Created
February 21, 2018 01:37
-
-
Save naga41/fe9462f9403d80d57105a92505c36b6d to your computer and use it in GitHub Desktop.
session-prototype_manager.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################# | |
## | |
## Session Prototype Manager Service | |
## | |
############################################# | |
<IfModule !headers_module> | |
LoadModule headers_module modules/mod_headers.so | |
</IfModule> | |
# --------------------- | |
# SSL Configuration. | |
# --------------------- | |
# -------------------------------------------------------- | |
# SSL Functions | |
# For Public APIs | |
# -------------------------------------------------------- | |
<VirtualHost *:443> | |
ServerName snpt-mgt01.q1-np.aws.diva.rs.scei.sony.co.jp | |
#ServerAlias *.*.q1-np.community.playstation.net | |
ErrorLog "|/usr/sbin/rotatelogs /etc/httpd/logs/session-prototype-manager-ssl-error-log.%Y-%m-%d-%H 3600" | |
CustomLog "|/usr/sbin/rotatelogs /etc/httpd/logs/session-prototype-manager-ssl-access-log.%Y-%m-%d-%H 3600" nps_ssl_combined_uuid | |
LogLevel warn | |
SSLEngine on | |
SSLProtocol -ALL +TLSv1 +TLSv1.1 +TLSv1.2 | |
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:DES-CBC3-SHA | |
SSLHonorCipherOrder on | |
SSLCertificateFile /sce/c7y/httpd/ssl-cert/server.crt | |
SSLCertificateKeyFile /sce/c7y/httpd/ssl-cert/server.key | |
# mod_proxy | |
ProxyRequests Off | |
# Enable ProxyErrorOverride | |
ProxyErrorOverride Off | |
<Proxy *> | |
Order deny,allow | |
Allow from all | |
</Proxy> | |
# Default Deny. | |
<Location "/"> | |
Deny from all | |
</Location> | |
# This is originally the endpoint of Trophy. And this endpoint will be abolished in Session Prototype Manager. | |
# Keep this endpoint for the E2E tests to check if the common fundamental functions (e.g. access token validation, accessing to Redis, and so on) are working. | |
# TODO | |
# Delete this configuration after the E2E tests for Session Manager are created. | |
# Session Prototype Manager SSL Debug Functions. | |
<Location "/session/debug/v1/"> | |
Order deny,allow | |
Deny from all | |
# e1-np では公開、np では非公開設定としてください。 | |
# 公開する場合(e1-np)は下記行(Allow from ...)の "#" のコメントアウトを解除して、Session Prototype Manager debugにアクセスできる設定にしてください。 | |
# 非公開にする場合(np)は下記行(Allow from ...)を "#" でコメントアウトしたままにしてください。 | |
Allow from all | |
ProxyPass http://tomcat:8080/session-manager-prototype/debug/ | |
</Location> | |
# This is originally the endpoint of Trophy. And this endpoint will be abolished in Session Prototype Manager. | |
# Keep this endpoint for the E2E tests to check if the common fundamental functions (e.g. access token validation, accessing to Redis, and so on) are working. | |
# TODO | |
# Delete this configuration after the E2E tests for Session Manager are created. | |
# Session Prototype Manager SSL WebAPI (VSH/SDK) AID Functions. | |
<Location "/session/act/v1/"> | |
Allow from all | |
ProxyPass http://tomcat:8080/session-manager-prototype/aid/ keepalive=On | |
</Location> | |
# Session Prototype Manager SSL WebAPI for Session Prototype Manager | |
<Location "/session/v1/"> | |
Allow from all | |
ProxyPass http://tomcat:8080/session-prototype-manager/ keepalive=On | |
</Location> | |
# Session Prototype Manager SSL Health Check Functions. | |
<Location "/healthCheck"> | |
SetEnvIf X-Forwarded-For "\\*" via_elb | |
Order allow,deny | |
Allow from 10.0.0.0/8 | |
Deny from via_elb | |
ProxyPass http://tomcat:8080/session-prototype-manager/healthCheck | |
SetEnv force-proxy-request-1.0 1 | |
SetEnv proxy-nokeepalive 1 | |
</Location> | |
</VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment