diff --git a/apache/000-default-le-ssl.conf b/apache/000-default-le-ssl.conf
new file mode 100644
index 0000000..8b0ac43
--- /dev/null
+++ b/apache/000-default-le-ssl.conf
@@ -0,0 +1,101 @@
+SSLProtocol -All TLSv1.3 -TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite AES256+EECDH
+SSLHonorCipherOrder on
+SSLCompression off
+SSLVerifyClient None
+SSLSessionTickets Off
+SSLOptions +StrictRequire
+Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+
+ServerAdmin webmaster@localhost
+DocumentRoot /var/www/html
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+RewriteEngine on
+
+ProxyVia On
+ProxyPreserveHost On
+RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
+
+
+
+ ServerName galmonmap.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8080/$1 [P]
+
+ ProxyPass http://127.0.0.1:8080/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
+
+ ServerName gnss.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8050/$1 [P]
+
+ ProxyPass http://127.0.0.1:8050/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
+
+ ServerName beidou.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8051/$1 [P]
+
+ ProxyPass http://127.0.0.1:8051/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
+
+ ServerName galileo.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8052/$1 [P]
+
+ ProxyPass http://127.0.0.1:8052/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
+
+ ServerName gps.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8053/$1 [P]
+
+ ProxyPass http://127.0.0.1:8053/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
+
+ ServerName glonass.spacecruft.org
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:8054/$1 [P]
+
+ ProxyPass http://127.0.0.1:8054/
+
+ Include /etc/letsencrypt/options-ssl-apache.conf
+ SSLCertificateFile /etc/letsencrypt/live/galmonmap.spacecruft.org/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/galmonmap.spacecruft.org/privkey.pem
+
+
diff --git a/apache/000-default.conf b/apache/000-default.conf
new file mode 100644
index 0000000..96294c1
--- /dev/null
+++ b/apache/000-default.conf
@@ -0,0 +1,7 @@
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+