Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
APE Server on port 80 with HAProxy
By default, APE Server run on port 6969. This can be a problem for some users behind strict firewall. To come around this limitation, APE must run on standard ports, one of the most common and open port being port 80 of course. But mort of the time, you'll have Apache or Nginx running on port 80 and running APE on a dedicated machine is not always a solution.
One workaround is to use a proxy to managed connection on port 80 and redistribute everything related to APE on port 6969 and the rest back to Apache or Nginx on another port like 8080. This page is there to show you how you can achieve that using HAProxy.
How it all works
The thing is you can't have two services running on the same port. It's like telephone extensions in a office. By default, you call a dedicated number (the server IP) and end up at the receptionist (Apache, on port 80) unless you explicitly specify the APE extension (Port 6969).
You can use Apache web proxy so that when people call your office at the office number (server IP), they are dispatched directly to Apache (port 80) which now act as the receptionist and transfert the call (proxy) to APE (at extention 6969) if Apache see that the call is for APE. The thing is, it does work for default connexion (Long pooling), but Apache is not handling web socket correctly.
Now comes HaProxy. HaProxy act as the receptionist. When someone call the office (server) on the office number (Server IP), the first person they get to is the receptionist (HaProxy, now at port 80) who dispatch the call to APE (at extention 6969) if the call is for APE (Either a websocket connexion or a specific subdomain) OR Apache (now moved at any extension, for example 8080) if the call is not for APE. It basically goes like this :
So you basically need to relocate Apache on port 8080 (or anything you want). This needs to be done for all the virtualhosts and there is also a global config I think for it (google it).
(And the nice thing about HaProxy: if you want to scale your office, it really act as a receptionist. If Apache is not avaiable for some reason or is overloaded, HA can take care of loadbalacing between multiple (apache) server. You also could, technically, even have APE on a different host with this).
Now let's do it!
- Ape Server running on port 6969
- Apache or Nginx listening on port 8080
This guide don't show how to installed those requirements. Refer to the APE wiki or the proper documentation on how to achieve this.
The way HAProxy will work, it will redirect everything that comes in throughout port 80 and related to a specific subdomain to APE Server on port 6969, leaving the rest for your webserver on port 8080. Furthermore, if the connexion is websocket, it will also be redirect to APE Server, regardless of the domain.
For this example, everything coming in port 80 from the subdomain
ape.mydomain.com' and it's subdomain (
*.ape.mydomain.com) will be redirected to APE Server. Don't forget to change the domain in the config file to match your own domain.
Open HAProxy config file (On Debian/Ubuntu, located in
/etc/haproxy/haproxy.cfg). Find :
option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000
And replace it to :
option redispatch option forwardfor option http-server-close maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000
This tells HAProxy to ignore the servers keepalive setting. If it were not specified, then in some cases the conditional rules (used below) would not be re-evaluated every time there is a new request.
Next we add the subdomain and proxy detection. Add the fallowing code to the end of the file
frontend public bind *:80 acl is_ape hdr_end(host) -i ape.mydomain.com #Change this your domain acl is_ape hdr(Upgrade) -i WebSocket use_backend ape if is_ape default_backend www backend www timeout server 30s server www1 127.0.0.1:8080 backend ape timeout server 600s server ape 127.0.0.1:6969
Note: In this example, HAProxy will redirect to localhost, but you could easily plug in the IP to a different server.
Your HAProxy config file should now look like this
# this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet defaults log global mode http option httplog option dontlognull retries 3 option redispatch option forwardfor option http-server-close maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 frontend public bind *:80 acl is_ape hdr_end(host) -i ape.mydomain.com #Change this your domain acl is_ape hdr(Upgrade) -i WebSocket use_backend ape if is_ape default_backend www backend www timeout server 30s server www1 127.0.0.1:8080 backend ape timeout server 600s server ape 127.0.0.1:6969
Don't forget to restart HAProxy every time you change the config file.
Apache or Nginx should now be available as usual and if you point your browser to
ape.mydomain.com, you'll find the APE Server page.
If HAProxy doesn't start, make sure it's enabled. Edit
/etc/default/haproxy (on Debian) and make sure it has a line that says
ENABLED=1 in it.