I took the rules directly from the Galaxy instructions page: https://wiki.galaxyproject.org/Admin/Config/ApacheProxy and they worked in other servers. Anyway for some reason now it works. I disabled SELinux and it did and then it kept working even after I enabled it again. Turns out mod_rewrite is by default enabled and it had nothing to do with the whole thing. My only problem now is that I can't login as a user but I'll open another question for that. Thank you all for the help. Makis Subject: Re: [galaxy-dev] Galaxy on Centos via Apache - connection refused From: suderman@cs.vassar.edu Date: Wed, 4 Nov 2015 10:51:16 -0500 CC: galaxy-dev@lists.bx.psu.edu; galaxy-dev@lists.galaxyproject.org To: makis4ever@hotmail.com I am not very good with Apache rewrite rules, but I think there is a problem with (at least) the first rule. I see in the Apache documentation [1] that the following "doesn't make sense, not supported": ^/somepath(.*) http://thishost/otherpath$1 [P] The [P] flag is for forwarding to a proxy, but you are forwarding to localhost (i.e. http://thishost) not a proxy. So try changing the first rule to RewriteRule ^/galaxy_test(.*) http://localhost:8081$1 That is, remove the [P] from the end, and see if that makes a difference. The other rules look ok, although so did the above at first glance, so you might want to add one rules at a time to help you isolate rules that are causing problems. Hope that helps,Keith 1. http://httpd.apache.org/docs/current/mod/mod_rewrite.html On Nov 4, 2015, at 6:08 AM, Makis Ladoukakis <makis4ever@hotmail.com> wrote:So yeah you might be on to something here. When I commented the Rewrite rules I could access my galaxy instance from myservername:8081 with or without the index.html file placed in /var/www/html. When I did place it in the directory though and I tried with the rewrite rules my server gave me the following error: script not found or unable to stat: /var/www/cgi-bin/common and once again the galaxy page was blank. Any ideas why? What is apache's problem with the rewrite rules being there? thank you, Makis Subject: Re: [galaxy-dev] Galaxy on Centos via Apache - connection refused From: suderman@cs.vassar.edu Date: Tue, 3 Nov 2015 13:06:03 -0500 CC: federico.zambelli@gmail.com; galaxy-dev@lists.galaxyproject.org To: makis4ever@hotmail.com Very odd that you were getting "Address is use" errors then.. What have you set the port to in your galaxy.ini file? The missing index.html/index.php won't make a difference to Galaxy, but it might prevent Apache from starting up. I would put a simple index.html file, say: <html><body><p>You should not see this.</p></body></html> in /var/www/html just so Apache is happy and if you see that at least you will know Apache is up and running and listening on the correct ports. I would also forego the Apache rewrite rules until you know Galaxy is working. Keith On Nov 3, 2015, at 12:15 PM, Makis Ladoukakis <makis4ever@hotmail.com> wrote:Νο, no other service is running on 8081. This is the output of netstat -tulpn: tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN - tcp6 0 0 :::80 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:25 :::* LISTEN - udp 0 0 0.0.0.0:123 0.0.0.0:* - udp 0 0 127.0.0.1:323 0.0.0.0:* - udp 0 0 0.0.0.0:5353 0.0.0.0:* - udp 0 0 0.0.0.0:33715 0.0.0.0:* - udp6 0 0 :::123 :::* - udp6 0 0 ::1:323 :::* And no I only have an info.php in that directory. Does that affect Galaxy in any way? Thank you, Makis Subject: Re: [galaxy-dev] Galaxy on Centos via Apache - connection refused From: suderman@cs.vassar.edu Date: Tue, 3 Nov 2015 12:07:12 -0500 CC: federico.zambelli@gmail.com; galaxy-dev@lists.galaxyproject.org To: makis4ever@hotmail.com Do you have another service running on 8081? I see the server is complaining about that address already being in use. Also, do you have an index.html or welcome.html in /var/www/html? Cheers,Keith On Nov 3, 2015, at 11:39 AM, Makis Ladoukakis <makis4ever@hotmail.com> wrote:Hello, Unfortunately I cannot change web servers at the moment. There are a lot of applications that I would need to make changes for the nginx configuration plus i am not very experienced with nginx (apparently not with apache as well outside debian systems). Thank you, Makis
To: galaxy-dev@lists.galaxyproject.org From: federico.zambelli@gmail.com Date: Tue, 3 Nov 2015 17:19:59 +0100 Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused
Il 03/11/15 11:53, Makis Ladoukakis ha scritto:
Nothing seems to work on my server. Is Galaxy even compatible with CentOS? Is there something else that I am missing?
Hello, I'm running a production Galaxy Server on CentOS and I can assure you it is perfectly feasible. But I'm using NGINX as a web server so I'm not able to help you with Apache configuration, sorry. Did you try to use NGINX instead of Apache in order to see if the problem is Apache related or system related?
Best, Federico Z.
