![(please configure the [header_logo] section in trac.ini)](/trac/chrome/site/trac_banner.jpg)
Changeset 25237 in main for adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis001/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf
- Timestamp:
- 05/13/22 18:10:46 (13 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
adopters/nm/trunk/src/main/serverconfigs/dmzr2nmibis001/apache_httpd_reverse_proxy/extra/httpd-vhosts.conf
r24586 r25237 15 15 # configuration. 16 16 17 ### 18 ### VirtualHost example: 19 ### Almost any Apache directive may go into a VirtualHost container. 20 ### The first VirtualHost section is used for all requests that do not 21 ### match a ServerName or ServerAlias in any <VirtualHost> block. 22 ### 23 ###<VirtualHost *:80> 24 ### ServerAdmin webmaster@dummy-host.example.com 25 ### DocumentRoot "${SRVROOT}/docs/dummy-host.example.com" 26 ### ServerName dummy-host.example.com 27 ### ServerAlias www.dummy-host.example.com 28 ### ErrorLog "logs/dummy-host.example.com-error.log" 29 ### CustomLog "logs/dummy-host.example.com-access.log" common 30 ###</VirtualHost> 31 ### 17 ###### VirtualHost ibis.health.state.nm.us ####### 18 ###### redirecting of old DNS name to new DNS name (ibis.doh.nm.gov) ###### 32 19 33 ##### VirtualHost ibisnew.health.state.nm.us ##### 20 <VirtualHost 10.100.2.16:443> 21 ServerName ibis.health.state.nm.us 22 #### use http2, and permit acme to just use 443 23 #### Protocols h2 http/1.1 24 Protocols h2 http/1.1 acme-tls/1 25 26 SSLEngine on 27 28 ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_error.log 86400" 29 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_ibis_access.log 86400" combined 30 31 ######## This server is listening for ibis.health.state.nm.us It should redirect to ibis.doh.nm.gov/Alert.html 32 RewriteEngine on 33 RewriteCond "%{HTTP_HOST}" "=ibis.health.state.nm.us" 34 RewriteRule ".*" "https://ibis.doh.nm.gov/Alert.html" 35 36 Redirect / https://ibis.doh.nm.gov/Alert.html 37 38 </VirtualHost> 39 40 ###### VirtualHost ibis.doh.nm.gov ###### 41 42 ####### CHANGE ServerName BELOW ####### 34 43 35 44 <VirtualHost 10.100.2.15:443> 36 ServerName ibisnew.health.state.nm.us 37 #### use http2, and permit acme to just use 443 38 #### Protocols h2 http/1.1 39 Protocols h2 http/1.1 acme-tls/1 40 41 SSLEngine on 42 43 # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html 44 # am using rotate every day and keep 7 days, could keep more. 45 # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that 46 ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module 47 # -v is verbose output for debugging, BUT... 48 # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced. 49 # note daily is 86400, testing is 60 (every minute) 50 # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output 51 # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20" 52 # Next line is for production, rotate every day, keep 14 logs 53 ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/ibisnew_error.log 86400" 54 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibisnew_access.log 86400" combined 45 ServerName ibisnew.health.state.nm.us 46 ######## ServerName ibis.doh.nm.gov 47 #### use http2, and permit acme to just use 443 48 #### Protocols h2 http/1.1 49 Protocols h2 http/1.1 acme-tls/1 50 51 SSLEngine on 52 SSLProxyEngine on 53 SSLProxyVerify require 54 SSLProxyVerifyDepth 8 55 SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem" 56 SSLProxyCheckPeerCN on 57 SSLProxyCheckPeerExpire on 58 SSLProxyCheckPeerName on 59 60 # For use of rotatelogs, see https://httpd.apache.org/docs/2.4/programs/rotatelogs.html 61 # am using rotate every day and keep 7 days, could keep more. 62 # you could also rotate at midnight and create a log with date, but keeping only x logs will not work with that 63 ### NOTE: -c not permitted in windows, may be other options also not permitted, see explanation in next section log_conf_module 64 # -v is verbose output for debugging, BUT... 65 # try first with access, if you try with Errorlog, and you have something wrong, no log will be produced. 