SOLVED - Multi home virtual sites problem migrating from Railo


#1

Long time CF user - since 1998. Allaire and Adobe on IIS, New Atlanta on OS X Server, Railo on Ubuntu, now Lucee on Ubuntu. Been absent for a while!

Setting up test system at Digital Ocean. All is good so far:

-Ubuntu 18.04 LTS
-Apache 2.4.38 (jk_module, proxy_ajp_module, mod_proxy)
-JDK 11 (10.0.2)
-Tomcat 9.0.16
-OpenSSL 1.1.1b
-MySQL 8.0.15
-Php 7.3.2
-Lucee 5.2.9.31

Everything is working nicely. Lucee server and web admin are up and running on the default installation.

My Lucee location is
/opt/tomcat/webapps/ROOT

Tomcat admin is set to work over SSL, port 8443 instead of 8080.

Lucee server and web admin are available on port 80 (443 actually over SSL) as expected.
Lucee splash screen is available at port 8443.

Now…

Under Railo, I would copy the WEB-INF directory from /opt/tomcat/webapps/ROOT to the base directory of a given web site in order to set up another instance of RAILO, allowing each site to have it’s own engine. And that is how I set up multi homing on virtual hosting. As well as entries in server.xml.

So…

systemctl stop tomcat

cp -R /usr/local/tomcat/webapps/ROOT/WEB-INF /var/www/site1/www/WEB-INF

In /opt/tomcat/conf/server.xml I would add:

 <Host name="site1.host.com" appBase="webapps"
			unpackWARs="true" autoDeploy="true">
			<Context path="" docBase="/var/www/site1/www/" />
      </Host>

Finally, in my Apache site conf file, I would include my proxypassmatch instructions for CF and then

systemctl start tomcat

And all would be good, another CF site up and running.

However, this doesn’t seem to work in Lucee.

If do everything stated above but DON’T copy the WEB-INF directory, it also doesn’t work. Apache just gives you the index.CFM file as a download and tomcat gives and error:
“The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.”

I’ve also tried changing the appBase in the Host name to the web directory like so:

 <Host name="site1.host.com" appBase="/var/www/site1/www"
			unpackWARs="true" autoDeploy="true">
			<Context path="" docBase="/var/www/site1/www/" />
      </Host>

No luck.

So I am sure that this is simple and I am just unaware of the new way to do this.


#2

Have you considered using mod_cfml? I’m pretty sure this is bundled with the Lucee installer nowadays and may be part of your problem (as mod_cfml will attempt to create sites in tomcat for you that are configured in Apache), depending on how you installed Lucee. In either case it saves you the trouble of doing all this manually and is probably worth a look.

HTH

– Denny


#3

I am kind of weird in that I like to know how things work and connect. mod_cfml did not come with the Lucee.war file which is what I used. I appreciate not having more than is needed in my system to run what I need. So, yeah, I could go that route I suppose, but I’d like to understand how this is put together.


#4

Ubuntu isn’t exactly known for its stability as a server os.
I would suggest CENTOS or RHEL.

As for your setup.

You need mod_proxy working, and you have to create a vhost for everything in sites-enabled. I would highly suggest not coping the WEB-INF from your old servers

Lucee if it was installed correctly should of added the context .CFM CFC CFML to an entry for your apache config.


#5

Terry, I appreciate anyone helping.

mod_proxy is enabled and working. I apparently forgot to add that to my initial post (since corrected)

The issue is the correct config between Apache and Tomcat for Lucess vs. Railo. Without additional software - just Apache, Tomcat and the necessary modules in Apache

I should clarify, there was no copying of the old Railo WEB-INF. That was provided as an example of what I did with Railo, that was the recommended way to multi home with virtual hosts (as one method).

On this particular install, I have Lucee running properly and stable in

/opt/tomcat/webapps

So the main install is fine and correct. I then copied that WEB-INF to the web root of the test site, which is how it was done with Railo (at least one way). That is what I was trying to explain.

So, again the question is - what is the correct procedure for configuring tomcat to enable multiple Lucee sites?

Does Lucee want an instance of WEB-INF in each virtual host? Does it symlink somehow? Does everything HAVE to run in Tomcat including my web directories – which is kind of ridiculous if that’s the case.


#6

We can post CVs, in which still will not help you solve your issue :wink:

My confusion is first you mention mod_proxy then you mention tomcat.

Are you running Apache + Tomcat and Lucee as a WAR?
or is it

Apache + Lucee and you changed the files in Lucee’s instance of tomcat

I will assume its the most common, which is Apache + Lucee.

Each virtual host will need to reference each instance of Lucee, ralio, tomcat, acf, ectra… must have its own virtual host directive and configured mod_proxy or mod_cfml

Restarting Apache & Lucee will correctly add the WEB-INF files to the appropriate directories.


#7

I did not run an installer. I prefer to not rely on an installer. Here is how I installed Lucee after getting Tomcat up and running:

	cd /tmp

	curl -O https://cdn.lucee.org/lucee-5.2.9.31.war
	
	rm -R /opt/tomcat/webapps/ROOT

	cp -p /tmp/lucee-5.2.9.31.war /opt/tomcat/webapps/ROOT.war

	systemctl start tomcat

Point browser to host and voila - WAR file expanded as expected and Lucee server and web admin pages are working. I then set up a couple of database connections.


I have two sites running on the test server, both on port 443 with SSL certs.

They are both working.

I’ve removed the directory authentication so you can take a look,

BASE INSTALL (SERVER HOST SITE)
https://www.bluebongos.net/phpinfo.php
https://www.bluebongos.net/lucee/admin/server.cfm
https://www.bluebongos.net/lucee/admin/web.cfm

TEST SITE (20 year old code base which I am migrating to Lucee, let’s forget what has to change in the CFM code and or framework and focus on just getting it working as a Lucee/CF site there will be plenty to change in the CFM code because that’s not yet the issue in getting this to work)
https://pia.bluebongos.net/index.html
https://pia.bluebongos.net/index.cfm - shows index.cfm code or downloads index.cfm depending on browser

Here is the /opt/tomcat/conf/server.xml file which may also be of use to anyone trying to get Tomcat over 8443 with TLS 1.3.

<?xml version="1.0" encoding="UTF-8"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
 -->
<Server port="8005" shutdown="yourshutdownpasswordhere">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="org.apache.catalina.security.SecurityListener" />
  -->
  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

  <!-- Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  -->
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>

  <!-- A "Service" is a collection of one or more "Connectors" that share
       a single "Container" Note:  A "Service" is not itself a "Container",
       so you may not define subcomponents such as "Valves" at this level.
       Documentation at /docs/config/service.html
   -->
  <Service name="Catalina">

    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
    <!--
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
        maxThreads="150" minSpareThreads="4"/>
    -->


    <!-- A "Connector" represents an endpoint by which requests are received
         and responses are returned. Documentation at :
         Java HTTP Connector: /docs/config/http.html
         Java AJP  Connector: /docs/config/ajp.html
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
    -->
    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    <!-- A "Connector" using the shared thread pool-->
    <!--
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    -->
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
         This connector uses the NIO implementation. The default
         SSLImplementation will depend on the presence of the APR/native
         library and the useOpenSSL attribute of the
         AprLifecycleListener.
         Either JSSE or OpenSSL style configuration may be used regardless of
         the SSLImplementation selected. JSSE style configuration is used below.
    -->
    <!--
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <SSLHostConfig>
            <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>
    -->
    
    
    
    <!-- 
    =========
    start my ssl config for securing tomcat FOR TLS 1.2 ONLY
    ========= 
    -->
    <!--
    <Connector port="8443" scheme="https" secure="true" SSLEnabled="true" SSLProtocol="TLSv1.2">
    	 <SSLHostConfig>
            <Certificate certificateFile="conf/cert.pem"
                 certificateKeyFile="conf/privkey.pem"
                 certificateChainFile="conf/chain.pem" />
        </SSLHostConfig>
    </Connector> -->
    <!-- 
    =========
    emd my ssl config for securing tomcat FOR TLS 1.2 ONLY
    ========= 
    -->
    
    
    <!-- 
    =========
    start my ssl config for securing tomcat FOR TLS 1.2 AND 1.3
    ========= 
    -->
    <Connector port="8443" SSLEnabled="true" protocol="HTTP/1.1" >
    	 <SSLHostConfig hostName="_default_" protocols="+TLSv1.2,+TLSv1.3" honorCipherOrder="true">
            <Certificate certificateFile="conf/cert1.pem" certificateKeyFile="conf/privkey1.pem" certificateChainFile="conf/chain1.pem" certificateKeyPassword="" />
        </SSLHostConfig>
    </Connector>
    <!-- 
    =========
    end my ssl config for securing tomcat FOR TLS 1.2 AND 1.3
    ========= 
    -->




