source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis002/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25239

Last change on this file since 25239 was 25239, checked in by Paul Leo, 9 months ago

Updating conf files

File size: 8.1 KB
Line 
1# Virtual Hosts
2#
3# Required modules: mod_log_config
4
5# If you want to maintain multiple domains/hostnames on your
6# machine you can setup VirtualHost containers for them. Most configurations
7# use only name-based virtual hosts so the server doesn't need to worry about
8# IP addresses. This is indicated by the asterisks in the directives below.
9#
10# Please see the documentation at
11# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
12# for further details before you try to setup virtual hosts.
13#
14# You may use the command line option '-S' to verify your virtual host
15# configuration.
16
17###
18### VirtualHost example:
19### Almost any Apache directive may go into a VirtualHost container.
20### The first VirtualHost section is used for all requests that do not
21### match a ServerName or ServerAlias in any <VirtualHost> block.
22###
23###<VirtualHost *:80>
24###    ServerAdmin webmaster@dummy-host.example.com
25###    DocumentRoot "${SRVROOT}/docs/dummy-host.example.com"
26###    ServerName dummy-host.example.com
27###    ServerAlias www.dummy-host.example.com
28###    ErrorLog "logs/dummy-host.example.com-error.log"
29###    CustomLog "logs/dummy-host.example.com-access.log" common
30###</VirtualHost>
31###
32
33###### VirtualHost ibistest.health.state.nm.us  #######
34###### Testing redirect of old DNS name to new DNS name ######
35
36        <VirtualHost 10.100.2.16:443>
37                ServerName ibistest.health.state.nm.us
38                #### use http2, and permit acme to just use 443
39                #### Protocols h2 http/1.1
40                Protocols h2 http/1.1 acme-tls/1
41               
42                SSLEngine on
43
44               
45                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
46                # am using rotate every day and keep 7 days, could keep more.
47                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
48                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
49                # -v is verbose output for debugging, BUT...
50                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
51                # note daily is 86400, testing is 60 (every minute)
52                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
53                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
54                # Next line is for production, rotate every day, keep 14 logs
55                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_error.log 86400"
56                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_access.log 86400" combined
57               
58
59                ######## This server is listening for ibistest.  It should redirect to ibisnew - Alert.xml page
60                #### next line will only redirect root - i.e /
61       
62       
63                ####
64                RewriteEngine  on
65                RewriteCond "%{HTTP_HOST}" "=ibistest.health.state.nm.us"
66                ####RewriteRule "[A-Za-z0-9\-]{0,63}(\.[A-Za-z0-9\-]{0,63})+(:\d{1,4})?\/*(\/*[A-Za-z0-9\-._]+\/*)*" "https://ibisnew.health.state.nm.us/Alert.html" [R,L]
67                #####RewriteRule  "^\/nmepht-view\/[A-Za-z0-9\-]{0,63}(\.[A-Za-z0-9\-]{0,63})+(:\d{1,4})?\/*(\/*[A-Za-z0-9\-._]+\/*)*" "https://nmtracknew.nmtracking.org/Alert.html"
68                RewriteRule  "nmepht.*" "https://nmtracknew.nmtracking.org/Alert.html"
69                RewriteRule  "nmibis.*" "https://ibisnew.health.state.nm.us/Alert.html"
70               
71                Redirect / https://ibisnew.health.state.nm.us/Alert.html
72               
73        </VirtualHost>
74
75#####
76##### VirtualHost ibisverify.doh.nm.gov  #####
77#####
78
79        <VirtualHost 10.100.2.16:443>
80                ServerName ibisverify.doh.nm.gov
81                #### use http2, and permit acme to just use 443
82                #### Protocols h2 http/1.1
83                Protocols h2 http/1.1 acme-tls/1
84               
85                SSLEngine on
86#####           
87#####   Need to work on getting certs onto this VM ########
88#####
89                SSLProxyEngine on
90                SSLProxyVerify require
91                SSLProxyVerifyDepth 5
92                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
93                SSLProxyCheckPeerCN on
94                SSLProxyCheckPeerExpire on
95                SSLProxyCheckPeerName on
96               
97                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
98                # am using rotate every day and keep 7 days, could keep more.
99                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
100                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
101                # -v is verbose output for debugging, BUT...
102                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
103                # note daily is 86400, testing is 60 (every minute)
104                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
105                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
106                # Next line is for production, rotate every day, keep 14 logs
107                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_error.log 86400"
108                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_access.log 86400" combined
109               
110                # Reverse proxy for this virtual host
111                       
112                ProxyPreserveHost on
113                ProxyRequests off
114                ProxyTimeout 300
115               
116                <Proxy *>
117                        Require all granted 
118                </Proxy>
119               
120                ####### RewriteEngine on
121               
122                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
123                #### they are also restricted to certain hosts at bottom of http.conf file
124               
125                ProxyPass "/server-status" "!"
126                ProxyPass "/md-status" "!"
127                ProxyPass "/.svn" "!"
128                       
129                #### Do not really need the ProxyReverseCookiePath, but leaving it to show it's use
130               
131                #### Next line will eath the /nmibis-view I think, it fixes ibisnew.health.state.nm.us/nmibis-view/nmibis-view/Login.html error
132                ProxyPass /nmibis-view/ https://dohr2simnmibis3/nmibis-view/
133                ProxyPass / https://dohr2simnmibis3/nmibis-view/
134                ProxyPassReverse / https://dohr2simnmibis3/nmibis-view/
135                ProxyPassReverseCookieDomain dohr2simnmibis3/nmibis-view/ ibisverify.doh.nm.gov/
136                ProxyPassReverseCookiePath / /
137       
138        </VirtualHost>
139
140######
141###### VirtualHost nmtrackverify.doh.nm.gov #####
142######
143
144
145        <VirtualHost 10.100.2.18:443>
146                ServerName nmtrackverify.doh.nm.gov
147                #### use http2, and permit acme to just use 443
148                #### Protocols h2 http/1.1
149                Protocols h2 http/1.1 acme-tls/1
150
151#####           
152#####   Need to work on getting certs onto this VM ########
153#####
154               
155                SSLEngine on
156                SSLProxyEngine on
157                SSLProxyVerify none
158                SSLProxyVerifyDepth 4
159                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
160                SSLProxyCheckPeerCN on
161                SSLProxyCheckPeerExpire on
162                SSLProxyCheckPeerName on
163               
164                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverify_error.log 86400"
165                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverifye_access.log 86400" combined
166               
167                ### Reverse proxy for this virtual host ####
168       
169                ProxyPreserveHost on
170                ProxyRequests off
171                ProxyTimeout 300
172               
173                ##### Password Protect NMEPHT (in this case nmtrackverify.doh.nm.gov)
174               
175                <Proxy *>
176                        ###Require all granted
177                        AuthType Basic
178                        AuthName "Staging, enter username and password for access"
179                        AuthBasicProvider file
180                        AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt"
181                        Require user nmtracking
182                </Proxy>
183               
184               
185                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
186                #### they are also restricted to certain hosts at bottom of http.conf file
187       
188                ProxyPass "/server-status" "!"
189                ProxyPass "/md-status" "!"
190                ProxyPass "/.svn" "!"
191       
192               
193                ### WildFireSmoke
194               
195                ProxyPass /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
196                ProxyPassReverse /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
197                ProxyPassReverseCookieDomain dohr2simnmibis3/WildFireSmoke/ nmtrackverify.doh.nm.gov/
198                ProxyPassReverseCookiePath / /
199                       
200                ### NMEPHT-View
201                       
202                #### Next line will eath the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
203                ProxyPass /nmepht-view/ https://dohr2simnmibis3/nmepht-view/
204                ProxyPass / https://dohr2simnmibis3/nmepht-view/
205                ProxyPassReverse / https://dohr2simnmibis3/nmepht-view/
206                ProxyPassReverseCookieDomain dohr2simnmibis3/nmepht-view/ nmtrackverify.doh.nm.gov/
207                ProxyPassReverseCookiePath / / 
208               
209        </VirtualHost>
Note: See TracBrowser for help on using the repository browser.