Ajenti

Login / Logout after reverse proxy configuration

Bug #1249425 reported by Martin Lafrance on 2013-11-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ajenti	Expired	Undecided	Unassigned

Bug Description

Your control panel is awesome.... really loving it!!

I installed Ajenti on my test server (Ubuntu 13.04) to toy around a little. I wanted to use of my domain SSL certificate instead of a self-signed one, so I did a reverse proxy on Apache ( based on the configuration here: http://docs.ajenti.org/man/reverse-proxy.html ). Worked fine and have Ajenti running at https://[mydomain.com]/ajenti secured with my own SSL.

Worked fine, but there is one small problem I noticed...

With this configuration, whenever I log in or log out, I'm sent back to [mydomain.com] website main page instead of Ajenti.

ex: https://[mydomain.com]/ajenti -> login -> https://[mydomain.com]/

This is a very minor bug... just slightly annoying ;)

I'm no Python programmer, but I figured quickly that I little hack could easily correct this. Sure enough, I found the culprit in /usr/share/pyshared/ajenti/plugins/main/main.py

I just changed the to 2 following (identical) lines of code:

[line 39 & line 46]
return context.redirect('/')
~ changed to ~
return context.redirect('/ajenti')

I looked around and also found 2 other instances of code redirecting to root path '/' and also made the same changes preemptively:

/usr/share/pyshared/ajenti/plugins/munin/main.py
[line 68]
context.respond_redirect('/')
~ changed to ~
context.respond_redirect('/ajenti')

/usr/share/pyshared/ajenti/plugins/terminal/main.py
[line 112]
context.respond_redirect('/')
~ changed to ~
context.respond_redirect('/ajenti')

et voila... it worked :)

===========

I was wondering if it would be possible to have a more "white labeled" option when reverse proxying Ajenti, ie. be able to use the suffix path we want instead of /ajenti.

ex.: https://[mydomain.com]/panel or https://[mydomain.com]/sysadmin

Not that I don't like /ajenti has a suffix, but the success of Ajenti might translate into bots hammering every [mydomain.com]/ajenti around... I might just be a little paranoid, but "white labeling" the suffix would be a good "equivalence" to changing port number for those (like me) who want to reverse proxy Ajenti.

That is all... Many thanks for your efforts in developing this awesome piece of software. I really appreciate!!

Revision history for this message

Eugene Pankov (john-pankov) wrote on 2013-11-08:

I don't have much experience with Apache, but it looks like you need to set up extra ProxyPassReverse directive to rewrite redirects from Ajenti: httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypassreverse

I guess something like

ProxyPassReverse / /ajenti (however I'm not sure about it!)

=======

You can easily change 'ajenti' here

ProxyPass /ajenti http://localhost:8000

to 'panel' or anything as far as I'm concerned with Apache syntax

Changed in ajenti:
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-01-08:

[Expired for Ajenti because there has been no activity for 60 days.]

Changed in ajenti:
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.