    
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
         This connector uses the APR/native implementation which always uses
         OpenSSL for TLS.
         Either JSSE or OpenSSL style configuration may be used. OpenSSL style
         configuration is used below.
    -->
    <!--
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                         certificateFile="conf/localhost-rsa-cert.pem"
                         certificateChainFile="conf/localhost-rsa-chain.pem"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>
    -->

    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" protocol="AJP/1.3" enableLookups="false"  redirectPort="8443" connectionTimeout="1800" maxKeepAliveRequests="1" URIEncoding="UTF-8" />


    <!-- An Engine represents the entry point (within Catalina) that processes
         every request.  The Engine implementation for Tomcat stand alone
         analyzes the HTTP headers included with the request, and passes them
         on to the appropriate Host (virtual host).
         Documentation at /docs/config/engine.html -->

    <!-- You should set jvmRoute to support load-balancing via AJP ie :
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
    -->
    <Engine name="Catalina" defaultHost="localhost">

      <!--For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) -->
      <!--
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
      -->

      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
           via a brute-force attack -->
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <!-- This Realm uses the UserDatabase configured in the global JNDI
             resources under the key "UserDatabase".  Any edits
             that are performed against this UserDatabase are immediately
             available for use by the Realm.  -->
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>
      
      
      <!-- 
      =========
      start default host
      ========= 
      -->
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">

        <!-- SingleSignOn valve, share authentication between web applications
             Documentation at: /docs/config/valve.html -->
        <!--
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
        -->

        <!-- Access log processes all example.
             Documentation at: /docs/config/valve.html
             Note: The pattern used is equivalent to using pattern="common" -->
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost" suffix=".log"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
      </Host>
      <!-- 
      =========
      end default host
      ========= 
      -->
      
      
      
      <!-- 
      =========
      start next host
      ========= 
      -->
      <Host name="pia.bluebongos.net" appBase="/var/www/pia.bluebongos.net/web/"
			unpackWARs="true" autoDeploy="true">
			<Context path="" docBase="/var/www/pia.bluebongos.net/web/" />
			<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="pia.bluebongos.net" suffix=".log"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
      </Host>
      
      
      <!-- 
      =========
      start next host
      ========= 
      -->
      
      
      
    </Engine>
  </Service>
</Server>

Note on that last host name entry in server.xml, I have tried

appBase="/var/www/pia.bluebongos.net/web/"

as well as

appBase="webapps"

as well as

appBase="var/www/pia.bluebongos.net/web/"

Only

appBase="/var/www/pia.bluebongos.net/web/"

seems to come close to working as seen in the tomcat logs:

04-Mar-2019 15:08:51.408 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name:   Apache Tomcat/9.0.16
04-Mar-2019 15:08:51.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built:          Feb 4 2019 16:30:29 UTC
04-Mar-2019 15:08:51.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.16.0
04-Mar-2019 15:08:51.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name:               Linux
04-Mar-2019 15:08:51.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version:            4.15.0-45-generic
04-Mar-2019 15:08:51.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture:          amd64
04-Mar-2019 15:08:51.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home:             /usr/lib/jvm/java-11-openjdk-amd64
04-Mar-2019 15:08:51.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version:           10.0.2+13-Ubuntu-1ubuntu0.18.04.4
04-Mar-2019 15:08:51.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:            Oracle Corporation
04-Mar-2019 15:08:51.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:         /opt/tomcat
04-Mar-2019 15:08:51.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:         /opt/tomcat
04-Mar-2019 15:08:51.435 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
04-Mar-2019 15:08:51.436 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
04-Mar-2019 15:08:51.436 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
04-Mar-2019 15:08:51.436 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties
04-Mar-2019 15:08:51.436 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
04-Mar-2019 15:08:51.436 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.awt.headless=true
04-Mar-2019 15:08:51.437 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.security.egd=file:/dev/./urandom
04-Mar-2019 15:08:51.437 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
04-Mar-2019 15:08:51.437 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
04-Mar-2019 15:08:51.440 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
04-Mar-2019 15:08:51.440 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xms512M
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xmx1024M
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -XX:+UseParallelGC
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs=
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/opt/tomcat
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/opt/tomcat
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/opt/tomcat/temp
04-Mar-2019 15:08:51.441 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library [1.2.21] using APR version [1.6.3].
04-Mar-2019 15:08:51.442 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
04-Mar-2019 15:08:51.442 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
04-Mar-2019 15:08:51.451 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 1.1.1b  26 Feb 2019]
04-Mar-2019 15:08:51.583 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"]
04-Mar-2019 15:08:51.683 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["https-openssl-nio-8443"]
04-Mar-2019 15:08:51.814 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["ajp-nio-8009"]
04-Mar-2019 15:08:51.823 INFO [main] org.apache.catalina.startup.Catalina.load Server initialization in [2,377] milliseconds
04-Mar-2019 15:08:52.027 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
04-Mar-2019 15:08:52.030 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/9.0.16]
04-Mar-2019 15:08:52.051 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/opt/tomcat/webapps/ROOT.war]
04-Mar-2019 15:08:53.132 INFO [main] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
04-Mar-2019 15:08:58.759 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/opt/tomcat/webapps/ROOT.war] has finished in [6,707] ms
04-Mar-2019 15:08:58.760 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/opt/tomcat/webapps/docs]
04-Mar-2019 15:08:58.822 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/opt/tomcat/webapps/docs] has finished in [62] ms
04-Mar-2019 15:08:58.825 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/opt/tomcat/webapps/manager]
04-Mar-2019 15:08:59.006 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/opt/tomcat/webapps/manager] has finished in [181] ms
04-Mar-2019 15:08:59.008 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/opt/tomcat/webapps/examples]
04-Mar-2019 15:08:59.584 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/opt/tomcat/webapps/examples] has finished in [576] ms
04-Mar-2019 15:08:59.589 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/opt/tomcat/webapps/host-manager]
04-Mar-2019 15:08:59.667 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/opt/tomcat/webapps/host-manager] has finished in [78] ms
04-Mar-2019 15:08:59.786 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/access]
04-Mar-2019 15:08:59.845 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/access] has finished in [59] ms
04-Mar-2019 15:08:59.849 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/a]
04-Mar-2019 15:08:59.903 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/a] has finished in [54] ms
04-Mar-2019 15:08:59.905 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/specialists]
04-Mar-2019 15:08:59.957 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/specialists] has finished in [52] ms
04-Mar-2019 15:08:59.957 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/clients]
04-Mar-2019 15:09:00.008 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/clients] has finished in [50] ms
04-Mar-2019 15:09:00.010 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/dev]
04-Mar-2019 15:09:00.060 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/dev] has finished in [50] ms
04-Mar-2019 15:09:00.061 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/users]
04-Mar-2019 15:09:00.111 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/users] has finished in [50] ms
04-Mar-2019 15:09:00.113 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/images]
04-Mar-2019 15:09:00.165 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/images] has finished in [51] ms
04-Mar-2019 15:09:00.171 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/letters]
04-Mar-2019 15:09:00.264 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/letters] has finished in [93] ms
04-Mar-2019 15:09:00.265 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/calendar]
04-Mar-2019 15:09:00.304 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/calendar] has finished in [39] ms
04-Mar-2019 15:09:00.305 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/contacts]
04-Mar-2019 15:09:00.356 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/contacts] has finished in [50] ms
04-Mar-2019 15:09:00.356 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/options]
04-Mar-2019 15:09:00.397 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/options] has finished in [39] ms
04-Mar-2019 15:09:00.401 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/stats]
04-Mar-2019 15:09:00.449 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/stats] has finished in [47] ms
04-Mar-2019 15:09:00.450 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/var/www/pia.bluebongos.net/web/tasks]
04-Mar-2019 15:09:00.491 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/var/www/pia.bluebongos.net/web/tasks] has finished in [41] ms
04-Mar-2019 15:09:00.504 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
04-Mar-2019 15:09:00.550 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["https-openssl-nio-8443"]
04-Mar-2019 15:09:00.563 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"]
04-Mar-2019 15:09:00.583 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [8,759] milliseconds

Here is the test site apache conf file:

<VirtualHost *:443>
	
	ServerAdmin everything@bluebongos.com
	
	ServerName pia.bluebongos.net
	
	DocumentRoot /var/www/pia.bluebongos.net/web
	
	DirectoryIndex index.cfm index.html
	
	Include /etc/letsencrypt/options-ssl-apache.conf
	SSLCertificateFile /etc/letsencrypt/live/pia.bluebongos.net/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/pia.bluebongos.net/privkey.pem
	
