Apache proxying does not work

Help
1

I followed this: Proxy examples · dani-garcia/vaultwarden Wiki · GitHub

I always get this error when trying to connect with firefox:

The page isn’t redirecting properly

An error occurred during a connection to <server>.

    This problem can sometimes be caused by disabling or refusing to accept cookies.

vaultwarden.env:
DOMAIN=http://localhost/vaultwarden/

Apache settings:


SSLEngine on
ServerName localhost

        <Location /vaultwarden/>
                RewriteEngine On
                RewriteCond %{HTTP:Upgrade} =websocket [NC]
                RewriteRule /notifications/hub(.*) ws://localhost:3012/$1 [P,L]
                ProxyPass http://localhost:80/vaultwarden/
                ProxyPassReverse http://localhost:80/vaultwarden/

                ProxyPreserveHost On
                RequestHeader set X-Real-IP %{REMOTE_ADDR}s
        </Location>

Here is an excerpt from the apache error log:

[Wed Jul 14 02:58:15.037836 2021] [ssl:debug] [pid 45874:tid 139814489790016] ssl_engine_kernel.c(415): [client 10.0.0.103:51638] AH02034: Subsequent (No.20) HTTPS request received for child 15 (server localhost:443)
[Wed Jul 14 02:58:15.037894 2021] [proxy:trace2] [pid 45874:tid 139814489790016] mod_proxy.c(683): [client 10.0.0.103:51638] AH03461: attempting to match URI path ‘/vaultwarden/’ against prefix ‘/vaultwarden/’ for proxying
[Wed Jul 14 02:58:15.037915 2021] [proxy:trace1] [pid 45874:tid 139814489790016] mod_proxy.c(778): [client 10.0.0.103:51638] AH03464: URI path ‘/vaultwarden/’ matches proxy handler ‘proxy:http://localhost:80/vaultwarden/
[Wed Jul 14 02:58:15.037936 2021] [authz_core:debug] [pid 45874:tid 139814489790016] mod_authz_core.c(843): [client 10.0.0.103:51638] AH01628: authorization result: granted (no directives)
[Wed Jul 14 02:58:15.037979 2021] [proxy:trace2] [pid 45874:tid 139814489790016] proxy_util.c(2244): [client 10.0.0.103:51638] http: found worker http://localhost/vaultwarden/ for http://localhost/vaultwarden/
[Wed Jul 14 02:58:15.038000 2021] [proxy:debug] [pid 45874:tid 139814489790016] mod_proxy.c(1258): [client 10.0.0.103:51638] AH01143: Running scheme http handler (attempt 0)
[Wed Jul 14 02:58:15.038058 2021] [proxy:debug] [pid 45874:tid 139814489790016] proxy_util.c(2438): AH00942: http: has acquired connection for (localhost)
[Wed Jul 14 02:58:15.038076 2021] [proxy:debug] [pid 45874:tid 139814489790016] proxy_util.c(2494): [client 10.0.0.103:51638] AH00944: connecting http://localhost/vaultwarden/ to localhost:80
[Wed Jul 14 02:58:15.038092 2021] [proxy:debug] [pid 45874:tid 139814489790016] proxy_util.c(2717): [client 10.0.0.103:51638] AH00947: connected /vaultwarden/ to localhost:80
[Wed Jul 14 02:58:15.038138 2021] [proxy:trace2] [pid 45874:tid 139814489790016] proxy_util.c(2999): http: reusing backend connection [::1]:33344<>[::1]:80
[Wed Jul 14 02:58:15.038458 2021] [proxy:debug] [pid 45874:tid 139814489790016] proxy_util.c(2453): AH00943: http: has released connection for (localhost)
[Wed Jul 14 02:58:15.061791 2021] [ssl:debug] [pid 45874:tid 139813869057600] ssl_engine_kernel.c(415): [client 10.0.0.103:51638] AH02034: Subsequent (No.21) HTTPS request received for child 16 (server localhost:443)
[Wed Jul 14 02:58:15.061885 2021] [proxy:trace2] [pid 45874:tid 139813869057600] mod_proxy.c(683): [client 10.0.0.103:51638] AH03461: attempting to match URI path ‘/vaultwarden/’ against prefix ‘/vaultwarden/’ for proxying
[Wed Jul 14 02:58:15.061911 2021] [proxy:trace1] [pid 45874:tid 139813869057600] mod_proxy.c(778): [client 10.0.0.103:51638] AH03464: URI path ‘/vaultwarden/’ matches proxy handler ‘proxy:http://localhost:80/vaultwarden/
[Wed Jul 14 02:58:15.061937 2021] [authz_core:debug] [pid 45874:tid 139813869057600] mod_authz_core.c(843): [client 10.0.0.103:51638] AH01628: authorization result: granted (no directives)
[Wed Jul 14 02:58:15.061992 2021] [proxy:trace2] [pid 45874:tid 139813869057600] proxy_util.c(2244): [client 10.0.0.103:51638] http: found worker http://localhost/vaultwarden/ for http://localhost/vaultwarden/
[Wed Jul 14 02:58:15.062036 2021] [proxy:debug] [pid 45874:tid 139813869057600] mod_proxy.c(1258): [client 10.0.0.103:51638] AH01143: Running scheme http handler (attempt 0)
[Wed Jul 14 02:58:15.062054 2021] [proxy:debug] [pid 45874:tid 139813869057600] proxy_util.c(2438): AH00942: http: has acquired connection for (localhost)
[Wed Jul 14 02:58:15.062072 2021] [proxy:debug] [pid 45874:tid 139813869057600] proxy_util.c(2494): [client 10.0.0.103:51638] AH00944: connecting http://localhost/vaultwarden/ to localhost:80
[Wed Jul 14 02:58:15.062089 2021] [proxy:debug] [pid 45874:tid 139813869057600] proxy_util.c(2717): [client 10.0.0.103:51638] AH00947: connected /vaultwarden/ to localhost:80
[Wed Jul 14 02:58:15.062145 2021] [proxy:trace2] [pid 45874:tid 139813869057600] proxy_util.c(2999): http: reusing backend connection [::1]:33344<>[::1]:80
[Wed Jul 14 02:58:15.062440 2021] [proxy:debug] [pid 45874:tid 139813869057600] proxy_util.c(2453): AH00943: http: has released connection for (localhost)
[Wed Jul 14 02:58:30.062877 2021] [ssl:debug] [pid 45874:tid 139813860664896] ssl_engine_io.c(1111): [client 10.0.0.103:51638] AH02001: Connection closed to child 17 with standard shutdown (server localhost:443)

2

It looks to me you are redirecting apache to apache again at the proxypass instruction. That will cause a loop which triggers that exact message you get from Firefox.

In the proxy example you need to change the placeholder to the ip (and/or port) of where vaultwarden is running. Vaultwarden and Apache can’t run both in the same port on the same IP at the same time, so something should be changed there.

3

I followed the instructions in the “apache in a sub-location” section from the wiki. Are those incorrect?

I tried setting DOMAIN=https://localhost:8443 in vaultwarden.env and ProxyPass http://localhost:8443/ in apache. Now it returns

# Service Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.

Apache Server at <server> Port 443

log:
[Wed Jul 14 15:15:51.537709 2021] [ssl:info] [pid 72805:tid 140260403045952] [client 10.0.0.103:51744] AH01964: Connection to child 2 established (server localhost:443)
[Wed Jul 14 15:15:51.537944 2021] [ssl:debug] [pid 72805:tid 140260403045952] ssl_engine_kernel.c(2401): [client 10.0.0.103:51744] AH02044: No matching SSL virtual host for servername <server> found (using default/first virtual host)
[Wed Jul 14 15:15:51.538046 2021] [core:debug] [pid 72805:tid 140260403045952] protocol.c(2346): [client 10.0.0.103:51744] AH03155: select protocol from , choices=h2,http/1.1 for server localhost
[Wed Jul 14 15:15:51.548971 2021] [ssl:debug] [pid 72805:tid 140260403045952] ssl_engine_kernel.c(2252): [client 10.0.0.103:51744] AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_256_GCM_SHA384 (256/256 bits)
[Wed Jul 14 15:15:51.549185 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(508): AH00831: socache_shmcb_store (0xb0 -> subcache 16)
[Wed Jul 14 15:15:51.549241 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(862): AH00847: insert happened at idx=0, data=(0:32)
[Wed Jul 14 15:15:51.549259 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(865): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/200
[Wed Jul 14 15:15:51.549274 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(530): AH00834: leaving socache_shmcb_store successfully
[Wed Jul 14 15:15:51.549467 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(508): AH00831: socache_shmcb_store (0xf8 -> subcache 24)
[Wed Jul 14 15:15:51.549513 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(862): AH00847: insert happened at idx=0, data=(0:32)
[Wed Jul 14 15:15:51.549529 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(865): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/200
[Wed Jul 14 15:15:51.549543 2021] [socache_shmcb:debug] [pid 72805:tid 140260403045952] mod_socache_shmcb.c(530): AH00834: leaving socache_shmcb_store successfully
[Wed Jul 14 15:15:51.549678 2021] [ssl:debug] [pid 72805:tid 140260403045952] ssl_engine_kernel.c(415): [client 10.0.0.103:51744] AH02034: Initial (No.1) HTTPS request received for child 2 (server localhost:443)
[Wed Jul 14 15:15:51.549729 2021] [proxy:trace2] [pid 72805:tid 140260403045952] mod_proxy.c(683): [client 10.0.0.103:51744] AH03461: attempting to match URI path '/vaultwarden/' against prefix '/vaultwarden/' for proxying
[Wed Jul 14 15:15:51.549749 2021] [proxy:trace1] [pid 72805:tid 140260403045952] mod_proxy.c(778): [client 10.0.0.103:51744] AH03464: URI path '/vaultwarden/' matches proxy handler 'proxy:http://localhost:8443/'
[Wed Jul 14 15:15:51.549771 2021] [authz_core:debug] [pid 72805:tid 140260403045952] mod_authz_core.c(843): [client 10.0.0.103:51744] AH01628: authorization result: granted (no directives)
[Wed Jul 14 15:15:51.549823 2021] [proxy:trace2] [pid 72805:tid 140260403045952] proxy_util.c(2244): [client 10.0.0.103:51744] http: found worker http://localhost:8443/ for http://localhost:8443/
[Wed Jul 14 15:15:51.549877 2021] [proxy:debug] [pid 72805:tid 140260403045952] mod_proxy.c(1258): [client 10.0.0.103:51744] AH01143: Running scheme http handler (attempt 0)
[Wed Jul 14 15:15:51.549901 2021] [proxy:debug] [pid 72805:tid 140260403045952] proxy_util.c(2438): AH00942: http: has acquired connection for (localhost)
[Wed Jul 14 15:15:51.549919 2021] [proxy:debug] [pid 72805:tid 140260403045952] proxy_util.c(2494): [client 10.0.0.103:51744] AH00944: connecting http://localhost:8443/ to localhost:8443
[Wed Jul 14 15:15:51.549936 2021] [proxy:debug] [pid 72805:tid 140260403045952] proxy_util.c(2717): [client 10.0.0.103:51744] AH00947: connected / to localhost:8443
[Wed Jul 14 15:15:51.550018 2021] [proxy:trace2] [pid 72805:tid 140260403045952] proxy_util.c(3151): http: fam 10 socket created to connect to localhost
[Wed Jul 14 15:15:51.550126 2021] [proxy:debug] [pid 72805:tid 140260403045952] proxy_util.c(3174): (111)Connection refused: AH00957: http: attempt to connect to [::1]:8443 (localhost) failed
[Wed Jul 14 15:15:51.550184 2021] [proxy:trace2] [pid 72805:tid 140260403045952] proxy_util.c(3151): http: fam 2 socket created to connect to localhost
[Wed Jul 14 15:15:51.550264 2021] [proxy:error] [pid 72805:tid 140260403045952] (111)Connection refused: AH00957: http: attempt to connect to 127.0.0.1:8443 (localhost) failed
[Wed Jul 14 15:15:51.550290 2021] [proxy_http:error] [pid 72805:tid 140260403045952] [client 10.0.0.103:51744] AH01114: HTTP: failed to make connection to backend: localhost
[Wed Jul 14 15:15:51.550305 2021] [proxy:debug] [pid 72805:tid 140260403045952] proxy_util.c(2453): AH00943: http: has released connection for (localhost)
[Wed Jul 14 15:15:51.550337 2021] [headers:debug] [pid 72805:tid 140260403045952] mod_headers.c(890): AH01503: headers: ap_headers_error_filter()
[Wed Jul 14 15:15:51.550539 2021] [ssl:debug] [pid 72805:tid 140260403045952] ssl_engine_io.c(1111): [client 10.0.0.103:51744] AH02001: Connection closed to child 2 with standard shutdown (server localhost:443)
4

Ok, it’s ignoring my vaultwarden.env settings for some reason and using port 8000.