This post started off as a plea for help, but I’ve pretty much got everything working! I thought I’d pass this along in case anyone else is trying to do the same thing.
The problem is to run https://github.com/sivel/amanda/ behind an Apache httpd reverse proxy. I’ve set it up first on my local laptop which is running both Apache httpd and amanda in order to find the sharp corners before moving it onto a “for realz” httpd that’s already doing a few other internal tasks.
BTW, hitting it locally is working fantastically! (Thanks, @sivel !) I’m using the -ui option to get a web GUI, a custom -port (5001 instead of the default 5000, for reasons), and a custom -artifacts path.
With all that in place and http://localhost:5001/ throwing no unpleasant surprises, the remaining task is to configure the Apache httpd server to reverse proxy the service as http://laptop.madeup.org/amanda. I can’t expose the custom port 5001 in the VLAN this is ultimately supposed to run in, hence the httpd proxy. And while I’m using http on the laptop, the “real” server has certificates, so that will be https.
Through trial and error, I’ve found three paths into amanda that need to be proxied: /, /api, and /_ui. Here’s how I’m handling that so far:
ServerName laptop.madeup.org
ProxyPassMatch "^/amanda(.*)" "http://localhost:5001$1"
ProxyPassReverse "/amanda" "http://localhost:5001"
ProxyPassMatch "^/api(.*)" "http://localhost:5001/api$1"
ProxyPassReverse "/api" "http://localhost:5001/api"
ProxyPassMatch "^/_ui(.*)" "http://localhost:5001/_ui$1"
ProxyPassReverse "/_ui" "http://localhost:5001/_ui"
AddOutputFilterByType SUBSTITUTE text/html
AddOutputFilterByType SUBSTITUTE application/json
Substitute "s|http://localhost:5001|http://laptop.madeup.org/amanda|q"
The ProxyPass* directives only alter specific headers. It’s the Substitute directive that “fixes” the urls contained in the text/html and application/json bodies that amanda returns.
The only part it doesn’t handle correctly is the “Copy” button to copy the install string. Also, that install string is, for example,
$ ansible-galaxy collection install -s http://laptop.madeup.org/ utoddl.logical==1.0.0
which doesn’t include the /amanda bit on the server parameter. Fortunately the ansible-galaxy command does the Right Thing™ when that part is included, like this:
$ ansible-galaxy collection install -s http://laptop.madeup.org/amanda utoddl.logical==1.0.0
I don’t do this sort of thing very often, so it took several hours longer than it should have. Writing this up wasn’t so quick either. The hope is it’ll save somebody else the time it cost me. And as always, if you have suggestions for how this could be done better, I’d love to hear them.
As a bonus, here’s the (trivial) systemd amanda.service file I created in the process. Cheers!
# /etc/systemd/system/amanda.service
# See https://github.com/sivel/amanda/
[Unit]
Description=Ansible Galaxy Collections v3 API endpoints
After=network.target
[Service]
Type=exec
Environment=LANG=C
User=httpd
ExecStart=/opt/local/amanda/bin/amanda -ui -artifacts=/opt/local/amanda/artifacts -port 5001
[Install]
WantedBy=multi-user.target