------------------------------------------------------------------------ From: David.Trudgian@UTSouthwestern.edu To: makis4ever@hotmail.com; jcsanchez2@gmail.com CC: galaxy-dev@lists.bx.psu.edu Date: Fri, 23 Oct 2015 17:30:51 +0000 Subject: RE: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused
SELinux policies are very strict on CentOS by default. Apache isn't allowed to access files outside of its standard directories, nor access network resources. Your local Galaxy apps server is a network resource - even though it's local.
If you want to keep SELinux on then use audit2allow to see what policies will enable access:
cat /var/log/audit/audit.log | audit2allow -v
Then you can use setsebool (temporary) and setsebool -P (permanent) to enable.
-- David Trudgian Ph.D. Computational Scientist, BioHPC UT Southwestern Medical Center Dallas, TX 75390-9039 Tel: (214) 648-4833
*From:*galaxy-dev [mailto:galaxy-dev-bounces@lists.galaxyproject.org] *On Behalf Of *Makis Ladoukakis *Sent:* Friday, October 23, 2015 10:30 AM *To:* Juan Carlos <jcsanchez2@gmail.com> *Cc:* galaxy-dev@lists.bx.psu.edu *Subject:* Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused
Hello,
That didn't work. The apache restart failed with the following error:
SELinux is preventing /usr/sbin/httpd from name_bind access on the tcp_socket port 8081.
Any idea why?
Kind regards, Makis
------------------------------------------------------------------------
Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused From: jcsanchez2@gmail.com <mailto:jcsanchez2@gmail.com> Date: Tue, 20 Oct 2015 22:25:00 +1030 CC: galaxy-dev@lists.bx.psu.edu <mailto:galaxy-dev@lists.bx.psu.edu> To: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>
Hi,
If you have a line in your Apache conf like
"Listen 80"
change to
"Listen 8081"
On 20 Oct 2015, at 21:00, Makis Ladoukakis <makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>> wrote:
Hello,
I am sorry but I have really no experience with setting up the Apache web server so I am not really sure how to do that. Can you please help me out with it? My apache configuration file is in /etc/httpd/conf/ directory and there are no directories such as /sites-available/ or /sites-enabled/ (as I would find in an ubuntu installation).
What I did already (after some advice from the server admin) is open up the 8081 port like that:
firewall-cmd --permanent --add-port=8081/tcp
firewall-cmd --reload
and then I got another error:
[cgi:error] [pid 29603] [client 115.230.124.164:4559] script not found or unable to stat: /var/www/cgi-bin/common
[autoindex:error] [pid 29716] [client 218.76.28.36:4468] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
which I tried to solve by adding welcome.html as a recognizable filename in the apache configuration:
<IfModule dir_module> DirectoryIndex index.html welcome.html </IfModule>
but nothing worked and now the error_log shows the following:
[Tue Oct 20 13:15:23.719295 2015] [mpm_prefork:notice] [pid 29598] AH00170: caught SIGWINCH, shutting down gracefully [Tue Oct 20 13:15:24.810684 2015] [core:notice] [pid 46896] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Tue Oct 20 13:15:24.811647 2015] [suexec:notice] [pid 46896] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Oct 20 13:15:24.846399 2015] [so:warn] [pid 46896] AH01574: module wsgi_module is already loaded, skipping [Tue Oct 20 13:15:24.847316 2015] [auth_digest:notice] [pid 46896] AH01757: generating secret for digest authentication ... [Tue Oct 20 13:15:24.848294 2015] [lbmethod_heartbeat:notice] [pid 46896] AH02282: No slotmem from mod_heartmonitor [Tue Oct 20 13:15:24.870033 2015] [mpm_prefork:notice] [pid 46896] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 mod_wsgi/3.4 Python/2.7.5 configured -- resuming normal operations [Tue Oct 20 13:15:24.870075 2015] [core:notice] [pid 46896] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
And the webpage that galaxy is supposed to appear is still blank.
Any ideas?
Thank you, Makis
------------------------------------------------------------------------
Date: Tue, 20 Oct 2015 11:01:44 +1030 Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused From: jcsanchez2@gmail.com <mailto:jcsanchez2@gmail.com> To: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com> CC: galaxy-dev@lists.bx.psu.edu <mailto:galaxy-dev@lists.bx.psu.edu>
hi,
Maybe sounds silly, but have you tried to put the apache configuration in a virtual host within the sites-enable site?
cheers
jc
On Tue, Oct 20, 2015 at 12:36 AM, Makis Ladoukakis <makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>> wrote:
Forwading to this list too. I am not sure if they are two separate lists.
Makis
------------------------------------------------------------------------
From: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com> To: galaxy-dev@lists.galaxyproject.org <mailto:galaxy-dev@lists.galaxyproject.org> Date: Mon, 19 Oct 2015 17:04:13 +0300 Subject: [galaxy-dev] Galaxy on Centos via Apache - connection refused
Dear all,
I've been trying to set up a Galaxy instance on my CentOS server but even when I manage to run the simplest configuration correctly I can't seem to get it right on my browser as the connection is refused.
