source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis001/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25237

Last change on this file since 25237 was 25237, checked in by Paul Leo, 5 months ago

Updating Production proxy httpd configuration files, prior to changes for going live

File size: 7.7 KB
Line 
1# Virtual Hosts
2#
3# Required modules: mod_log_config
4
5# If you want to maintain multiple domains/hostnames on your
6# machine you can setup VirtualHost containers for them. Most configurations
7# use only name-based virtual hosts so the server doesn't need to worry about
8# IP addresses. This is indicated by the asterisks in the directives below.
9#
10# Please see the documentation at
11# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
12# for further details before you try to setup virtual hosts.
13#
14# You may use the command line option '-S' to verify your virtual host
15# configuration.
16
17###### VirtualHost ibis.health.state.nm.us  #######
18###### redirecting of old DNS name to new DNS name (ibis.doh.nm.gov) ######
19
20        <VirtualHost 10.100.2.16:443>
21                ServerName ibis.health.state.nm.us
22                #### use http2, and permit acme to just use 443
23                #### Protocols h2 http/1.1
24                Protocols h2 http/1.1 acme-tls/1
25               
26                SSLEngine on
27
28                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_error.log 86400"
29                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_access.log 86400" combined
30
31                ######## This server is listening for ibis.health.state.nm.us It should redirect to ibis.doh.nm.gov/Alert.html
32                RewriteEngine  on
33                RewriteCond "%{HTTP_HOST}" "=ibis.health.state.nm.us"
34                RewriteRule  ".*" "https://ibis.doh.nm.gov/Alert.html"
35               
36                Redirect / https://ibis.doh.nm.gov/Alert.html
37               
38        </VirtualHost>
39
40###### VirtualHost ibis.doh.nm.gov ######
41
42####### CHANGE ServerName BELOW #######
43
44        <VirtualHost 10.100.2.15:443>
45                ServerName ibisnew.health.state.nm.us
46                ######## ServerName ibis.doh.nm.gov 
47                #### use http2, and permit acme to just use 443
48                #### Protocols h2 http/1.1
49                Protocols h2 http/1.1 acme-tls/1
50               
51                SSLEngine on
52                SSLProxyEngine on
53                SSLProxyVerify require
54                SSLProxyVerifyDepth 8
55                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
56                SSLProxyCheckPeerCN on
57                SSLProxyCheckPeerExpire on
58                SSLProxyCheckPeerName on
59       
60                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
61                # am using rotate every day and keep 7 days, could keep more.
62                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
63                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
64                # -v is verbose output for debugging, BUT...
65                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
66                # note daily is 86400, testing is 60 (every minute)
67                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
68                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
69                # Next line is for production, rotate every day, keep 14 logs
70                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/ibis_error.log 86400"
71                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibis_access.log 86400" combined       
72         
73                # Reverse proxy for this virtual host
74                       
75                ProxyPreserveHost on
76                ProxyRequests off
77                ProxyTimeout 300
78               
79                <Proxy *>
80                        Require all granted 
81                </Proxy>
82
83                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
84                #### they are also restricted to certain hosts at bottom of http.conf file
85               
86                ProxyPass "/server-status" "!"
87                ProxyPass "/md-status" "!"
88                ProxyPass "/.svn" "!"
89                ProxyPass "/nmibis-admin" "!"
90               
91                #### Next line will eath the /nmibis-view I think, it fixes ibis.doh.nm.gov/nmibis-view/nmibis-view/Login.html error
92                ProxyPass /nmibis-view/ https://dohr2simnmibis2/nmibis-view/
93                ProxyPass / https://dohr2simnmibis2/nmibis-view/
94                ProxyPassReverse / https://dohr2simnmibis2/nmibis-view/
95        ########Uncomment next line and delete 2nd line below prior to going live
96                ####ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibis.doh.nm.gov
97                ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibisnew.health.state.nm.us
98                ProxyPassReverseCookiePath / /
99                       
100        </VirtualHost>
101
102
103###### VirtualHost nmtracking.org  #######
104###### redirecting of old DNS name to new DNS name (nmtracking.doh.nm.gov) ######
105
106        <VirtualHost 10.100.2.17:443>
107                ServerName nmtracking.org
108                #### use http2, and permit acme to just use 443
109                #### Protocols h2 http/1.1
110                Protocols h2 http/1.1 acme-tls/1
111               
112                SSLEngine on
113
114                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_error.log 86400"
115                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_access.log 86400" combined
116
117                ######## This server is listening for nmtracking.org It should redirect to nmtracking.doh.nm.gov/Alert.html
118
119                RewriteEngine  on
120                RewriteCond "%{HTTP_HOST}" "=nmtracking.org"
121                RewriteRule  "environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
122                RewriteRule  "/environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
123               
124                RewriteRule  ".*" "https://nmtracking.doh.nm.gov/Alert.html"
125               
126                Redirect / https://nmtracking.doh.nm.gov/Alert.html
127               
128        </VirtualHost>
129
130
131############### VirtualHost nmtracknew.nmtracking.org #####
132####### CHANGE ServerName BELOW #######
133
134        <VirtualHost 10.100.2.17:443>
135                ServerName nmtracknew.nmtracking.org
136                ######### ServerName nmtracking.doh.nm.gov 
137                #### use http2, and permit acme to just use 443
138                ##### turn offf acme Protocols h2 http/1.1 acme-tls/1
139                ##### Protocols h2 http/1.1
140                Protocols h2 http/1.1 acme-tls/1
141               
142                SSLEngine on
143                SSLProxyEngine on
144                SSLProxyVerify require
145                SSLProxyVerifyDepth 8
146                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
147                SSLProxyCheckPeerCN on
148                SSLProxyCheckPeerExpire on
149                SSLProxyCheckPeerName on
150       
151                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/nmtracking_error.log 86400"
152                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtracking_access.log 86400" combined
153
154                #### Reverse proxy for this virtual host ####
155               
156                ProxyPreserveHost on
157                ProxyRequests off
158                ProxyTimeout 300
159               
160###########Remove any Auth*, etc and uncomment Require  ##### Password Protect NMEPHT (in this case staging.ibis.dataphilesconsulting.com)
161               
162                <Proxy *>
163                        ####Require all granted
164                        AuthType Basic
165                        AuthName "Staging, enter username and password for access"
166                        AuthBasicProvider file
167                        AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt"
168                        Require user nmtracking
169                </Proxy>
170                       
171                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
172                #### they are also restricted to certain hosts at bottom of http.conf file
173               
174                ProxyPass "/server-status" "!"
175                ProxyPass "/md-status" "!"
176                ProxyPass "/.svn" "!"
177                ProxyPass "/nmibis-admin" "!"
178
179                ### WildFireSmoke
180               
181        ProxyPass /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
182        ProxyPassReverse /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
183        ########Uncomment next line and delete 2nd line below prior to going live
184                ####ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracking.doh.nm.gov/
185                ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracknew.nmtracking.org/
186                ProxyPassReverseCookiePath / /
187                       
188        ### NMEPHT-View
189               
190                #### Next line will eath the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
191                ProxyPass /nmepht-view/ https://dohr2simnmibis2/nmepht-view/
192                ProxyPass / https://dohr2simnmibis2/nmepht-view/
193                ProxyPassReverse / https://dohr2simnmibis2/nmepht-view/
194        ########Uncomment next line and delete 2nd line below prior to going live       
195                #####ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracking.doh.nm.gov/
196                ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracknew.nmtracking.org/
197                ProxyPassReverseCookiePath / /
198                       
199        </VirtualHost>
Note: See TracBrowser for help on using the repository browser.