From 391259b321850a0a87c29b09c9c3b718ab5fa796 Mon Sep 17 00:00:00 2001
From: Dobrica Pavlinusic <dpavlin@rot13.org>
Date: Fri, 23 Mar 2018 11:35:37 +0100
Subject: [PATCH] switch proxied sites to https using let's encrypt

---
 index.html         |  50 +++++++++----------
 p.vbz.ffzg.hr.conf | 119 +++++++++++++++++++++++++++++++++++----------
 ssl.conf           |   5 ++
 3 files changed, 123 insertions(+), 51 deletions(-)
 create mode 100644 ssl.conf

diff --git a/index.html b/index.html
index 8f6b036..d06a9cc 100644
--- a/index.html
+++ b/index.html
@@ -1,29 +1,29 @@
 <ul>
-<li><a href="http://muse.jhu.edu.p.vbz.ffzg.hr/journals/index.html">Project Muse</a>
-<li><a href="http://www.cambridge.org.p.vbz.ffzg.hr/core/">Cambridge</a>
-<li><a href="http://search.proquest.com.p.vbz.ffzg.hr/?accountid=168605">ProQuest</a>
-<li><a href="http://academic.oup.com.p.vbz.ffzg.hr/journals/">Oxford</a>
-<li><a href="http://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=ovft">Ovid ovft</a>
-<li><a href="http://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=eric">Ovid eric</a>
-<li><a href="http://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=mesz">Ovid mesz</a>
-<li><a href="http://onlinelibrary.wiley.com.p.vbz.ffzg.hr/">Wiley</a>
-<li><a href="http://journals.sagepub.com.p.vbz.ffzg.hr/">Sage</a>
-<li><a href="http://pubs.rsc.org.p.vbz.ffzg.hr/">The Royal Society of Chemistry's</a>
-<li><a href="http://www.brepolis.net.p.vbz.ffzg.hr">Brepolis</a>
-<li><a href="http://www.cairn.info.p.vbz.ffzg.hr">Cairn</a>
-<li><a href="http://www.degruyter.com.p.vbz.ffzg.hr/browse?type_0=journals">De Gruyter Publishers</a>
-<li><a href="http://www.emeraldinsight.com.p.vbz.ffzg.hr/">emeraldinsight</a>
-<li><a href="http://www.webofknowledge.com.p.vbz.ffzg.hr/CCC">CCC</a>
-<li><a href="http://www.webofknowledge.com.p.vbz.ffzg.hr/WOS">WOS</a>
-<li><a href="http://www.jstor.org.p.vbz.ffzg.hr">JSTOR</a>
-<li><a href="http://www.nature.com.p.vbz.ffzg.hr">nature</a>
-<li><a href="http://www.palgrave.com.p.vbz.ffzg.hr/gp/journals">palgrave</a>
-<li><a href="http://link.springer.com.p.vbz.ffzg.hr/">springerlink</a>
-<li><a href="http://www.tandfonline.com.p.vbz.ffzg.hr/">tandfonline</a>
-<li><a href="http://www.sciencedirect.com.p.vbz.ffzg.hr/">sciencedirect</a>
-<li><a href="http://www.scopus.com.p.vbz.ffzg.hr/">scopus</a>
-<li><a href="http://journals.bmj.com.p.vbz.ffzg.hr/">bmj</a>
-<li><a href="http://ieeexplore.ieee.org.p.vbz.ffzg.hr/">ieeexplore</a>
+<li><a href="https://muse.jhu.edu.p.vbz.ffzg.hr/journals/index.html">Project Muse</a>
+<li><a href="https://www.cambridge.org.p.vbz.ffzg.hr/core/">Cambridge</a>
+<li><a href="https://search.proquest.com.p.vbz.ffzg.hr/?accountid=168605">ProQuest</a>
+<li><a href="https://academic.oup.com.p.vbz.ffzg.hr/journals/">Oxford</a>
+<li><a href="https://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=ovft">Ovid ovft</a>
+<li><a href="https://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=eric">Ovid eric</a>
+<li><a href="https://ovidsp.tx.ovid.com.p.vbz.ffzg.hr/ovidweb.cgi?T=JS&NEWS=n&MODE=ovid&PAGE=main&D=mesz">Ovid mesz</a>
+<li><a href="https://onlinelibrary.wiley.com.p.vbz.ffzg.hr/">Wiley</a>
+<li><a href="https://journals.sagepub.com.p.vbz.ffzg.hr/">Sage</a>
+<li><a href="https://pubs.rsc.org.p.vbz.ffzg.hr/">The Royal Society of Chemistry's</a>
+<li><a href="https://www.brepolis.net.p.vbz.ffzg.hr">Brepolis</a>
+<li><a href="https://www.cairn.info.p.vbz.ffzg.hr">Cairn</a>
+<li><a href="https://www.degruyter.com.p.vbz.ffzg.hr/browse?type_0=journals">De Gruyter Publishers</a>
+<li><a href="https://www.emeraldinsight.com.p.vbz.ffzg.hr/">emeraldinsight</a>
+<li><a href="https://www.webofknowledge.com.p.vbz.ffzg.hr/CCC">CCC</a>
+<li><a href="https://www.webofknowledge.com.p.vbz.ffzg.hr/WOS">WOS</a>
+<li><a href="https://www.jstor.org.p.vbz.ffzg.hr">JSTOR</a>
+<li><a href="https://www.nature.com.p.vbz.ffzg.hr">nature</a>
+<li><a href="https://www.palgrave.com.p.vbz.ffzg.hr/gp/journals">palgrave</a>
+<li><a href="https://link.springer.com.p.vbz.ffzg.hr/">springerlink</a>
+<li><a href="https://www.tandfonline.com.p.vbz.ffzg.hr/">tandfonline</a>
+<li><a href="https://www.sciencedirect.com.p.vbz.ffzg.hr/">sciencedirect</a>
+<li><a href="https://www.scopus.com.p.vbz.ffzg.hr/">scopus</a>
+<li><a href="https://journals.bmj.com.p.vbz.ffzg.hr/">bmj</a>
+<li><a href="https://ieeexplore.ieee.org.p.vbz.ffzg.hr/">ieeexplore</a>
 
 </ul>
 <pre>
diff --git a/p.vbz.ffzg.hr.conf b/p.vbz.ffzg.hr.conf
index b0622b4..c16cea3 100644
--- a/p.vbz.ffzg.hr.conf
+++ b/p.vbz.ffzg.hr.conf
@@ -1,7 +1,8 @@
 # test with
 # wget --server-response -O /dev/null http://www.nature.com.p.vbz.ffzg.hr/
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
 	ServerName muse.jhu.edu.p.vbz.ffzg.hr
 	SSLProxyEngine on
 	ProxyPass / https://muse.jhu.edu/
@@ -15,7 +16,9 @@
 
 # https://www.oclc.org/support/services/ezproxy/documentation/db/cambridgecore.en.html
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.cambridge.org.p.vbz.ffzg.hr
 	SSLProxyEngine on
 	ProxyAddHeaders Off
@@ -52,7 +55,9 @@ FilterChain NEWPATHS
 
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName search.proquest.com.p.vbz.ffzg.hr
 	SSLProxyEngine on
 	ProxyPass / https://search.proquest.com/
@@ -73,7 +78,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName academic.oup.com.p.vbz.ffzg.hr
 	SSLProxyEngine on
 	ProxyPass        / https://academic.oup.com/
@@ -96,7 +103,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 # https://www.oclc.org/support/services/ezproxy/documentation/db/ovid.en.html
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName ovidsp.tx.ovid.com.p.vbz.ffzg.hr
 	SSLProxyEngine on
 	ProxyPass        / https://ovidsp.tx.ovid.com/
@@ -118,7 +127,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName onlinelibrary.wiley.com.p.vbz.ffzg.hr
 #	SSLProxyEngine on
 
@@ -131,7 +142,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName journals.sagepub.com.p.vbz.ffzg.hr
 
 	ProxyPass        / http://journals.sagepub.com/
@@ -143,7 +156,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName pubs.rsc.org.p.vbz.ffzg.hr
 
 	ProxyPass        / http://pubs.rsc.org/
@@ -156,7 +171,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.brepolis.net.p.vbz.ffzg.hr
 
 	ProxyPass        / http://www.brepolis.net/
@@ -177,7 +194,9 @@ FilterChain NEWPATHS2
 
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName apps.brepolis.net.p.vbz.ffzg.hr
 
 	ProxyPass        / http://apps.brepolis.net/
@@ -199,7 +218,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.cairn.info.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -213,7 +234,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.degruyter.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -227,7 +250,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.emeraldinsight.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -240,7 +265,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.webofknowledge.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -262,7 +289,9 @@ FilterProvider NEWPATHS2 SUBSTITUTE "%{Content_Type} =~ m|^application/javascrip
 FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName apps.webofknowledge.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -276,7 +305,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.jstor.org.p.vbz.ffzg.hr
 
 	#SSLProxyEngine on
@@ -316,7 +347,9 @@ FilterChain NEWPATHS2
 
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.nature.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -338,7 +371,9 @@ FilterChain NEWPATHS2
 #FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName idp.nature.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -353,7 +388,9 @@ FilterChain NEWPATHS2
 </VirtualHost>
 
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.palgrave.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -366,7 +403,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName link.springer.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -379,7 +418,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.tandfonline.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -392,7 +433,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.sciencedirect.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -406,7 +449,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName www.scopus.com.p.vbz.ffzg.hr
 
 	SSLProxyEngine on
@@ -419,7 +464,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName journals.bmj.com.p.vbz.ffzg.hr
 
 	#SSLProxyEngine on
@@ -432,7 +479,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName journals.bmj.com.p.vbz.ffzg.hr
 
 	#SSLProxyEngine on
@@ -445,7 +494,9 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
 	ServerName ieeexplore.ieee.org.p.vbz.ffzg.hr
 
 	# IEEE Xplore is transitioning to HTTPS on 9 April 2018.
@@ -459,6 +510,20 @@ FilterChain NEWPATHS2
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 </VirtualHost>
 
+NameVirtualHost *:443
+
+<VirtualHost *:443>
+	Include /srv/via-proxy/ssl.conf
+
+	DocumentRoot /srv/via-proxy
+	<Directory /srv/via-proxy/>
+		Require all granted
+	</Directory>
+	ServerName p.vbz.ffzg.hr
+	ServerAlias *.p.vbz.ffzg.hr
+	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
+
+</VirtualHost>
 
 <VirtualHost *:80>
 	DocumentRoot /srv/via-proxy
@@ -469,5 +534,7 @@ FilterChain NEWPATHS2
 	ServerAlias *.p.vbz.ffzg.hr
 	CustomLog /var/log/apache2/access-p.vbz.ffzg.hr.log vhost_combined
 
+	Redirect / https://p.vbz.ffzg.hr
+
 </VirtualHost>
 
diff --git a/ssl.conf b/ssl.conf
new file mode 100644
index 0000000..a37752e
--- /dev/null
+++ b/ssl.conf
@@ -0,0 +1,5 @@
+
+	SSLEngine on
+	SSLCertificateFile	/etc/letsencrypt/live/proxy.knjiznice.ffzg.hr/cert.pem
+	SSLCertificateKeyFile	/etc/letsencrypt/live/proxy.knjiznice.ffzg.hr/privkey.pem
+	SSLCertificateChainFile	/etc/letsencrypt/live/proxy.knjiznice.ffzg.hr/chain.pem
-- 
2.20.1