Azure Application Gateway - question about override backend path - azure

I've been working with the Azure Application Gateway for a while and I have some doubts about the Override Backednd Path option. I would appreciate if someone could clarify if my reasoning is correct.
Assumptions:
listener: mysite.mycompany.com
backend: myserver1.mycompany.com / myserver2.mycompany.com
HTTP Settings:
Override backend path: /images
Override with new hostname: Yes -> Pick hostname from backend target
Based on the settings above, if I send a request to mysite.mycompany.com, how will the App Gw forward it? My assumption would be that it will forward it to either myserver1.mycompany.com/images or myserver2.mycompany.com/images, but that does not seem to work properly.
Regards,
Wojtek

I send a request to mysite.mycompany.com, how will the App Gw forward it?
My assumption would be that it will forward it to either myserver1.mycompany.com/images or myserver2.mycompany.com/images, but that does not seem to work properly.
That's exactly how it works.

Related

Generic domain part with fixed subdomain using Caddy and auto SSL?

I'd like to setup a Caddy server where the subdomain is static but the domain part is "wildcard", such as "api.*"
From my understanding of Caddy, the wildcard is possible for one part of the full domain (*.domain.com matches bar.domain.com but not foo.bar.domain.com).
Moreover, this configuration would automatically create a SSL certificates (which Caddy does in general, but I'm not sure here) for any new DNS entry that points to my server with a domain starting with "api.*".
The "*" here would be the domain directly, not any subdomain (it would work for api.domain.com, but not for api.foo.domain.com).
Is this something possible using a simple Caddy command (such as api.* { ... }, which I tried without luck), or does it need a more complex implementation?
Thank you for your help!
I found a working solution with the help of the Caddy Community.
Here's the code :
{
on_demand_tls {
ask https://static.site.com/domain/verify
interval 2m
burst 5
}
}
static.site.com {
...
}
:443 {
tls {
on_demand
}
// Your custom config, for instance:
reverse_proxy * ...
}
The nifty part is the tls { on_demand } part for your generic HTTPS, which will create a certificate automatically. But, this can be abused by anyone that points one of their DNS entry to your server.
So to avoid that, the Caddy community highly recommends you to set a on_demand_tls that will query an endpoint, and allow the SSL certificate to be created only if that endpoint returns true.
NOTE: The ask is a GET request that DO NOT FOLLOW redirects! Anything but a 200 status code will be considered a failure, even a 3xx!
The ask url will have the ?domain appended and will allow you to verify that domain against your logic, such as custom value in the domain like "starting by static.*", and verify that the domain exists in your database (for example).
If your URL already contains some query parameter, don't worry, Caddy is clever enough to add them. (https://static.site.com/domain/verify?some=query will become https://static.site.com/domain/verify?some=query&domain={domain}.
Caddy support https for the ask parameter, and that URL can also be external with no problems at all (no need for localhost or local server configuration).
I met the same problem, and after 1 day's stucking, here is my solution:
Assuming the site name is: site.com, and I want caddy handle these domains for me:
a.dot.site.com
b.dot.site.com
c.dot.site.com
a.eth.site.com
b.eth.site.com
c.eth.site.com
1.make sure you set SSL access available. e.g. via cloudflare:
2.set the A address pointing to your Caddy server's IP.
2.Caddy file should looks like:
# the key is: you have to list all the patterns for your multiple subdomains
*.site.com *.eth.site.com *.dot.site.com {
reverse_proxy 127.0.0.1:4567
log {
output file /var/log/access-wildcard-site.com.log
}
tls {
dns cloudflare <your cloud flare api key>
}
}

GAE dispatch.yaml not properly routing to services

I'm having some trouble getting my dispatch.yaml to work, but I also haven't found any answers that address my problem. Most seem to be issues of putting the default service first in the dispatch, but I don't list mine at all.
dispatch:
- url: "*/timestamps/*"
service: timestamps
- url: "*/reqheaders/*"
service: reqheaders
I have my custom domain setting pointing to sub.example.com and for some reason, every route just points to the default service, so I get an error saying Cannot GET /timestamps or Cannot GET /timestamps/subpath

Changing localhost:9002 for exposing API

I am trying to get the api working on an Azure VM. The url won't be https://localhost:9002/rest/v2/ext/basestores/ext anymore, but otherUrl:9002/rest/v2/ext/basestores/ext.
Could somebody tell me where to look for that?
Many thanks :)
Not sure if I got your question correctly, but at least from Spartacus point of view, you can define backend.occ.baseUrl configuration to any URL you need.
Here is the basic example:
B2cStorefrontModule.withConfig({
backend: {
occ: {
baseUrl: 'https://localhost:9002',
prefix: '/rest/v2/'
}
},
}),
And here are docs how to set-up Spartacus:
https://sap.github.io/cloud-commerce-spartacus-storefront-docs/building-the-spartacus-storefront-from-libraries/#adding-import-declarations-and-storefront-configuration-settings
Nothing to do with hybris. In your hosts file add an entry-
127.0.0.1 otherUrl

Azure Application Gateway Redirection from empty hostname

I have created an Application Gateway that needs to fulfill the working of my previous Resource (F5).
As a listener I use a hostname: hostname.stackoverflow.com that listens on 443
As a Http Setting I am using a specific port being 4443
As a BackEnd pool I use the URL/FQDN of my dev VM.
This totally works If i create a VM in the VNET and add "hostname.stackoverflow.com" to the hosts file with the ip of the application gateway.
Now I want to get a little further and add paths to my Application Gateway.
The goal is that if I use "hostname.stackoverflow.com" I need to redirect this to "Hostname.stackoverflow.com/login.aspx?guestlogin".
As far I have tried the following.
Add the "/login.aspx?guestLogin" to the HTTPS settings like this.
When I try this inside my VM. The URL changes but the path that I added there was not added in the right way, This is what I got:
So That made me think override backend path is maybe not the right way to do this.
Wanted To create a Redirection Rule That will redirect my "hostname.stackoverflow.com" to the "hostname.stackoverflow.com/login.aspx?guestLogin" But in the settings of the Application Gateway I need to provide a source path (meaning: I can not redirect from an empty hostname to a new url I think)
I am very new to Azure and even more new to the Application Gateway. Is there something that I did wrong. Is there a better way to do this ?
The iRule that I need to get in Application Gateway is as followed.
if { [string tolower [HTTP::host]] equals "hostname.stackoverflow.com" } {
if {[HTTP::path] eq "/"} {
HTTP::redirect "login.aspx?guestLogin"
}
elseif {[string tolower [HTTP::uri]] starts_with "/login.aspx?id="} {
set tail [string range [HTTP::uri] 12 end]
HTTP::redirect "login.aspx?guestLogin&$tail"
}
pool default.pool
}

How to use the ChromeApp to connect to a node.js server?

I have a Node.js server and I'd like to know how I could do for the ChromeApp to work with it. I tried putting "http://localhost:3000" (server address) on the runtime:
chrome.app.runtime.onLaunched.addListener(function () {
chrome.app.window.create('http://localhost:3000');
});
But it doesn't even launch. Does someone have an idea on what I could do?
Thanks.
You cannot launch external URLs with chrome.app.window.create. In fact if you check the chrome.runtime.lastError property you will see the following error:
The URL used for window creation must be local for security reasons.
I suggest you look into using the <webview> tag as it is much more appropriate for your use-case.

Resources