Virtual Host And Certbot in RHEL7: Difference between revisions
Jump to navigation
Jump to search
| (20 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==httpd.conf== | ==Apache== | ||
===httpd.conf=== | |||
<code>vim /etc/httpd/conf/httpd.conf</code> | <code>vim /etc/httpd/conf/httpd.conf</code> | ||
<source lang=" | <source lang="apache" highlight="5" start="82" line> | ||
# ServerAdmin: Your address, where problems with the server should be | # ServerAdmin: Your address, where problems with the server should be | ||
# e-mailed. This address appears on some server-generated pages, such | # e-mailed. This address appears on some server-generated pages, such | ||
| Line 9: | Line 10: | ||
</source> | </source> | ||
<source lang=" | <source lang="apache" highlight="4,5,7" start="352" line> | ||
# Supplemental configuration | # Supplemental configuration | ||
# | # | ||
| Line 19: | Line 20: | ||
</source> | </source> | ||
===Directory Tree=== | |||
{| | {| | ||
| valign="top" | | | valign="top" | | ||
| Line 56: | Line 58: | ||
{| | {| | ||
| valign="top" | | | valign="top" | | ||
<source lang=" | <source lang="apache"> | ||
#vim /ihe/var/www/api.medisys.com.my/html/.htaccess | |||
RewriteEngine on | RewriteEngine on | ||
RewriteCond %{HTTPS} off | RewriteCond %{HTTPS} off | ||
| Line 97: | Line 99: | ||
===api.medisys.com.my.conf=== | ===api.medisys.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,27-32,34-37" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 140: | Line 142: | ||
===cdn.medisys.com.my.conf=== | ===cdn.medisys.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-cdn.rufaida.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-cdn.rufaida.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,34-37,39-41" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 165: | Line 167: | ||
Allow from all | Allow from all | ||
</Directory> | </Directory> | ||
# proxy for gitlab | |||
<Location /gitlab> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9050/gitlab nocanon | |||
ProxyPassReverse http://localhost:9050/gitlab | |||
</Location> | |||
RewriteEngine on | RewriteEngine on | ||
| Line 179: | Line 189: | ||
===dev.medisys.com.my.conf=== | ===dev.medisys.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-dev.rufaida.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-dev.rufaida.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,26-29" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 214: | Line 224: | ||
===hl7.medisys.com.my.conf=== | ===hl7.medisys.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-hl7.rufaida.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-hl7.rufaida.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,26-29" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 249: | Line 259: | ||
===api.rufaida.com.my.conf=== | ===api.rufaida.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,27-32,34-37" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 284: | Line 294: | ||
#RewriteEngine on | #RewriteEngine on | ||
#RewriteCond %{SERVER_NAME} =www.api. | #RewriteCond %{SERVER_NAME} =www.api.rufaida.com.my [OR] | ||
#RewriteCond %{SERVER_NAME} =api.rufaida.com.my | #RewriteCond %{SERVER_NAME} =api.rufaida.com.my | ||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | ||
| Line 293: | Line 303: | ||
===api.medisys.com.my-le-ssl.conf=== | ===api.medisys.com.my-le-ssl.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my-le-ssl.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my-le-ssl.conf</code> | ||
<source lang=" | <source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,87-90" line> | ||
<IfModule mod_ssl.c> | <IfModule mod_ssl.c> | ||
<VirtualHost *:443> | <VirtualHost *:443> | ||
| Line 390: | Line 400: | ||
===cdn.medisys.com.my-le-ssl.conf=== | ===cdn.medisys.com.my-le-ssl.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-cdn.medisys.com.my-le-ssl.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-cdn.medisys.com.my-le-ssl.conf</code> | ||
<source lang=" | <source lang="apache" highlight="3-6,8,10,11,15-18,20-26,28-35,37-54,172-175" line> | ||
<IfModule mod_ssl.c> | <IfModule mod_ssl.c> | ||
<VirtualHost *:443> | <VirtualHost *:443> | ||
SSLProxyEngine On | |||
ProxyRequests Off | ProxyRequests Off | ||
ProxyPreserveHost On | ProxyPreserveHost On | ||
AllowEncodedSlashes | AllowEncodedSlashes On | ||
ServerAlias cdn.medisys.com.my | ServerAlias cdn.medisys.com.my | ||
| Line 467: | Line 478: | ||
