diff --git a/conf/monitor.spacecruft.org/etc/apache2/sites-enabled/000-default-le-ssl.conf b/conf/monitor.spacecruft.org/etc/apache2/sites-enabled/000-default-le-ssl.conf
index 57c7da4..32efae8 100644
--- a/conf/monitor.spacecruft.org/etc/apache2/sites-enabled/000-default-le-ssl.conf
+++ b/conf/monitor.spacecruft.org/etc/apache2/sites-enabled/000-default-le-ssl.conf
@@ -1,44 +1,19 @@
-
- # The ServerName directive sets the request scheme, hostname and port that
- # the server uses to identify itself. This is used when creating
- # redirection URLs. In the context of virtual hosts, the ServerName
- # specifies what hostname must appear in the request's Host: header to
- # match this virtual host. For the default virtual host (this file) this
- # value is not decisive as it is used as a last resort host regardless.
- # However, you must set it for any further virtual host explicitly.
- #ServerName www.example.com
-
+
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
-
- # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
- # error, crit, alert, emerg.
- # It is also possible to configure the loglevel for particular
- # modules, e.g.
- #LogLevel info ssl:warn
-
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
-
- # For most configuration files from conf-available/, which are
- # enabled or disabled at a global level, it is possible to
- # include a line for only one particular virtual host. For example the
- # following line enables the CGI configuration for this host only
- # after it has been globally disabled with "a2disconf".
- #Include conf-available/serve-cgi-bin.conf
-
RewriteEngine on
+ LoadModule proxy_module modules/mod_proxy.so
+ LoadModule proxy_http_module modules/mod_proxy_http.so
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule /(.*) ws://127.0.0.1:9091/$1 [P]
-
- LoadModule proxy_module modules/mod_proxy.so
- LoadModule proxy_http_module modules/mod_proxy_http.so
-
ProxyPass http://127.0.0.1:9091/
+
ProxyVia On
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
@@ -51,10 +26,70 @@
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
SSLSessionTickets Off
-
-ServerName monitor.spacecruft.org
+ServerName cruftpi1.spacecruft.org
+Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
+
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+ RewriteEngine on
+ LoadModule proxy_module modules/mod_proxy.so
+ LoadModule proxy_http_module modules/mod_proxy_http.so
+ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
+ RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
+ RewriteRule /(.*) ws://127.0.0.1:9093/$1 [P]
+
+ ProxyPass http://127.0.0.1:9093/
+
+
+ ProxyVia On
+ ProxyPreserveHost On
+ RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
+
+ SSLProtocol -All TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+ SSLHonorCipherOrder On
+ SSLCompression off
+ SSLVerifyClient None
+ SSLCipherSuite AES256+EECDH
+ Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+ SSLSessionTickets Off
+
+ServerName cruftpi3.spacecruft.org
Include /etc/letsencrypt/options-ssl-apache.conf
+SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
+
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+ RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
+
+ SSLProtocol -All TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+ SSLHonorCipherOrder On
+ SSLCompression off
+ SSLVerifyClient None
+ SSLCipherSuite AES256+EECDH
+ Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+ SSLSessionTickets Off
+
+ServerName monitor.spacecruft.org
+Include /etc/letsencrypt/options-ssl-apache.conf
+SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
+
+
+
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+RewriteEngine on