I have my laptop running Ubuntu Server 22.04 as a home server. My home network has private IP adress, but I have one of those Keenetic routers that are using their own DNS service. It allows me to connect to the router from the outside network using the registered domain name myname.keenetic.pro with SSL certificate.
I've installed Webmin on my server, and I've changed the default port to one of the allowed by the KeenDNS system (8083). Then I've created my 4 level domain on my router that points to the servers local adress with the choosen port, in my case it's 192.168.1.123:8083. According to the manual it should work like this - opening HTTPS server.***.keenetic.pro must show me the Webmin page. It didn't worked at first, so I've installed Apache2 and tried to reverse proxy, here is the config:
<VirtualHost 192.168.1.123:443>
ServerName server.***.keenetic.pro
ProxyPass /webmin/ http://localhost:8083/
ProxyPassReverse /webmin/ http://localhost:8083/
ProxyPassReverseCookieDomain /webmin/ http://localhost:8083/
ProxyPassReverseCookiePath /webmin/ http://localhost:8083/
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
#ProxyPass / https://192.168.1.123:8083/
#ProxyPassReverse / https://192.168.1.123:8083/
</VirtualHost>
Config file for Webmin:
passwd_uindex=0
ld_env=LD_LIBRARY_PATH
tempdelete_days=7
by_view=0
passwd_pindex=1
passwd_mindex=4
passwd_file=/etc/shadow
passwd_cindex=2
path=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
find_pid_command=ps auwwwx | grep NAME | grep -v grep | awk '{ print $2 }'
os_type=debian-linux
os_version=13.0
real_os_type=Ubuntu Linux
real_os_version=22.04.3
lang=en
log=1
referers_none=1
md5pass=0
theme=authentic-theme
product=webmin
locale_root=en-US
lang_root=en
theme_root=authentic-theme
webprefix=
webprefixnoredir=1
relative_redir=0
referer=server.***.keenetic.pro
langauto_root=0
miniserv.conf for Webmin:
port=8083
root=/usr/share/webmin
mimetypes=/usr/share/webmin/mime.types
addtype_cgi=internal/cgi
realm=Webmin Server
logfile=/var/webmin/miniserv.log
errorlog=/var/webmin/miniserv.error
pidfile=/var/webmin/miniserv.pid
logtime=168
ssl=1
no_ssl2=1
no_ssl3=1
ssl_honorcipherorder=1
no_sslcompression=1
env_WEBMIN_CONFIG=/etc/webmin
env_WEBMIN_VAR=/var/webmin
atboot=1
logout=/etc/webmin/logout-flag
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
syslog=1
ipv6=0
session=1
premodules=WebminCore
server=MiniServ/2.102
userfile=/etc/webmin/miniserv.users
keyfile=/etc/webmin/miniserv.pem
passwd_file=/etc/shadow
passwd_uindex=0
passwd_pindex=1
passwd_cindex=2
passwd_mindex=4
passwd_mode=0
preroot=authentic-theme
passdelay=1
failed_script=/etc/webmin/failed.pl
logout_script=/etc/webmin/logout.pl
login_script=/etc/webmin/login.pl
cipher_list_def=1
sudo=1
error_handler_403=403.cgi
error_handler_401=401.cgi
error_handler_404=404.cgi
nolog=\/stats\.cgi\?xhr\-stats\=general
sockets=127.0.0.1:8083
no_resolv_myname=0
preroot_root=authentic-theme
logouttimes=
unixauth=
allowusers=***
pamany=
host=server.***.keenetic.pro
libwrap=
trust_real_ip=1
alwaysresolve=0
redirect_ssl=1
So far I've managed to get SSL certificate for the domain, Apache2 default page *:80 works fine, not sure is it important or not. Still not sure should I use 80 and 443 ports and how if so. But at this stage I have this:
- When using HTTPS
server.***.keenetic.proit show the log in page for Webmin but redirects me back to 192.168.1.123; - When using HTTP
server.***.keenetic.proit shows me the error:
ERROR — CACHE ISSUE OR NO COOKIES SUPPORT
Please clear your browser's cache for the given domain and/or try incognito tab; double check to have cookies support enabled.
I tried incognito mode and clearing browsers cache but it did nothing.
So I've faced different problems, tried tens of possible fixes, ports, tried different configurations for Apache, tried to disable forwarding (and getting login loop) for Webmine. And I still can't get it right, what part of my chain is broken. The Keenetic support told me that it doesn't seem like the problem is on the router side. Am I missing something important? What's the possible instruction to use dynamic DNS service like I have to access the server with private IP?