<IfModule mod_ssl.c>
<VirtualHost *:443>
	ServerName dashboard.lemanscorp.com
	ServerAlias dashboard

        Header set Strict-Transport-Security "max-age=31536000"

	SSLEngine On
        SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
        SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

# Use below ciphersuite when needing to packet capture
#        SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!ECDHE:!DHE

        SSLHonorCipherOrder  on
	SSLCACertificateFile /etc/apache2/ssl/certs/DigiCertCA.crt
	SSLCertificateFile /etc/apache2/ssl/certs/dashboard_ps.lemanscorp.com.crt
	SSLCertificateKeyFile /etc/apache2/ssl/keys/dashboard_ps.lemanscorp.com.key
	DocumentRoot /var/www/dashboard-app/public
	DirectoryIndex index.php

        php_value max_file_uploads 20
        php_value upload_max_filesize 100M
        php_value post_max_size 106M
        php_value memory_limit 512M

		SetEnv ENVIRONMENT "production"
		SetEnv ASSET_SERVER_HOST "https://asset.lemansnet.com/"
		SetEnv DASHBOARD_ASSET_HOST "https://asset.lemansnet.com/static/sites/dashboard/"
        SetEnv CACHEDIR "/var/www/cache/dashboard-app"
		SetEnv CLSTCAMEL "http://clst-camelint.lemanscorp.com/"
		SetEnv CLSTCAMEL_PORT "80"
        SetEnv RSWPENV wp
        SetEnv MOOSE_RSWPHOST wp.rs.mooseracing.lemanscorp.com
        SetEnv THOR_RSWPHOST wp.rs.thormx.lemanscorp.com
        SetEnv DBHOST 10.202.104.230
		SetEnv FEATURE_TOGGLE_payTrace "true"
		SetEnv FEATURE_TOGGLE_pci "true"
		SetEnv FEATURE_TOGGLE_riderSupport "true"
		SetEnv FEATURE_TOGGLE_localization "false"
        SetEnv STOMP_HOST "prd-rabbitmq03vm.lemanscorp.com"
        SetEnv STOMP_PORT "61613"
        SetEnv STOMP_LOGIN "dashboard"
        SetEnv STOMP_PASSCODE "1GVT4NWUEvwY2PiWM6qX02613m9u3s"
        SetEnv STOMP_VHOST "/web"
        SetEnv STOMP_REALM ""
        
	Include /var/www/configs/dashboard-app/features_us.conf

	#Redirect permanent / https://apps.lemanscorp.com/
	<IfModule mod_rewrite.c>
		RewriteEngine On
		RewriteRule ^(.*)$ https://apps.lemanscorp.com$1 [L,R=301]
	</IfModule>

	RequestHeader set X-UUID %{UNIQUE_ID}e

	ProxyPass /usr-profile http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/app-security/profile
        ProxyPass /ep-service http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/eportal
        ProxyPass /ep-savepart http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/eportal/part

	ErrorDocument 400 /accessdenied.html
	ErrorDocument 401 /accessdenied.html
	ErrorDocument 402 /error.html
	ErrorDocument 403 /accessdenied.html
	ErrorDocument 404 /error.html
	ErrorDocument 406 /accessdenied.html
	ErrorDocument 407 /accessdenied.html
	ErrorDocument 500 /error.html
	ErrorDocument 501 /error.html
	ErrorDocument 502 /error.html
	ErrorDocument 503 /error.html
	ErrorDocument 504 /error.html

    <Directory />
        Options +FollowSymLinks -Indexes
        Order Deny,Allow
        Allow from all
    </Directory>

	<Location /error.html>
		Satisfy any
		Allow from all
	</Location>
	<Location /accessdenied.html>
		Satisfy any
		Allow from all
	</Location>
	<Proxy *>
        	AuthType Kerberos
        	AuthName "LEMANSCORP Login"
        	KrbAuthRealm LEMANSCORP.COM
        	Krb5Keytab /etc/apache2/http2.ktb
        	KrbMethodK5Passwd On
        	KrbMethodNegotiate On
        	KrbSaveCredentials On
		KrbVerifyKDC Off
		<LimitExcept OPTIONS>
        		Require valid-user
		</LimitExcept>
        	Allow from 10.2 192.168.0.220 127.0.0
		SetEnv proxy-chain-auth 1
	</Proxy>

        <IfModule mod_rewrite.c>
        	RewriteEngine On
	        RewriteRule ^/index.php/lss/download/(.*)$ http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/lss-service/ticketAttachment/$1/download [L,P]
	        RewriteRule ^/index.php/lss/confluence/(.*)$ http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/lss-service/$1 [L,P]
                RewriteRule ^/index.php/reports/sales-activity/export/(.*)$ http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/dealer-info/activity/salesActivityReport/download/$1 [L,P]
                RewriteRule ^/index.php/reports/ssrs/(.*)$ http://clst-camelint.lemanscorp.com:8080/mediator-service/dm/16/$1 [L,P]

        </IfModule>

	<Location />
        	AuthType Kerberos
        	AuthName "LEMANSCORP Login"
        	KrbAuthRealm LEMANSCORP.COM
        	Krb5Keytab /etc/apache2/http2.ktb
        	KrbMethodK5Passwd On
        	KrbMethodNegotiate On
        	KrbSaveCredentials On
		KrbVerifyKDC Off
        	Allow from 10.2 192.168.0.220 127.0.0
		    SetEnv proxy-chain-auth 1
		<LimitExcept OPTIONS>
        		Require valid-user
		</LimitExcept>
	        <IfModule mod_rewrite.c>
		        RewriteEngine On
			RewriteCond %{HTTP_USER_AGENT} (ms-office|Office)
			RewriteCond %{REQUEST_URI} !blank.html$
			RewriteRule ^.*$ "blank.html" [L]
	                RewriteCond %{REQUEST_FILENAME} !-f
	                RewriteCond %{REQUEST_FILENAME} !-d
	                RewriteRule ^(.*)$ index.php/$1 [L]
	        </IfModule>
	</Location>

</VirtualHost>
</IfModule>
<VirtualHost *:80>
	ServerName dashboard.lemanscorp.com

	DocumentRoot /var/www/dashboard-app/public
	DirectoryIndex index.php

	Redirect permanent / https://apps.lemanscorp.com/

	SetEnv ENVIRONMENT "prod"
	#SetEnv CLSTCAMEL "https://clst-camelint/"
	SetEnv CLSTCAMEL "http://clst-camelint.lemanscorp.com/"

        php_value max_file_uploads 20
        php_value upload_max_filesize 100M
        php_value post_max_size 106M
        php_value memory_limit 512M

	ErrorDocument 400 /accessdenied.html
	ErrorDocument 401 /accessdenied.html
	ErrorDocument 402 /error.html
	ErrorDocument 403 /accessdenied.html
	ErrorDocument 404 /error.html
	ErrorDocument 406 /accessdenied.html
	ErrorDocument 407 /accessdenied.html
	ErrorDocument 500 /error.html
	ErrorDocument 501 /error.html
	ErrorDocument 502 /error.html
	ErrorDocument 503 /error.html
	ErrorDocument 504 /error.html
	<Directory />
		Options +FollowSymLinks -Indexes
		AllowOverride All
		Order Deny,Allow
		Allow from all
	</Directory>

	<Location /error.html>
		Satisfy any
		Allow from all
	</Location>
	<Location /accessdenied.html>
		Satisfy any
		Allow from all
	</Location>
</VirtualHost>