IP address of the machine running the development Launchpad. Or, if you did allocate a second IP address, change `127.0.0.88` to the main IP address of the machine, and change `127.0.0.99` to the second IP address you allocated.
Line 17: Line 32:
{{{
  $ cd /etc/network
}}}
You'll need to copy these `/etc/hosts` lines into the `/etc/hosts` file of every other machine you want to access the development Launchpad instance.
Line 21: Line 34:
Then we'll open up the interfaces file with your favorite editor: If some of those other machines run Windows, it may be helpful to know that the Windows equivalent of `/etc/hosts` is located at `C:\WINDOWS\system32\drivers\etc\hosts`.
Line 23: Line 36:
{{{
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
        address 10.10.0.x
        netmask 255.0.0.0
        gateway 10.10.0.1
        # dns-* options are implemented by the resolvconf package, if installed
}}}

We'll add 2 additional ip addresses like this

{{{
auto eth0:0
iface eth0:0 inet static
        address 10.10.0.88
        netmask 255.0.0.0
        gateway 10.10.0.1

auto eth0:1
iface eth0:1 inet static
        address 10.10.0.99
        netmask 255.0.0.0
        gateway 10.10.0.1
}}}

Save the changes, then issue a restart of the networking daemon

{{{
  $ /etc/init.d/networking restart
}}}

If we check the ifconfig output now, you'll see that there's 2 new interfaces added to the list

{{{
eth0:0 Link encap:Ethernet HWaddr 00:0c:29:bc:96:ad
          inet addr:10.10.0.88 Bcast:10.255.255.255 Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:18 Base address:0x2000

eth0:1 Link encap:Ethernet HWaddr 00:0c:29:bc:96:ad
          inet addr:10.10.0.99 Bcast:10.255.255.255 Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:18 Base address:0x2000
}}}

<<Anchor(update)>>
= Updating the local-launchpad file =

And now we're gonna be changing the /etc/apache2/sites-available/local-launchpad file to reflect the changes in the IP
addresses

{{{
  $ cd /etc/apache2/sites-available
}}}

For this change to be done, we need to disable the local-launchpad temporary and clean up the file

{{{
  $ a2dissite local-launchpad
}}}

After that, we open up local-launchpad and start to edit the values inside

{{{
NameVirtualHost 10.10.0.88:80

RewriteLock /var/tmp/rewrite-lock

<VirtualHost 10.10.0.88:80>
  ServerName xmlrpc-private.launchpad.dev
  ServerName xmlrpc.launchpad.dev
  <Proxy *>
    Order deny,allow
    Allow from 10.10.0.0/255.0.0.0
  </Proxy>
  ProxyPreserveHost on

  ProxyPass / http://10.10.0.88:8087/ retry=1
</VirtualHost>

<VirtualHost 10.10.0.88:80>
  ServerName lists.launchpad.dev
  Alias / /var/tmp/mailman/mhonarc/
  <Directory /var/tmp/mailman/mhonarc>
    AllowOverride None
    DirectoryIndex maillist.html
  </Directory>
</VirtualHost>

<VirtualHost 10.10.0.99:80>
  ServerName bazaar.launchpad.dev
  LogLevel debug

  ProxyRequests off
  <Proxy *>
    Order deny,allow
    Allow from localhost 10.10.0.0/255.0.0.0
  </Proxy>
  ProxyTimeout 20

  RewriteEngine On
  RewriteMap branch-rewrite prg:/root/launchpad/lp-branches/devel/scripts/branch-rewrite.py
  RewriteMap escape int:escape

  RewriteRule ^/$ http://launchpad.dev [L]

  RewriteRule ^(/.*)$ ${branch-rewrite:${escape:$1}} [L,P,NE]

  DocumentRoot /var/tmp/bazaar.launchpad.dev/static/
  <Directory /var/tmp/bazaar.launchpad.dev/static/>
    Options SymLinksIfOwnerMatch
    AllowOverride None
    Options Indexes
  </Directory>

  <Location />
    ProxyPassReverse http://10.10.0.88:8080/
  </Location>
</VirtualHost>

<VirtualHost 10.10.0.99:443>
  ServerName bazaar.launchpad.dev
  LogLevel debug

  SSLEngine On
  SSLProxyEngine On
  SSLCertificateFile /etc/apache2/ssl/launchpad.crt
  SSLCertificateKeyFile /etc/apache2/ssl/launchpad.key

  ProxyRequests off
  <Proxy *>
    Order deny,allow
    Allow from localhost 10.10.0.0/255.0.0.0
  </Proxy>
  ProxyTimeout 20

  RewriteEngine On

  RequestHeader add X-Forwarded-Scheme https

  RewriteRule ^/$ http://launchpad.dev [L]
  RewriteRule ^/(.*)$ http://10.10.0.88:8080/$1 [L,P]

  <Location />
    ProxyPassReverse http://10.10.0.88:8080/
  </Location>
</VirtualHost>

<VirtualHost 10.10.0.88:80>
  ServerName bazaar-internal.launchpad.dev
  LogLevel debug

  DocumentRoot /var/tmp/bazaar.launchpad.dev/mirrors
  <Directory /var/tmp/bazaar.launchpad.dev/mirrors/>
    Order Deny,Allow
    Deny from all
    Allow from 10.10.0.0/255.0.0.0
    Options SymLinksIfOwnerMatch
    AllowOverride None
    Options Indexes
  </Directory>
</VirtualHost>

<VirtualHost 10.10.0.88:80>
  ServerName ppa.launchpad.dev
  ServerAlias private-ppa.launchpad.dev
  LogLevel debug

  DocumentRoot /var/tmp/ppa
  <Directory /var/tmp/ppa/>
    Order Deny,Allow
    Deny from all
    Allow from 10.10.0.0/255.0.0.0
    AllowOverride AuthConfig
    Options Indexes
  </Directory>
</VirtualHost>

<VirtualHost 10.10.0.88:443>
  ServerName launchpad.dev
  ServerAlias *.launchpad.dev
  ServerAlias shipit.edubuntu.dev
  ServerAlias shipit.kubuntu.dev
  ServerAlias shipit.ubuntu.dev
  <Proxy *>
    Order deny,allow
    Allow from 10.10.0.0/255.0.0.0
  </Proxy>
  SSLEngine On
  SSLCertificateFile /etc/apache2/ssl/launchpad.crt
  SSLCertificateKeyFile /etc/apache2/ssl/launchpad.key

  ProxyPreserveHost on
  ProxyPass / http://10.10.0.88:8086/ retry=1

  <Location />
    # Insert filter
    SetOutputFilter DEFLATE

    # Don't compress images
    SetEnvIfNoCase Request_URI \
    \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    # Don't gzip anything that starts /@@/ and doesn't end .js (ie images)
    SetEnvIfNoCase Request_URI ^/@@/ no-gzip dont-vary
    SetEnvIfNoCase Request_URI ^/@@/.*\.js$ !no-gzip !dont-vary
  </Location>

</VirtualHost>

<VirtualHost 10.10.0.88:80>
  ServerName launchpad.dev
  ServerAlias *.launchpad.dev
  ServerAlias shipit.edubuntu.dev
  ServerAlias shipit.kubuntu.dev
  ServerAlias shipit.ubuntu.dev
  RewriteEngine On
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
}}}

For this example you can just copy-paste the whole file from above and save it.

Then we'll re-enable the local-launchpad again

{{{
  $ a2ensite local-launchpad
}}}

Restart your Apache server and try to connect to your launchpad using http://launchpad.dev

(This might not work as we don't have any DNS records set at this moment)

<<Anchor(windowschange)>>

= How to setup (fake) DNS on Windows =

For the people that are using Windows, this step is the easiest step.

Open up a Explorer window and go to

{{{
C:\WINDOWS\system32\drivers\etc
}}}

Then open up the file hosts. It will look a bit like this:

{{{
127.0.0.1 localhost
}}}

Then add the following completly to the file

{{{
10.10.0.88 launchpad.dev
10.10.0.88 answers.launchpad.dev
10.10.0.88 api.launchpad.dev
10.10.0.88 bazaar-internal.launchpad.
10.10.0.88 dev beta.launchpad.dev
10.10.0.88 blueprints.launchpad.dev
10.10.0.88 bugs.launchpad.dev
10.10.0.88 code.launchpad.dev
10.10.0.88 feeds.launchpad.dev
10.10.0.88 id.launchpad.dev
10.10.0.88 keyserver.launchpad.dev
10.10.0.88 lists.launchpad.dev
10.10.0.88 openid.launchpad.dev
10.10.0.88 ppa.launchpad.dev
10.10.0.88 private-ppa.launchpad.dev
10.10.0.88 shipit.edubuntu.dev
10.10.0.88 shipit.kubuntu.dev
10.10.0.88 shipit.ubuntu.dev
10.10.0.88 translations.launchpad.dev
10.10.0.88 xmlrpc-private.launchpad.dev
10.10.0.88 xmlrpc.launchpad.dev

10.10.0.99 bazaar.launchpad.dev
}}}

Then save the file and try to open http://launchpad.dev

(If you did this well, you will see the local Launchpad appearing)

