Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<VirtualHost *:80>
ServerAdmin info@ecosteader.com
ServerName ecosteader.com
ServerAlias ecosteader.com
Redirect Permanent / https://ecosteader.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin xxxxxxxxxxxx
ServerName xxxxxxxxxxxxx
DocumentRoot /home/mastodon/live/public/
<Directory "/home/mastodon/live/public">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#### DONT USE THIS CRAP OUTSIDE A MODULE
# Header always set Strict-Transport-Security "max-age=31536000"
# Header always set Referrer-Policy "strict-origin-when-cross-origin"
#####
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLHonorCipherOrder on
SSLCipherSuite EECDH+AESGCM:AES256+EECDH:AES128+EECDH
# SSLCipherSuite EECDH+AESGCM:AES256+EECDH:AES128+EECDH:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305
SSLProxyEngine On
# SSLCompression off
# SSLSessionTickets off
# SSLStaplingResponderTimeout 5
# SSLStaplingReturnResponderErrors on
# SSLUseStapling on
SSLCertificateFile xxxxxxx
SSLCertificateKeyFile xxxxxx
SSLCertificateChainFile xxxxxxxx
<LocationMatch "^/(assets|avatars|emoji|headers|packs|sounds|system)>
Header always set Cache-Control "public, max-age=31536000, immutable"
Require all granted
</LocationMatch>
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set Host "ecosteader.com"
# This is definitely not the right way to do it, but I did test it.
# <Location /api/v1/streaming/>
# RewriteEngine on
# RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
# RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
# RewriteRule /api/v1/streaming/(.*) ws://127.0.0.1:4000/api/v1/streaming/$1 [P]
# </Location>
ProxyPass / http://localhost:4000
ProxyPassReverse / http://localhost:4000/
ProxyPass /500.html !
ProxyPass /sw.js !
ProxyPass /robots.txt !
ProxyPass /manifest.json !
ProxyPass /browserconfig.xml !
ProxyPass /mask-icon.svg !
ProxyPassMatch ^(/.*\.(png|ico)$) !
ProxyPassMatch ^/(assets|avatars|emoji|headers|packs|sounds|system|.well-known/acme-challenge) !
####### These lines below are what I think is causing the error; it's some variation on this.
ProxyPass /.well-known/ https://ecosteader.com/webfinger/.well-known/
ProxyPassReverse /.well-known/ https://ecosteader.com/webfinger/.well-known/
ProxyPass /api/v1/streaming/ ws://localhost:4000/
ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
ErrorDocument 500 /500.html
ErrorDocument 501 /500.html
ErrorDocument 502 /500.html
ErrorDocument 503 /500.html
ErrorDocument 504 /500.html
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.