|
<IfModule mod_ssl.c> |
|
<VirtualHost *:443> |
|
# The ServerName directive sets the request scheme, hostname and port that |
|
# the server uses to identify itself. This is used when creating |
|
# redirection URLs. In the context of virtual hosts, the ServerName |
|
# specifies what hostname must appear in the request's Host: header to |
|
# match this virtual host. For the default virtual host (this file) this |
|
# value is not decisive as it is used as a last resort host regardless. |
|
# However, you must set it for any further virtual host explicitly. |
|
ServerName social.example.com |
|
|
|
ServerAdmin someone@example.com |
|
ProxyPreserveHost On |
|
|
|
ProxyPass /api/v1/streaming http://localhost:4000/ |
|
ProxyPass / http://localhost:3000/ |
|
ProxyPassReverse / http://localhost:3000/ |
|
|
|
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn, |
|
# error, crit, alert, emerg. |
|
# It is also possible to configure the loglevel for particular |
|
# modules, e.g. |
|
#LogLevel info ssl:warn |
|
|
|
RequestHeader set X-Forwarded-Proto "https" |
|
|
|
SSLProtocol ALL -SSLv2 -SSLv3 |
|
SSLHonorCipherOrder On |
|
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS |
|
|
|
ErrorLog ${APACHE_LOG_DIR}/social-error.log |
|
CustomLog ${APACHE_LOG_DIR}/social-access.log combined |
|
|
|
# For most configuration files from conf-available/, which are |
|
# enabled or disabled at a global level, it is possible to |
|
# include a line for only one particular virtual host. For example the |
|
# following line enables the CGI configuration for this host only |
|
# after it has been globally disabled with "a2disconf". |
|
#Include conf-available/serve-cgi-bin.conf |
|
RewriteEngine on |
|
# Some rewrite rules in this file were disabled on your HTTPS site, |
|
# because they have the potential to create redirection loops. |
|
# RewriteCond %{SERVER_NAME} =social.nervestaple.com |
|
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent] |
|
SSLCertificateFile /etc/letsencrypt/live/social.example.com/fullchain.pem |
|
SSLCertificateKeyFile /etc/letsencrypt/live/social.example.com/privkey.pem |
|
Include /etc/letsencrypt/options-ssl-apache.conf |
|
</VirtualHost> |
|
|
|
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet |
|
</IfModule> |