From 6550e3f80b53e38f4d9534642058a9cb84a02e6c Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zolt=C3=A1n=20Felleg?= <zoltan.felleg@userrendszerhaz.hu>
Date: Fri, 15 Nov 2019 19:21:39 +0100
Subject: [PATCH] Added ws.pm (cvm -> vhost migration, Fedora 31 upgrade).

---
 sources/ws.pm/config                          |  26 ++++
 sources/ws.pm/envvars                         |   4 +
 sources/ws.pm/firstboot/01_setupnetworking.sh |  56 +++++++++
 sources/ws.pm/firstboot/02_settimezone.sh     |  21 ++++
 sources/ws.pm/firstboot/03_setupldap.sh       |  10 ++
 sources/ws.pm/firstboot/10_certbot.sh         |  42 +++++++
 sources/ws.pm/firstboot/11_setuppostfix.sh    |   7 ++
 sources/ws.pm/firstboot/99_cleanup.sh         |   6 +
 sources/ws.pm/postinstall/01_setownership.sh  |   7 ++
 .../ws.pm/postinstall/02_setpermissions.sh    |   5 +
 sources/ws.pm/postinstall/03_installfiles.sh  |  15 +++
 sources/ws.pm/postinstall/10_setupservices.sh |   7 ++
 sources/ws.pm/postinstall/99_cleanup.sh       |   6 +
 sources/ws.pm/postinstall/install/etc/hosts   |   4 +
 .../etc/httpd/conf.d/useribm.hu.443.conf.le   | 119 ++++++++++++++++++
 .../etc/httpd/conf.d/useribm.hu.80.conf       |  56 +++++++++
 .../conf.d/userrendszerhaz.hu.443.conf.le     | 119 ++++++++++++++++++
 .../httpd/conf.d/userrendszerhaz.hu.80.conf   |  56 +++++++++
 18 files changed, 566 insertions(+)
 create mode 100644 sources/ws.pm/config
 create mode 100644 sources/ws.pm/envvars
 create mode 100755 sources/ws.pm/firstboot/01_setupnetworking.sh
 create mode 100755 sources/ws.pm/firstboot/02_settimezone.sh
 create mode 100755 sources/ws.pm/firstboot/03_setupldap.sh
 create mode 100755 sources/ws.pm/firstboot/10_certbot.sh
 create mode 100755 sources/ws.pm/firstboot/11_setuppostfix.sh
 create mode 100755 sources/ws.pm/firstboot/99_cleanup.sh
 create mode 100755 sources/ws.pm/postinstall/01_setownership.sh
 create mode 100755 sources/ws.pm/postinstall/02_setpermissions.sh
 create mode 100755 sources/ws.pm/postinstall/03_installfiles.sh
 create mode 100755 sources/ws.pm/postinstall/10_setupservices.sh
 create mode 100755 sources/ws.pm/postinstall/99_cleanup.sh
 create mode 100644 sources/ws.pm/postinstall/install/etc/hosts
 create mode 100644 sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.443.conf.le
 create mode 100644 sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.80.conf
 create mode 100644 sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.443.conf.le
 create mode 100644 sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.80.conf

diff --git a/sources/ws.pm/config b/sources/ws.pm/config
new file mode 100644
index 0000000..05e2234
--- /dev/null
+++ b/sources/ws.pm/config
@@ -0,0 +1,26 @@
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = ws.pm.user.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.mount.auto = proc:rw sys:ro
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.443 var/www/htdocs.useribm.hu.443 none bind,create=dir 0 0
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.80 var/www/htdocs.useribm.hu.80 none bind,create=dir 0 0
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.userrendszerhaz.hu.443 var/www/htdocs.userrendszerhaz.hu.443 none bind,create=dir 0 0
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.userrendszerhaz.hu.80 var/www/htdocs.userrendszerhaz.hu.80 none bind,create=dir 0 0
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = brh-dev
+lxc.net.0.hwaddr = 02:0c:18:03:ad:f9
+
+lxc.cgroup.devices.allow =
+lxc.cgroup.devices.deny =
+
+lxc.autodev = 1
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = 13
+lxc.start.delay = 3
diff --git a/sources/ws.pm/envvars b/sources/ws.pm/envvars
new file mode 100644
index 0000000..2611772
--- /dev/null
+++ b/sources/ws.pm/envvars
@@ -0,0 +1,4 @@
+DISTRIBUTION=Fedora
+DISTRIBUTION_VERSION=31
+BASE_PACKAGES="NetworkManager hostname initscripts iproute iputils logrotate rootfiles rsyslog tar vim-minimal"
+SPEC_PACKAGES="httpd mailx mod_ssl php postfix python3-certbot-apache"
diff --git a/sources/ws.pm/firstboot/01_setupnetworking.sh b/sources/ws.pm/firstboot/01_setupnetworking.sh
new file mode 100755
index 0000000..62d9d8c
--- /dev/null
+++ b/sources/ws.pm/firstboot/01_setupnetworking.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active NetworkManager.service
+NM_RC=$?
+WAITED=0
+while [ $NM_RC -ne 0 ]
+do
+    echo -n .
+    sleep 1
+    WAITED=1
+    systemctl --quiet is-active NetworkManager.service
+    NM_RC=$?
+done
+[ $WAITED -eq 1 ] && echo
+
+CONNECTIONS=$(nmcli --terse connection show | wc -l)
+while [ $CONNECTIONS -ne 1 ]
+do
+    echo "Number of connections: $CONNECTIONS" >&2
+    sleep 1
+    CONNECTIONS=$(nmcli --terse connection show | wc -l)
+done
+
+nmcli --terse connection show | grep ':$' >/dev/null
+ALL_CONNECTION_DEVICES_KNOWN=$?
+while [ $ALL_CONNECTION_DEVICES_KNOWN -eq 0 ]
+do
+    echo "Not all connection devices are known yet" >&2
+    sleep 1
+    nmcli --terse connection show | grep ':$' >/dev/null
+    ALL_CONNECTION_DEVICES_KNOWN=$?
+done
+
+CONNECTION_LINE=$(nmcli --terse connection show)
+CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
+CONNECTION_DEVICE=$(echo $CONNECTION_LINE | cut -f 4 -d ':')
+
+nmcli connection delete uuid "$CONNECTION_UUID"
+
+nmcli connection add \
+    connection.autoconnect yes \
+    connection.id perimeter \
+    connection.interface-name $CONNECTION_DEVICE \
+    connection.type 802-3-ethernet \
+    ipv4.addresses "192.168.173.249/24" \
+    ipv4.dns "192.168.173.174" \
+    ipv4.dns-search "pm.user.hu" \
+    ipv4.gateway "192.168.173.254" \
+    ipv4.method "manual" \
+    ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1" \
+    ipv6.method "auto" \
+    save yes
+
+nmcli connection show
diff --git a/sources/ws.pm/firstboot/02_settimezone.sh b/sources/ws.pm/firstboot/02_settimezone.sh
new file mode 100755
index 0000000..20b2a71
--- /dev/null
+++ b/sources/ws.pm/firstboot/02_settimezone.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active dbus.service
+DBUS_RC=$?
+WAITED=0
+while [ $DBUS_RC -ne 0 ]
+do
+    if [ $WAITED -eq 0 ]
+    then
+        echo -n "Waiting for dbus.service"
+    fi
+    echo -n .
+    sleep 1
+    WAITED=1
+    systemctl --quiet is-active dbus.service
+    DBUS_RC=$?
+done
+[ $WAITED -ne 0 ] && echo
+timedatectl set-timezone Europe/Budapest
diff --git a/sources/ws.pm/firstboot/03_setupldap.sh b/sources/ws.pm/firstboot/03_setupldap.sh
new file mode 100755
index 0000000..4b58626
--- /dev/null
+++ b/sources/ws.pm/firstboot/03_setupldap.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+
+exit 0
+authselect select sssd with-mkhomedir --force
+
+cat >>/etc/openldap/ldap.conf <<EOF
+BASE dc=user,dc=hu
+URI ldap://ldap.usr.user.hu
+EOF
diff --git a/sources/ws.pm/firstboot/10_certbot.sh b/sources/ws.pm/firstboot/10_certbot.sh
new file mode 100755
index 0000000..620271b
--- /dev/null
+++ b/sources/ws.pm/firstboot/10_certbot.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+
+echo "Trying to generate certificates..."
+# testing/temporary/staging
+#        --staging \
+# final
+certbot certonly \
+        --agree-tos \
+        --standalone \
+        --cert-name user \
+        --non-interactive \
+        -d hg.useribm.hu \
+        -d hg.userrendszerhaz.hu \
+        -d jtrac.useribm.hu \
+        -d jtrac.userrendszerhaz.hu \
+        -d minicrm.useribm.hu \
+        -d minicrm.userrendszerhaz.hu \
+        -d redmine.useribm.hu \
+        -d redmine.userrendszerhaz.hu \
+        -d svn.useribm.hu \
+        -d svn.userrendszerhaz.hu \
+        -d useribm.hu \
+        -d userrendszerhaz.hu \
+        -d www.useribm.hu \
+        -d www.userrendszerhaz.hu \
+        -m zoltan.felleg@userrendszerhaz.hu
+RC=$?
+echo "RC: $RC"
+if [ \( $RC -eq 0 \) -a \( -d /etc/letsencrypt/live/user \) ]
+then
+    for f in /etc/httpd/conf.d/*.le
+    do
+        cf=$(echo $f | sed 's/^\(.*\).le$/\1/')
+        mv $f $cf
+    done
+    cp --archive /usr/lib/python3.7/site-packages/certbot_apache/options-ssl-apache.conf /etc/letsencrypt
+    systemctl enable httpd.service
+    systemctl start httpd.service
+    systemctl enable certbot-renew.timer
+    systemctl start certbot-renew.timer
+fi
diff --git a/sources/ws.pm/firstboot/11_setuppostfix.sh b/sources/ws.pm/firstboot/11_setuppostfix.sh
new file mode 100755
index 0000000..e78e979
--- /dev/null
+++ b/sources/ws.pm/firstboot/11_setuppostfix.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+
+#echo "relayhost = mx.usr.user.hu" >>/etc/postfix/main.cf
+
+systemctl enable postfix.service
+systemctl start postfix.service
diff --git a/sources/ws.pm/firstboot/99_cleanup.sh b/sources/ws.pm/firstboot/99_cleanup.sh
new file mode 100755
index 0000000..b87f2f4
--- /dev/null
+++ b/sources/ws.pm/firstboot/99_cleanup.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH
diff --git a/sources/ws.pm/postinstall/01_setownership.sh b/sources/ws.pm/postinstall/01_setownership.sh
new file mode 100755
index 0000000..f2e6b94
--- /dev/null
+++ b/sources/ws.pm/postinstall/01_setownership.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
+
+chown -R root.root $SOURCE_PATH/*
diff --git a/sources/ws.pm/postinstall/02_setpermissions.sh b/sources/ws.pm/postinstall/02_setpermissions.sh
new file mode 100755
index 0000000..241386a
--- /dev/null
+++ b/sources/ws.pm/postinstall/02_setpermissions.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
diff --git a/sources/ws.pm/postinstall/03_installfiles.sh b/sources/ws.pm/postinstall/03_installfiles.sh
new file mode 100755
index 0000000..f190caf
--- /dev/null
+++ b/sources/ws.pm/postinstall/03_installfiles.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+tar --create \
+    --directory=$REAL_PATH \
+    --to-stdout \
+    install \
+    | tar --extract \
+          --backup \
+          --directory=/ \
+          --no-overwrite-dir \
+          --strip-components=1 \
+          --suffix=.orig
diff --git a/sources/ws.pm/postinstall/10_setupservices.sh b/sources/ws.pm/postinstall/10_setupservices.sh
new file mode 100755
index 0000000..f1593d2
--- /dev/null
+++ b/sources/ws.pm/postinstall/10_setupservices.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+
+systemctl disable httpd.service
+systemctl enable NetworkManager-wait-online.service
+
+systemctl mask wpa_supplicant.service