ProxyPass http://localhost:8090/apex nocanon | ProxyPass http://localhost:8090/apex nocanon | ||
ProxyPassReverse http://localhost:8090/apex | ProxyPassReverse http://localhost:8090/apex | ||
</Location> | |||
# proxy for nexus | |||
<Location /nexus> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8081/nexus nocanon | |||
ProxyPassReverse http://localhost:8081/nexus | |||
RequestHeader set X-Forwarded-Proto "https" | |||
</Location> | </Location> | ||
| Line 475: | Line 495: | ||
ProxyPass http://localhost:9990/console nocanon | ProxyPass http://localhost:9990/console nocanon | ||
ProxyPassReverse http://localhost:9990/console | ProxyPassReverse http://localhost:9990/console | ||
</Location> | |||
# proxy for gitlab | |||
<Location /gitlab> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass https://localhost:4430/gitlab nocanon | |||
ProxyPassReverse https://localhost:4430/gitlab | |||
</Location> | </Location> | ||
| Line 492: | Line 520: | ||
ProxyPass http://localhost:8088/jenkins nocanon | ProxyPass http://localhost:8088/jenkins nocanon | ||
ProxyPassReverse http://localhost:8088/jenkins | ProxyPassReverse http://localhost:8088/jenkins | ||
RequestHeader set X-Forwarded-Proto "https" | |||
</Location> | </Location> | ||
| Line 525: | Line 554: | ||
ProxyPass http://localhost:9040/artifactory nocanon | ProxyPass http://localhost:9040/artifactory nocanon | ||
ProxyPassReverse http://localhost:9040/artifactory | ProxyPassReverse http://localhost:9040/artifactory | ||
</Location> | |||
# proxy for artifactory/ui | |||
<Location /ui> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9041/ui nocanon | |||
ProxyPassReverse http://localhost:9041/ui | |||
</Location> | </Location> | ||
| Line 545: | Line 582: | ||
===dev.medisys.com.my-le-ssl.conf=== | ===dev.medisys.com.my-le-ssl.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-dev.medisys.com.my-le-ssl.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-dev.medisys.com.my-le-ssl.conf</code> | ||
<source lang=" | <source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,55-58" line> | ||
<IfModule mod_ssl.c> | <IfModule mod_ssl.c> | ||
<VirtualHost *:443> | <VirtualHost *:443> | ||
| Line 610: | Line 647: | ||
===hl7.medisys.com.my-le-ssl.conf=== | ===hl7.medisys.com.my-le-ssl.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/00-hl7.medisys.com.my-le-ssl.conf</code> | <code>vim /etc/httpd/conf.sites.d/00-hl7.medisys.com.my-le-ssl.conf</code> | ||
<source lang=" | <source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,103-106" line> | ||
<IfModule mod_ssl.c> | <IfModule mod_ssl.c> | ||
<VirtualHost *:443> | <VirtualHost *:443> | ||
| Line 723: | Line 760: | ||
===api.rufaida.com.my-le-ssl.conf=== | ===api.rufaida.com.my-le-ssl.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my-le-ssl.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my-le-ssl.conf</code> | ||
<source lang=" | <source lang="apache" highlight="3-5,7-9,11,13,14,18-21,23-29,31-38,40-57,91-94" line> | ||
<IfModule mod_ssl.c> | <IfModule mod_ssl.c> | ||
<VirtualHost *:443> | <VirtualHost *:443> | ||
| Line 729: | Line 766: | ||
ProxyPreserveHost On | ProxyPreserveHost On | ||
AllowEncodedSlashes Off | AllowEncodedSlashes Off | ||
SSLProxyEngine On | |||
SSLProxyCheckPeerCN On | |||
SSLProxyCheckPeerExpire On | |||
ServerAlias api.rufaida.com.my | ServerAlias api.rufaida.com.my | ||
| Line 817: | Line 858: | ||
</IfModule> | </IfModule> | ||
</source> | </source> | ||
==References== | |||
* [https://serverfault.com/questions/167575 Multiple hostnames redirected to one] | |||
* [https://httpd.apache.org/docs/2.4/vhosts/name-based.html Name-based Virtual Host Support] | |||
* [https://serverfault.com/questions/84821 Apache ProxyPass with SSL] | |||
Latest revision as of 20:45, 21 August 2020
Apache
httpd.conf
vim /etc/httpd/conf/httpd.conf
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
#
ServerAdmin [email protected]
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
IncludeOptional /ihe/etc/httpd/conf.sites.d/*.conf
ServerName 100.43.10.200
Directory Tree
# mkdir -p /etc/httpd/conf.sites.d/
# mkdir -p /var/www/
# create folder inside /ihe mount point
mkdir -p /ihe/etc/httpd/conf.sites.d/
mkdir -p /ihe/var/www
|
cd /ihe/var/www/;\
p='api cdn dev hl7';\
for s in $p;\
do d='html docs soft';for f in $d;\
do mkdir -p "$s.medisys.com.my/$f";\
done;
done
|
cd /ihe/var/www/;\
p='api cdn dev hl7';\
for s in $p;\
do d='html docs soft';for f in $d;\
do mkdir -p "$s.rufaida.com.my/$f";\
done;
done
|
#vim /ihe/var/www/api.medisys.com.my/html/.htaccess
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR]
RewriteCond %{SERVER_NAME} =www.api.medisys.com.my
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
f='html docs soft';\
for s in *.medisys.com.my;do for d in $f;do \
h="<html>\n<head><title>$s/$d</title></head>\n";
h="$h<body><h1>Welcome to, $s/$d</h1></body>\n</html>";
echo -e "$h" >> "$s/$d/index.html";
done;done
|
f='html docs soft';\
for s in *.rufaida.com.my;do for d in $f;do \
h="<html>\n<head><title>$s/$d</title></head>\n";
h="$h<body><h1>Welcome to, $s/$d</h1></body>\n</html>";
echo -e "$h" >> "$s/$d/index.html";
done;done
yum -y install httpd mod_ssl
cd /opt/;git clone https://github.com/certbot/certbot.git
cd /usr/local/bin/;ln -s /opt/certbot/certbot-auto certbot
ln -s /opt/certbot/letsencrypt-auto letsencrypt
letsencrypt #letsencrypt renew
certbot #certbot renew
|
HTTP
api.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.medisys.com.my
ServerAdmin [email protected]
ServerName www.api.medisys.com.my
DocumentRoot /ihe/var/www/api.medisys.com.my/html
ErrorLog /ihe/var/www/api.medisys.com.my/error.log
CustomLog /ihe/var/www/api.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/api.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for forms
<Location /forms>
Order Allow,Deny
Allow from all
ProxyPass http://175.144.214.83:9001/forms nocanon
ProxyPassReverse http://175.144.214.83:9001/forms
</Location>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.api.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
cdn.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-cdn.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias cdn.medisys.com.my
ServerAdmin [email protected]
ServerName www.cdn.medisys.com.my
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/cdn.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/cdn.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride ALL
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for gitlab
<Location /gitlab>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9050/gitlab nocanon
ProxyPassReverse http://localhost:9050/gitlab
</Location>
RewriteEngine on
RewriteCond %{HTTP_HOST} =175.144.214.82 [OR]
RewriteCond %{HTTP_HOST} =100.43.10.200
RewriteRule ^ https://cdn.medisys.com.my%{REQUEST_URI} [END,NE,R=permanent]
#RewriteCond %{SERVER_NAME} =cdn.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.cdn.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
dev.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-dev.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias dev.medisys.com.my
ServerAdmin [email protected]
ServerName www.dev.medisys.com.my
DocumentRoot /ihe/var/www/dev.medisys.com.my/html
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/dev.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/dev.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =dev.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.dev.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
hl7.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-hl7.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hl7.medisys.com.my
ServerAdmin [email protected]
ServerName www.hl7.medisys.com.my
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/hl7.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/hl7.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.hl7.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =hl7.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
api.rufaida.com.my.conf
vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.rufaida.com.my
ServerAdmin [email protected]
ServerName www.api.rufaia.com.my
DocumentRoot /ihe/var/www/api.rufaida.com.my/html
ErrorLog /ihe/var/www/api.rufaida.com.my/error.log
CustomLog /ihe/var/www/api.rufaida.com.my/requests.log combined
<Directory "/ihe/var/www/api.rufaida.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.rufaida.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for forms
<Location /forms>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.18:9001/forms nocanon
ProxyPassReverse http://202.40.189.18:9001/forms
</Location>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.api.rufaida.com.my [OR]
#RewriteCond %{SERVER_NAME} =api.rufaida.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
HTTPS
api.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/01-api.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.medisys.com.my