I have changed the host to 0.0.0.0, the port to 8081 and made the appropriate changes in Apache configuration file:
RewriteEngine on RewriteRule ^/galaxy_test(.*) http://localhost:8081$1 [P] RewriteRule ^/galaxy_test$ /galaxy_test/ [R] RewriteRule ^/galaxy_test/static/style/(.*) /home/galaxy_test/galaxy/static/june_2007_style/blue/$1 [L] RewriteRule ^/galaxy_test/static/scripts/(.*) /home/galaxy_test/galaxy/static/scripts/packed/$1 [L] RewriteRule ^/galaxy_test/static/(.*) /home/galaxy_test/galaxy/static/$1 [L] RewriteRule ^/galaxy_test/favicon.ico /home/galaxy_test/galaxy/static/favicon.ico [L] RewriteRule ^/galaxy_test/robots.txt /home/galaxy_test/galaxy/static/robots.txt [L]
So when I tried to run it the first time I got the "temporarily out of service" error on my browser and the following error in apache log:
[Mon Oct 19 05:56:45.308714 2015] [proxy:error] [pid 18505] (13)Permission denied: AH00957: HTTP: attempt to connect to 127.0.0.1:8081 <http://127.0.0.1:8081> (*) failed [Mon Oct 19 05:56:45.308774 2015] [proxy_http:error] [pid 18505] [client 185.25.151.159:39629 <http://185.25.151.159:39629>] AH01114: HTTP: failed to make connection to backend: localhost
Searching the internet I found the following solution:
/usr/sbin/setsebool httpd_can_network_connect 1 /usr/sbin/setsebool -P httpd_can_network_connect 1
but when I restarted my galaxy my browser would now show just a blank page and the error log of apache was:
[Mon Oct 19 15:29:09.425120 2015] [proxy:error] [pid 29699] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8081 <http://127.0.0.1:8081> (*) failed [Mon Oct 19 15:29:09.425167 2015] [proxy_http:error] [pid 29699] [client 147.102.86.121:51865 <http://147.102.86.121:51865>] AH01114: HTTP: failed to make connection to backend: localhost
Has anyone encountered that?
Kind regards, Makis
P.S. In case that helps the output of iptables -L is the following: Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere INPUT_direct all -- anywhere anywhere INPUT_ZONES_SOURCE all -- anywhere anywhere INPUT_ZONES all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere FORWARD_direct all -- anywhere anywhere FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere FORWARD_IN_ZONES all -- anywhere anywhere FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere FORWARD_OUT_ZONES all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT) target prot opt source destination OUTPUT_direct all -- anywhere anywhere
Chain FORWARD_IN_ZONES (1 references) target prot opt source destination FWDI_public all -- anywhere anywhere [goto] FWDI_public all -- anywhere anywhere [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references) target prot opt source destination
Chain FORWARD_OUT_ZONES (1 references) target prot opt source destination FWDO_public all -- anywhere anywhere [goto] FWDO_public all -- anywhere anywhere [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references) target prot opt source destination
Chain FORWARD_direct (1 references) target prot opt source destination
Chain FWDI_public (2 references) target prot opt source destination FWDI_public_log all -- anywhere anywhere FWDI_public_deny all -- anywhere anywhere FWDI_public_allow all -- anywhere anywhere
Chain FWDI_public_allow (1 references) target prot opt source destination
Chain FWDI_public_deny (1 references) target prot opt source destination
Chain FWDI_public_log (1 references) target prot opt source destination
Chain FWDO_public (2 references) target prot opt source destination FWDO_public_log all -- anywhere anywhere FWDO_public_deny all -- anywhere anywhere FWDO_public_allow all -- anywhere anywhere
Chain FWDO_public_allow (1 references) target prot opt source destination
Chain FWDO_public_deny (1 references) target prot opt source destination
Chain FWDO_public_log (1 references) target prot opt source destination
Chain INPUT_ZONES (1 references) target prot opt source destination IN_public all -- anywhere anywhere [goto] IN_public all -- anywhere anywhere [goto]
Chain INPUT_ZONES_SOURCE (1 references) target prot opt source destination
Chain INPUT_direct (1 references) target prot opt source destination
Chain IN_public (2 references) target prot opt source destination IN_public_log all -- anywhere anywhere IN_public_deny all -- anywhere anywhere IN_public_allow all -- anywhere anywhere
Chain IN_public_allow (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http ctstate NEW ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW ACCEPT tcp -- anywhere anywhere tcp dpt:https ctstate NEW
Chain IN_public_deny (1 references) target prot opt source destination
Chain IN_public_log (1 references) target prot opt source destination
Chain OUTPUT_direct (1 references) target prot opt source destination
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
------------------------------------------------------------------------
UTSouthwestern
Medical Center
The future of medicine, today.
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/ ___________________________________________________________Please keep all replies on the list by using "reply all"in your mail client. To manage your subscriptions to thisand other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/