running jenkins behind apache2 on subdomain and different port - apache

I am attempting to get a jenkins instance (running on http://localhost:8080/) to be visible at http://ci.domain.com:80/.
Current status:
* Browsing to ci.domain.com gives me the content of domain.com
* Browsing to ci.domain.com:8080 shows jenkins
* Browsing to domain.com:8080 shows jenkins
Ideal status:
* Browsing to ci.domain.com shows jenkins
* Browsing to ci.domain.com:8080 redirects to ci.domain.com
* Browsing to domain.com:8080 does whatever the server would do if there were nothing running on port 8080
My current apache site config (working as expected for shifting traffic to HTTPS) is as follows:
<VirtualHost *:8080>
ServerName ci.domain.com
ServerAlias ci
Redirect temp / http://ci.domain.com/
</VirtualHost>
<VirtualHost *:80>
ServerName ci.domain.com
ServerAlias ci
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
<Proxy http://localhost:8080/*>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com
Redirect permanent / https://domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com
<Directory /var/www/domain.com/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml $
</IfModule>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/domain.com/fullchain.pem
<FilesMatch "\.(cgi|shtml|phtml_php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</VirtualHost>
Any help is appreciated.

Related

Adding second domain to LAMP stack

I currently have one domain set up on my LAMP server, and I want to add another one. I tried doing it myself but when I ran into issues, I follow this. I had example.com set up and it was working fine, all traffic would redirect to its https and I want to continue that.
However, the second domain I'm using (represented by test.ca) is still going to example.com. I was hoping someone could inform me what I am doing wrong. Should test.ca be a folder within example.com? and how do you point to it? Is it cause I redirect traffic to https://example.com for the ssl so all traffic just goes there?
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:80>
ServerName test.ca
Redirect permanent / http://test.ca
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/localcerts/example.com.crt
SSLCertificateKeyFile /etc/ssl/localcerts/example.com.key
SSLCACertificateFile /etc/ssl/localcerts/intermediate.crt
ServerAdmin example#gmail.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/example.com/public_html/
ErrorLog /var/www/html/example.com/logs/error.log
CustomLog /var/www/html/example.com/logs/access.log combined
<Directory /var/www/html/example.com/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerAdmin example#gmail.com
ServerName test.ca
ServerAlias www.test.ca
DocumentRoot /var/www/html/test.ca/public_html/
ErrorLog /var/www/html/test.ca/logs/error.log
CustomLog /var/www/html/test.ca/logs/access.log combined
<Directory /var/www/html/test.ca/>
Require all granted
</Directory>
</VirtualHost>
/etc/apache2/sites-available/example.com.conf
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/localcerts/example.com.crt
SSLCertificateKeyFile /etc/ssl/localcerts/example.com.key
SSLCACertificateFile /etc/ssl/localcerts/intermediate.crt
ServerAdmin example#gmail.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/example.com/public_html/
ErrorLog /var/www/html/example.com/logs/error.log
CustomLog /var/www/html/example.com/logs/access.log combined
<Directory /var/www/html/example.com/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
</VirtualHost>
/etc/apache2/sites-available/test.ca.conf
<VirtualHost *:80>
ServerName test.ca
Redirect permanent / http://test.ca
</VirtualHost>
<VirtualHost *:444>
ServerAdmin example#gmail.com
ServerName test.ca
ServerAlias www.test.ca
DocumentRoot /var/www/html/test.ca/public_html/
ErrorLog /var/www/html/test.ca/logs/error.log
CustomLog /var/www/html/test.ca/logs/access.log combined
<Directory /var/www/html/test.ca/>
Require all granted
</Directory>
</VirtualHost>
You might want to change the header of the Virtualhost from
<VirtualHost *:444>
to
<VirtualHost *:443>
as a start, or it must be your intentions to link to that port instead of the default https port.

Redirect domain.com/path to another Apache Server

I have 3 Apache VM's running currently:
A) ProxyPass (Hosts Nothing)
B) Main Website
C) ZoneMinder Website
If you access example.com you get to the website, and can navigate around, but...
If I manually type http://example.com/zm trying to access zoneminder
It redirects http://example.com/zm in my remote browser to http://192.168.1.255:443/foo*
I can't seem to get my redirect working correctly, can anybody see what I am doing wrong?
Configs:
A) ProxyPass Server:
<VirtualHost *:80>
ServerName www.example.com
RedirectPermanent / http://example.com
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://192.168.1.255:80/
ProxyPassReverse / http://192.168.1.255:80/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
B) Main Website
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/example.log
CustomLog ${APACHE_LOG_DIR}/example-access.log combined
</VirtualHost>
Got it working!
The setup:
Server A) Apache server that only serves proxypass and doesn't host anything
Server B) Apache server that hosts main domain.com
Server C) Apache server that hosts ZoneMinder # domain.com/zm
Server A Config:
<VirtualHost *:80>
ServerName domain.com
Redirect / https://www.domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLProxyEngine On
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
ProxyPreserveHost on
ProxyPass /zm https://192.168.1.43:443/zm
ProxyPassReverse /zm https://192.168.1.43:443/zm
ProxyPass / https://192.168.1.42:443/
ProxyPassReverse / https://192.168.1.42:443/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Notes: It is important to have the /zm come before the "/" catch all. I also noticed it FAILED if i used /zm/.
Server B Config:
<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/domain.log
CustomLog ${APACHE_LOG_DIR}/domain.log combined
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
</VirtualHost>
Note: it is not necessary to have *:80 redirects or Server Alias as only correctly formatted requests are sent to this server via ProxyPass filtering beforehand.
Server C Config: (domain.com/zm)
<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/domain.log
CustomLog ${APACHE_LOG_DIR}/domain.log combined
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
</VirtualHost>
Yes it is the same. It works so I am happy!
Note: All 3 servers have my SSL certs installed, but I did not touch default-ssl.conf.

2 apache vhosts permanent redirect

I have 2 domains which I have separately configured in 2 vhosts files. I need one of this domains to permanently redirect to the second one. Before reloading apache, I've run 'configtest' and I got "Syntax Ok". However apparently I got a redirect loop. Btw, the website is a drupal installation, not sure how much does this count.
Here's my 2 conf files.
[root#prod ~]# cat meh-1_com.conf
<VirtualHost *:80>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl/meh1_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/meh1_com.key
SSLCertificateChainFile /etc/httpd/ssl/meh1_com.ca-bundle.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
[root#prod ~]# cat meh-2_com.conf
<VirtualHost *:80>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / http://meh-1.com
</VirtualHost>
<VirtualHost *:443>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / https://meh-1.com
</VirtualHost>

Adding SSL to my website

I have the following virtual hosts config:
listen 80
listen 443
servername "example.com"
serveradmin "email#example.com"
namevirtualhost *:80
namevirtualhost *:443
directoryindex index.html index.php
options -indexes -multiviews +followsymlinks
<directory /Volumes/dev1/http>
allowoverride all
</directory>
<virtualhost *:80 *:443>
servername example.com
serveralias www.example.com
documentroot "/Volumes/dev1/http/example"
rewriteengine on
SSLCertificateFile "/Volumes/dev1/ssl/_ssl-cert.crt"
SSLCertificateKeyFile "/Volumes/dev1/ssl/_ssl-privatekey.crt"
SSLCertificateChainFile "/Volumes/dev1/ssl/_ssl-csr.crt"
</virtualhost>
Of course example.com is just an ... example.
All is well if I access http://example.com, but if I try to access the HTTPS version I get
Safari can’t open the page “https://example.com/” because Safari
can’t establish a secure connection to the server “example.com”.
The _ssl* files are all in place and running httpd -t from Terminal returns Syntax OK.
What am I doing wrong? Thanks!
This what I'm using (only the vhosts section), omitting the FCGID, suexec and PHP specific parts:
<VirtualHost *:80>
ServerName example.com
DocumentRoot "/var/www/example.com/htdocs"
<Directory "/var/www/example.com/htdocs/">
Options -Indexes
AllowOverride All
Order allow,deny
Allow from All
</Directory>
ErrorLog "/var/www/example.com/error.log"
CustomLog "/var/www/example.com/access.log" combined
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
DocumentRoot "/var/www/example.com/htdocs"
<Directory "/var/www/example.com/htdocs/">
Options -Indexes
AllowOverride All
Order allow,deny
Allow from All
</Directory>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache/ssl/example.com.crt
SSLCertificateKeyFile /etc/apache/ssl/example.key
SSLCertificateChainFile /etc/apache/ssl/gd_bundle.crt
ErrorLog "/var/www/example.com/error.log"
CustomLog "/var/www/example.com/access.log" combined
</VirtualHost>

Apache - Proxy all subdomains from one IP

I'm trying to handle subdomains on a specific server and the normal URL from all servers. They're behind a load balancer. This works for http://test.com and it load balances.
For subdomains I can't tell if the proxy is working or why I'm getting a 404 error. Is there anything wrong with my config?
DNS: example.com 111.111.111.111
Load Balancer: 111.111.111.111
Master, write server: 222.222.222.222
httpd.conf, mirrored to all servers:
<Directory />
Header add myServerName "anglefish" # add a string for testing which server
Header add myServerTimes "D%D t%t"
</Directory>
000-default mirrored to each server except master
#Proxy subdomains from one server
<VirtualHost *:80>
ServerName *.example.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://222.222.222.222/
ProxyPassReverse / http://222.222.222.222/
</VirtualHost>
<VirtualHost *:443>
ServerName *.example.com
SSLEngine on
SSLProxyEngine On
SSLEngine on
SSLCertificateFile /etc/apache2/.ssh/example.com.crt
SSLCertificateKeyFile /etc/apache2/.ssh/example.com.key
SSLCertificateChainFile /etc/apache2/.ssh/example.com_bundle.crt
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://222.222.222.222/
ProxyPassReverse / http://222.222.222.222/
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/vhosts/example.com/public_html
<Directory /var/www/vhosts/example.com/public_html>
Options -Indexes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/vhosts/example.com/public_html
SSLEngine on
SSLCertificateFile /etc/apache2/.ssh/example.com.crt
SSLCertificateKeyFile /etc/apache2/.ssh/example.com.key
SSLCertificateChainFile /etc/apache2/.ssh/example.com_bundle.crt
</VirtualHost>