diff --git a/sources/ws.pm/postinstall/99_cleanup.sh b/sources/ws.pm/postinstall/99_cleanup.sh
new file mode 100755
index 0000000..b87f2f4
--- /dev/null
+++ b/sources/ws.pm/postinstall/99_cleanup.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH
diff --git a/sources/ws.pm/postinstall/install/etc/hosts b/sources/ws.pm/postinstall/install/etc/hosts
new file mode 100644
index 0000000..535cd64
--- /dev/null
+++ b/sources/ws.pm/postinstall/install/etc/hosts
@@ -0,0 +1,4 @@
+127.0.0.1	localhost.localdomain localhost localhost4.localdomain4 localhost4
+::1		localhost6.localdomain6 localhost6
+
+192.168.173.249	ws.pm.user.hu ws
diff --git a/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.443.conf.le b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.443.conf.le
new file mode 100644
index 0000000..e6a998f
--- /dev/null
+++ b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.443.conf.le
@@ -0,0 +1,119 @@
+<VirtualHost *:443>
+    ServerName www.useribm.hu
+    ServerAlias useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPreserveHost On
+    ProxyPass /ugyvitel http://192.168.42.248:8079/ugyvitel keepalive=On connectiontimeout=600
+    ProxyPassReverse /ugyvitel http://192.168.42.248:8079/ugyvitel
+
+    # avon file transfer -> shs.pm.user.hu:80
+    ProxyPass /avonxfr http://192.168.173.251/avonxfr
+    ProxyPassReverse /avonxfr http://192.168.173.251/avonxfr
+
+    # erste file transfer -> shs.pm.user.hu:80
+    ProxyPass /erstexfr http://192.168.173.251/erstexfr
+    ProxyPassReverse /erstexfr http://192.168.173.251/erstexfr
+
+    # onyf file transfer -> shs.pm.user.hu:80
+    ProxyPass /onyfxfr http://192.168.173.251/onyfxfr
+    ProxyPassReverse /onyfxfr http://192.168.173.251/onyfxfr
+
+    # ubis file transfer -> shs.pm.user.hu:80
+    ProxyPass /ubisxfr http://192.168.173.251/ubisxfr
+    ProxyPassReverse /ubisxfr http://192.168.173.251/ubisxfr
+
+    # dvasary's redmine -> dvredmine.usr.user.hu:80
+    ProxyPass /redmine http://10.228.62.193/
+    ProxyPassReverse /redmine http://10.228.62.193/
+
+    # webdav store -> store.usr.user.hu:80
+    #ProxyPass /store http://store.usr.user.hu/
+    #ProxyPassReverse /store http://store.usr.user.hu/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName hg.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass "/" "http://hg.pm.user.hu/jtrac"
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName jtrac.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass /jtrac http://192.168.43.210/jtrac
+    ProxyPassReverse /jtrac http://192.168.43.210/jtrac
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName minicrm.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass /minicrm http://minicrm.usr.user.hu:8080/minicrm
+    ProxyPassReverse /minicrm http://minicrm.usr.user.hu:8080/minicrm
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName redmine.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass / http://10.228.62.193/
+    ProxyPassReverse / http://10.228.62.193/
+</VirtualHost>
diff --git a/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.80.conf b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.80.conf
new file mode 100644
index 0000000..cc36dcd
--- /dev/null
+++ b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/useribm.hu.80.conf
@@ -0,0 +1,56 @@
+<VirtualHost *:80>
+    ServerName www.useribm.hu
+    ServerAlias useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.80"
+
+    <Directory /var/www/htdocs.useribm.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://www.useribm.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName jtrac.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.80"
+
+    <Directory /var/www/htdocs.useribm.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://jtrac.useribm.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName minicrm.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.80"
+
+    <Directory /var/www/htdocs.useribm.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://minicrm.useribm.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName redmine.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.80"
