Virtual Host And Certbot in RHEL7: Difference between revisions
Jump to navigation
Jump to search
(→HTTP) |
|||
| (28 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==httpd.conf== | ==Apache== | ||
===httpd.conf=== | |||
<code>vim /etc/httpd/conf/httpd.conf</code> | <code>vim /etc/httpd/conf/httpd.conf</code> | ||
<source lang=" | <source lang="apache" highlight="5" start="82" line> | ||
# ServerAdmin: Your address, where problems with the server should be | # ServerAdmin: Your address, where problems with the server should be | ||
# e-mailed. This address appears on some server-generated pages, such | # e-mailed. This address appears on some server-generated pages, such | ||
| Line 9: | Line 10: | ||
</source> | </source> | ||
<source lang=" | <source lang="apache" highlight="4,5,7" start="352" line> | ||
# Supplemental configuration | # Supplemental configuration | ||
# | # | ||
| Line 19: | Line 20: | ||
</source> | </source> | ||
===Directory Tree=== | |||
{| | {| | ||
| valign="top" | | | valign="top" | | ||
| Line 56: | Line 58: | ||
{| | {| | ||
| valign="top" | | | valign="top" | | ||
<source lang=" | <source lang="apache"> | ||
#vim /ihe/var/www/api.medisys.com.my/html/.htaccess | |||
RewriteEngine on | RewriteEngine on | ||
RewriteCond %{HTTPS} off | RewriteCond %{HTTPS} off | ||
| Line 82: | Line 84: | ||
echo -e "$h" >> "$s/$d/index.html"; | echo -e "$h" >> "$s/$d/index.html"; | ||
done;done | done;done | ||
</source> | |||
<source lang="bash"> | |||
yum -y install httpd mod_ssl | |||
cd /opt/;git clone https://github.com/certbot/certbot.git | |||
cd /usr/local/bin/;ln -s /opt/certbot/certbot-auto certbot | |||
ln -s /opt/certbot/letsencrypt-auto letsencrypt | |||
letsencrypt #letsencrypt renew | |||
certbot #certbot renew | |||
</source> | </source> | ||
|} | |} | ||
| Line 88: | Line 99: | ||
===api.medisys.com.my.conf=== | ===api.medisys.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,27-32,34-37" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 125: | Line 136: | ||
#RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR] | #RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR] | ||
#RewriteCond %{SERVER_NAME} =www.api.medisys.com.my | #RewriteCond %{SERVER_NAME} =www.api.medisys.com.my | ||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | |||
</VirtualHost> | |||
</source> | |||
===cdn.medisys.com.my.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-cdn.rufaida.com.my.conf</code> | |||
<source lang="apache" highlight="2-4,6,8,9,13-16,18-24,34-37,39-41" line> | |||
<VirtualHost *:80> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias cdn.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.cdn.medisys.com.my | |||
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html | |||
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride ALL | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
# proxy for gitlab | |||
<Location /gitlab> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9050/gitlab nocanon | |||
ProxyPassReverse http://localhost:9050/gitlab | |||
</Location> | |||
RewriteEngine on | |||
RewriteCond %{HTTP_HOST} =175.144.214.82 [OR] | |||
RewriteCond %{HTTP_HOST} =100.43.10.200 | |||
RewriteRule ^ https://cdn.medisys.com.my%{REQUEST_URI} [END,NE,R=permanent] | |||
#RewriteCond %{SERVER_NAME} =cdn.medisys.com.my [OR] | |||
#RewriteCond %{SERVER_NAME} =www.cdn.medisys.com.my | |||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | |||
</VirtualHost> | |||
</source> | |||
===dev.medisys.com.my.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-dev.rufaida.com.my.conf</code> | |||
<source lang="apache" highlight="2-4,6,8,9,13-16,18-24,26-29" line> | |||
<VirtualHost *:80> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias dev.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.dev.medisys.com.my | |||
DocumentRoot /ihe/var/www/dev.medisys.com.my/html | |||
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/dev.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/dev.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
#RewriteEngine on | |||
#RewriteCond %{SERVER_NAME} =dev.medisys.com.my [OR] | |||
#RewriteCond %{SERVER_NAME} =www.dev.medisys.com.my | |||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | |||
</VirtualHost> | |||
</source> | |||