<<Anchor(dnschange)>>

= How to setup the DNS server =

For the application to work in a WAN enviroment, it's crucial to have access to a DNS server where you can create a new zone

Then add the zone launchpad.dev to the DNS server and add the following parts to it

{{{
10.10.0.88 launchpad.dev
10.10.0.88 answers.launchpad.dev
10.10.0.88 api.launchpad.dev
10.10.0.88 bazaar-internal.launchpad.
10.10.0.88 dev beta.launchpad.dev
10.10.0.88 blueprints.launchpad.dev
10.10.0.88 bugs.launchpad.dev
10.10.0.88 code.launchpad.dev
10.10.0.88 feeds.launchpad.dev
10.10.0.88 id.launchpad.dev
10.10.0.88 keyserver.launchpad.dev
10.10.0.88 lists.launchpad.dev
10.10.0.88 openid.launchpad.dev
10.10.0.88 ppa.launchpad.dev
10.10.0.88 private-ppa.launchpad.dev
10.10.0.88 shipit.edubuntu.dev
10.10.0.88 shipit.kubuntu.dev
10.10.0.88 shipit.ubuntu.dev
10.10.0.88 translations.launchpad.dev
10.10.0.88 xmlrpc-private.launchpad.dev
10.10.0.88 xmlrpc.launchpad.dev

10.10.0.99 bazaar.launchpad.dev
}}}


When you have done this correctly, then you will be able to reach Launchpad from the WAN.
== That's it! ==
If you did everything above, you should new be able to access `https://launchpad.dev/` in a web browser on a suitably configured remote computer.

This page tells you how to modify a development Launchpad so you can access it from other machines. Ask for help right away if you run into problems.

These instructions assume that you already have Launchpad working for local access, and now you want it to be accessible from other machines on the same LAN.

IP Addresses

A full Launchpad development setup requires two IP addresses on the local machine, on which to run two HTTPS listeners - one for main Launchpad, and one for Loggerhead (code browsing) of private branches. As most developer workstations have only one non-local IP address, and as the second one is only required for Loggerhead on private branches, you may well not bother to set up an additional IP address. If you do want to do this, identify a suitable IP address, and add it to your machine's network configuration now.

Amending the Apache configuration

These instructions assume that you are using the Ubuntu packaged Apache 2.2 in Intrepid or later. Hardy users see the "Notes for Hardy" subsection.

  • Delete the NameVirtualHost 127.0.0.88:80 line

  • We are assuming that the line NameVirtualHost *:80 appears precisely once elsewhere in your Apache configuration - it should be present in /etc/apache2/ports.conf by default, check this is true

  • Change all <VirtualHost 127.0.0.88:80> lines to <VirtualHost *:80>

  • Change the <VirtualHost 127.0.0.88:443> line to <VirtualHost _default_:443>

  • If, as mentioned above, you are opting for the simple option of just using one IP address:
    • Change the <VirtualHost 127.0.0.99:80> line to <VirtualHost *:80> too

    • Comment out the entire <VirtualHost 127.0.0.99:443> block

  • Or, if you did allocate a suitable second IP address:
    • Change the <VirtualHost 127.0.0.99:80> line to <VirtualHost a.b.c.d:80>

    • Change the <VirtualHost 127.0.0.99:443> line to <VirtualHost a.b.c.d:443>

  • Change all the Allow from ... lines to admit whatever address range you want

Restart your Apache server.

Notes for Hardy

  • The NameVirtualHost *:80 line does not appear in /etc/apache2/ports.conf but instead NameVirtualHost * appears in /etc/apache2/sites-available/default. Delete it from there and add NameVirtualHost *:80 to ports.conf. As a consequence of doing so you'll probably have to update any other <VirtualHost *> sections in your config to say <VirtualHost *:80>.

Amending the hosts file

When you ran rocketfuel-setup, your /etc/hosts file was configured with many launchpad.dev DNS names mapped onto a pair of local IP addresses. Change them both to the non-local IP address of the machine running the development Launchpad. Or, if you did allocate a second IP address, change 127.0.0.88 to the main IP address of the machine, and change 127.0.0.99 to the second IP address you allocated.

You'll need to copy these /etc/hosts lines into the /etc/hosts file of every other machine you want to access the development Launchpad instance.

If some of those other machines run Windows, it may be helpful to know that the Windows equivalent of /etc/hosts is located at C:\WINDOWS\system32\drivers\etc\hosts.

That's it!

If you did everything above, you should new be able to access https://launchpad.dev/ in a web browser on a suitably configured remote computer.

Running/RemoteAccess (last edited 2022-06-17 12:37:30 by cjwatson)