Last active
May 9, 2020 19:56
-
-
Save amitkhare/8d98d91321654e2739d58f47c5ad5dcf to your computer and use it in GitHub Desktop.
Apache2 Reverse Proxy with web-sockets and SSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <VirtualHost *:80> | |
| ServerName sub.example.com | |
| ProxyPreserveHost On | |
| SSLProxyEngine On | |
| RewriteEngine on | |
| RewriteCond %{HTTP:Upgrade} websocket [NC] | |
| RewriteCond %{HTTP:Connection} upgrade [NC] | |
| RewriteRule .* "ws://localhost:8080%{REQUEST_URI}" [P] | |
| ProxyPass / http://localhost:8080/ | |
| ProxyPassReverse / http://localhost:8080/ | |
| ProxyRequests off | |
| <Location "/"> | |
| AuthType Basic | |
| AuthUserFile /etc/apache2/.htpasswd | |
| AuthName "Secured Access" | |
| Require valid-user | |
| </Location> | |
| <IfModule mod_ssl.c> | |
| RewriteCond %{SERVER_NAME} =sub.example.com | |
| RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] | |
| </IfModule> | |
| </VirtualHost> | |
| <IfModule mod_ssl.c> | |
| <VirtualHost *:443> | |
| ServerName sub.example.com | |
| ProxyPreserveHost On | |
| SSLProxyEngine On | |
| RewriteEngine on | |
| RewriteCond %{HTTP:Upgrade} websocket [NC] | |
| RewriteCond %{HTTP:Connection} upgrade [NC] | |
| RewriteRule .* "wss://localhost:8080%{REQUEST_URI}" [P] | |
| ProxyPass / https://127.0.0.1:8080/ | |
| ProxyPassReverse / https://127.0.0.1:8080/ | |
| ProxyRequests off | |
| <Location "/"> | |
| AuthType Basic | |
| AuthUserFile /etc/apache2/.htpasswd | |
| AuthName "Secured Access" | |
| Require valid-user | |
| </Location> | |
| SSLCertificateFile /etc/letsencrypt/live/sub.example.com/fullchain.pem | |
| SSLCertificateKeyFile /etc/letsencrypt/live/sub.example.com/privkey.pem | |
| Include /etc/letsencrypt/options-ssl-apache.conf | |
| </VirtualHost> | |
| </IfModule> |
./code-server --bind-addr localhost:8080--cert /etc/letsencrypt/live/sub.example.com/fullchain.pem --cert-key /etc/letsencrypt/live/sub.example.com/privkey.pem
Setup Apache Basic Auth
$ sudo apt-get update
$ sudo apt-get install apache2-utils
Step 2
sudo htpasswd -c /etc/apache2/.htpasswd <USER>
# for securing Directory
<Directory "/var/www/html">
AuthType Basic
AuthUserFile /etc/apache2/.htpasswd
AuthName "Secured Access"
Require valid-user
</Directory>
# for securing url path
<Location "/">
AuthType Basic
AuthUserFile /etc/apache2/.htpasswd
AuthName "Secured Access"
Require valid-user
</Location>
vscode.sh detached
#!/bin/bash
cat /code-server/last | while read line
do
kill $line
echo "previous instance of vscode pid: $line was killed"
done
/code-server/code-server \
--bind-addr localhost:8080 \
--auth none \
--cert /etc/letsencrypt/live/sub.example.com/fullchain.pem \
--cert-key /etc/letsencrypt/live/sub.example.com/privkey.pem \
</dev/null &>/dev/null & \
echo "creating new instance with pid: $!"
echo $! > /code-server/last
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
replace