===hl7.medisys.com.my.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-hl7.rufaida.com.my.conf</code> | |||
<source lang="apache" highlight="2-4,6,8,9,13-16,18-24,26-29" line> | |||
<VirtualHost *:80> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias hl7.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.hl7.medisys.com.my | |||
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html | |||
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
#RewriteEngine on | |||
#RewriteCond %{SERVER_NAME} =www.hl7.medisys.com.my [OR] | |||
#RewriteCond %{SERVER_NAME} =hl7.medisys.com.my | |||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | ||
</VirtualHost> | </VirtualHost> | ||
| Line 131: | Line 259: | ||
===api.rufaida.com.my.conf=== | ===api.rufaida.com.my.conf=== | ||
<code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf</code> | <code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf</code> | ||
<source lang=" | <source lang="apache" highlight="2-4,6,8,9,13-16,18-24,27-32,34-37" line> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ProxyRequests Off | ProxyRequests Off | ||
| Line 166: | Line 294: | ||
#RewriteEngine on | #RewriteEngine on | ||
#RewriteCond %{SERVER_NAME} =www.api. | #RewriteCond %{SERVER_NAME} =www.api.rufaida.com.my [OR] | ||
#RewriteCond %{SERVER_NAME} =api.rufaida.com.my | #RewriteCond %{SERVER_NAME} =api.rufaida.com.my | ||
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | ||
| Line 173: | Line 301: | ||
==HTTPS== | ==HTTPS== | ||
===api.medisys.com.my-le-ssl.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/01-api.medisys.com.my-le-ssl.conf</code> | |||
<source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,87-90" line> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias api.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.api.medisys.com.my | |||
DocumentRoot /ihe/var/www/api.medisys.com.my/html | |||
ErrorLog /ihe/var/www/api.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/api.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/api.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/api.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /docs "/ihe/var/www/api.medisys.com.my/docs/" | |||
<Directory "/ihe/var/www/api.medisys.com.my/docs"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /soft "/ihe/var/www/api.medisys.com.my/soft/" | |||
<Directory "/ihe/var/www/api.medisys.com.my/soft"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 202.187 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
Allow from 180.234.6.104 | |||
</Directory> | |||
# proxy for social | |||
<Location /social> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://202.40.189.20/social nocanon | |||
ProxyPassReverse http://202.40.189.20/social | |||
</Location> | |||
# proxy for reports | |||
<Location /reports> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://175.144.214.83:9002/reports nocanon | |||
ProxyPassReverse http://175.144.214.83:9002/reports | |||
</Location> | |||
# proxy for patient/affairs | |||
<Location /patient/affairs> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon | |||
ProxyPassReverse http://202.40.189.20:9090/patient/affairs | |||
</Location> | |||
# proxy for dev/patient/affairs | |||
<Location /dev/patient/affairs> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9090/dev/patient/affairs nocanon | |||
ProxyPassReverse http://localhost:9090/dev/patient/affairs | |||
</Location> | |||
Include /etc/letsencrypt/options-ssl-apache.conf | |||
SSLCertificateFile /etc/letsencrypt/live/api.medisys.com.my/cert.pem | |||
SSLCertificateKeyFile /etc/letsencrypt/live/api.medisys.com.my/privkey.pem | |||
SSLCertificateChainFile /etc/letsencrypt/live/api.medisys.com.my/chain.pem | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | |||
===cdn.medisys.com.my-le-ssl.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-cdn.medisys.com.my-le-ssl.conf</code> | |||
<source lang="apache" highlight="3-6,8,10,11,15-18,20-26,28-35,37-54,172-175" line> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
SSLProxyEngine On | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes On | |||
ServerAlias cdn.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.cdn.medisys.com.my | |||
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html | |||
