[local-fedora]
name=Fedora $releasever - $basearch
-baseurl=http://store.usr.user.hu/linux/fedora/releases/$releasever/Everything/$basearch/os/
+baseurl=http://store.in.useribm.hu/linux/fedora/releases/$releasever/Everything/$basearch/os/
gpgcheck=0
[local-updates]
name=Fedora $releasever - $basearch - Updates
-baseurl=http://store.usr.user.hu/linux/fedora/updates/$releasever/Everything/$basearch/
+baseurl=http://store.in.useribm.hu/linux/fedora/updates/$releasever/Everything/$basearch/
gpgcheck=0
# web server address (perimeter network)
define WS_PERIMETER_IPV4 = 192.168.173.249
+define WS_PERIMETER_IPV6 = 2a02:d400:0000:f2ad:000c:18ff:fe03:adf9
# perimeter name server address (perimeter network)
define PNS_PERIMETER_IPV4 = 192.168.173.174
oifname $INTERNAL_IF \
counter accept comment "Internal traffic"
+add rule ip ifg_filter forward \
+ ip protocol tcp \
+ iifname $PERIMETER_IF ip saddr $WS_PERIMETER_IPV4 tcp sport 1024-65535 \
+ oifname $INTERNAL_IF ip daddr $STORE_INTERNAL_IPV4 tcp dport 80 \
+ counter accept comment "Store requests"
+add rule ip6 ifg_filter forward \
+ iifname $PERIMETER_IF ip6 saddr $WS_PERIMETER_IPV6 tcp sport 1024-65535 \
+ oifname $INTERNAL_IF ip6 daddr $STORE_INTERNAL_IPV6 tcp dport 80 \
+ counter accept comment "Store requests"
+
+add rule ip ifg_filter forward \
+ ct state established \
+ ip protocol tcp \
+ iifname $INTERNAL_IF ip saddr $STORE_INTERNAL_IPV4 tcp sport 80 \
+ oifname $PERIMETER_IF ip daddr $WS_PERIMETER_IPV4 tcp dport 1024-65535 \
+ counter accept comment "Store replies"
+#add rule ip6 ifg_filter forward \
+# ct state established \
+# iifname $INTERNAL_IF ip6 saddr $STORE_INTERNAL_IPV6 tcp sport 80 \
+# oifname $PERIMETER_IF ip6 daddr $WS_PERIMETER_IPV6 tcp dport 1024-65535 \
+# counter accept comment "Store replies"
+
add rule ip ifg_filter forward \
ip protocol tcp \
iifname $PERIMETER_IF ip saddr $WS_PERIMETER_IPV4 tcp sport 1024-65535 \
ipv4.gateway "192.168.173.254" \
ipv4.method "manual" \
ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1" \
- ipv6.method "auto" \
+ ipv6.addresses "2a02:d400:0000:f2ad:000c:18ff:fe03:adf9/64" \
+ ipv6.dns "2a02:d400:0000:f2ad:000c:18ff:fe03:adae" \
+ ipv6.dns-search "pm.useribm.hu" \
+ ipv6.method "manual" \
+ ipv6.routes "2a02:d400:0000:f268::/64 2a02:d400:0000:f2ad:000c:18ff:fe03:ad01" \
save yes
nmcli connection show
-d minicrm.userrendszerhaz.hu \
-d redmine.useribm.hu \
-d redmine.userrendszerhaz.hu \
+ -d store.useribm.hu \
-d svn.useribm.hu \
-d svn.userrendszerhaz.hu \
-d useribm.hu \
ProxyPass /ubisxfr http://192.168.173.251/ubisxfr
ProxyPassReverse /ubisxfr http://192.168.173.251/ubisxfr
- # dvasary's redmine -> dvredmine.usr.user.hu:80
+ # dvasary's redmine -> dvredmine.in.useribm.hu:80
ProxyPass /redmine http://10.228.62.193/
ProxyPassReverse /redmine http://10.228.62.193/
-
- # webdav store -> store.usr.user.hu:80
- #ProxyPass /store http://store.usr.user.hu/
- #ProxyPassReverse /store http://store.usr.user.hu/
</VirtualHost>
<VirtualHost *:443>
</RequireAny>
</Directory>
- ProxyPass /minicrm http://minicrm.usr.user.hu:8080/minicrm
- ProxyPassReverse /minicrm http://minicrm.usr.user.hu:8080/minicrm
+ ProxyPass /minicrm http://minicrm.in.useribm.hu:8080/minicrm
+ ProxyPassReverse /minicrm http://minicrm.in.useribm.hu:8080/minicrm
</VirtualHost>
<VirtualHost *:443>
ProxyPass / http://10.228.62.193/
ProxyPassReverse / http://10.228.62.193/
</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName store.useribm.hu
+ ServerAdmin webadmin@useribm.hu
+ DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+ SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+
+ <Directory /var/www/htdocs.useribm.hu.443>
+ <RequireAny>
+ Require all granted
+ </RequireAny>
+ </Directory>
+
+ ProxyPass / http://store.in.useribm.hu/
+ ProxyPassReverse / http://store.in.useribm.hu/
+</VirtualHost>
Redirect permanent / https://redmine.useribm.hu/
</VirtualHost>
+
+<VirtualHost *:80>
+ ServerName store.useribm.hu
+ ServerAdmin webadmin@useribm.hu
+ DocumentRoot "/var/www/htdocs.useribm.hu.80"
+
+ <Directory /var/www/htdocs.useribm.hu.80>
+ <RequireAny>
+ Require all granted
+ </RequireAny>
+ </Directory>
+
+ Redirect permanent / https://store.useribm.hu/
+</VirtualHost>
ProxyPass /ubisxfr http://192.168.173.251/ubisxfr
ProxyPassReverse /ubisxfr http://192.168.173.251/ubisxfr
- # dvasary's redmine -> dvredmine.usr.user.hu:80
+ # dvasary's redmine -> dvredmine.in.useribm.hu:80
ProxyPass /redmine http://10.228.62.193/
ProxyPassReverse /redmine http://10.228.62.193/
-
- # webdav store -> store.usr.user.hu:80
- #ProxyPass /store http://store.usr.user.hu/
- #ProxyPassReverse /store http://store.usr.user.hu/
</VirtualHost>
<VirtualHost *:443>
</RequireAny>
</Directory>
- ProxyPass /minicrm http://minicrm.usr.user.hu:8080/minicrm
- ProxyPassReverse /minicrm http://minicrm.usr.user.hu:8080/minicrm
+ ProxyPass /minicrm http://minicrm.in.useribm.hu:8080/minicrm
+ ProxyPassReverse /minicrm http://minicrm.in.useribm.hu:8080/minicrm
</VirtualHost>
<VirtualHost *:443>
https://git.useribm.hu / user-lxc.git / commitdiff