96 lines
3.3 KiB
Plaintext
96 lines
3.3 KiB
Plaintext
<IfModule mod_ssl.c>
|
|
<VirtualHost cruftpi1.spacecruft.org:443>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
RewriteEngine on
|
|
LoadModule proxy_module modules/mod_proxy.so
|
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
|
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
|
|
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
|
|
RewriteRule /(.*) ws://127.0.0.1:9091/$1 [P]
|
|
<Location />
|
|
ProxyPass http://127.0.0.1:9091/
|
|
</Location>
|
|
|
|
ProxyVia On
|
|
ProxyPreserveHost On
|
|
RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
|
|
|
|
SSLProtocol -All TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
|
SSLHonorCipherOrder On
|
|
SSLCompression off
|
|
SSLVerifyClient None
|
|
SSLCipherSuite AES256+EECDH
|
|
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
|
SSLSessionTickets Off
|
|
|
|
ServerName cruftpi1.spacecruft.org
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
|
|
</VirtualHost>
|
|
<VirtualHost cruftpi3.spacecruft.org:443>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
RewriteEngine on
|
|
LoadModule proxy_module modules/mod_proxy.so
|
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
|
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
|
|
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
|
|
RewriteRule /(.*) ws://127.0.0.1:9093/$1 [P]
|
|
<Location />
|
|
ProxyPass http://127.0.0.1:9093/
|
|
</Location>
|
|
|
|
ProxyVia On
|
|
ProxyPreserveHost On
|
|
RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
|
|
|
|
SSLProtocol -All TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
|
SSLHonorCipherOrder On
|
|
SSLCompression off
|
|
SSLVerifyClient None
|
|
SSLCipherSuite AES256+EECDH
|
|
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
|
SSLSessionTickets Off
|
|
|
|
ServerName cruftpi3.spacecruft.org
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
|
|
</VirtualHost>
|
|
<VirtualHost monitor.spacecruft.org:443>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
RequestHeader set X-Forwarded-Proto 'https'env=HTTPS
|
|
|
|
SSLProtocol -All TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
|
SSLHonorCipherOrder On
|
|
SSLCompression off
|
|
SSLVerifyClient None
|
|
SSLCipherSuite AES256+EECDH
|
|
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
|
SSLSessionTickets Off
|
|
|
|
ServerName monitor.spacecruft.org
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
SSLCertificateFile /etc/letsencrypt/live/monitor.spacecruft.org/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/monitor.spacecruft.org/privkey.pem
|
|
</VirtualHost>
|
|
</IfModule>
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost *:80>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
RewriteEngine on
|
|
</VirtualHost>
|
|
</IfModule>
|