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride ALL | |||
Require all granted | |||
Order Allow,Deny | |||
Allow from all | |||
</Directory> | |||
Alias /docs "/ihe/var/www/cdn.medisys.com.my/docs/" | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/docs"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Allow,Deny | |||
Allow from all | |||
</Directory> | |||
Alias /soft "/ihe/var/www/cdn.medisys.com.my/soft/" | |||
<Directory "/ihe/var/www/cdn.medisys.com.my/soft"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 202.187 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
Allow from 180.234.6.104 | |||
</Directory> | |||
# proxy for i | |||
<Location /i> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8090/i nocanon | |||
ProxyPassReverse http://localhost:8090/i | |||
</Location> | |||
# proxy for jira | |||
<Location /jira> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9010/jira nocanon | |||
ProxyPassReverse http://localhost:9010/jira | |||
</Location> | |||
# proxy for | |||
<Location /apex> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8090/apex nocanon | |||
ProxyPassReverse http://localhost:8090/apex | |||
</Location> | |||
# proxy for nexus | |||
<Location /nexus> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8081/nexus nocanon | |||
ProxyPassReverse http://localhost:8081/nexus | |||
RequestHeader set X-Forwarded-Proto "https" | |||
</Location> | |||
# proxy for | |||
<Location /console> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9990/console nocanon | |||
ProxyPassReverse http://localhost:9990/console | |||
</Location> | |||
# proxy for gitlab | |||
<Location /gitlab> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass https://localhost:4430/gitlab nocanon | |||
ProxyPassReverse https://localhost:4430/gitlab | |||
</Location> | |||
# proxy for jenkins | |||
<Location /jenkins> | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 61.6 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
ProxyPass http://localhost:8088/jenkins nocanon | |||
ProxyPassReverse http://localhost:8088/jenkins | |||
RequestHeader set X-Forwarded-Proto "https" | |||
</Location> | |||
# proxy for bitbucket | |||
<Location /bitbucket> | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 61.6 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
ProxyPass http://localhost:9020/bitbucket nocanon | |||
ProxyPassReverse http://localhost:9020/bitbucket | |||
</Location> | |||
# proxy for management | |||
<Location /management> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9990/management nocanon | |||
ProxyPassReverse http://localhost:9990/management | |||
</Location> | |||
# proxy for artifactory | |||
<Location /artifactory> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9040/artifactory nocanon | |||
ProxyPassReverse http://localhost:9040/artifactory | |||
</Location> | |||
# proxy for artifactory/ui | |||
<Location /ui> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9041/ui nocanon | |||
ProxyPassReverse http://localhost:9041/ui | |||
</Location> | |||
# proxy for phpldapadmin | |||
<Location /phpldapadmin> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9030/phpldapadmin nocanon | |||
ProxyPassReverse http://localhost:9030/phpldapadmin | |||
</Location> | |||
Include /etc/letsencrypt/options-ssl-apache.conf | |||
SSLCertificateFile /etc/letsencrypt/live/cdn.medisys.com.my/cert.pem | |||
SSLCertificateKeyFile /etc/letsencrypt/live/cdn.medisys.com.my/privkey.pem | |||
SSLCertificateChainFile /etc/letsencrypt/live/cdn.medisys.com.my/chain.pem | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | |||
===dev.medisys.com.my-le-ssl.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-dev.medisys.com.my-le-ssl.conf</code> | |||
<source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,55-58" line> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias dev.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.dev.medisys.com.my | |||
DocumentRoot /ihe/var/www/dev.medisys.com.my/html | |||
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/dev.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/dev.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /docs "/ihe/var/www/dev.medisys.com.my/docs/" | |||
<Directory "/ihe/var/www/dev.medisys.com.my/docs"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /soft "/ihe/var/www/dev.medisys.com.my/soft/" | |||
