Nuxeo and authbind?
Nuxeo-Platform version: 5.7.3 Fasttrack
Server OS: Ubuntu 13.04
I am trying to bind Nuxeo to port 80 instead of 8080. In Ubuntu, a “user”, in this case the nuxeo user, is not able to bind to ports lower than 1024. Enter the program authbind. I have authbind configured to allow nuxeo on port 80, however, even when I change the /etc/nuxeo/nuxeo.conf file from 8080 to 80 and it still fails to start.
I did find a few references about tomcat and having the parameter “authbind=yes” set in the config file. I added authbind=yes to the nuxeo.conf and it still fails to start.
Question, can I bind nuxeo to port 80 using authbind or some other method? Thank you.
Usually, in such cases, people use two different solutions :
- they either use some kind of reverse-proxy (Apache or Nginx) in front of Nuxeo, listening on 80 and connecting to 8080. It's especially useful if you need to interoperate with other kind of services (like SSO-systems, cache, etc.). Since this reverse-proxy runs (or at least starts) as root, it has no problem running on 80.
- or they use a simple iptables-based redirection, so that every request to 80 goes instead to 8080. This is a much more simple setup, where you won't be able to do clever stuff on your incoming flow. But it's much lighter on resources.
apt-get install iptables-persistent
iptables -t nat -A PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 8080
iptables-save > /etc/iptables/rules.v4
This makes the changes permanent across reboots.
authbind is not a valid parameter for
nuxeo.conf. If you need to change the Tomcat configuration more than what is provided by the Nuxeo parameters, then you must create a configuration template providing your own
server.xml template file for instance.