Can't change lighttpd's port for HaProxy reverse proxy Topic is solved

Having issues with your DietPi installation, or, found a bug? Post it here.
User avatar
Rilic
Posts: 42
Joined: Thu May 07, 2020 4:14 pm

Can't change lighttpd's port for HaProxy reverse proxy

Post by Rilic »

Hey,

I'm trying to set up a reverse proxy so that each service/port has its own subdomain. So as an example, gitea would be git.example.com, a Matrix synapse server would be matrix.example.com and my main website would be just example.com with no subdomain.

I'm using this guide: https://developweekly.com/docs/haproxy- ... direction/

However, I've encountered a problem. HaProxy needs to be the service pointed at port 80, which is handled currently by lighttpd. However, I cant change lighttpd's port from 80 to something else. I tried setting it in /etc/lighttpd/lighttpd.conf, using server.port = 8080, but for some reason it still uses port 80.

Is there any way I can fix this? Some tips on this reverse proxy setup would be nice, too!
User avatar
Joulinar
Posts: 2072
Joined: Sat Nov 16, 2019 12:49 am

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Joulinar »

Hi,

many thanks for your request. I did a test on my RPi3B+ and changing server port within /etc/lighttpd/lighttpd.conf is working quite well

Code: Select all

root@DietPi3:/etc/lighttpd# cat /etc/lighttpd/lighttpd.conf | grep server.port
server.port                 = 8080
LISTEN port is 8080 now

Code: Select all

root@DietPi3:/etc/lighttpd# lsof -i -P -n | grep LISTEN
dropbear 474     root    3u  IPv4  10923      0t0  TCP *:22 (LISTEN)
dropbear 474     root    4u  IPv6  10924      0t0  TCP *:22 (LISTEN)
lighttpd 697 www-data    4u  IPv4  14511      0t0  TCP *:8080 (LISTEN)
lighttpd 697 www-data    5u  IPv6  14512      0t0  TCP *:8080 (LISTEN)
Did you restart lighttpd service after changing the port?

Code: Select all

systemctl restart lighttpd.service
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
Rilic
Posts: 42
Joined: Thu May 07, 2020 4:14 pm

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Rilic »

Alright, so I'm dumb. Turns out it is changing the port and it is saying that it is being used as the LISTEN port using the command you did. However, the webserver is still accessible from port 80 and is not accessible from port 8080. Is there something in lighttpd's configs controlling this that I don't know about?

I'm new to both HAProxy and lighttpd, so it really might just be me being dumb.
User avatar
Joulinar
Posts: 2072
Joined: Sat Nov 16, 2019 12:49 am

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Joulinar »

can you past output of lsof -i -P -n | grep LISTEN pls
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
Rilic
Posts: 42
Joined: Thu May 07, 2020 4:14 pm

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Rilic »

Code: Select all

root@dietpi:~# lsof -i -P -n | grep LISTEN
pihole-FT  350      pihole    5u  IPv4  11603      0t0  TCP *:53 (LISTEN)
pihole-FT  350      pihole    7u  IPv6  11605      0t0  TCP *:53 (LISTEN)
pihole-FT  350      pihole   10u  IPv4  11609      0t0  TCP 127.0.0.1:4711 (LISTEN)
pihole-FT  350      pihole   11u  IPv6  11611      0t0  TCP [::1]:4711 (LISTEN)
cloudflar  439 cloudflared    3u  IPv4  12640      0t0  TCP 127.0.0.1:33167 (LISTEN)
cloudflar  439 cloudflared    6u  IPv4  12649      0t0  TCP 127.0.0.1:5053 (LISTEN)
sshd       550        root    3u  IPv4  12744      0t0  TCP *:22 (LISTEN)
sshd       550        root    4u  IPv6  12746      0t0  TCP *:22 (LISTEN)
redis-ser  577       redis    7u  IPv4  12775      0t0  TCP 127.0.0.1:6379 (LISTEN)
redis-ser  577       redis    8u  IPv6  12776      0t0  TCP [::1]:6379 (LISTEN)
mysqld     644       mysql   19u  IPv4  12985      0t0  TCP 127.0.0.1:3306 (LISTEN)
gitea      725      dietpi   18u  IPv6  17484      0t0  TCP *:3000 (LISTEN)
Cuberite   749    cuberite   24u  IPv6  15670      0t0  TCP *:25565 (LISTEN)
Cuberite   749    cuberite   25u  IPv6  15671      0t0  TCP *:1339 (LISTEN)
lighttpd  5803    www-data    4u  IPv4  74810      0t0  TCP *:8080 (LISTEN)
lighttpd  5803    www-data    5u  IPv6  74811      0t0  TCP *:8080 (LISTEN)
lighttpd  5803    www-data    6u  IPv4  74812      0t0  TCP *:443 (LISTEN)
User avatar
Joulinar
Posts: 2072
Joined: Sat Nov 16, 2019 12:49 am

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Joulinar »

pls make sure you are using HTTP and not HTTPS. As far as I can see lighttpd is still running on port 443.

Code: Select all

http://<your-ip>:8080
But I guess you need to change lighttpd port 443 anyway if you like to use HaPoxy + SSL.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
Rilic
Posts: 42
Joined: Thu May 07, 2020 4:14 pm

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Rilic »

I cannot access the server using <ip>:8080, nor <ip>:443. Only <ip>:80 works, which should be impossible as it isn't being used...

Port 443 gives me a "connection reset" error, while 8080 just times out without a response. Port 80 is still working fine...
User avatar
Joulinar
Posts: 2072
Joined: Sat Nov 16, 2019 12:49 am

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Joulinar »

did you have done a full reboot of your system?
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
Rilic
Posts: 42
Joined: Thu May 07, 2020 4:14 pm

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Rilic »

I have now done a full reboot with the port change saved in lighttpd.conf, but it still seems to be using port 80 and is still accessible from the internet. I'm not forwarding port 8080, either.
User avatar
Joulinar
Posts: 2072
Joined: Sat Nov 16, 2019 12:49 am

Re: Can't change lighttpd's port for HaProxy reverse proxy

Post by Joulinar »

do you have HaProxy already installed? What about access from local notwork (let's not focus on internet access)?
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply