source: main/adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis002/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf @ 25245

Last change on this file since 25245 was 25245, checked in by Paul Leo, 3 months ago

Apache httpd config files: a few more tweaks and cleanump, and updated to latest apache httpd

File size: 7.5 KB
Line 
1# Virtual Hosts
2#
3# Required modules: mod_log_config
4
5# If you want to maintain multiple domains/hostnames on your
6# machine you can setup VirtualHost containers for them. Most configurations
7# use only name-based virtual hosts so the server doesn't need to worry about
8# IP addresses. This is indicated by the asterisks in the directives below.
9#
10# Please see the documentation at
11# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
12# for further details before you try to setup virtual hosts.
13#
14# You may use the command line option '-S' to verify your virtual host
15# configuration.
16
17###
18### VirtualHost example:
19### Almost any Apache directive may go into a VirtualHost container.
20### The first VirtualHost section is used for all requests that do not
21### match a ServerName or ServerAlias in any <VirtualHost> block.
22###
23###<VirtualHost *:80>
24###    ServerAdmin webmaster@dummy-host.example.com
25###    DocumentRoot "${SRVROOT}/docs/dummy-host.example.com"
26###    ServerName dummy-host.example.com
27###    ServerAlias www.dummy-host.example.com
28###    ErrorLog "logs/dummy-host.example.com-error.log"
29###    CustomLog "logs/dummy-host.example.com-access.log" common
30###</VirtualHost>
31###
32
33###### VirtualHost ibistest.health.state.nm.us  #######
34###### Testing redirect of old DNS name to new DNS name ######
35########################### Probably can be removed after we're live for awhile #############################
36
37        <VirtualHost 10.100.2.16:443>
38                ServerName ibistest.health.state.nm.us
39                #### use http2, and permit acme to just use 443
40                #### Protocols h2 http/1.1
41                Protocols h2 http/1.1 acme-tls/1
42               
43                SSLEngine on
44               
45                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
46                # am using rotate every day and keep 7 days, could keep more.
47                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
48                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
49                # -v is verbose output for debugging, BUT...
50                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
51                # note daily is 86400, testing is 60 (every minute)
52                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
53                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
54                # Next line is for production, rotate every day, keep 14 logs
55                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_error.log 86400"
56                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibistest_access.log 86400" combined
57               
58                ######## This server is listening for ibistest.  It should redirect to ibisnew - Alert.xml page
59                #### next line will only redirect root - i.e /
60                RedirectMatch ".*" https://ibisnew.health.state.nm.us/Alert.html
61                Redirect / https://ibisnew.health.state.nm.us/Alert.html
62               
63        </VirtualHost>
64
65#####
66##### VirtualHost ibisverify.doh.nm.gov  #####
67#####
68
69        <VirtualHost 10.100.2.16:443>
70                ServerName ibisverify.doh.nm.gov
71                #### use http2, and permit acme to just use 443
72                #### Protocols h2 http/1.1
73                Protocols h2 http/1.1 acme-tls/1
74               
75                SSLEngine on
76                SSLProxyEngine on
77                SSLProxyVerify require
78                SSLProxyVerifyDepth 5
79                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
80                SSLProxyCheckPeerCN on
81                SSLProxyCheckPeerExpire on
82                SSLProxyCheckPeerName on
83               
84                # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html
85                # am using rotate every day and keep 7 days, could keep more.
86                # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that
87                ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module
88                # -v is verbose output for debugging, BUT...
89                # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced.
90                # note daily is 86400, testing is 60 (every minute)
91                # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output
92                # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20"
93                # Next line is for production, rotate every day, keep 14 logs
94                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_error.log 86400"
95                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisverify_access.log 86400" combined
96               
97                # Reverse proxy for this virtual host
98                       
99                ProxyPreserveHost on
100                ProxyRequests off
101                ProxyTimeout 300
102               
103                <Proxy *>
104                        Require all granted 
105                </Proxy>
106               
107                ####### RewriteEngine on
108               
109                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
110                #### they are also restricted to certain hosts at bottom of http.conf file
111               
112                ProxyPass "/server-status" "!"
113                ProxyPass "/md-status" "!"
114                ProxyPass "/.svn" "!"
115                       
116                #### Do not really need the ProxyReverseCookiePath, but leaving it to show it's use
117               
118                #### Next line will eath the /nmibis-view I think, it fixes ibisnew.health.state.nm.us/nmibis-view/nmibis-view/Login.html error
119                ProxyPass /nmibis-view/ https://dohr2simnmibis3/nmibis-view/
120                ProxyPass / https://dohr2simnmibis3/nmibis-view/
121                ProxyPassReverse / https://dohr2simnmibis3/nmibis-view/
122                ProxyPassReverseCookieDomain dohr2simnmibis3/nmibis-view/ ibisverify.doh.nm.gov/
123                ProxyPassReverseCookiePath / /
124       
125        </VirtualHost>
126
127######
128###### VirtualHost nmtrackverify.doh.nm.gov #####
129######
130
131        <VirtualHost 10.100.2.18:443>
132                ServerName nmtrackverify.doh.nm.gov
133                #### use http2, and permit acme to just use 443
134                #### Protocols h2 http/1.1
135                Protocols h2 http/1.1 acme-tls/1
136               
137                SSLEngine on
138                SSLProxyEngine on
139                SSLProxyVerify none
140                SSLProxyVerifyDepth 4
141                SSLProxyCACertificateFile "/SSL/dohr2simnmibis3/dohr2simnmibis3.pem"
142                SSLProxyCheckPeerCN on
143                SSLProxyCheckPeerExpire on
144                SSLProxyCheckPeerName on
145               
146                ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverify_error.log 86400"
147                CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackverifye_access.log 86400" combined
148               
149                ### Reverse proxy for this virtual host ####
150       
151                ProxyPreserveHost on
152                ProxyRequests off
153                ProxyTimeout 300
154               
155                ##### Password Protect NMEPHT (in this case nmtrackverify.doh.nm.gov)
156               
157                <Proxy *>
158                        ###Require all granted
159                        AuthType Basic
160                        AuthName "Staging, enter username and password for access"
161                        AuthBasicProvider file
162                        AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt"
163                        Require user nmtracking
164                </Proxy>
165               
166               
167                #### do not proxy the following, but let httpd respond, these directories are Apache httpd related
168                #### they are also restricted to certain hosts at bottom of http.conf file
169       
170                ProxyPass "/server-status" "!"
171                ProxyPass "/md-status" "!"
172                ProxyPass "/.svn" "!"
173       
174               
175                ### WildFireSmoke
176               
177                ProxyPass /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
178                ProxyPassReverse /WildFireSmoke https://dohr2simnmibis3/WildFireSmoke
179                ProxyPassReverseCookieDomain dohr2simnmibis3/WildFireSmoke/ nmtrackverify.doh.nm.gov/
180                ProxyPassReverseCookiePath / /
181                       
182                ### NMEPHT-View
183                       
184                #### Next line will eat the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error
185                ProxyPass /nmepht-view/ https://dohr2simnmibis3/nmepht-view/
186                ProxyPass / https://dohr2simnmibis3/nmepht-view/
187                ProxyPassReverse / https://dohr2simnmibis3/nmepht-view/
188                ProxyPassReverseCookieDomain dohr2simnmibis3/nmepht-view/ nmtrackverify.doh.nm.gov/
189                ProxyPassReverseCookiePath / / 
190               
191        </VirtualHost>
Note: See TracBrowser for help on using the repository browser.