<Directory "/ihe/var/www/dev.medisys.com.my/soft"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 202.187 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
Allow from 180.234.6.104 | |||
</Directory> | |||
Include /etc/letsencrypt/options-ssl-apache.conf | |||
SSLCertificateFile /etc/letsencrypt/live/dev.medisys.com.my/cert.pem | |||
SSLCertificateKeyFile /etc/letsencrypt/live/dev.medisys.com.my/privkey.pem | |||
SSLCertificateChainFile /etc/letsencrypt/live/dev.medisys.com.my/chain.pem | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | |||
===hl7.medisys.com.my-le-ssl.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/00-hl7.medisys.com.my-le-ssl.conf</code> | |||
<source lang="apache" highlight="3-5,7,9,10,14-17,19-25,27-34,36-53,103-106" line> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
ServerAlias hl7.medisys.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.hl7.medisys.com.my | |||
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html | |||
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log | |||
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /docs "/ihe/var/www/hl7.medisys.com.my/docs/" | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/docs"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /soft "/ihe/var/www/hl7.medisys.com.my/soft/" | |||
<Directory "/ihe/var/www/hl7.medisys.com.my/soft"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 202.187 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
Allow from 180.234.6.104 | |||
</Directory> | |||
# proxy for amqp | |||
<Location /amqp> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8010/amqp nocanon | |||
ProxyPassReverse http://localhost:8010/amqp | |||
</Location> | |||
# proxy for boot | |||
<Location /boot> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8080/boot nocanon | |||
ProxyPassReverse http://localhost:8080/boot | |||
</Location> | |||
# proxy for fhir | |||
<Location /fhir> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8018/fhir nocanon | |||
ProxyPassReverse http://localhost:8018/fhir | |||
</Location> | |||
# proxy for itis | |||
<Location /itis> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8014/itis nocanon | |||
ProxyPassReverse http://localhost:8014/itis | |||
</Location> | |||
# proxy for labs | |||
<Location /labs> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8013/labs nocanon | |||
ProxyPassReverse http://localhost:8013/labs | |||
</Location> | |||
# proxy for xlab | |||
<Location /xlab> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:8016/xlab nocanon | |||
ProxyPassReverse http://localhost:8016/xlab | |||
</Location> | |||
Include /etc/letsencrypt/options-ssl-apache.conf | |||
SSLCertificateFile /etc/letsencrypt/live/hl7.medisys.com.my/cert.pem | |||
SSLCertificateKeyFile /etc/letsencrypt/live/hl7.medisys.com.my/privkey.pem | |||
SSLCertificateChainFile /etc/letsencrypt/live/hl7.medisys.com.my/chain.pem | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | |||
===api.rufaida.com.my-le-ssl.conf=== | |||
<code>vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my-le-ssl.conf</code> | |||
<source lang="apache" highlight="3-5,7-9,11,13,14,18-21,23-29,31-38,40-57,91-94" line> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
ProxyRequests Off | |||
ProxyPreserveHost On | |||
AllowEncodedSlashes Off | |||
SSLProxyEngine On | |||
SSLProxyCheckPeerCN On | |||
SSLProxyCheckPeerExpire On | |||
ServerAlias api.rufaida.com.my | |||
ServerAdmin [email protected] | |||
ServerName www.api.rufaia.com.my | |||
DocumentRoot /ihe/var/www/api.rufaida.com.my/html | |||
ErrorLog /ihe/var/www/api.rufaida.com.my/error.log | |||
CustomLog /ihe/var/www/api.rufaida.com.my/requests.log combined | |||
<Directory "/ihe/var/www/api.rufaida.com.my/"> | |||
AllowOverride None | |||
Require all granted | |||
</Directory> | |||
<Directory "/ihe/var/www/api.rufaida.com.my/html"> | |||
Options Indexes FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /docs "/ihe/var/www/api.rufaida.com.my/docs/" | |||
<Directory "/ihe/var/www/api.rufaida.com.my/docs"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
Alias /soft "/ihe/var/www/api.rufaida.com.my/soft/" | |||
<Directory "/ihe/var/www/api.rufaida.com.my/soft"> | |||
Options Indexes MultiViews FollowSymLinks | |||
AllowOverride All | |||
Require all granted | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from ::1 | |||
Allow from 202.187 | |||
Allow from 127.0.0.1 | |||
Allow from localhost | |||
Allow from 100.43.0 | |||
Allow from 192.168.1 | |||
Allow from 100.43.10 | |||
Allow from 202.40.189 | |||
Allow from 175.144.214 | |||
Allow from 180.234.6.104 | |||
</Directory> | |||
# proxy for social | |||
<Location /social> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://202.40.189.20/social nocanon | |||
ProxyPassReverse http://202.40.189.20/social | |||
</Location> | |||
# proxy for reports | |||
<Location /reports> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://202.40.189.18:9001/reports nocanon | |||
ProxyPassReverse http://202.40.189.18:9001/reports | |||
</Location> | |||
# proxy for patient/affairs | |||
<Location /patient/affairs> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon | |||
ProxyPassReverse http://202.40.189.20:9090/patient/affairs | |||
</Location> | |||
# proxy for dev/patient/affairs | |||
<Location /dev/patient/affairs> | |||
Order Allow,Deny | |||
Allow from all | |||
ProxyPass http://localhost:9090/dev/patient/affairs nocanon | |||
ProxyPassReverse http://localhost:9090/dev/patient/affairs | |||
</Location> | |||
Include /etc/letsencrypt/options-ssl-apache.conf | |||
SSLCertificateFile /etc/letsencrypt/live/api.rufaida.com.my/cert.pem | |||
SSLCertificateKeyFile /etc/letsencrypt/live/api.rufaida.com.my/privkey.pem | |||
SSLCertificateChainFile /etc/letsencrypt/live/api.rufaida.com.my/chain.pem | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | |||
==References== | |||
* [https://serverfault.com/questions/167575 Multiple hostnames redirected to one] | |||
* [https://httpd.apache.org/docs/2.4/vhosts/name-based.html Name-based Virtual Host Support] | |||
* [https://serverfault.com/questions/84821 Apache ProxyPass with SSL] | |||
Latest revision as of 20:45, 21 August 2020
Apache
httpd.conf
vim /etc/httpd/conf/httpd.conf
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
#
ServerAdmin [email protected]
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
IncludeOptional /ihe/etc/httpd/conf.sites.d/*.conf
ServerName 100.43.10.200
Directory Tree
# mkdir -p /etc/httpd/conf.sites.d/
# mkdir -p /var/www/
# create folder inside /ihe mount point
mkdir -p /ihe/etc/httpd/conf.sites.d/
mkdir -p /ihe/var/www
|
cd /ihe/var/www/;\
p='api cdn dev hl7';\
for s in $p;\
do d='html docs soft';for f in $d;\
do mkdir -p "$s.medisys.com.my/$f";\
done;
done
|
cd /ihe/var/www/;\
p='api cdn dev hl7';\
for s in $p;\
do d='html docs soft';for f in $d;\
do mkdir -p "$s.rufaida.com.my/$f";\
done;
done
|
#vim /ihe/var/www/api.medisys.com.my/html/.htaccess
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR]
RewriteCond %{SERVER_NAME} =www.api.medisys.com.my
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
f='html docs soft';\
for s in *.medisys.com.my;do for d in $f;do \
h="<html>\n<head><title>$s/$d</title></head>\n";
h="$h<body><h1>Welcome to, $s/$d</h1></body>\n</html>";
echo -e "$h" >> "$s/$d/index.html";
done;done
|
f='html docs soft';\
for s in *.rufaida.com.my;do for d in $f;do \
h="<html>\n<head><title>$s/$d</title></head>\n";
h="$h<body><h1>Welcome to, $s/$d</h1></body>\n</html>";
echo -e "$h" >> "$s/$d/index.html";
done;done
yum -y install httpd mod_ssl
cd /opt/;git clone https://github.com/certbot/certbot.git
cd /usr/local/bin/;ln -s /opt/certbot/certbot-auto certbot
ln -s /opt/certbot/letsencrypt-auto letsencrypt
letsencrypt #letsencrypt renew
certbot #certbot renew
|
HTTP
api.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/01-api.medisys.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.medisys.com.my
ServerAdmin [email protected]
ServerName www.api.medisys.com.my
DocumentRoot /ihe/var/www/api.medisys.com.my/html
ErrorLog /ihe/var/www/api.medisys.com.my/error.log
CustomLog /ihe/var/www/api.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/api.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for forms
<Location /forms>
Order Allow,Deny
Allow from all
ProxyPass http://175.144.214.83:9001/forms nocanon
ProxyPassReverse http://175.144.214.83:9001/forms
</Location>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =api.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.api.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
cdn.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-cdn.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias cdn.medisys.com.my
ServerAdmin [email protected]
ServerName www.cdn.medisys.com.my
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/cdn.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/cdn.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride ALL
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for gitlab
<Location /gitlab>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9050/gitlab nocanon
ProxyPassReverse http://localhost:9050/gitlab
</Location>
RewriteEngine on
RewriteCond %{HTTP_HOST} =175.144.214.82 [OR]
RewriteCond %{HTTP_HOST} =100.43.10.200
RewriteRule ^ https://cdn.medisys.com.my%{REQUEST_URI} [END,NE,R=permanent]
#RewriteCond %{SERVER_NAME} =cdn.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.cdn.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
dev.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-dev.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias dev.medisys.com.my
ServerAdmin [email protected]
ServerName www.dev.medisys.com.my
DocumentRoot /ihe/var/www/dev.medisys.com.my/html
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/dev.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/dev.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =dev.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =www.dev.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
hl7.medisys.com.my.conf
vim /etc/httpd/conf.sites.d/00-hl7.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hl7.medisys.com.my
ServerAdmin [email protected]
ServerName www.hl7.medisys.com.my
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/hl7.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/hl7.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.hl7.medisys.com.my [OR]
#RewriteCond %{SERVER_NAME} =hl7.medisys.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
api.rufaida.com.my.conf
vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my.conf
<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.rufaida.com.my
ServerAdmin [email protected]
ServerName www.api.rufaia.com.my
DocumentRoot /ihe/var/www/api.rufaida.com.my/html
ErrorLog /ihe/var/www/api.rufaida.com.my/error.log
CustomLog /ihe/var/www/api.rufaida.com.my/requests.log combined
<Directory "/ihe/var/www/api.rufaida.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.rufaida.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
# proxy for forms
<Location /forms>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.18:9001/forms nocanon
ProxyPassReverse http://202.40.189.18:9001/forms
</Location>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.api.rufaida.com.my [OR]
#RewriteCond %{SERVER_NAME} =api.rufaida.com.my
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
HTTPS
api.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/01-api.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias api.medisys.com.my
ServerAdmin [email protected]
ServerName www.api.medisys.com.my
DocumentRoot /ihe/var/www/api.medisys.com.my/html
ErrorLog /ihe/var/www/api.medisys.com.my/error.log
CustomLog /ihe/var/www/api.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/api.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/api.medisys.com.my/docs/"
<Directory "/ihe/var/www/api.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/api.medisys.com.my/soft/"
<Directory "/ihe/var/www/api.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for social
<Location /social>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20/social nocanon
ProxyPassReverse http://202.40.189.20/social
</Location>
# proxy for reports
<Location /reports>
Order Allow,Deny
Allow from all
ProxyPass http://175.144.214.83:9002/reports nocanon
ProxyPassReverse http://175.144.214.83:9002/reports
</Location>
# proxy for patient/affairs
<Location /patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon
ProxyPassReverse http://202.40.189.20:9090/patient/affairs
</Location>
# proxy for dev/patient/affairs
<Location /dev/patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9090/dev/patient/affairs nocanon
ProxyPassReverse http://localhost:9090/dev/patient/affairs