ServerAdmin [email protected]
ServerName www.api.medisys.com.my
DocumentRoot /ihe/var/www/api.medisys.com.my/html
ErrorLog /ihe/var/www/api.medisys.com.my/error.log
CustomLog /ihe/var/www/api.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/api.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/api.medisys.com.my/docs/"
<Directory "/ihe/var/www/api.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/api.medisys.com.my/soft/"
<Directory "/ihe/var/www/api.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for social
<Location /social>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20/social nocanon
ProxyPassReverse http://202.40.189.20/social
</Location>
# proxy for reports
<Location /reports>
Order Allow,Deny
Allow from all
ProxyPass http://175.144.214.83:9002/reports nocanon
ProxyPassReverse http://175.144.214.83:9002/reports
</Location>
# proxy for patient/affairs
<Location /patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon
ProxyPassReverse http://202.40.189.20:9090/patient/affairs
</Location>
# proxy for dev/patient/affairs
<Location /dev/patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9090/dev/patient/affairs nocanon
ProxyPassReverse http://localhost:9090/dev/patient/affairs
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/api.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/api.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
cdn.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-cdn.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes On
ServerAlias cdn.medisys.com.my
ServerAdmin [email protected]
ServerName www.cdn.medisys.com.my
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/cdn.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/cdn.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride ALL
Require all granted
Order Allow,Deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/cdn.medisys.com.my/docs/"
<Directory "/ihe/var/www/cdn.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Allow,Deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/cdn.medisys.com.my/soft/"
<Directory "/ihe/var/www/cdn.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for i
<Location /i>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8090/i nocanon
ProxyPassReverse http://localhost:8090/i
</Location>
# proxy for jira
<Location /jira>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9010/jira nocanon
ProxyPassReverse http://localhost:9010/jira
</Location>
# proxy for
<Location /apex>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8090/apex nocanon
ProxyPassReverse http://localhost:8090/apex
</Location>
# proxy for nexus
<Location /nexus>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8081/nexus nocanon
ProxyPassReverse http://localhost:8081/nexus
RequestHeader set X-Forwarded-Proto "https"
</Location>
# proxy for
<Location /console>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9990/console nocanon
ProxyPassReverse http://localhost:9990/console
</Location>
# proxy for gitlab
<Location /gitlab>
Order Allow,Deny
Allow from all
ProxyPass https://localhost:4430/gitlab nocanon
ProxyPassReverse https://localhost:4430/gitlab
</Location>
# proxy for jenkins
<Location /jenkins>
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 61.6
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
ProxyPass http://localhost:8088/jenkins nocanon
ProxyPassReverse http://localhost:8088/jenkins
RequestHeader set X-Forwarded-Proto "https"
</Location>
# proxy for bitbucket
<Location /bitbucket>
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 61.6
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
ProxyPass http://localhost:9020/bitbucket nocanon
ProxyPassReverse http://localhost:9020/bitbucket
</Location>
# proxy for management
<Location /management>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9990/management nocanon
ProxyPassReverse http://localhost:9990/management
</Location>
# proxy for artifactory
<Location /artifactory>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9040/artifactory nocanon
ProxyPassReverse http://localhost:9040/artifactory
</Location>
# proxy for artifactory/ui
<Location /ui>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9041/ui nocanon
ProxyPassReverse http://localhost:9041/ui
</Location>
# proxy for phpldapadmin
<Location /phpldapadmin>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9030/phpldapadmin nocanon
ProxyPassReverse http://localhost:9030/phpldapadmin