	RewriteEngine On
	RewriteOptions Inherit
	
	Include /etc/apache2/my-apache-cf-ajp.conf
	Include /etc/apache2/my-apache-cf-secure-admin.conf
	
	<Directory "/var/www/pia.bluebongos.net/web">
		AllowOverride All
		Require all granted
	</Directory>
	
	ErrorLog /var/www/pia.bluebongos.net/log/pia.bluebongos.net.sslerror.log

	# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
	LogLevel warn

	
</VirtualHost>

And here is the content of the /etc/apache2/my-apache-cf-ajp.conf file:

# Start: Tomcat for Lucee configuration with proxy+ajp13:

<IfModule !proxy_module>
	LoadModule proxy_module /usr/lib/apache2/mod_proxy.so
</IfModule>

<IfModule !proxy_module>
	LoadModule proxy_module /usr/lib/apache2/mod_proxy_ajp.so
</IfModule>

<IfModule !rewrite_module>
	LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
</IfModule>

ProxyPreserveHost On
ProxyPass /images !
ProxyPass /lib !
ProxyPass /mint !
ProxyPass ^/(.+\.js)$ !
ProxyPass ^/(.+\.html)$ !
ProxyPass ^/(.+\.php)$ !
ProxyPass ^/(.+\.gif)$ !
ProxyPass ^/(.+\.gz)$ !
ProxyPass ^/(.+\.ico)$ !
ProxyPass ^/(.+\.jpg)$ !
ProxyPass ^/(.+\.jpeg)$ !
ProxyPass ^/(.+\.mov)$ !
ProxyPass ^/(.+\.png)$ !
ProxyPass ^/(.+\.tar)$ !
ProxyPass ^/(.+\.txt)$ !
ProxyPass ^/(.+\.xml)$ !
ProxyPass ^/(.+\.zip)$ !
ProxyPassMatch ^/(.+\.cf[cm])$ ajp://127.0.0.1:8009/$1 timeout=1800
ProxyPassMatch ^/(.+\.cf[cm])(/.*)$ ajp://127.0.0.1:8009/$1?path_info=$2 timeout=1800
ProxyPassMatch ^/((flashservices/gateway|messagebroker/|flex2gateway/|openamf/gateway/).*) ajp://127.0.0.1:8009/$1 timeout=1800

So, thoughts?


#8

SOLVED!!!

So, apparently it does work the same as it did with Railo. I failed to do two things:
-proper path in the appBase (slightly different than in Railo w/Tomcat 7)
-proper permissions on the copied Lucee WEB-INF directory inside web root

After getting server, MySQL and Apache together, and after you get Tomcat up and running and a base install of Lucee (keeping in mind I did not use the Lucee installer, but the Lucee.WAR instead)…

systemctl stop tomcat

cp -R /opt/tomcat/webapps/ROOT/WEB-INF /var/www/test.host.com/web/

chown -R tomcat:tomcat /var/www/test.host.com/web/WEB-INF

In your tomcat/conf/server.xml file:

 <Host name="test.host.com" appBase="/var/www/test.host.com/web/"
			unpackWARs="true" autoDeploy="true">
			<Context path="" docBase="/var/www/test.host.com/web/" />
      </Host>

Make sure your Apache test.host.com.conf file is correct and allows for proxying off the CF requests. I use an include for that, the contents of which are shown above in this thread.

systemctl start tomcat

So, I was 99% of the way there. My mistake was not giving the copied WEB-INF directory (copied to the test site) the correct permissions (tomcat:tomcat). On the existing server, the WEB-INF directory in each site is www-data:www-data and that does not work on this install. It had to be tomcat:tomcat

Your experience may be different as far as permissions are concerned.


#9

Thanks Terry! I edited my comments because tone never comes across properly online. I found the error, just needed to make a change to the appBase which is slightly different than in Tomcat 7 and Railo (I say that because the first slash was not required in the old set up), and then proper permissions when I copied WEB-INF from my new Lucee base set up. Apologies for any improper tone. This is a small community, but important to me as I get back to upgrading old apps and possible making new ones. Thanks!


#10

No apologies needed. Glad you your install is working.