66 # note daily is 86400, testing is 60 (every minute) 67 # Next line is for testing log rotation every 20 seconds, keep 7 files, verbose output 68 # ErrorLog "|bin/rotatelogs.exe -l -v -n 7 logs/error.log 20" 69 # Next line is for production, rotate every day, keep 14 logs 70 ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/ibis_error.log 86400" 71 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/ibis_access.log 86400" combined 55 72 56 73 # Reverse proxy for this virtual host 57 74 58 ProxyPreserveHost on 59 ProxyRequests off 60 61 <Proxy *> 62 Require all granted 63 </Proxy> 75 ProxyPreserveHost on 76 ProxyRequests off 77 ProxyTimeout 300 78 79 <Proxy *> 80 Require all granted 81 </Proxy> 64 82 65 83 #### do not proxy the following, but let httpd respond, these directories are Apache httpd related 66 84 #### they are also restricted to certain hosts at bottom of http.conf file 67 85 68 ProxyPass "/server-status" "!" 69 ProxyPass "/md-status" "!" 70 ProxyPass "/.svn" "!" 71 72 ProxyPass / http://dohr2simnmibis2/nmibis-view/ 73 ProxyPassReverse / http://dohr2simnmibis2/nmibis-view/ 74 ProxyPassReverseCookiePath "/" "/nmibis-view" 75 76 ####Once secure has been set up 77 #### ProxyPass / https://dohr2simnmibis2/nmibis-view/ 78 #### ProxyPassReverse / https://dohr2simnmibis2/nmibis-view/ 79 #### ProxyPassReverseCookiePath "/" "/nmibis-view" 86 ProxyPass "/server-status" "!" 87 ProxyPass "/md-status" "!" 88 ProxyPass "/.svn" "!" 89 ProxyPass "/nmibis-admin" "!" 90 91 #### Next line will eath the /nmibis-view I think, it fixes ibis.doh.nm.gov/nmibis-view/nmibis-view/Login.html error 92 ProxyPass /nmibis-view/ https://dohr2simnmibis2/nmibis-view/ 93 ProxyPass / https://dohr2simnmibis2/nmibis-view/ 94 ProxyPassReverse / https://dohr2simnmibis2/nmibis-view/ 95 ########Uncomment next line and delete 2nd line below prior to going live 96 ####ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibis.doh.nm.gov 97 ProxyPassReverseCookieDomain dohr2simnmibis2/nmibis-view/ ibisnew.health.state.nm.us 98 ProxyPassReverseCookiePath / / 80 99 81 100 </VirtualHost> 82 101 83 ############### VirtualHost nmtracknew.nmtracking.org ##### 102 103 ###### VirtualHost nmtracking.org ####### 104 ###### redirecting of old DNS name to new DNS name (nmtracking.doh.nm.gov) ###### 105 106 <VirtualHost 10.100.2.17:443> 107 ServerName nmtracking.org 108 #### use http2, and permit acme to just use 443 109 #### Protocols h2 http/1.1 110 Protocols h2 http/1.1 acme-tls/1 111 112 SSLEngine on 113 114 ErrorLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_error.log 86400" 115 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/old_nmtracking_access.log 86400" combined 116 117 ######## This server is listening for nmtracking.org It should redirect to nmtracking.doh.nm.gov/Alert.html 118 119 RewriteEngine on 120 RewriteCond "%{HTTP_HOST}" "=nmtracking.org" 121 RewriteRule "environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html" 122 RewriteRule "/environment/air/FireAndSmoke.html" "https://nmtracking.doh.nm.gov/environment/air/FireAndSmoke.html" 123 124 RewriteRule ".