+
+    <Directory /var/www/htdocs.useribm.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://redmine.useribm.hu/
+</VirtualHost>
diff --git a/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.443.conf.le b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.443.conf.le
new file mode 100644
index 0000000..54247c7
--- /dev/null
+++ b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.443.conf.le
@@ -0,0 +1,119 @@
+<VirtualHost *:443>
+    ServerName www.userrendszerhaz.hu
+    ServerAlias userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPreserveHost On
+    ProxyPass /ugyvitel http://192.168.42.248:8079/ugyvitel keepalive=On connectiontimeout=600
+    ProxyPassReverse /ugyvitel http://192.168.42.248:8079/ugyvitel
+
+    # avon file transfer -> shs.pm.user.hu:80
+    ProxyPass /avonxfr http://192.168.173.251/avonxfr
+    ProxyPassReverse /avonxfr http://192.168.173.251/avonxfr
+
+    # erste file transfer -> shs.pm.user.hu:80
+    ProxyPass /erstexfr http://192.168.173.251/erstexfr
+    ProxyPassReverse /erstexfr http://192.168.173.251/erstexfr
+
+    # onyf file transfer -> shs.pm.user.hu:80
+    ProxyPass /onyfxfr http://192.168.173.251/onyfxfr
+    ProxyPassReverse /onyfxfr http://192.168.173.251/onyfxfr
+
+    # ubis file transfer -> shs.pm.user.hu:80
+    ProxyPass /ubisxfr http://192.168.173.251/ubisxfr
+    ProxyPassReverse /ubisxfr http://192.168.173.251/ubisxfr
+
+    # dvasary's redmine -> dvredmine.usr.user.hu:80
+    ProxyPass /redmine http://10.228.62.193/
+    ProxyPassReverse /redmine http://10.228.62.193/
+
+    # webdav store -> store.usr.user.hu:80
+    #ProxyPass /store http://store.usr.user.hu/
+    #ProxyPassReverse /store http://store.usr.user.hu/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName hg.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass "/" "http://hg.pm.user.hu/jtrac"
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName jtrac.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass /jtrac http://192.168.43.210/jtrac
+    ProxyPassReverse /jtrac http://192.168.43.210/jtrac
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName minicrm.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass /minicrm http://minicrm.usr.user.hu:8080/minicrm
+    ProxyPassReverse /minicrm http://minicrm.usr.user.hu:8080/minicrm
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName redmine.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/user/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/user/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.443>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    ProxyPass / http://10.228.62.193/
+    ProxyPassReverse / http://10.228.62.193/
+</VirtualHost>
diff --git a/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.80.conf b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.80.conf
new file mode 100644
index 0000000..e837293
--- /dev/null
+++ b/sources/ws.pm/postinstall/install/etc/httpd/conf.d/userrendszerhaz.hu.80.conf
@@ -0,0 +1,56 @@
+<VirtualHost *:80>
+    ServerName www.userrendszerhaz.hu
+    ServerAlias userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.80"
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://www.userrendszerhaz.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName jtrac.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.80"
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://jtrac.userrendszerhaz.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName minicrm.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.80"
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://minicrm.userrendszerhaz.hu/
+</VirtualHost>
+
+<VirtualHost *:80>
+    ServerName redmine.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www/htdocs.userrendszerhaz.hu.80"
+
+    <Directory /var/www/htdocs.userrendszerhaz.hu.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    Redirect permanent / https://redmine.userrendszerhaz.hu/
+</VirtualHost>
-- 
2.54.0