Skip to content

Instantly share code, notes, and snippets.

@jhass

jhass/diaspora.conf

Last active Mar 12, 2021
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Advanced Diaspora Apache reverse proxy
Raw
diaspora.conf
# Make sure to notice the comments at https://gist.github.com/jhass/719014#gistcomment-19774
<VirtualHost *:80>
ServerName diaspora.example.org
ServerAlias www.diaspora.example.org
RedirectPermanent / https://diaspora.example.org/
</VirtualHost>
<VirtualHost *:443>
ServerName diaspora.example.org
ServerAlias www.diaspora.example.org
DocumentRoot /home/diaspora/diaspora/public
RewriteEngine On
RewriteCond %{HTTP_HOST} !^diaspora\.example\.org [NC]
RewriteRule ^/(.*)$ https://diaspora\.example\.org/$1 [L,R,QSA]
# For Camo support
#RewriteRule ^/camo/(.*)$ balancer://camo/$1 [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://upstream%{REQUEST_URI} [P,QSA,L]
<Proxy balancer://upstream>
# Recommended, using a unix socket (Requires Apache >= 2.4)
BalancerMember unix:///path/to/diaspora/tmp/diaspora.sock|http://
# Alternatively let diaspora listen on a local port (Use this for Apache < 2.4)
# BalancerMember http://localhost:3000
</Proxy>
# For Camo support
#<Proxy balancer://camo>
# BalancerMember http://localhost:8081
#</Proxy>
ProxyRequests Off
ProxyVia On
ProxyPreserveHost On
RequestHeader set X_FORWARDED_PROTO https
<Proxy *>
# Apache < 2.4
#Order allow,deny
#Allow from all
# Apache >= 2.4
Require all granted
</Proxy>
<Directory /home/diaspora/diaspora/public>
Options -MultiViews
# Apache < 2.4
#Allow from all
#AllowOverride all
# Apache >= 2.4
Require all granted
</Directory>
SSLEngine On
SSLCertificateFile /path/to/cert
SSLCertificateKeyFile /path/to/private_key
# For Let's encrypt it should point to /etc/letsencrypt/live/diaspora.example.org/chain.pem
SSLCertificateChainFile /path/to/chain_file
# Based on https://wiki.mozilla.org/Security/Server_Side_TLS - consider as global configuration
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
</VirtualHost>
@jhass
Copy link
Author

jhass commented Feb 1, 2011
edited

requires mod_ssl, mod_rewrite, mod_headers, mod_proxy, mod_proxy_http and mod_proxy_balancer

For Apache 2.4 add mod_lbmethod_byrequests and mod_slotmem_shm to the list.

@jhass
Copy link
Author

jhass commented Feb 10, 2011

To display a custom message when your pod is unavailable, for example when you're updating your pod, put an HTML file under /path/to/diaspora/public, i. e. /path/to/diaspora/public/updating.html and add the following inside the sections:

ErrorDocument 503 /updating.html

@petarpetrovic
Copy link

petarpetrovic commented Dec 7, 2011

In order to enable mod_rewrite and all subsequent mods on Debian and Ubuntu, you need to type a2enmod rewrite, a2enmod proxy, etc. Discard the mod_ part of the package and write it along with a2enmod.

Copy link

ghost commented Nov 17, 2013

You can also use a2enmod on Arch Linux by installing a2enmod-git from the AUR.

@sedrubal
Copy link

sedrubal commented Aug 15, 2014

Hi, I made everything as explained in the installation instructions and added this config to apache/sited-available/ but apache doesn't start anymore. This is the output in the terminal:

$ sudo service apache2 restart 
 * Restarting web server apache2                                                   [fail] 
 * The apache2 instance did not start within 20 seconds. Please read the log files to discover problems

and this is written in the apache error log:

[proxy:crit] [pid xyz] AH02432: Cannot find LB Method: byrequests
[proxy_balancer:emerg] [pid xyz] (22)Invalid argument: AH01183: Cannot share balancer
[:emerg] [pid xyz] AH00020: Configuration Failed, exiting

Can anybody help me? Thanks

@jhass
Copy link
Author

jhass commented Aug 30, 2014

@sedrubal you didn't load all needed methods, see the first comment.

@sedrubal
Copy link

sedrubal commented Sep 16, 2014

Oh thank you :D I forgot mod_lbmethod_byrequests

@MrPetovan
Copy link

MrPetovan commented Aug 27, 2016

Thanks for this working example.

Since Diaspora 0.6.0.0, the default listen configuration is unix:tmp/diaspora.sock, can I substitute

<Proxy balancer://upstream>
  BalancerMember http://127.0.0.1:3000
</Proxy>

with

<Proxy balancer://upstream>
  BalancerMember unix:tmp/diaspora.sock
</Proxy>

?

@gabsoftware
Copy link

gabsoftware commented Aug 29, 2016
edited

I had to use the following line in my Apache config to make it work:
BalancerMember unix:///home/diaspora/diaspora/tmp/diaspora.sock|http://
(notice the 3 slashes and the |http:// in the end)

@jh537
Copy link

jh537 commented Sep 1, 2016
edited

No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
https://blog.isatis-online.de/apache-als-proxy-mit-sockets/
I've got it with a current Apache (2.4.23) and a reboot.
https://launchpad.net/~ondrej/+archive/ubuntu/apache2?field.series_filter=trusty

@hostile123
Copy link

hostile123 commented Nov 7, 2016

Hi followed instructions, but it not start, Im on new ubuntu 16.04 updated server.

Heres Diaspora console log : https://gyazo.com/388dc1649a05cca515b6475ac0f2c190

Apache2 log https://gyazo.com/0e51a49c748c91d2eb12c4316ed91134

Heres apache config http://vodeoo.com/vodeoo.conf (should displays in chrome)

I looked at https://gist.github.com/jhass/719014

I got all apache mods enabled

@juliangilbey
Copy link

juliangilbey commented Jan 12, 2017

Hi Hostile, it looks as though Diaspora did not start up correctly, nothing to do with Apache. It keeps saying it's crashed for some reason.

@xenotropic
Copy link

xenotropic commented Apr 14, 2018

unix socket version failed repeatedly for me with the 'No protocol handler was valid for the URL /' message. Switched diaspora over to http rather that unix socket -- edit /home/diaspora/diaspora/config/diaspora.yml and search for '3000' -- and it works. That workaround is fine for me for now, but if anyone has ideas on why the socket fails would be curious. Apache 2.4.7, Ubuntu 14.04, Diaspora 0.7.4.1

@ApatheticCosmos
Copy link

ApatheticCosmos commented Oct 18, 2019

In order to get it working with the socket file on ubuntu 18.04, run this to enable all the required Apache modules:
# a2enmod ssl rewrite headers proxy proxy_http proxy_balancer lbmethod_byrequests slotmem_shm

@vpsinghbaghel
Copy link

vpsinghbaghel commented Jan 15, 2021
edited

Please suggest below installation for CentOS 7. I am getting apache default test page only.

requires mod_ssl, mod_rewrite, mod_headers, mod_proxy, mod_proxy_http and mod_proxy_balancer

For Apache 2.4 add mod_lbmethod_byrequests and mod_slotmem_shm to the list.

@lgcivttu
Copy link

lgcivttu commented Jan 15, 2021

Please suggest below installation for CentOS 7. I am getting apache default test page only.

I am having the same exact problem. CentOS7/Apache.

@vpsinghbaghel
Copy link

vpsinghbaghel commented Jan 16, 2021

I have removed apache, Installed Nginx and followed the nginx proxy guide they provided and it worked for me.

@heatherita
Copy link

heatherita commented Jan 21, 2021

Hi, I am in the process of installing diaspora and setting apache up. Is there any way of nstalling diaspora purely on localhost without any networking or hosting? I want to get a basic idea how it is to work with ROR before I go any further. Thanks.

@jhass
Copy link
Author

jhass commented Jan 22, 2021

@heatherita A development setup of diaspora does not need a reverse proxy setup, you just access http://localhost:3000 directly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment