source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis001/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25246

Last change on this file since 25246 was 25246, checked in by Paul Leo, 3 months ago

Updating Production proxy httpd configuration files, prior to changes for going live
Also updating Apache httpd to 2.4.53

File size: 7.9 KB
Line 
1# Virtual Hosts
2#
3# Required modules: mod_log_config
4
5# If you want to maintain multiple domains/hostnames on your
6# machine you can setup VirtualHost containers for them. Most configurations
7# use only name-based virtual hosts so the server doesn't need to worry about
8# IP addresses. This is indicated by the asterisks in the directives below.
9#
10# Please see the documentation at
11# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
12# for further details before you try to setup virtual hosts.
13#
14# You may use the command line option '-S' to verify your virtual host
15# configuration.
16
17###### VirtualHost ibis.health.state.nm.us  #######
18###### redirecting of old DNS name to new DNS name (ibis.doh.nm.gov) ######
19##### Uncomment when have DNS ENTRY
20#####   <VirtualHost 10.100.2.16:443>
21#####           ServerName ibis.health.state.nm.us
22#####           #### use http2, and permit acme to just use 443
23#####           #### Protocols h2 http/1.1
24#####           Protocols h2 http/1.1 acme-tls/1
25#####           
26#####           SSLEngine on
27#####
28#####           ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_error.log 86400"
29#####           CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_access.log 86400" combined
30#####
31#####           ######## This server is listening for ibis.health.state.nm.us It should redirect to ibis.doh.nm.gov/Alert.html
32#####           RedirectMatch ".*" https://ibis.doh.nm.gov/Alert.html
33#####           Redirect / https://ibis.doh.nm.gov/Alert.html
34#####           
35#####   </VirtualHost>
36
37###### VirtualHost ibis.doh.nm.gov ######
38
39########### CHANGE ServerName BELOW #######
40
41        <VirtualHost 10.100.2.15:443>
42                ServerName ibisnew.health.state.nm.us
43######  ServerName ibis.doh.nm.gov 
44                #### use http2, and permit acme to just use 443
45                #### Protocols h2 http/1.1
46                Protocols h2 http/1.1 acme-tls/1
47               
48                SSLEngine on
49                SSLProxyEngine on
50                SSLProxyVerify require
51                SSLProxyVerifyDepth 8
52                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
53                SSLProxyCheckPeerCN on
54                SSLProxyCheckPeerExpire on
55                SSLProxyCheckPeerName on
56       
57                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
58                # am using rotate every day and keep 7 days, could keep more.
59                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
60                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
61                # -v is verbose output for debugging, BUT...
62                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
63                # note daily is 86400, testing is 60 (every minute)
64                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
65                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
66                # Next line is for production, rotate every day, keep 14 logs
67                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/ibis_error.log 86400"
68                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibis_access.log 86400" combined       
69         
70                # Reverse proxy for this virtual host
71                       
72                ProxyPreserveHost on
73                ProxyRequests off
74                ProxyTimeout 300
75               
76                <Proxy *>
77                        Require all granted 
78                </Proxy>
79
80                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
81                #### they are also restricted to certain hosts at bottom of http.conf file
82               
83                ProxyPass "/server-status" "!"
84                ProxyPass "/md-status" "!"
85                ProxyPass "/.svn" "!"
86                ProxyPass "/nmibis-admin" "!"
87               
88                #### Next line will eath the /nmibis-view I think, it fixes ibis.doh.nm.gov/nmibis-view/nmibis-view/Login.html error
89                ProxyPass /nmibis-view/ https://dohr2simnmibis2/nmibis-view/
90                ProxyPass / https://dohr2simnmibis2/nmibis-view/
91                ProxyPassReverse / https://dohr2simnmibis2/nmibis-view/
92        ########Uncomment next line and delete 2nd line below prior to going live
93######          ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibis.doh.nm.gov
94                ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibisnew.health.state.nm.us
95                ProxyPassReverseCookiePath / /
96                       
97        </VirtualHost>
98
99
100###### VirtualHost nmtracking.org  #######
101###### redirecting of old DNS name to new DNS name (nmtracking.doh.nm.gov) ######
102
103######### Uncomment when have DNS ENTRY ########
104####    <VirtualHost 10.100.2.17:443>
105####            ServerName nmtracking.org
106####            #### use http2, and permit acme to just use 443
107####            #### Protocols h2 http/1.1
108####            Protocols h2 http/1.1 acme-tls/1
109####           
110####            SSLEngine on
111####
112####            ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_error.log 86400"
113####            CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_access.log 86400" combined
114####
115####            ######## This server is listening for nmtracking.org It should redirect to nmtracking.doh.nm.gov/Alert.html
116####            RedirectMatch "/WildFireSmoke/" "https://nmtracking.doh.nm.gov/WildFireSmoke/"
117####            RedirectMatch  "environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
118####            RedirectMatch  "/environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
119####            RedirectMatch ".*" https://nmtracking.doh.nm.gov/Alert.html
120####            Redirect / https://nmtracking.doh.nm.gov/Alert.html
121####                           
122####    </VirtualHost>
123
124
125############### VirtualHost nmtracknew.nmtracking.org #####
126####### CHANGE ServerName BELOW #######
127
128        <VirtualHost 10.100.2.17:443>
129                ServerName nmtracknew.nmtracking.org
130########                ServerName nmtracking.doh.nm.gov 
131                #### use http2, and permit acme to just use 443
132                ##### turn offf acme Protocols h2 http/1.1 acme-tls/1
133                ##### Protocols h2 http/1.1
134                Protocols h2 http/1.1 acme-tls/1
135               
136                SSLEngine on
137                SSLProxyEngine on
138                SSLProxyVerify require
139                SSLProxyVerifyDepth 8
140                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
141                SSLProxyCheckPeerCN on
142                SSLProxyCheckPeerExpire on
143                SSLProxyCheckPeerName on
144       
145                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/nmtracking_error.log 86400"
146                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtracking_access.log 86400" combined
147
148                #### Reverse proxy for this virtual host ####
149               
150                ProxyPreserveHost on
151                ProxyRequests off
152                ProxyTimeout 300
153               
154###########Remove any Auth*, etc and uncomment Require  ##### Password Protect NMEPHT (in this case staging.ibis.dataphilesconsulting.com)
155               
156                <Proxy *>
157######                  Require all granted
158                        AuthType Basic
159                        AuthName "Staging, enter username and password for access"
160                        AuthBasicProvider file
161                        AuthUserFile "C:\Apache-2.4.53\conf\nmtrackuser.txt"
162                        Require user nmtracking
163                </Proxy>
164                       
165                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
166                #### they are also restricted to certain hosts at bottom of http.conf file
167               
168                ProxyPass "/server-status" "!"
169                ProxyPass "/md-status" "!"
170                ProxyPass "/.svn" "!"
171                ProxyPass "/nmibis-admin" "!"
172
173                ### WildFireSmoke
174               
175        ProxyPass /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
176        ProxyPassReverse /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
177########Uncomment next line and delete 2nd line below prior to going live
178#######         ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracking.doh.nm.gov/
179                ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracknew.nmtracking.org/
180                ProxyPassReverseCookiePath / /
181                       
182        ### NMEPHT-View
183               
184                #### Next line will eath the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
185                ProxyPass /nmepht-view/ https://dohr2simnmibis2/nmepht-view/
186                ProxyPass / https://dohr2simnmibis2/nmepht-view/
187                ProxyPassReverse / https://dohr2simnmibis2/nmepht-view/
188########Uncomment next line and delete 2nd line below prior to going live       
189#####           ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracking.doh.nm.gov/
190                ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracknew.nmtracking.org/
191                ProxyPassReverseCookiePath / /
192                       
193        </VirtualHost>
Note: See TracBrowser for help on using the repository browser.