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/api.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/api.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
cdn.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-cdn.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes On
ServerAlias cdn.medisys.com.my
ServerAdmin [email protected]
ServerName www.cdn.medisys.com.my
DocumentRoot /ihe/var/www/cdn.medisys.com.my/html
ErrorLog /ihe/var/www/cdn.medisys.com.my/error.log
CustomLog /ihe/var/www/cdn.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/cdn.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/cdn.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride ALL
Require all granted
Order Allow,Deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/cdn.medisys.com.my/docs/"
<Directory "/ihe/var/www/cdn.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Allow,Deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/cdn.medisys.com.my/soft/"
<Directory "/ihe/var/www/cdn.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for i
<Location /i>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8090/i nocanon
ProxyPassReverse http://localhost:8090/i
</Location>
# proxy for jira
<Location /jira>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9010/jira nocanon
ProxyPassReverse http://localhost:9010/jira
</Location>
# proxy for
<Location /apex>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8090/apex nocanon
ProxyPassReverse http://localhost:8090/apex
</Location>
# proxy for nexus
<Location /nexus>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8081/nexus nocanon
ProxyPassReverse http://localhost:8081/nexus
RequestHeader set X-Forwarded-Proto "https"
</Location>
# proxy for
<Location /console>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9990/console nocanon
ProxyPassReverse http://localhost:9990/console
</Location>
# proxy for gitlab
<Location /gitlab>
Order Allow,Deny
Allow from all
ProxyPass https://localhost:4430/gitlab nocanon
ProxyPassReverse https://localhost:4430/gitlab
</Location>
# proxy for jenkins
<Location /jenkins>
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 61.6
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
ProxyPass http://localhost:8088/jenkins nocanon
ProxyPassReverse http://localhost:8088/jenkins
RequestHeader set X-Forwarded-Proto "https"
</Location>
# proxy for bitbucket
<Location /bitbucket>
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 61.6
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
ProxyPass http://localhost:9020/bitbucket nocanon
ProxyPassReverse http://localhost:9020/bitbucket
</Location>
# proxy for management
<Location /management>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9990/management nocanon
ProxyPassReverse http://localhost:9990/management
</Location>
# proxy for artifactory
<Location /artifactory>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9040/artifactory nocanon
ProxyPassReverse http://localhost:9040/artifactory
</Location>
# proxy for artifactory/ui
<Location /ui>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9041/ui nocanon
ProxyPassReverse http://localhost:9041/ui
</Location>
# proxy for phpldapadmin
<Location /phpldapadmin>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9030/phpldapadmin nocanon
ProxyPassReverse http://localhost:9030/phpldapadmin
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cdn.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cdn.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/cdn.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
dev.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-dev.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias dev.medisys.com.my
ServerAdmin [email protected]
ServerName www.dev.medisys.com.my
DocumentRoot /ihe/var/www/dev.medisys.com.my/html
ErrorLog /ihe/var/www/dev.medisys.com.my/error.log
CustomLog /ihe/var/www/dev.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/dev.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/dev.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/dev.medisys.com.my/docs/"
<Directory "/ihe/var/www/dev.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/dev.medisys.com.my/soft/"
<Directory "/ihe/var/www/dev.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/dev.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/dev.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/dev.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
hl7.medisys.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/00-hl7.medisys.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
ServerAlias hl7.medisys.com.my
ServerAdmin [email protected]
ServerName www.hl7.medisys.com.my
DocumentRoot /ihe/var/www/hl7.medisys.com.my/html
ErrorLog /ihe/var/www/hl7.medisys.com.my/error.log
CustomLog /ihe/var/www/hl7.medisys.com.my/requests.log combined
<Directory "/ihe/var/www/hl7.medisys.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/hl7.medisys.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/hl7.medisys.com.my/docs/"
<Directory "/ihe/var/www/hl7.medisys.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/hl7.medisys.com.my/soft/"
<Directory "/ihe/var/www/hl7.medisys.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for amqp
<Location /amqp>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8010/amqp nocanon
ProxyPassReverse http://localhost:8010/amqp
</Location>
# proxy for boot
<Location /boot>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8080/boot nocanon
ProxyPassReverse http://localhost:8080/boot
</Location>
# proxy for fhir
<Location /fhir>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8018/fhir nocanon
ProxyPassReverse http://localhost:8018/fhir
</Location>
# proxy for itis
<Location /itis>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8014/itis nocanon
ProxyPassReverse http://localhost:8014/itis
</Location>
# proxy for labs
<Location /labs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8013/labs nocanon
ProxyPassReverse http://localhost:8013/labs
</Location>
# proxy for xlab
<Location /xlab>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:8016/xlab nocanon
ProxyPassReverse http://localhost:8016/xlab
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/hl7.medisys.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hl7.medisys.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/hl7.medisys.com.my/chain.pem
</VirtualHost>
</IfModule>
api.rufaida.com.my-le-ssl.conf
vim /etc/httpd/conf.sites.d/01-api.rufaida.com.my-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes Off
SSLProxyEngine On
SSLProxyCheckPeerCN On
SSLProxyCheckPeerExpire On
ServerAlias api.rufaida.com.my
ServerAdmin [email protected]
ServerName www.api.rufaia.com.my
DocumentRoot /ihe/var/www/api.rufaida.com.my/html
ErrorLog /ihe/var/www/api.rufaida.com.my/error.log
CustomLog /ihe/var/www/api.rufaida.com.my/requests.log combined
<Directory "/ihe/var/www/api.rufaida.com.my/">
AllowOverride None
Require all granted
</Directory>
<Directory "/ihe/var/www/api.rufaida.com.my/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /docs "/ihe/var/www/api.rufaida.com.my/docs/"
<Directory "/ihe/var/www/api.rufaida.com.my/docs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
Alias /soft "/ihe/var/www/api.rufaida.com.my/soft/"
<Directory "/ihe/var/www/api.rufaida.com.my/soft">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
Order Deny,Allow
Deny from all
Allow from ::1
Allow from 202.187
Allow from 127.0.0.1
Allow from localhost
Allow from 100.43.0
Allow from 192.168.1
Allow from 100.43.10
Allow from 202.40.189
Allow from 175.144.214
Allow from 180.234.6.104
</Directory>
# proxy for social
<Location /social>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20/social nocanon
ProxyPassReverse http://202.40.189.20/social
</Location>
# proxy for reports
<Location /reports>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.18:9001/reports nocanon
ProxyPassReverse http://202.40.189.18:9001/reports
</Location>
# proxy for patient/affairs
<Location /patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://202.40.189.20:9090/patient/affairs nocanon
ProxyPassReverse http://202.40.189.20:9090/patient/affairs
</Location>
# proxy for dev/patient/affairs
<Location /dev/patient/affairs>
Order Allow,Deny
Allow from all
ProxyPass http://localhost:9090/dev/patient/affairs nocanon
ProxyPassReverse http://localhost:9090/dev/patient/affairs
</Location>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/api.rufaida.com.my/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.rufaida.com.my/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/api.rufaida.com.my/chain.pem
</VirtualHost>
</IfModule>