apache.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

# You need to enable some modules:
# $ sudo a2enmod proxy proxy_http proxy_wstunnel ssl

<VirtualHost \*:80>
        ServerName live.example.com
        ServerAdmin admin@example.com

        RewriteEngine on
        RewriteCond %{SERVER_NAME} =live.example.com
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

# live-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName live.example.com
        ServerAdmin admin@example.com

        ProxyRequests       Off
        ProxyPreserveHost   On
        AllowEncodedSlashes NoDecode

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        ProxyPass        / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/

        RequestHeader    set X-Forwarded-Proto "https"
        RequestHeader    set X-Forwarded-Port "443"

        # setup the proxy to forward websocket requests properly
        # (note: this proxy automatically converts the secure websocket (wss)
        # to a normal websocket and vice versa.
        RewriteEngine On
        RewriteCond %{HTTP:UPGRADE} ^WebSocket$           [NC,OR]
        RewriteCond %{HTTP:CONNECTION} ^Upgrade$          [NC]
        RewriteRule .* ws://127.0.0.1:8080%{REQUEST_URI}  [P,QSA,L]

        SSLCertificateFile /path/to/fullchain.pem
        SSLCertificateKeyFile /path/to/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf

</VirtualHost>
</IfModule>