source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis002/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25242

Last change on this file since 25242 was 25242, checked in by Paul Leo, 3 months ago

Apache httpd config files: a few more tweaks and cleanump

File size: 7.7 KB
Line 
1# Virtual Hosts
2#
3# Required modules: mod_log_config
4
5# If you want to maintain multiple domains/hostnames on your
6# machine you can setup VirtualHost containers for them. Most configurations
7# use only name-based virtual hosts so the server doesn't need to worry about
8# IP addresses. This is indicated by the asterisks in the directives below.
9#
10# Please see the documentation at
11# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
12# for further details before you try to setup virtual hosts.
13#
14# You may use the command line option '-S' to verify your virtual host
15# configuration.
16
17###
18### VirtualHost example:
19### Almost any Apache directive may go into a VirtualHost container.
20### The first VirtualHost section is used for all requests that do not
21### match a ServerName or ServerAlias in any <VirtualHost> block.
22###
23###<VirtualHost *:80>
24###    ServerAdmin webmaster@dummy-host.example.com
25###    DocumentRoot "${SRVROOT}/docs/dummy-host.example.com"
26###    ServerName dummy-host.example.com
27###    ServerAlias www.dummy-host.example.com
28###    ErrorLog "logs/dummy-host.example.com-error.log"
29###    CustomLog "logs/dummy-host.example.com-access.log" common
30###</VirtualHost>
31###
32
33###### VirtualHost ibistest.health.state.nm.us  #######
34###### Testing redirect of old DNS name to new DNS name ######
35########################### Probably can be removed after we're live for awhile #############################
36
37        <VirtualHost 10.100.2.16:443>
38                ServerName ibistest.health.state.nm.us
39                #### use http2, and permit acme to just use 443
40                #### Protocols h2 http/1.1
41                Protocols h2 http/1.1 acme-tls/1
42               
43                SSLEngine on
44
45               
46                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
47                # am using rotate every day and keep 7 days, could keep more.
48                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
49                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
50                # -v is verbose output for debugging, BUT...
51                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
52                # note daily is 86400, testing is 60 (every minute)
53                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
54                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
55                # Next line is for production, rotate every day, keep 14 logs
56                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_error.log 86400"
57                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_access.log 86400" combined
58               
59                ######## This server is listening for ibistest.  It should redirect to ibisnew - Alert.xml page
60                #### next line will only redirect root - i.e /
61                RedirectMatch ".*" https://ibisnew.health.state.nm.us/Alert.html
62                Redirect / https://ibisnew.health.state.nm.us/Alert.html
63               
64        </VirtualHost>
65
66#####
67##### VirtualHost ibisverify.doh.nm.gov  #####
68#####
69
70        <VirtualHost 10.100.2.16:443>
71                ServerName ibisverify.doh.nm.gov
72                #### use http2, and permit acme to just use 443
73                #### Protocols h2 http/1.1
74                Protocols h2 http/1.1 acme-tls/1
75               
76                SSLEngine on
77#####           
78#####   Need to work on getting certs onto this VM ########
79#####
80                SSLProxyEngine on
81                SSLProxyVerify require
82                SSLProxyVerifyDepth 5
83                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
84                SSLProxyCheckPeerCN on
85                SSLProxyCheckPeerExpire on
86                SSLProxyCheckPeerName on
87               
88                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
89                # am using rotate every day and keep 7 days, could keep more.
90                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
91                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
92                # -v is verbose output for debugging, BUT...
93                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
94                # note daily is 86400, testing is 60 (every minute)
95                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
96                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
97                # Next line is for production, rotate every day, keep 14 logs
98                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_error.log 86400"
99                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_access.log 86400" combined
100               
101                # Reverse proxy for this virtual host
102                       
103                ProxyPreserveHost on
104                ProxyRequests off
105                ProxyTimeout 300
106               
107                <Proxy *>
108                        Require all granted 
109                </Proxy>
110               
111                ####### RewriteEngine on
112               
113                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
114                #### they are also restricted to certain hosts at bottom of http.conf file
115               
116                ProxyPass "/server-status" "!"
117                ProxyPass "/md-status" "!"
118                ProxyPass "/.svn" "!"
119                       
120                #### Do not really need the ProxyReverseCookiePath, but leaving it to show it's use
121               
122                #### Next line will eath the /nmibis-view I think, it fixes ibisnew.health.state.nm.us/nmibis-view/nmibis-view/Login.html error
123                ProxyPass /nmibis-view/ https://dohr2simnmibis3/nmibis-view/
124                ProxyPass / https://dohr2simnmibis3/nmibis-view/
125                ProxyPassReverse / https://dohr2simnmibis3/nmibis-view/
126                ProxyPassReverseCookieDomain dohr2simnmibis3/nmibis-view/ ibisverify.doh.nm.gov/
127                ProxyPassReverseCookiePath / /
128       
129        </VirtualHost>
130
131######
132###### VirtualHost nmtrackverify.doh.nm.gov #####
133######
134
135
136        <VirtualHost 10.100.2.18:443>
137                ServerName nmtrackverify.doh.nm.gov
138                #### use http2, and permit acme to just use 443
139                #### Protocols h2 http/1.1
140                Protocols h2 http/1.1 acme-tls/1
141
142#####           
143#####   Need to work on getting certs onto this VM ########
144#####
145               
146                SSLEngine on
147                SSLProxyEngine on
148                SSLProxyVerify none
149                SSLProxyVerifyDepth 4
150                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
151                SSLProxyCheckPeerCN on
152                SSLProxyCheckPeerExpire on
153                SSLProxyCheckPeerName on
154               
155                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverify_error.log 86400"
156                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverifye_access.log 86400" combined
157               
158                ### Reverse proxy for this virtual host ####
159       
160                ProxyPreserveHost on
161                ProxyRequests off
162                ProxyTimeout 300
163               
164                ##### Password Protect NMEPHT (in this case nmtrackverify.doh.nm.gov)
165               
166                <Proxy *>
167                        ###Require all granted
168                        AuthType Basic
169                        AuthName "Staging, enter username and password for access"
170                        AuthBasicProvider file
171                        AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt"
172                        Require user nmtracking
173                </Proxy>
174               
175               
176                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
177                #### they are also restricted to certain hosts at bottom of http.conf file
178       
179                ProxyPass "/server-status" "!"
180                ProxyPass "/md-status" "!"
181                ProxyPass "/.svn" "!"
182       
183               
184                ### WildFireSmoke
185               
186                ProxyPass /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
187                ProxyPassReverse /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
188                ProxyPassReverseCookieDomain dohr2simnmibis3/WildFireSmoke/ nmtrackverify.doh.nm.gov/
189                ProxyPassReverseCookiePath / /
190                       
191                ### NMEPHT-View
192                       
193                #### Next line will eat the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
194                ProxyPass /nmepht-view/ https://dohr2simnmibis3/nmepht-view/
195                ProxyPass / https://dohr2simnmibis3/nmepht-view/
196                ProxyPassReverse / https://dohr2simnmibis3/nmepht-view/
197                ProxyPassReverseCookieDomain dohr2simnmibis3/nmepht-view/ nmtrackverify.doh.nm.gov/
198                ProxyPassReverseCookiePath / / 
199               
200        </VirtualHost>
Note: See TracBrowser for help on using the repository browser.