source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis001/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25246

# Virtual Hosts
#
# Required modules: mod_log_config

# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at 
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

###### VirtualHost ibis.health.state.nm.us  #######
###### redirecting of old DNS name to new DNS name (ibis.doh.nm.gov) ######
##### Uncomment when have DNS ENTRY
#####   <VirtualHost 10.100.2.16:443>
#####           ServerName ibis.health.state.nm.us
#####           #### use http2, and permit acme to just use 443
#####           #### Protocols h2 http/1.1
#####           Protocols h2 http/1.1 acme-tls/1
#####           
#####           SSLEngine on
#####
#####           ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_error.log 86400"
#####           CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_access.log 86400" combined
#####
#####           ######## This server is listening for ibis.health.state.nm.us It should redirect to ibis.doh.nm.gov/Alert.html
#####           RedirectMatch ".*" https://ibis.doh.nm.gov/Alert.html
#####           Redirect / https://ibis.doh.nm.gov/Alert.html
#####           
#####   </VirtualHost>

###### VirtualHost ibis.doh.nm.gov ######

########### CHANGE ServerName BELOW #######

        <VirtualHost 10.100.2.15:443>
                ServerName ibisnew.health.state.nm.us
######  ServerName ibis.doh.nm.gov  
                #### use http2, and permit acme to just use 443
                #### Protocols h2 http/1.1
                Protocols h2 http/1.1 acme-tls/1
                
                SSLEngine on
                SSLProxyEngine on
                SSLProxyVerify require
                SSLProxyVerifyDepth 8
                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
                SSLProxyCheckPeerCN on
                SSLProxyCheckPeerExpire on
                SSLProxyCheckPeerName on
        
                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
                # am using rotate every day and keep 7 days, could keep more.
                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
                # -v is verbose output for debugging, BUT...
                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
                # note daily is 86400, testing is 60 (every minute)
                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
                # Next line is for production, rotate every day, keep 14 logs
                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/ibis_error.log 86400"
                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibis_access.log 86400" combined        
          
                # Reverse proxy for this virtual host
                        
                ProxyPreserveHost on
                ProxyRequests off
                ProxyTimeout 300
                
                <Proxy *>
                        Require all granted  
                </Proxy>

                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
                #### they are also restricted to certain hosts at bottom of http.conf file
                
                ProxyPass "/server-status" "!"
                ProxyPass "/md-status" "!"
                ProxyPass "/.svn" "!"
                ProxyPass "/nmibis-admin" "!"
                
                #### Next line will eath the /nmibis-view I think, it fixes ibis.doh.nm.gov/nmibis-view/nmibis-view/Login.html error
                ProxyPass /nmibis-view/ https://dohr2simnmibis2/nmibis-view/
                ProxyPass / https://dohr2simnmibis2/nmibis-view/
                ProxyPassReverse / https://dohr2simnmibis2/nmibis-view/
        ########Uncomment next line and delete 2nd line below prior to going live
######          ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibis.doh.nm.gov
                ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibisnew.health.state.nm.us
                ProxyPassReverseCookiePath / /
                        
        </VirtualHost>


###### VirtualHost nmtracking.org  #######
###### redirecting of old DNS name to new DNS name (nmtracking.doh.nm.gov) ######

######### Uncomment when have DNS ENTRY ########
####    <VirtualHost 10.100.2.17:443>
####            ServerName nmtracking.org
####            #### use http2, and permit acme to just use 443
####            #### Protocols h2 http/1.1
####            Protocols h2 http/1.1 acme-tls/1
####            
####            SSLEngine on
####
####            ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_error.log 86400"
####            CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_access.log 86400" combined
####
####            ######## This server is listening for nmtracking.org It should redirect to nmtracking.doh.nm.gov/Alert.html
####            RedirectMatch "/WildFireSmoke/" "https://nmtracking.doh.nm.gov/WildFireSmoke/"
####            RedirectMatch  "environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
####            RedirectMatch  "/environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html"
####            RedirectMatch ".*" https://nmtracking.doh.nm.gov/Alert.html
####            Redirect / https://nmtracking.doh.nm.gov/Alert.html
####                            
####    </VirtualHost>


############### VirtualHost nmtracknew.nmtracking.org ##### 
####### CHANGE ServerName BELOW #######

        <VirtualHost 10.100.2.17:443>
                ServerName nmtracknew.nmtracking.org
########                ServerName nmtracking.doh.nm.gov  
                #### use http2, and permit acme to just use 443
                ##### turn offf acme Protocols h2 http/1.1 acme-tls/1
                ##### Protocols h2 http/1.1
                Protocols h2 http/1.1 acme-tls/1
                
                SSLEngine on
                SSLProxyEngine on
                SSLProxyVerify require
                SSLProxyVerifyDepth 8
                SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem"
                SSLProxyCheckPeerCN on
                SSLProxyCheckPeerExpire on
                SSLProxyCheckPeerName on
        
                ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/nmtracking_error.log 86400"
                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtracking_access.log 86400" combined

                #### Reverse proxy for this virtual host ####
                
                ProxyPreserveHost on
                ProxyRequests off
                ProxyTimeout 300
                
###########Remove any Auth*, etc and uncomment Require  ##### Password Protect NMEPHT (in this case staging.ibis.dataphilesconsulting.com)
                
                <Proxy *>
######                  Require all granted
                        AuthType Basic
                        AuthName "Staging, enter username and password for access"
                        AuthBasicProvider file
                        AuthUserFile "C:\Apache-2.4.53\conf\nmtrackuser.txt"
                        Require user nmtracking
                </Proxy>
                        
                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
                #### they are also restricted to certain hosts at bottom of http.conf file
                
                ProxyPass "/server-status" "!"
                ProxyPass "/md-status" "!"
                ProxyPass "/.svn" "!"
                ProxyPass "/nmibis-admin" "!"

                ### WildFireSmoke
                
        ProxyPass /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
        ProxyPassReverse /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke
########Uncomment next line and delete 2nd line below prior to going live
#######         ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracking.doh.nm.gov/
                ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracknew.nmtracking.org/
                ProxyPassReverseCookiePath / /
                        
        ### NMEPHT-View
                
                #### Next line will eath the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
                ProxyPass /nmepht-view/ https://dohr2simnmibis2/nmepht-view/
                ProxyPass / https://dohr2simnmibis2/nmepht-view/
                ProxyPassReverse / https://dohr2simnmibis2/nmepht-view/
########Uncomment next line and delete 2nd line below prior to going live       
#####           ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracking.doh.nm.gov/
                ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracknew.nmtracking.org/
                ProxyPassReverseCookiePath / /
                        
        </VirtualHost>