Difference between revisions of "Webmin"

 
(2 intermediate revisions by the same user not shown)
Line 53: Line 53:
  
  
 +
 +
=Webmin behind Apache2 proxy=
 +
 +
If you want to use Webmin behind a proxy you must tweak webmin configuration + add a new redirection in your Apache2 v.host
 +
 +
 +
==Webmin configuration==
 +
 +
Main configuration file:
 +
<syntaxhighlight lang="bash">
 +
/etc/webmin/config
 +
</syntaxhighlight>
 +
 +
 +
Add a default path "/webmin" + a reference to the PROXY + enable PROXY usage
 +
 +
<syntaxhighlight lang="bash">
 +
webprefix=/webmin
 +
webprefixnoredir=1
 +
referers_none=0
 +
referers=mySuperServer
 +
</syntaxhighlight>
 +
 +
!! Don't forget to set '''referers_none=0'''
 +
 +
 +
In case you want to use some referers (which I do NOT recommand):
 +
 +
<syntaxhighlight lang="bash">
 +
referers=localhost smartcard-gw-vm 172.16.50.2 smartcards.vehco.com
 +
</syntaxhighlight>
 +
 +
 +
 +
Since you're already using your own certificate with HTTPS, do not let Webmin use its own but rely on Apache's security:
 +
 +
<syntaxhighlight lang="bash">
 +
/etc/webmin/miniserv.conf
 +
</syntaxhighlight>
 +
 +
Disable SSL
 +
 +
<syntaxhighlight lang="bash">
 +
ssl=0
 +
</syntaxhighlight>
 +
 +
 +
 +
==Apache2 modules==
 +
 +
The following apache module add to be activated:
 +
 +
<syntaxhighlight lang="bash">
 +
a2enmod proxy_html
 +
a2enmod xml2enc
 +
a2enmod headers
 +
service apache2 restart
 +
</syntaxhighlight>
 +
 +
 +
 +
==Apache2 configuration==
 +
 +
Special thanks to my collegue [https://www.linkedin.com/in/julienrialland Julien Rialland] for this part! :)
 +
 +
The mess is here :) webmin is not made to be easily proxied at all !!
 +
 +
 +
Edit your Apache2 configuration:
 +
 +
<syntaxhighlight lang="bash">
 +
vim /etc/apache2/sites-enabled/mySuperSite.conf
 +
</syntaxhighlight>
 +
 +
 +
Set the following settings:
 +
 +
<syntaxhighlight lang="apache">
 +
# Enable proxy
 +
ProxyVia On
 +
ProxyPreserveHost On
 +
ProxyRequests Off
 +
ProxyErrorOverride Off
 +
<Proxy *>
 +
    AddDefaultCharset off
 +
    Order deny,allow
 +
    Allow from all
 +
    Satisfy Any
 +
</Proxy>
 +
 +
 +
## Proxy to webmin
 +
# Replace "172.16.50.2" by your own server IP @
 +
# These rules must be at the end of your v.host file !!
 +
    RewriteEngine On
 +
    RewriteRule ^/(left|right)\.cgi$ http://localhost:10000/$1.cgi [P]
 +
    RewriteRule ^.+gray-left.css$ http://localhost:10000/gray-left.css [P]
 +
    RewriteRule ^/images/(.+)$ http://localhost:10000/images/$1 [P]
 +
    Header edit Location ^http://(.*):10000/(.*)$ "http://172.16.50.2/webmin/"
 +
 +
    <Location /webmin>
 +
        ProxyPreserveHost On
 +
        ProxyHTMLExtended On
 +
 +
        SetOutputFilter proxy-html
 +
        ProxyHTMLURLMap http://localhost:1000 /webmin
 +
        ProxyPass http://localhost:10000
 +
        ProxyPassReverse http://localhost:10000
 +
 +
        require local
 +
        require ip 172.16.50
 +
        require ip 172.16.60
 +
        require ip 192.168.1
 +
    </Location>
 +
</syntaxhighlight>
 +
 +
 +
  
 
=Usage=
 
=Usage=

Latest revision as of 14:38, 23 June 2015


Webmin is a nice UI that helps you to manage all your services and settings (DHCP, DNS, Samba, NFS, Users, Security, ...).


Even though the look is a bit 'old fashion' it's still very efficient.


Installation

See the official installation webpage: http://www.webmin.com/deb.html


... July 2014 ...


Update your list of repositories:

vim /etc/apt/sources.list


Add these new entries:

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib


Add the new GPG key:

cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc


You will now be able to install with the commands :

apt-get update
apt-get install webmin


Now you can go to https://localhost:10000/

Use a valid UNIX account to log-in.


Webmin behind Apache2 proxy

If you want to use Webmin behind a proxy you must tweak webmin configuration + add a new redirection in your Apache2 v.host


Webmin configuration

Main configuration file:

/etc/webmin/config


Add a default path "/webmin" + a reference to the PROXY + enable PROXY usage

webprefix=/webmin
webprefixnoredir=1
referers_none=0
referers=mySuperServer

!! Don't forget to set referers_none=0


In case you want to use some referers (which I do NOT recommand):

referers=localhost smartcard-gw-vm 172.16.50.2 smartcards.vehco.com


Since you're already using your own certificate with HTTPS, do not let Webmin use its own but rely on Apache's security:

/etc/webmin/miniserv.conf

Disable SSL

ssl=0


Apache2 modules

The following apache module add to be activated:

a2enmod proxy_html
a2enmod xml2enc
a2enmod headers
service apache2 restart


Apache2 configuration

Special thanks to my collegue Julien Rialland for this part! :)

The mess is here :) webmin is not made to be easily proxied at all !!


Edit your Apache2 configuration:

vim /etc/apache2/sites-enabled/mySuperSite.conf


Set the following settings:

# Enable proxy
ProxyVia On
ProxyPreserveHost On
ProxyRequests Off
ProxyErrorOverride Off
<Proxy *>
    AddDefaultCharset off
    Order deny,allow
    Allow from all
    Satisfy Any
</Proxy>


## Proxy to webmin
# Replace "172.16.50.2" by your own server IP @
# These rules must be at the end of your v.host file !!
    RewriteEngine On
    RewriteRule ^/(left|right)\.cgi$ http://localhost:10000/$1.cgi [P]
    RewriteRule ^.+gray-left.css$ http://localhost:10000/gray-left.css [P]
    RewriteRule ^/images/(.+)$ http://localhost:10000/images/$1 [P]
    Header edit Location ^http://(.*):10000/(.*)$ "http://172.16.50.2/webmin/"

    <Location /webmin>
        ProxyPreserveHost On
        ProxyHTMLExtended On

        SetOutputFilter proxy-html
        ProxyHTMLURLMap http://localhost:1000 /webmin
        ProxyPass http://localhost:10000
        ProxyPassReverse http://localhost:10000

        require local
        require ip 172.16.50
        require ip 172.16.60
        require ip 192.168.1
    </Location>



Usage

DHCP server management

  • Go to "Servers > DHCP server" (on the left)
  • Then click on "add a new host"