tag:blogger.com,1999:blog-21122514.post2530712546063807097..comments2024-03-23T11:05:13.046+01:00Comments on Dimitri Gielis Blog (Oracle Application Express - APEX): Free Oracle Cloud: 7. Setup a web server on the Virtual MachineDimitri Gielishttp://www.blogger.com/profile/16295721159626839167noreply@blogger.comBlogger63125tag:blogger.com,1999:blog-21122514.post-84791362000481029052024-01-29T13:29:53.524+01:002024-01-29T13:29:53.524+01:00Hi Dimitri,
We need your help.
With below config...Hi Dimitri,<br /><br />We need your help.<br /><br />With below configuration:<br /><br />Oracle Base Database Service – Enterprise Edition OCPU<br /><br />Virtual Machine(VM.Standard3.Flex) – Compute Standard-X9 OCPU<br /><br /><br />I think the compute has given by oracle to install ORDS. Please correct me if wrong<br /><br />and Who is going to perform database activities? Is it customer or oracle.<br /><br />Database Activities like Installing/Upgrading the Oracle Database<br /><br /><br />Thanks,<br />Satishsatishnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-86816585246127573512024-01-29T13:22:03.335+01:002024-01-29T13:22:03.335+01:00Thanks for sharing.
Need your support.
Our Curre...Thanks for sharing.<br /><br />Need your support.<br /><br />Our Current Apex environment in On Premise:<br />------------------------------------------<br /><br />2 webservers - nginx<br />2 app servers - ORDS on tomcat<br />1 server - Oracle Database<br /><br />Concurrent users count - 100<br />Database Size 150GB<br /><br />We agree above is oversized configuration, but since we have plenty of resources available in our DC, they went with above configuration.<br /><br /><br />Now, we planned to move to OCI PASS and below is the quantity we got.<br />Oracle Base Database Service - Enterprise Edition OCPU --> 5 for prod and 2 for UAT<br />Virtual Machine(VM.Standard3.Flex) - Compute Standard-X9 OCPU--> 2 for PROD and 2 for UAT<br />We have got 2 load balancers - One for PROD and one for UAT<br /><br /><br />Unfortunately we cannot increase any of the above configuration.<br /> <br />As you have observed, we have got only 2 OCPU for each compute VM(2 for PROD and 2 for UAT). With this configuration, can you suggest some good setup from your expertise. <br /><br />Not sure whether webservers are really required and we can we skip them.<br /><br />Thanks,<br />SGSatishnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-64286038465366273802024-01-02T16:15:33.139+01:002024-01-02T16:15:33.139+01:00Awesome tutorial, Dimitri, thanks a mil.
One note,...Awesome tutorial, Dimitri, thanks a mil.<br />One note, I had an issue with the reverse proxy, got 502 bad gateway, the solution was to run this command:<br />setsebool -P httpd_can_network_connect 1FMANhttps://www.blogger.com/profile/00749314324535932973noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-17545609400906828352022-12-15T18:36:58.998+01:002022-12-15T18:36:58.998+01:00Follow up to last post:
Namely the steps I took t...Follow up to last post:<br /><br />Namely the steps I took to install certbot:<br /><br />Install Snapd on CentOS 8<br /><br />Add EPEL repository<br /><br />sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm<br />sudo dnf -y upgrade<br /><br />Install Snap on CentOS 8<br /><br />sudo dnf -y install snapd<br />sudo systemctl enable --now snapd.socket<br />sudo ln -s /var/lib/snapd/snap /snap<br /><br /><br />Then<br /><br />[Certbot Instructions] https://certbot.eff.org/instructions?ws=nginx&os=centosrhel8Joe Mnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-67729038688409945992022-12-15T18:34:50.402+01:002022-12-15T18:34:50.402+01:00I couldn't get certbot added or python package...I couldn't get certbot added or python packages, good article here worked to first install Snapd on CentOS 8<br /><br />https://computingforgeeks.com/install-snapd-snap-applications-centos/Joe Mnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-73022382035217344852021-04-29T22:12:35.586+02:002021-04-29T22:12:35.586+02:00In case you run into trouble when issuing "pi...In case you run into trouble when issuing "pip install certbot" have a look at https://certbot.eff.org/lets-encrypt/pip-nginx.htmlYvo Breuerhttp://ybis.nlnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-64458816965103405682021-04-13T21:12:45.068+02:002021-04-13T21:12:45.068+02:00In case "yum install nginx" gives you an...In case "yum install nginx" gives you an error, you can resolve this via:<br />http://johanlouwers.blogspot.com/2016/01/install-nginx-on-oracle-linux.html<br />Works like a charm!Yvo Breuernoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-77021015706084272492021-03-20T10:10:09.740+01:002021-03-20T10:10:09.740+01:00Change python27 to python 3 for certbot. Should it...Change python27 to python 3 for certbot. Should it be run as root?<br />https://certbot.eff.org/lets-encrypt/otherpip-nginx was helpful<br />Oracle linux 8 always free has nginx installed but gives a 502 gateway error. Run the fix from ords blog page:<br />https://dgielis.blogspot.com/2020/08/free-oracle-cloud-custom-domain-name.html<br />cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx<br />semodule -i mynginx.pp<br />Please feel free to correct but it is what got me going. Tq.JellIThttps://www.blogger.com/profile/11786736501836082322noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-32168439748488539562021-03-19T11:57:58.060+01:002021-03-19T11:57:58.060+01:00Hi Dimitri,
Bedankt voor je uitgebreide uitleg. H...Hi Dimitri,<br /><br />Bedankt voor je uitgebreide uitleg. Het heeft mij erg geholpen om een en ander op te zetten.<br /><br />Groet,<br />Kees VlekKees Vleknoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-45688013792124106692021-02-10T21:39:45.613+01:002021-02-10T21:39:45.613+01:00Install Ubuntu Nginx
https://medium.com/@saiful103...Install Ubuntu Nginx<br />https://medium.com/@saiful103a/create-free-ubuntu-vps-in-oraclecloud-with-nginx-always-free-f07d9d7fad40<br /><br /><b><br />sudo iptables -I INPUT -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT<br />sudo iptables -I OUTPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT<br /></b>edgiruhttps://www.blogger.com/profile/05079065405030516789noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-91325890115819149692021-01-17T21:43:57.559+01:002021-01-17T21:43:57.559+01:00Hi Dimitri,
Excellent post!!!
My OCI is in mumbai...Hi Dimitri,<br /><br />Excellent post!!!<br />My OCI is in mumbai region, and "yum install nginx" is giving error:<br /> Loaded plugins: langpacks, ulninfo<br /> No package nginx available.<br /> Error: Nothing to do<br />vi /etc/yum/vars/ociregion shows -mumbai<br />echo $ociregion doesnt display anything. <br />I have done sudo su as well as updated all packages.<br /><br />Please help.<br /><br />Thanks,<br />HrishiHrishihttps://www.blogger.com/profile/16852937924933070268noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-60132215103176915892021-01-16T17:41:07.520+01:002021-01-16T17:41:07.520+01:00For anyone who is stuck with public IP being inacc...For anyone who is stuck with public IP being inaccessible, they would want to have a look at the IPTABLES rules (https://stackoverflow.com/a/54810101/9923626). <br /><br /> burfnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-80648229981054253542021-01-03T13:42:41.068+01:002021-01-03T13:42:41.068+01:00Hi Dimitri, great post. However now seems that py...Hi Dimitri, great post. However now seems that python 2.7 is no longer supported and this install script for certbot --nginx no longer works (I did upgrade python but that didn't seem to help). <br /><br /> certbot --nginx<br />/opt/rh/python27/root/usr/lib64/python2.7/site-packages/OpenSSL/crypto.py:12: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release.<br /> from cryptography import x509<br /><br />Happy New Year!Jimmyhttps://www.blogger.com/profile/12688901363514835558noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-91229075446168445842020-12-27T14:08:35.549+01:002020-12-27T14:08:35.549+01:00Hi, thank you for the post, help me a lot.
I did t...Hi, thank you for the post, help me a lot.<br />I did the config with nginx, except, for the certbot part but i get the following error "redirected too many times". can you help me, please.Antilus Alix Polidorhttps://www.blogger.com/profile/01711479685395869515noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-46991098357306570462020-11-21T22:45:41.328+01:002020-11-21T22:45:41.328+01:00Dear Dimitri,
I did the config with Ngnix and it w...Dear Dimitri,<br />I did the config with Ngnix and it works fine, but my environment runs apache and i cannot have the same result of reverseproxy. When i set ProxyPreserveHost to Off, it works but not for a POST, when i set ProxyPreserveHost to On, ORDS of OCI returns 403 Forbidden and suggests to set ProxyPreserveHost.<br />I am stuck.<br />i have also set 'Header set Origin ""' with no better result<br />do you have a reverseproxy with Apache?<br />Finally great document and explanationFrancois Mnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-30286376880237898832020-11-10T20:46:31.666+01:002020-11-10T20:46:31.666+01:00This comment has been removed by the author.Phil Winfieldhttps://www.blogger.com/profile/08618328162682694388noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-12515305827225388902020-10-09T15:21:35.052+02:002020-10-09T15:21:35.052+02:00Hi Dimitri,
First of all, thank you. The informat...Hi Dimitri, <br />First of all, thank you. The information in these blogs is very useful, easy to follow.<br />I do have a working APEX environment. I managed to create a VM instance and maybe I could also install a web server. <br /><br />What I want to achieve is to be able to put my own APEX static files onto the web server, but without changing the url, reverse proxy, certificates and all that. Maybe also creating a FTP/SFTP user to be able to access and modify this files.<br />Is it possible? And if so, could you point me in the right direction (like refering to steps already explained in you blogs or maybe other sites with good explanations)? <br /><br />Regards, MirelaMirelanoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-72973158632247411742020-09-17T21:06:58.212+02:002020-09-17T21:06:58.212+02:00Hi Dimitri,
the section on certbot did not work bu...Hi Dimitri,<br />the section on certbot did not work but the code below did.<br />This is also in a previous comment.<br /><br />wget https://dl.eff.org/certbot-auto<br />sudo mv certbot-auto /usr/local/bin/certbot-auto<br />sudo chown root /usr/local/bin/certbot-auto<br />sudo chmod 0755 /usr/local/bin/certbot-auto<br /><br />sudo /usr/local/bin/certbot-auto --nginx<br /><br />other than that - works great<br /><br />Regards, GarryGarry Lawtonhttps://www.blogger.com/profile/12192921279521981233noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-84985589351651759982020-09-12T16:53:26.856+02:002020-09-12T16:53:26.856+02:00I followed the steps on the post very closely but ...I followed the steps on the post very closely but had one issue with running certbot and setting up the https certificate and .conf file.<br />I was getting python errors running certbot (one of which is below). The wizard would not run.<br /><br />I thought I would post how I got it working in case anyone else hits the same issue.<br /><br />Error: AttributeError: 'module' object has no attribute 'Locale' <br /><br />After a bit of searching I tried this:<br />pip install parsedatetime==2.5<br />then running certbot worked, the wizard ran, and the setup of the certificate worked.<br /><br />Good or bad I am not sure, a bit of luck involved on my part to be honest, but its set up and works nicely.<br /><br />thanks for the great post.<br />gazzanoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-69468590003676446312020-09-07T16:23:14.764+02:002020-09-07T16:23:14.764+02:00Hi Dimitri,
Have you managed to test this on Ubun...Hi Dimitri,<br /><br />Have you managed to test this on Ubuntu servers. For some strange reason, the public IP address does not open in the browser in case of Ubuntu. I think there is some persistent firewall which doesn't allow it.<br />I have tried googling it but found no clues. You are probably my best bet now :)<br />Cheers<br /><br /> Mausam Gauravhttps://www.blogger.com/profile/06967300639732820627noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-5885958511376520902020-06-22T19:18:45.419+02:002020-06-22T19:18:45.419+02:00Need help is Google and Facebook Authentication.
...Need help is Google and Facebook Authentication. <br />I did all steps as above and my domain is pointing to an app id but now google authentication is not working. The authentication callback is of server name instead of domain name.<br />Please help. <br /><br />You can check on www.acolytemeetings.com<br /><br />The contents of conf file is<br /><br />server {<br /> server_name acolytemeetings.com www.acolytemeetings.com;<br /><br /> listen [::]:443 ssl ipv6only=on; # managed by Certbot<br /> listen 443 ssl; # managed by Certbot<br /> ssl_certificate /etc/letsencrypt/live/acolytemeetings.com/fullchain.pem; # managed by Certbot<br /> ssl_certificate_key /etc/letsencrypt/live/acolytemeetings.com/privkey.pem; # managed by Certbot<br /> include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot<br /> ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot<br /><br />location / {<br /> rewrite ^/$ /acolyte/f?p=1000 permanent;<br /> }<br /><br />location /acolyte/ {<br /> proxy_pass http://h2891394.stratoserver.net:8080/acolyte/;<br /> proxy_set_header Origin "" ;<br /> proxy_set_header X-Forwarded-Host $host:$server_port;<br /> proxy_set_header X-Real-IP $remote_addr;<br /> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br /> proxy_set_header X-Forwarded-Proto $scheme;<br /># proxy_redirect http://h2891394.stratoserver.net:8080/acolyte/ $scheme://$host/acolyte/;<br /> proxy_connect_timeout 600;<br /> proxy_send_timeout 600;<br /> proxy_read_timeout 600;<br /> send_timeout 600;<br /> }<br /><br /> location /i/ {<br /> proxy_pass http://h2891394.stratoserver.net:8080/i/;<br /> proxy_set_header X-Forwarded-Host $host;<br /> proxy_set_header X-Real-IP $remote_addr;<br /> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br /> }<br /><br /><br />}<br />server {<br /> if ($host = www.acolytemeetings.com) {<br /> return 301 https://$host$request_uri;<br /> } # managed by Certbot<br /><br /><br /> if ($host = acolytemeetings.com) {<br /> return 301 https://$host$request_uri;<br /> } # managed by Certbot<br /><br /><br /> listen 80;<br /> listen [::]:80;<br /> server_name acolytemeetings.com www.acolytemeetings.com;<br /> return 404; # managed by Certbot<br /><br />}<br />Abhishekhttps://www.blogger.com/profile/18157564277289542522noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-8444257860246985142020-06-12T20:37:17.925+02:002020-06-12T20:37:17.925+02:00This is really helpful but I have run into an issu...This is really helpful but I have run into an issue with certbot. The wizard will not run with an error, <br /> raise ImportError("'pyOpenSSL' module missing required functionality. "<br />ImportError: 'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.<br />I tried installing a newer version but v0.14 is the latest in yum repository. Here is the whole log.<br /><br />[root@instance-20200612-0859 thebladencompany.com]# certbot --nginx<br />Traceback (most recent call last):<br /> File "/bin/certbot", line 9, in <br /> load_entry_point('certbot==1.3.0', 'console_scripts', 'certbot')()<br /> File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 558, in load_entry_point<br /> return get_distribution(dist).load_entry_point(group, name)<br /> File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2682, in load_entry_point<br /> return ep.load()<br /> File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2355, in load<br /> return self.resolve()<br /> File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2361, in resolve<br /> module = __import__(self.module_name, fromlist=['__name__'], level=0)<br /> File "/usr/lib/python2.7/site-packages/certbot/main.py", line 2, in <br /> from certbot._internal import main as internal_main<br /> File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 23, in <br /> from certbot._internal import client<br /> File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 13, in <br /> from acme import client as acme_client<br /> File "/usr/lib/python2.7/site-packages/acme/client.py", line 37, in <br /> requests.packages.urllib3.contrib.pyopenssl.inject_into_urllib3() # type: ignore<br /> File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 112, in inject_into_urllib3<br /> _validate_dependencies_met()<br /> File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 147, in _validate_dependencies_met<br /> raise ImportError("'pyOpenSSL' module missing required functionality. "<br />ImportError: 'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.Marcus B.noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-64578654410760527682020-05-08T11:53:28.895+02:002020-05-08T11:53:28.895+02:00Hi Dimitri,
Thanks for you post! This has really ...Hi Dimitri,<br /><br />Thanks for you post! This has really helped me run my app using nginx.<br /><br />I have an issue and perhaps I may be missing something. <br /><br />Everything works fine but I see one problem. When an app is published then the link also contains the ords e.g. domain.com/ords/f?p=1:1:0<br /><br />If by mistake the end user simply romes the f?p .... part then it routs to the default Oracle APEX admin page. <br /><br />How can we avoid it.<br /><br />Thanks<br />SyedAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-55866687974838037672020-02-29T00:00:55.900+01:002020-02-29T00:00:55.900+01:00Great stuff Dmitri.
In the same way as you have d...Great stuff Dmitri.<br /><br />In the same way as you have done for APEX, is it possible for SQLDeveloper Web?<br /><br />I set up a /sql/ location, and specified the SQLDeveloper sign-in web address, but I cannot get it to work. I do get 2 boxes for username and password on top left hand side of screen, no labels or headings - the rest of screen blank.<br /><br />If do I enter my admin/password details into the 2 boxes, my URL changes to have "success" at the end and the tab is renamed to Success.<br /><br />Any clues appreciated.<br /><br />Thanks,<br />RobRoberthttps://www.blogger.com/profile/04159321677051141692noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-33353774439099443802020-02-22T02:56:37.677+01:002020-02-22T02:56:37.677+01:00Hi Dimitri, great post !
I had to uncomment the r...Hi Dimitri, great post !<br /><br />I had to uncomment the root in the server section of the nginx.conf<br />Otherwise it wouldn't find www.mydomain\index.html<br /><br />This section did not work :<br /><br />yum install certbot python2-certbot-nginx # not necessary<br />yum install python27-python-pip<br />scl enable python27 bash<br />pip install certbot<br />pip install setuptools --upgrade<br />pip install certbot-nginx<br /><br />To me it looks like the --upgrade upgraded to a wrong version.<br /><br />On https://certbot.eff.org/lets-encrypt/pip-nginx I found :<br /><br />wget https://dl.eff.org/certbot-auto<br />sudo mv certbot-auto /usr/local/bin/certbot-auto<br />sudo chown root /usr/local/bin/certbot-auto<br />sudo chmod 0755 /usr/local/bin/certbot-auto<br /><br />sudo /usr/local/bin/certbot-auto --nginx<br /><br />That worked flawless.<br /><br />I made the certificate and the rewrites and voila there was my site :<br />www.codatax.com<br /><br />Thanks !<br />Anonymoushttps://www.blogger.com/profile/00058009142321406549noreply@blogger.com