Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Supported by

JATOS with Apache (HTTPS with Let's Encrypt)

Hi everyone,

I wanted to enable https for JATOS, but I have run into a problem that I am not able to solve.

So far, I have installed Apache on my Ubuntu server and obtained a SSL certificate from Let's Encrypt with Certbot. Additionally, I have followed the instructions here:

to run JATOS on Apache. I had some problems with the certificate so I changed the certificate part in the .conf file to this:

# Your certificate for encryption
SSLEngine 					on
SSLCertificateFile    		/etc/letsencrypt/live/mydomain.com/cert.pem
SSLCertificateKeyFile 		/etc/letsencrypt/live/mydomain.com/privkey.pem
SSLCertificateChainFile 	/etc/letsencrypt/live/mydomain.com/fullchain.pem

While the test virtual host for my domain is working correctly (https protected), JATOS is still running without https.

When I run a syntax test on the config file, I do not get any errors. So that seems to be fine at least. I have also checked that the port 443 is listen in /etc/apache2/ports.conf. Additionally, I have tried to search the web for more possible solutions, but did not find anything helpful.

Does anyone have an idea what could be the problem? I am happy to provide further information if needed.

Thanks a lot and best regards,

Yvonne

Comments

  • Hi Yvonne,

    It's quite some time that I used Apache. But from what I remember your SSL setting looks fine.

    It would be helpful for me to see the rest of the Apache conf. And which version are you using?

    Kristian

  • Hi Kristian,

    thank you for your time and help! I am using Ubuntu 18.10, Apache 2.4.34 and JATOS 3.3.2. Here is the content of the .conf file (server name is a placeholder).

    ServerName mydomain.com
    <VirtualHost *:80>
            ServerAdmin webmaster@localhost
            ServerName mydomain.com
            ServerAlias www.mydomain.com
            DocumentRoot /var/www/mydomain.com
            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined
            # Redirect all unencrypted traffic to the respective HTTPS page
            Redirect "/" "https://www.mydomain.com/"
    </VirtualHost>
    
    <VirtualHost *:443>
      ServerName www.mydomain.com
    
      # Restrict access to JATOS GUI to local network
      # <Location "/jatos">
      #  Order deny,allow
      #  Deny from all
      #  Allow from 127.0.0.1 ::1
      #  Allow from localhost
      #  Allow from 192.168
      #</Location>
    
      # Needed for JATOS to get the correct host and protocol
      ProxyPreserveHost On
      RequestHeader set X-Forwarded-Proto "https"
      RequestHeader set X-Forwarded-Ssl "on"
    
      # Your certificate for encryption
      SSLEngine On
      SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
      SSLCertificateChainFile /etc/letsencrypt/live/mydomain.com/fullchain.pem
    
      # JATOS uses WebSockets for its batch and group channels
      RewriteEngine On
      RewriteCond %{HTTP:Upgrade} =websocket [NC]
      RewriteRule /(.*)           ws://localhost:9000/$1 [P,L]
      RewriteCond %{HTTP:Upgrade} !=websocket [NC]
      RewriteRule /(.*)           http://localhost:9000/$1 [P,L]
    
      # Proxy everything to the JATOS running on localhost on port 9000 
      ProxyPass / http://localhost:9000/
      ProxyPassReverse / http://localhost:9000/
    </VirtualHost>
    

    If you think this is a problem of Apache and not JATOS, I can also try to ask for help somewhere else to not waste your time.

    Also, if you need more information, please let me know.

    Thank you again and best regards,

    Yvonne

  • Just for info: I gave up on trying to solve this (nothing worked). I might try to use Nginx instead of Apache.

  • Sorry Yvonne, I never answered. But I actually looked at your Apache config and couldn't find anything obviously wrong.

    Apache can be a bummer. It does not work until it works and then it is unbreakable.

    Actually I prefer Nginx too these days. You probable have seen the doc http://www.jatos.org/JATOS-with-Nginx.html.

    Or if you prefer Docker: JATOS + Traefik. With Traefik comes encryption out-of-the-box. But one looses a bit of control because everything is containerized. There is a doc about JATOS + Traefik on Digital Ocean http://www.jatos.org/JATOS-on-DigitalOcean.html. With a bit of adaptation this can be applied to any Linux system.

    If you have questions I'm happy to help. And if you are completely stuck I can have a look at your server.

    Best

    Kristian

  • Hi Kristian,

    no worries, I just wanted to let people know that I was not looking for a solution for Apache + JATOS anymore.

    I switched to your recommendation (JATOS + Traefik) this morning and that worked like a charm, thank you!

    Before that, I did try Nginx, but I was not able to make it work either. Everything was running fine as long as I did not include the code chunk specific to JATOS. When I added that, I got the following warnings:

    nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/nginx.conf:66
    nginx: [warn] conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
    nginx: [warn] conflicting server name "www.mydomain.com" on 0.0.0.0:443, ignored
    

    As far as I am aware, the line:

     ssl                  on;
    

    is causing the first warning because the command is no longer needed in newer versions of Nginx. Concerning the other warnings, I probably messed up the server names somehow. I thought it was maybe worth including this if someone runs into a similar problem in the future.

    For now, I am happy that https finally works. Thanks a lot!

    Best,

    Yvonne

  • Hi Yvonne,

    Nice you got it working with Traefik! I'm glad I was of any help.

    Maybe I should add a page to JATOS docs "JATOS + Traefik" (without the whole Digital Ocean part).

    Regarding the "ssl" in the Nginx config: you might be right. I'm using Traefik lately and haven't tried recent versions of Nginx. I'll have a look and fix the JATOS docs. Thank you for pointing it out.

    Best,

    Kristian

  • Hi Kristian and Yvonne,

    as both of you recommend that JATOS + Traefik is the easiest thing to do on your own server, I was wondering what code needs to be changed (from the DigitalOcean + Traefik example) in order to make it work on a Ubuntu server?

  • Hi!

    First you would need to install docker and docker-compose. And then you would basically have to follow the little shell script from http://www.jatos.org/JATOS-on-DigitalOcean.html one by one. But you probably want to use a different user than root, so e.g. not /root/ but /home/my-user/.

    #!/bin/bash
    
    DOMAIN_NAME="my.domain.name"
    EMAIL="my.email@foo.com"
    
    curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/docker-compose.yaml > /root/docker-compose.yaml
    curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/traefik.toml > /root/traefik.toml
    
    sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/docker-compose.yaml
    sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/traefik.toml
    sed -i "s/<EMAIL>/${EMAIL}/g" /root/traefik.toml
    
    touch /root/acme.json
    chmod 600 /root/acme.json
    docker network create proxy
    docker-compose -f /root/docker-compose.yaml up -d
    

    Best,

    Kristian

  • Thanks a lot. That helps!

Sign In or Register to comment.

agen judi bola , sportbook, casino, togel, number game, singapore, tangkas, basket, slot, poker, dominoqq, agen bola. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 50.000 ,- bonus cashback hingga 10% , diskon togel hingga 66% bisa bermain di android dan IOS kapanpun dan dimana pun. poker , bandarq , aduq, domino qq , dominobet. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 10.000 ,- bonus turnover 0.5% dan bonus referral 20%. Bonus - bonus yang dihadirkan bisa terbilang cukup tinggi dan memuaskan, anda hanya perlu memasang pada situs yang memberikan bursa pasaran terbaik yaitu http://45.77.173.118/ Bola168. Situs penyedia segala jenis permainan poker online kini semakin banyak ditemukan di Internet, salah satunya TahunQQ merupakan situs Agen Judi Domino66 Dan BandarQ Terpercaya yang mampu memberikan banyak provit bagi bettornya. Permainan Yang Di Sediakan Dewi365 Juga sangat banyak Dan menarik dan Peluang untuk memenangkan Taruhan Judi online ini juga sangat mudah . Mainkan Segera Taruhan Sportbook anda bersama Agen Judi Bola Bersama Dewi365 Kemenangan Anda Berapa pun akan Terbayarkan. Tersedia 9 macam permainan seru yang bisa kamu mainkan hanya di dalam 1 ID saja. Permainan seru yang tersedia seperti Poker, Domino QQ Dan juga BandarQ Online. Semuanya tersedia lengkap hanya di ABGQQ. Situs ABGQQ sangat mudah dimenangkan, kamu juga akan mendapatkan mega bonus dan setiap pemain berhak mendapatkan cashback mingguan. ABGQQ juga telah diakui sebagai Bandar Domino Online yang menjamin sistem FAIR PLAY disetiap permainan yang bisa dimainkan dengan deposit minimal hanya Rp.25.000. DEWI365 adalah Bandar Judi Bola Terpercaya & resmi dan terpercaya di indonesia. Situs judi bola ini menyediakan fasilitas bagi anda untuk dapat bermain memainkan permainan judi bola. Didalam situs ini memiliki berbagai permainan taruhan bola terlengkap seperti Sbobet, yang membuat DEWI365 menjadi situs judi bola terbaik dan terpercaya di Indonesia. Tentunya sebagai situs yang bertugas sebagai Bandar Poker Online pastinya akan berusaha untuk menjaga semua informasi dan keamanan yang terdapat di POKERQQ13. Kotakqq adalah situs Judi Poker Online Terpercayayang menyediakan 9 jenis permainan sakong online, dominoqq, domino99, bandarq, bandar ceme, aduq, poker online, bandar poker, balak66, perang baccarat, dan capsa susun. Dengan minimal deposit withdraw 15.000 Anda sudah bisa memainkan semua permaina pkv games di situs kami. Jackpot besar,Win rate tinggi, Fair play, PKV Games