the fast, reliable localhost tunneling solution

Skip to navigation

Configure Your GNU/Linux System for use with Pagekite

By Jon Spriggs 2013-01-17, 15:53

Configuring an HTTP back-end

What is this? This is what you would do if you have a web-server, for example Apache or Nginx, running on your computer and you would like it to always be visible to the world whenever you have a working Internet connection.

Instructions

This assumes you have downloaded and installed the package as per DebianPackage or RpmPackage and have an account at pagekite.net:

  1. Edit /etc/pagekite.d/10_account.rc:
    1. Replace "NAME.pagekite.me" with the name of one of your pagekites
    2. Replace "YOURSECRET" with the shared secret value from pagekite.net/home/
    3. Remove the line "abort_not_configured" and the comment above it.
  2. Rename /etc/pagekite.d/80_httpd.rc.sample to /etc/pagekite.d/80_httpd.rc
  3. If your web server is not listening on port 80, edit 80_httpd.rc and replace the port number in the service_on= (or backend=) line with the correct value. You can also add more back-ends, for example an https back-end if your web server is configured for native SSL.

  4. Restart PageKite with one of the following commands:

    # RedHat/Fedora:
service pagekite restart

# Ubuntu/Debian:
sudo invoke-rc.d pagekite restart

See below for some hints about how to test and debug your configuration if you have any problems.

Configuring an SSH back-end

Configuring an SSH back-end is almost exactly the same procedure as configuring an HTTP back-end, described above - the only difference is in step 2, when you should rename the /etc/pagekite.d/80_sshd.rc.sample to 80_sshd.rc.

Note that you will need to reconfigure your SSH clients as well, as described on the SshOverPageKite page.

Configuring PageKite as a public facing front-end

What is this? A PageKite front-end is useful if you have a server on the Internet and would like to use it instead of (or in addition to) the commercial pagekite.net service. Most people do not need this.

Instructions

This assumes you have downloaded and installed the package as per DebianPackage or RpmPackage.

  1. Remove all the lines in /etc/pagekite.d/10_account.rc (but leave the file there!)

  2. Edit /etc/pagekite.d/20_frontend.rc adding the following lines:

      isfrontend
  ports=80,443
  protos=http,https
  domain=http,https:*.your.domain:MakeUpAPasswordHere

  3. Optional: If you are sharing your HTTP port between your pagekite instance and another web server, you can specify the IP address to bind to in /etc/pagekite.d/20_frontend.rc, as follows:

      host=192.168.0.1

    Then, create /etc/pagekite.d/80_backend.rc with the following:

      service_on=http:192.168.0.1:127.0.0.1:80:
  service_on=https:192.168.0.1:127.0.0.1:443:
  service_on=http:yourhostname:127.0.0.1:80:
  service_on=https:yourhostname:127.0.0.1:443:
  service_on=http:yourhostname,fqdn:127.0.0.1:80:
  service_on=https:yourhostname,fqdn:127.0.0.1:443:

    (alternately, use service_on=http:unknown:127.0.0.1:80)

    The above assume you're sharing your apache server by binding it to 127.0.0.1:80 and 127.0.0.1:443 and that your primary interface IP is 192.168.0.1.

  4. Optional: If you wish to provide SSL/TLS encryption between the front-end and back-end, you will first need to generate SSL certificates.

      openssl req -new -x509 -keyout /etc/pagekite.d/site-key.pem \
    -out /etc/pagekite.d/site-cert.pem -days 365 -nodes
  cat /etc/pagekite.d/site-key.pem /etc/pagekite.d/site-cert.pem \
    |tee /etc/pagekite.d/frontend.pem

    You can examine the contents of the .pem files by using commands like these:

      cat /etc/pagekite.d/site-cert.pem | openssl x509 -text
  cat /etc/pagekite.d/frontend.pem | openssl x509 -text

    Once you've got your certificates, add this to /etc/pagekite.d/20_frontend.rc on the backend:

      frontend=frontend.your.domain:443
  fe_certname=frontend.your/domain
  ca_certs=/etc/pagekite.d/site-cert.pem

    Your front-ends need to have a copy of the frontend.pem file and include this line in their own configuration scripts:

      tls_endpoint=frontend.your.domain:/path/to/frontend.pem

Troubleshooting

System logs

The system-wide PageKite from the .deb and .rpm packages is configured to log details about what it is doing to the file /var/log/pagekite/pagekite.log.