*" "https://nmtracking.doh.nm.gov/Alert.html" 125 126 Redirect / https://nmtracking.doh.nm.gov/Alert.html 127 128 </VirtualHost> 84 129 85 130 86 <VirtualHost 10.100.2.17:443> 87 ServerName nmtracknew.nmtracking.org 88 #### use http2, and permit acme to just use 443 89 ##### turn offf acme Protocols h2 http/1.1 acme-tls/1 90 ##### Protocols h2 http/1.1 91 Protocols h2 http/1.1 acme-tls/1 92 SSLEngine on 93 LogLevel debug 94 ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/nmtrackingnew_error.log 86400" 95 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtrackingnew_access.log 86400" combined 131 ############### VirtualHost nmtracknew.nmtracking.org ##### 132 ####### CHANGE ServerName BELOW ####### 96 133 97 #### Reverse proxy for this virtual host #### 134 <VirtualHost 10.100.2.17:443> 135 ServerName nmtracknew.nmtracking.org 136 ######### ServerName nmtracking.doh.nm.gov 137 #### use http2, and permit acme to just use 443 138 ##### turn offf acme Protocols h2 http/1.1 acme-tls/1 139 ##### Protocols h2 http/1.1 140 Protocols h2 http/1.1 acme-tls/1 98 141 99 ProxyPreserveHost on 100 ProxyRequests off 101 102 ##### Password Protect NMEPHT (in this case staging.ibis.dataphilesconsulting.com) 103 104 <Proxy *> 105 ####Require all granted 106 AuthType Basic 107 AuthName "Staging, enter username and password for access" 108 AuthBasicProvider file 109 AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt" 110 Require user nmtracking 111 </Proxy> 142 SSLEngine on 143 SSLProxyEngine on 144 SSLProxyVerify require 145 SSLProxyVerifyDepth 8 146 SSLProxyCACertificateFile "/SSL/dohr2simnmibis2/dohr2simnmibis2.pem" 147 SSLProxyCheckPeerCN on 148 SSLProxyCheckPeerExpire on 149 SSLProxyCheckPeerName on 150 151 ErrorLog "|bin/rotatelogs.exe -l -v -n 14 logs/nmtracking_error.log 86400" 152 CustomLog "|bin/rotatelogs.exe -l -f -v -n 14 logs/nmtracking_access.log 86400" combined 153 154 #### Reverse proxy for this virtual host #### 155 156 ProxyPreserveHost on 157 ProxyRequests off 158 ProxyTimeout 300 159 160 ###########Remove any Auth*, etc and uncomment Require ##### Password Protect NMEPHT (in this case staging.ibis.dataphilesconsulting.com) 161 162 <Proxy *> 163 ####Require all granted 164 AuthType Basic 165 AuthName "Staging, enter username and password for access" 166 AuthBasicProvider file 167 AuthUserFile "C:\Apache-2.4.52\conf\nmtrackuser.txt" 168 Require user nmtracking 169 </Proxy> 112 170 113 171 #### do not proxy the following, but let httpd respond, these directories are Apache httpd related 114 172 #### they are also restricted to certain hosts at bottom of http.conf file 115 173 116 ProxyPass "/server-status" "!" 117 ProxyPass "/md-status" "!" 118 ProxyPass "/.svn" "!" 174 ProxyPass "/server-status" "!" 175 ProxyPass "/md-status" "!" 176 ProxyPass "/.svn" "!" 177 ProxyPass "/nmibis-admin" "!" 119 178 120 ProxyPass / http://dohr2simnmibis2/nmepht-view/ 121 ProxyPassReverse / http://dohr2simnmibis2/nmepht-view/ 122 ####ProxyPassReverseCookiePath "/" "/nmepht-view" 179 ### WildFireSmoke 180 181 ProxyPass /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke 182 ProxyPassReverse /WildFireSmoke https://dohr2simnmibis2/WildFireSmoke 183 ########Uncomment next line and delete 2nd line below prior to going live 184 ####ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracking.doh.nm.gov/ 185 ProxyPassReverseCookieDomain dohr2simnmibis2/WildFireSmoke/ nmtracknew.nmtracking.org/ 186 ProxyPassReverseCookiePath / / 187 188 ### NMEPHT-View 189 190 #### Next line will eath the /nmepht-view I think, it fixes nmtrackingnew.nmtracking.org/nmepht-view/nmepht-view/Login.html error 191 ProxyPass /nmepht-view/ https://dohr2simnmibis2/nmepht-view/ 192 ProxyPass / https://dohr2simnmibis2/nmepht-view/ 193 ProxyPassReverse / https://dohr2simnmibis2/nmepht-view/ 194 ########Uncomment next line and delete 2nd line below prior to going live 195 #####ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracking.doh.nm.gov/ 196 ProxyPassReverseCookieDomain dohr2simnmibis2/nmepht-view/ nmtracknew.nmtracking.org/ 197 ProxyPassReverseCookiePath / / 123 198 124 199 </VirtualHost>
Note: See TracChangeset
for help on using the changeset viewer.
