Difference between revisions of "Apache2"
From DarkWiki
(→Nagios proxy) |
(→Nagios proxy) |
||
| Line 46: | Line 46: | ||
ProxyPassReverse / http://10.1.1.97/nagios3/ | ProxyPassReverse / http://10.1.1.97/nagios3/ | ||
| + | </VirtualHost> | ||
| + | </pre> | ||
| + | |||
| + | ===Full HTTPS redirect=== | ||
| + | |||
| + | This configures a host to redirect all HTTP traffic to the HTTPS endpoint instead. | ||
| + | |||
| + | <pre> | ||
| + | <VirtualHost *:80> | ||
| + | ServerName www.darkmine.org | ||
| + | ServerAdmin webmaster@localhost | ||
| + | DocumentRoot /var/www/html | ||
| + | ErrorLog ${APACHE_LOG_DIR}/error.log | ||
| + | CustomLog ${APACHE_LOG_DIR}/access.log combined | ||
| + | <Location /> | ||
| + | RewriteEngine on | ||
| + | RewriteCond %{HTTPS} off | ||
| + | RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R] | ||
| + | </Location> | ||
| + | </VirtualHost> | ||
| + | <VirtualHost *:443> | ||
| + | ServerName www.darkmine.org | ||
| + | ServerAdmin webmaster@localhost | ||
| + | SSLEngine on | ||
| + | SSLCertificateFile /etc/letsencrypt/live/www.darkmine.org/fullchain.pem | ||
| + | SSLCertificateKeyFile /etc/letsencrypt/live/www.darkmine.org/privkey.pem | ||
| + | <FilesMatch "\.(cgi|shtml|phtml|php)$"> | ||
| + | SSLOptions +StdEnvVars | ||
| + | </FilesMatch> | ||
| + | <Directory /usr/lib/cgi-bin> | ||
| + | SSLOptions +StdEnvVars | ||
| + | </Directory> | ||
| + | DocumentRoot /var/www/html | ||
| + | ErrorLog ${APACHE_LOG_DIR}/error.log | ||
| + | CustomLog ${APACHE_LOG_DIR}/access.log combined | ||
</VirtualHost> | </VirtualHost> | ||
</pre> | </pre> | ||
Revision as of 13:14, 3 June 2017
Example configuration
Simple proxy
This example will receive HTTP requests headed towards HOSTNAME.darkmine.org, and will proxy them to the web server residing on 10.1.1.96 (port 3000). If URLs in the response have that internal IP (10.1.1.96:3000), they will be transformed to the "hostname.darkmine.org" version.
<VirtualHost *:80>
ServerName HOSTNAME.darkmine.org
ServerAdmin webmaster@localhost
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass "/" "http://10.1.1.96:3000/"
ProxyPassReverse "/" "http://10.1.1.96:3000/"
</VirtualHost>
Nagios proxy
To proxy Nagios3, there are several parts that need to be proxied.
<VirtualHost *:80>
ServerName nagios.darkmine.org
ServerAdmin webmaster@localhost
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /stylesheets/ http://10.1.1.97/nagios3/stylesheets/
ProxyPassReverse /stylesheets/ http://10.1.1.97/nagios3/stylesheets/
ProxyPass /images/ http://10.1.1.97/nagios3/images/
ProxyPassReverse /images/ http://10.1.1.97/nagios3/images/
ProxyPass /cgi-bin http://10.1.1.97/nagios3/cgi-bin
ProxyPassReverse /cgi-bin http://10.1.1.97/nagios3/cgi-bin
ProxyPass /js http://10.1.1.97/nagios3/js
ProxyPassReverse /js http://10.1.1.97/nagios3/js
ProxyPass /pnp4nagios3 http://10.1.1.97/pnp4nagios3
ProxyPassReverse /pnp4nagios3 http://10.1.1.97/pnp4nagios3
ProxyPass / http://10.1.1.97/nagios3/
ProxyPassReverse / http://10.1.1.97/nagios3/
</VirtualHost>
Full HTTPS redirect
This configures a host to redirect all HTTP traffic to the HTTPS endpoint instead.
<VirtualHost *:80>
ServerName www.darkmine.org
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Location />
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.darkmine.org
ServerAdmin webmaster@localhost
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.darkmine.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.darkmine.org/privkey.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
