0

I am coming today because, as a developer, I feel like I must know how to configure such things, however, I am getting stuck and I am not sure to understand why.

I have 4 stuff let's say:

  • An API (www.api.example.com)
  • A WebApp (www.player.example.com)
  • A Showcase website (www.example.com)
  • A GitLab (www.gitlab.example.com)

In order to realise that, I bought a virtual server from Obambu. I also bought a domain name from OVH.

But, the main issue is that, first, I can't redirect from www.api.example.com to 192.0.2.89:1234 (my server ip : port), I searched but it seems that there is no option for that...

Then, what I did first is install GitLab and disable Apache2 (because I ain't sure to understand the point of it.. and because they're using the same port).

In order to access my gitlab, I typed https://www.gitlab.example.com, but it works only in Safari, not in Chrome. I saw on the internet that it's because of SSL certification, but one more time, it doesn't work...

There was an error running gitlab-ctl reconfigure:

letsencrypt_certificate[gitlab.example.com] (letsencrypt::http_authorization line 3) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 20) had an error: RuntimeError: [gitlab.example.com] Validation failed for domain gitlab.PROJECT.com

https://www.howtoforge.com/tutorial/how-to-install-and-configure-gitlab-on-ubuntu-16-04/#step-enable-nginx-https-for-gitlab

Third, the thing I don't get as well is that, if you can't redirect to a certain port, do you need multiple server? Also, another point which is not clear to me is Apache2..Is it usefull for what I am trying to achieve? Because at the end, I don't want to call http://www.example.com:8079for something and http://www.example.com:8083 for something else.. I really want to follow the 4 different sub domains I wrote above :/

Edit 1

Ok firstly, I would like to thank you for yours answers. Now, based on your answers/comments and some others answers/question, I feel like the best options would be:

www.example.com:8080 (showcase website) www.example.com:8081 (gitlab) www.example.com:8082 (api) www.example.com:8083 (webapp)

Does it makes sense?

Emixam23
  • 133
  • 1
  • 6
  • Responding to "Edit 1", yeah, it makes sense, you can do it that way. If you're serving HTTP (which I'm assuming you are based on the port numbers you've decided on), put it behind a load balancer to handle the encryption for you, or change your services to use HTTPS. If you aren't going to use something to route your comms like NGINX, you could just have the showcase website on the default port 80/443 so that people can still hit the website with just with the domain and then rely on unique ports for the other services. – Jake Nelson Aug 16 '18 at 23:40
  • Okok thanks :) Do you know any tutorial or documentation about it which would be usefull? – Emixam23 Aug 17 '18 at 19:54
  • 1
    I don't know any, sorry! I've just tinkered with this in the past to solve the same problem on a test machine. These days I use other services for everything. CodeCommit has a free tier for under five team members so I don't see the point of putting source control on the same server anymore. Then if I NEEDED multiple services on the same server to be exposed on a single HTTPS port I'd put it behind a load-balancer with URL based redirection. – Jake Nelson Aug 21 '18 at 01:01

2 Answers2

1

If you really want to keep this all on one server, you could look into using SNI. As ETL was kind of suggesting, you can use NGINX here. If you aren't fimiliar with Docker you can just host the services on that server but use unique ports for each of them, then configure NGINX to handle the SNI portion and pass the traffic through to another port.

You really should try to separate this out though, if I were you, I'd look into doing one of the following:

  • get multiple smaller instances to the separate services
  • chuck it in containers like ETL was suggesting
  • offload some of the tasks to hosted services like AWS ApiGateway instead of hosting your API locally, and CodeCommit rather than Gitlab for example.
Jake Nelson
  • 255
  • 2
  • 8
0

I would run all this in separate Docker container and run an NGINX or Apache httpd container that would listen on port 80/443 and proxy to the appropriate services.

ETL
  • 6,513
  • 1
  • 28
  • 48