That is generally the first place to look for information about what the program is doing (or not doing).

Interactive testing

If either of the above configurations do not seem to be working, it may be useful to stop the service (service pagekite stop or invoke-rc.d pagekite stop) and then experiment with the following command:

$ sudo pagekite --clean --optdir=/etc/pagekite.d

This will run PageKite interactively on the console, using the configuration from /etc/pagekite.d. This makes it easier to catch any configuration errors and test different settings.

Adding the arguments --logfile=stdio and --debugio may also be helpful in particularly difficult cases.

Comments

  1. Nick said on 2011-11-13, 20:02
    This page is very informative, but it needs a little introduction for both the HTTP backend and the PageKite frontend options.

    - Why would you prefer one of these options over another?
    - What are the use-cases for each?
    - What are the equivalent pagekite.py commands?

    The HTTP backend is obviously simpler, though it supports only a single pagekite.
    Permalink
  2. Bjarni Rúnar Einarsson said on 2011-11-27, 22:28
    Valid points, Nick. I will see about updating the page.

    In the meantime: the first recipe just explains how to use PageKite start up on boot and automatically make your local web server visible.

    The second recipe explaines how you can configure the PageKite software on a publicly visible server so you can use that machine *instead* of the service provided by pagekite.net. This second case is understandably quite a bit more complicated. :-)
    Permalink
  3. JW said on 2012-11-01, 12:47
    While following the directions under "Configuring an HTTP back-end", I got to step 3 where I'm told to edit the 80_httpd.rc file and "...replace the port number in the backend= line with the correct value..." but there's one problem...there is no such line.

    Additionally, do I leave the following line (within 80_httpd.rc) as is, or is it a "template" line where I'm supposed to replace the example text with my account/pagekite info?

    service_on = http:@kitename : localhost:80 : @kitesecret

    Thanks in advance...JW
    Permalink
  4. Bjarni Rúnar Einarsson said on 2012-11-01, 13:06
    Hi JW! The latest versions of PageKite have renamed backend= to service_on=. I should update this page.

    You can leave the @-placeholders as they are, they will use the default kite/secret values defined in the account.rc file. Of course, if you want to fly multiple kites you'll create more lines and replace the placeholders with the other kite's names.
    Permalink
  5. rifai said on 2012-11-14, 09:32
    is there any troubleshoot both back-end and front-end if the back-end failed to connect to front-end.
    Permalink
  6. Francis said on 2013-02-28, 13:09
    If I run my own front-end, how do I specify to the front-end what kites are available, what are their secrets, ....
    Permalink
  7. Johan said on 2013-07-04, 09:17
    After I started a second account and did some --adding, I got this

    "REJECTED: http:jg.pagekite.me (duplicate) "

    Some tips what to do? uninstall?
    Permalink
  8. Josh said on 2013-08-28, 01:40
    I'm having problems with a php document downloading instead of displaying. Is there a way to add php to the apache config file?
    Permalink
  9. shepbarrick said on 2013-09-22, 00:51
    I got a question i have owncloud+pagekite i want it to start automatically every time my computer boots if it gets restarted or just stay running in the bg? please help!
    Permalink
  10. moarli said on 2014-06-20, 17:22
    I´m running pagekite on two raspberry pis as backend and frontend. on the frontend pi I get "Errno 98".
    What does it mean? Pleas help!
    Permalink
  11. sorin said on 2014-06-22, 14:42
    I set up pagekite on a debian (raspberry-pi) and i'm experiencing the following issue:
    When run as a service the default settings are used (/root/.pagekite.rc) which have the "default" secret. I get an error for wrong secret.
    When i run pagekite --clean --optdir /etc/pagekite.d all works fine

