Fess behind reverse proxy

(from github.com/mprzytulski)
It is possible to setup fess behind a reverse proxy so it can be virtually placed under a subdirectory of the main domain, like: http://example.com/search ?
I’m able to setup it under / path but if I configure reverse proxy to use /search I’ll get redirects from /search/admin/ to /admin/dashboard

(from github.com/marevol)
It depends on a reverse proxy setting.
Fess works with a reverse proxy.
ProxyPassReverse directive is needed if using apache.

(from github.com/micakovic)
For Fess behind HAProxy, whereby both Tomcat (Fess) and HAProxy sit on the same host,
you could try this.

Edit the HAProxy config file which usually sits here /etc/haproxy/haproxy.conf like so,
preserving other settings that come out of the box with it:

    mode                http
    log                 global
    option              httplog
    option              dontlognull
    option              http-server-close
    option              forwardfor except
    option              redispatch

frontend fess
    bind                *:80
    bind                *:443 ssl crt /etc/ssl/certs/haproxy/your_combined_certificate.pem
    redirect            scheme https code 301 if !{ ssl_fc }
    mode                http
    timeout             http-request 5s # Slowloris protection
    rspirep             ^(set-cookie:.*) \1;\ Secure
    # HSTS (15768000 seconds = 6 months)
    http-response       set-header Strict-Transport-Security max-age=15768000;\ preload;
    default_backend     fess

backend fess
    mode                http
    option              forwardfor
    http-request        set-header X-Forwarded-Port %[dst_port]
    http-request        add-header X-Forwarded-Proto https if { ssl_fc }
    option              httpchk HEAD / HTTP/1.1\r\nHost:localhost
    # CORS clients
    acl                 cors_allowed src # IP address of your web application server
    rspadd              Access-Control-Allow-Origin:\ * if cors_allowed
    balance             roundrobin
    server              static check

If Tomcat (Fess) sits on another machine, replace the server ip address in the backend
configuration with that IP. For example:

backend fess
 server              static check 

This server must permit tcp/80 from your HAProxy IP address. Tomcat must be started to
listen on in this case. Its default behaviour is to listen on if
I am not mistaken.

The CORS clients directive allows you to query Fess programatically from a particular
IP address if you utilise JSON calls and JS APIs.

If Tomcat (Fess) and HAProxy sit on the same machine, permit only tcp/80 and tcp/443
to that machine.

If Tomcat (Fess) sits on another machine in LAN, a different one from the one where
HAProxy sits, on the one where you have Tomcat (Fess) permit tcp/8080 only from the
HAProxy machine.

(from github.com/micakovic)
For Tomcat (Fess) sitting behind nginx, try these. is the IP address of the machine where Tomcat (Fess) runs. Allow your reverse proxy IP address to this machine on tcp/8080, and make sure that Tomcat starts on IP, then to serve a subdirectory do:

location ~ ^/fess/(.*)$ {
    rewrite    ^/fess/(.*)$ /$1 break;

In this example, requests would go to https://exapmle.com/fess/json?q=

nginx should accept tcp/80, tcp/443, and do 301 redirects from http to https.

(from github.com/marevol)


Are the protocol and port correct?

(from github.com/micakovic)
Amended the port and protocol for nginx config.

(from github.com/biligee)
mprzytulski did you find a solution? I also need a simple one.