RunDeck is a very useful tool as a runbook automation tool for administrator as well as developers. It is well known for remote job executions and remote management.
So it is important that the url to access the web interface shall look presentable. When we introduced RunDeck to our team of developers we had one quick requirement to change the default rundeck port 4440(HTTP) or 4443(HTTPS) to 80/443 as it was easy to access and looked good.
Note: In this article we have used 80 as the new port for Rundeck, you can put any other port if required other than 80/443.
We tried to change the port numbers values for framework.server.port and framework.server.url in /opt/rundeck/etc/framework.properties but faced many access denied errors after restarting the services and while running the jobs.
So finally we did below settings to proxy all the requests via a apache to make it working faster and reliable on port 80.
Note: We are using root to start the services so if you are using any port below 1024 then please make sure to run the service as root user else permission denied errors will come.
Apache configurations for reverse proxy:
Open the apache httpd.conf file and make sure below configurations are set to make RunDeck run on port 80
1. Make sure the Apache is listening on port 80:
2. In LoadModule Section:
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so
3. In config section:
ProxyRequests off ProxyPreserveHost On ProxyPass / http://rundeck_server_host_FQDN:4440/ ProxyPassReverse / http://rundeck_server_host_FQDN:4440/
4. Once above settings are set and check the syntax by issuing below command:
5. Once the syntax shows OK, start the Apache service and now you can access the URL using direct 80 port.
Changing Listen Port When Starting With RunDeck Launcher:
Incase you are starting the rundeck with launcher jar file then we have below options (though not suggested) where you can avoid using the apache as a proxy.
The launcher jar can take a number of options to specify how the server should start. You can also customize the launcher behavior by using below java system properties.
you need to specify these properties using the normal -Dproperty=value commandline options to the java command while starting the launcher jar file:
server.http.port : The HTTP port to use for the server, default "4440" server.https.port : The HTTPS port to use or the server, default "4443" server.http.host : Address/hostname to listen on, default is all addresses "0.0.0.0" server.hostname : Hostname to use for the server, default is the system hostname
Example command to start Rundeck Launcher:
/opt/rundeck/jdk1.7.0_55/bin/java -XX:MaxPermSize=512m -Xms2048m -Xmx4096m -Dserver.http.port=80 -Dserver.hostname=rundeck_server_host_FQDN -Dloginmodule.conf.name=jaas-activedirectory.conf -Djava.security.auth.login.config=jaas-activedirectory.conf -Dloginmodule.name=activedirectory -jar /opt/rundeck/rundeck-launcher-2.6.6.jar --skipinstall