    any suggestions?
    Permalink
  12. urac said on 2014-06-25, 10:33
    @moarli
    means another server is already listening on a port you're trying to use (most likely apache on port 80).
    Try
    apachectl stop
    on frontend
    Permalink
  13. Concelor said on 2014-08-14, 04:03
    When i attempt to run sudo pagekite --clean --optdir=/etc/pagekite.
    I get http:XXX.pagekite.me (duplicate) any suggestions?
    Permalink
  14. Concelor said on 2014-08-14, 04:33
    When i attempt to run sudo pagekite --clean --optdir=/etc/pagekite.
    I get http:XXX.pagekite.me (duplicate) any suggestions?
    Permalink
  15. paul said on 2014-10-01, 15:33
    When I run (sudo pagekite --clean --optdir=/etc/pagekite) I get invalid literal for int () with base 10: '@kitesecret. What does this mean?
    Permalink
  16. devan said on 2014-10-06, 20:40
    re: duplicate pagekite, you need to delete the ~/.pagekite as it appears to be included even with --optdir

    My problem is that is works fine if I invoke with local user and sudo but, when i start the service I get:
    ts=541d3cd9; t=2014-09-20T08:37:45; ll=2d; debug=Ping 173.230.155.164:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=2e; debug=Ping 178.79.140.143:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=2f; debug=Ping 173.230.155.164:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=30; debug=Ping 106.187.99.46:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=31; debug=Ping 88.198.198.92:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=32; debug=Ping 88.198.198.93:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=33; debug=Ping 110.232.112.207:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=34; debug=Ping 50.116.41.25:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=35; debug=Ping 93.95.226.149:443 failed: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=36; debug=Preferred:
    ts=541d3cda; t=2014-09-20T08:37:46; ll=37; err=Error in connect: Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/pagekite/proto/conns.py", line 464, in _BackEnd data, parse = self._Connect(server, conns) File "/usr/lib/pymodules/python2.7/pagekite/proto/conns.py", line 324, in _Connect self.fd.connect((sspec[0], int(sspec[1]))) File "/usr/lib/pymodules/python2.7/sockschain/__init__.py", line 1011, in connect proxy) File "/usr/lib/pymodules/python2.7/sockschain/__init__.py", line 871, in __negotiatehttpconnect raise HTTPError((statuscode, statusline[2])) HTTPError: (403, 'Forbidden')
    ts=541d3cda; t=2014-09-20T08:37:46; ll=38; err=Server response parsing failed: (403, 'Forbidden'); id=s0
    ts=541d3cda; t=2014-09-20T08:37:46; ll=39; eof=1; id=s0
    Permalink
  17. Jim Duehr said on 2015-08-12, 18:04
    One big question I have about this pertains to the commercial pagekite package and traffic limits.

    If I set up my own public facing front end pagekite service, am I still beholden to pagekite GB transfer limits?
    Permalink
  18. Paolo said on 2015-11-06, 19:54
    Im having a problem running the pagekite kite on the back end using a SSL self signed certificate.

    Ive changed the port in 80_httpd.rc from 80 to 443 but I get an error on the browser about submitting a http to a https server.

    It works if I use pagekite.py 443 https://kitename.pagekite.me but if I close my putty session it stops the service

    Any ideas
    Permalink

Leave a comment

( (Please leave these blank: )

We use Gravatar for commenter's photos. Get your own, it's free!

Wiki

Links

Pagekite.net - main pages:

The Beanstalks Project ehf.

Service

Community

Open Source

Find us on:

Contact Us

Email: