☩ Walking in Light with Christ – Faith, Computing, Diary

Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux
It is interesting to mention also that some clients prefer forward proxy to make possible access from Internal network clients via Forward Proxy to the Internet pretty much the opposite of Reverse Proxy

Forward Proxy

A forward proxy brokerages the request of the client and forwards the request to the destination of the client’s choice contingent on the configuration of the forward proxy.

Most common uses are to

Bypass firewall restrictions.
Cache static resources and save bandwidth.
Control what resources clients can access.

Reverse Proxy

A reverse proxy brokerages the request of the client and forwards the request to the destination purely based on the configuration of the reverse proxy.

Most common uses of a reverse proxy are to

Redirect traffic to machines on the internal network.
Keep the client unaware of which machine they are accessing.
Perform load balancing.
A central point for Web Application Firewall monitoring.

Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux

One note to make:

In order for ReverseProxy to work you need to have configured in Apache:

• mod_proxy
• mod_proxy_http
• mod_proxy_connect

To check whether Apache has been compiled with support for this modules issue:
 

./apachectl -t -D DUMP_MODULES
Loaded Modules:
 core_module (static)
 authn_file_module (static)
 authn_default_module (static)
 authz_host_module (static)
 authz_groupfile_module (static)
 authz_user_module (static)
 authnz_ldap_module (static)
 authz_default_module (static)
 auth_basic_module (static)
 dumpio_module (static)
 include_module (static)
 filter_module (static)
 ldap_module (static)
 log_config_module (static)
 log_forensic_module (static)
 logio_module (static)
 env_module (static)
 expires_module (static)
 headers_module (static)
 usertrack_module (static)
 unique_id_module (static)
 setenvif_module (static)
 proxy_module (static)
 proxy_connect_module (static)
 proxy_ftp_module (static)
 proxy_http_module (static)
 proxy_scgi_module (static)
 proxy_ajp_module (static)
 proxy_balancer_module (static)
 ssl_module (static)
 mpm_prefork_module (static)
 http_module (static)
 mime_module (static)
 status_module (static)
 asis_module (static)
 info_module (static)
 dir_module (static)
 actions_module (static)
 userdir_module (static)
 alias_module (static)
 rewrite_module (static)
 so_module (static)
 php5_module (shared)
 deflate_module (shared)
 auth_certificate_module (shared)
 proxy_add_user_module (shared)
Syntax OK

Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux
P.S. I read further Reverse proxy can be configured also using mod_jk2.
On Debian Linux its necessary to have enabled modules
proxy and proxy_http

In Debian Linux make sure you have also run:
# sudo a2enmod proxy
# sudo a2enmod proxy_http

Christ is Risen Eastern Orthodox Resurrection Paschal Greeting in Different Languages
Thank you i’ve included the Georgian Paschal greeting. It was my bad to not include, it was a gap of mine.

Restrict user to Run one remote Server command only via SSH authorized key passwordless authentication on Linux / UNIX / BSD

Smal script to easify ssh key generation

#!/bin/bash
 
# Define the user and group
USER="user"
GROUP="group"
HOME_DIR="/home/$USER"
 
# Navigate to the user's home directory
cd "$HOME_DIR" || { echo "Failed to navigate to $HOME_DIR"; exit 1; }
 
# Create the .ssh directory if it does not exist
if [ ! -d “.ssh” ]; then
            mkdir .ssh
                echo ".ssh directory created."
            mkdir .ssh
                echo ".ssh directory created."
        else
                    echo ".ssh directory already exists."
            fi

            # Change ownership of the .ssh directory
            chown "$USER:$GROUP" .ssh
            echo "Ownership of .ssh directory changed to $USER:$GROUP."

            # Navigate to the .ssh directory
            cd .ssh || { echo "Failed to navigate to .ssh directory"; exit 1; }

            # Create the authorized_keys file if it does not exist
            if [ ! -f “authorized_keys” ]; then
                        touch authorized_keys
                            echo "authorized_keys file created."
                    else
                                echo "authorized_keys file already exists."
                        fi

                        # Change ownership of the authorized_keys file
                        chown "$USER:$GROUP" authorized_keys
                        echo "Ownership of authorized_keys changed to $USER:$GROUP."
echo "Generating new DSA key with ECDSA encryption algorithm";
                        ssh-keygen -t ecdsa -f id_dsa
echo "Copying id_dsa.pub to ~/.ssh/ directory";
cp -vrpf id_dsa ~/.ssh/
echo "Copy the id_dsa.pub content to remote server's directory $HOME/.ssh/authorized_keys and run chown 600 ~/.ssh/authorized_keys";
        else
                    echo ".ssh directory already exists."
            fi
             
            # Change ownership of the .ssh directory
            chown "$USER:$GROUP" .ssh
            echo "Ownership of .ssh directory changed to $USER:$GROUP."
             
            # Navigate to the .ssh directory
            cd .ssh || { echo "Failed to navigate to .ssh directory"; exit 1; }
             
            # Create the authorized_keys file if it does not exist
            if [ ! -f “authorized_keys” ]; then
                        touch authorized_keys
                            echo "authorized_keys file created."
                    else
                                echo "authorized_keys file already exists."
                        fi
                         
                         
                        # Change ownership of the authorized_keys file
                        chown "$USER:$GROUP" authorized_keys
                        echo "Ownership of authorized_keys changed to $USER:$GROUP."
echo "Generating new DSA key with ECDSA encryption algorithm";
                        ssh-keygen -t ecdsa -f id_dsa
echo "Copying id_dsa.pub to ~/.ssh/ directory";
cp -vrpf id_dsa ~/.ssh/
echo "Copy the id_dsa.pub content to remote server's directory $HOME/.ssh/authorized_keys and run chown 600 ~/.ssh/authorized_keys";

Enable automatic updates on CentOS 8 , CentOS 9 Stream Linux with dnf-automatic and Cockpit Web GUI package management tool

One good hint if cockpit is not accessible in browser and you have to allow it through the firewall,
To open the firewall ports (if needed), execute the following commands:

sudo firewall-cmd --add-service=cockpit --permanent
sudo firewall-cmd --reload

DOOM 1, DOOM 2, DOOM 3 game wad files for download / Playing Doom on Debian Linux via FreeDoom open source doom engine
i don’t really remember 🙂

How to install and use WSL 2 Windows native Linux emulation Debian and Ubuntu Linux on Windows 10 / Windows 11
A nice tip in wsl.conf is you can enable Bridged Network connection if necessery simple:

1. install a new virtual switch using Hyper-V say wsl-switch

to %userprofile%.wslconfig add the following (if the file doesn’t exist create it)

[wsl2]
networkingMode=bridged
vmSwitch=wsl-switch

Now when you restart WSL you will have a bridge session. This has also be known to cure some of the weird network issues seen with WSL where network connectivity stops working, no DNS connectivity – without the need for messing with scripts and config files. YMMV