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cdn.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cdn.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/cdn.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
dev.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-dev.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias dev.medisys.com.my
ServerAdmin [email protected]
ServerName www.dev.medisys.com.my
DocumentRoot /ihe/var/www/dev.medisys.com.my/html
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/dev.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/dev.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/dev.medisys.com.my/docs/"
<Directory "/ihe/var/www/dev.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/dev.medisys.com.my/soft/"
<Directory "/ihe/var/www/dev.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/dev.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/dev.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/dev.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
hl7.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-hl7.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hl7.medisys.com.my
ServerAdmin [email protected]
ServerName www.hl7.medisys.com.my
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/hl7.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/hl7.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/hl7.medisys.com.my/docs/"
<Directory "/ihe/var/www/hl7.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/hl7.medisys.com.my/soft/"
<Directory "/ihe/var/www/hl7.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for amqp
<Location /amqp>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8010/amqp nocanon
ProxyPassReverse http://localhost:8010/amqp
</Location>
# proxy for boot
<Location /boot>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8080/boot nocanon
ProxyPassReverse http://localhost:8080/boot
</Location>
# proxy for fhir
<Location /fhir>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8018/fhir nocanon
ProxyPassReverse http://localhost:8018/fhir
</Location>
# proxy for itis
<Location /itis>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8014/itis nocanon
ProxyPassReverse http://localhost:8014/itis
</Location>
# proxy for labs
<Location /labs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8013/labs nocanon
ProxyPassReverse http://localhost:8013/labs
</Location>
# proxy for xlab
<Location /xlab>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8016/xlab nocanon
ProxyPassReverse http://localhost:8016/xlab
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/hl7.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hl7.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/hl7.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
api.rufaida.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
SSLProxyEngine On
SSLProxyCheckPeerCN On
SSLProxyCheckPeerExpire On
ServerAlias api.rufaida.com.my
ServerAdmin [email protected]
ServerName www.api.rufaia.com.my
DocumentRoot /ihe/var/www/api.rufaida.com.my/html
ErrorLog /ihe/var/www/api.rufaida.com.my/error.log
CustomLog /ihe/var/www/api.rufaida.com.my/requests.log combined
<Directory "/ihe/var/www/api.rufaida.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.rufaida.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/api.rufaida.com.my/docs/"
<Directory "/ihe/var/www/api.rufaida.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/api.rufaida.com.my/soft/"
<Directory "/ihe/var/www/api.rufaida.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for social
<Location /social>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20/social nocanon
ProxyPassReverse http://202.40.189.20/social
</Location>
# proxy for reports
<Location /reports>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.18:9001/reports nocanon
ProxyPassReverse http://202.40.189.18:9001/reports
</Location>
# proxy for patient/affairs
<Location /patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon
ProxyPassReverse http://202.40.189.20:9090/patient/affairs
</Location>
# proxy for dev/patient/affairs
<Location /dev/patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9090/dev/patient/affairs nocanon
ProxyPassReverse http://localhost:9090/dev/patient/affairs
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/api.rufaida.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.rufaida.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/api.rufaida.com.my/chain.pem
</VirtualHost>
</IfModule>