We recommend the use of a web server in combination with Scipio ERP. Although we generally recommend the use of nginx for this purpose, pretty much any webserver can be used. The following templates are meant as a starting point for a webserver configuration.
In addition, in order to prepare your own installation of Scipio ERP to run under a specific domain, you will also be required to tell Scipio ERP to generate URLs according to the new domain settings – regardless of the webserver, you will be required to make these modifications.
Scipio ERP
Set your default domain in /framework/webapp/config/url.properties:
# HTTPS Port (Secure port)
port.https.enabled=Y
port.https=
force.https.host=https://mydomain.com/
# HTTP Port (Not Secure port) -> can be mostly ignored nowadays
port.http=8080
force.http.host=In order for Scipio ERP to generate URLs according to your own domain specifics, update your “WebSite” data for each of the productstores:
<WebSite productStoreId="ScipioShop" siteName="SCIPIO Shop Web Site" visualThemeSelectorScript="component://common/webcommon/WEB-INF/actions/includes/GetWebSiteStoreVisualThemeId.groovy" visualThemeSetId="ECOMMERCE" webSiteId="ScipioWebStore"
httpHost=""
httpPort=""
httpsHost=""
httpsPort=""
enableHttps=""
standardContentPrefix=""
secureContentPrefix=""
cookieDomain=""
/>
This process is also described in more detail here (check the URLs tab).
nginx
Add a nginx proxy-redirect configuration for each of your domain:
location / {
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_cookie_path ~*^/.* /;
add_header Front-End-Https on;
proxy_pass http://localhost:8080/shop/;
}
location /solr/ {
auth_basic "Restricted";
auth_basic_user_file /var/www/.../private/.htpasswd;
proxy_set_header Host $host;
proxy_pass http://localhost:8080/solr/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_connect_timeout 300;
proxy_pass_header Set-Cookie;
}
location /base-theme/ {
proxy_set_header Host $host;
proxy_pass http://localhost:8080/base-theme/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_connect_timeout 300;
proxy_pass_header Set-Cookie;
}
location /images/ {
proxy_set_header Host $host;
proxy_pass http://localhost:8080/images/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_connect_timeout 300;
proxy_pass_header Set-Cookie;
}
location /foundation-shop-theme/ {
proxy_set_header Host $host;
proxy_pass http://localhost:8080/foundation-shop-theme/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_connect_timeout 300;
proxy_pass_header Set-Cookie;
}
location /ordermgr-js/ {
proxy_set_header Host $host;
proxy_pass http://localhost:8080/ordermgr-js/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
port_in_redirect off;
proxy_connect_timeout 300;
proxy_pass_header Set-Cookie;
}
Apache Webserver
Alternatively, for Apache Webserver use:
<VirtualHost localhost:443>
ErrorLog "${INSTALL_DIR}/logs/apache_error.log"
CustomLog "${INSTALL_DIR}/logs/access.log" common
SSLEngine on
SSLProxyEngine on
ServerName localhost
# Modify according to your own cert directory
SSLCertificateFile "../apache/certificate.crt"
SSLCertificateKeyFile "../apache/private.key"
# Redirect to trailing slash urls
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1/ [R=301,L]
# Settings for Apache Reverse Proxying
ProxyRequests Off
ProxyPreserveHost On
# Set RequestHeader to always transport as https - we will terminate ssl for the actual proxy
RequestHeader set X-Forwarded-Proto "https" early
# Proxy from subdirectory https://localhost/ to scipio server
<LocationMatch ^/(.*)$>
# Proxy pass to scipioserver - replace localhost with scipio instance
ProxyPassMatch http://127.0.0.1:8080/$1
ProxyPassReverse http://127.0.0.1:8080/$1
# Set cookies for proper session handling
ProxyPassReverseCookiePath / /
ProxyPassReverseCookieDomain / /
# Fix relative urls - replace https://localhost/ with proper path
SetOutputFilter proxy-content
RequestHeader unset Accept-Encoding
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLURLMap ^(?!//.*)/(.*)$ https://localhost/$1 R
</LocationMatch>
</VirtualHost>
HaProxy
You can then rewrite the context path as desired with the reqrep directive, there are some examples over here.
global
daemon
maxconn 2048
tune.ssl.default-dh-param 2048
log 127.0.0.1 syslog debug
defaults
option forwardfor
option http-server-close
log global
mode http
option httplog
option dontlognull
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend www-https
bind $_EXTIFACE:443 ssl crt /etc/haproxy/certs/mydomain.com.pem
default_backend www-backend
backend www-backend
server www-1 127.0.0.1:8080 check