Advanced Diaspora Apache reverse proxy

diaspora.conf

# Make sure to notice the comments at https://gist.github.com/jhass/719014#gistcomment-19774

<VirtualHost *:80>
  ServerName diaspora.example.org
  ServerAlias www.diaspora.example.org
  
  RedirectPermanent / https://diaspora.example.org/
</VirtualHost>
<VirtualHost *:443>
 ServerName diaspora.example.org
 ServerAlias www.diaspora.example.org
 
 DocumentRoot /home/diaspora/diaspora/public

 RewriteEngine On

 RewriteCond %{HTTP_HOST} !^diaspora\.example\.org [NC]
 RewriteRule ^/(.*)$ https://diaspora\.example\.org/$1 [L,R,QSA]

 # For Camo support
 #RewriteRule ^/camo/(.*)$ balancer://camo/$1 [P,QSA,L]
 
 RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
 RewriteRule ^/(.*)$ balancer://upstream%{REQUEST_URI} [P,QSA,L]

 <Proxy balancer://upstream>
  # Recommended, using a unix socket (Requires Apache >= 2.4)
  BalancerMember unix:///path/to/diaspora/tmp/diaspora.sock|http://
  # Alternatively let diaspora listen on a local port (Use this for Apache < 2.4)
  # BalancerMember http://localhost:3000
 </Proxy>

 # For Camo support
 #<Proxy balancer://camo>
 #  BalancerMember http://localhost:8081
 #</Proxy>

 ProxyRequests Off
 ProxyVia On  
 ProxyPreserveHost On
 RequestHeader set X_FORWARDED_PROTO https

 <Proxy *>
  # Apache < 2.4
  #Order allow,deny
  #Allow from all
  # Apache >= 2.4
  Require all granted
 </Proxy>

 <Directory /home/diaspora/diaspora/public>
  Options -MultiViews
  # Apache < 2.4
  #Allow from all
  #AllowOverride all
  # Apache >= 2.4
  Require all granted
 </Directory>

 SSLEngine On
 SSLCertificateFile /path/to/cert
 SSLCertificateKeyFile /path/to/private_key
 
 # For Let's encrypt it should point to /etc/letsencrypt/live/diaspora.example.org/chain.pem
 SSLCertificateChainFile /path/to/chain_file


 # Based on https://wiki.mozilla.org/Security/Server_Side_TLS - consider as global configuration
SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder     off
SSLSessionTickets       off
</VirtualHost>

Hi Hostile, it looks as though Diaspora did not start up correctly, nothing to do with Apache. It keeps saying it's crashed for some reason.

unix socket version failed repeatedly for me with the 'No protocol handler was valid for the URL /' message. Switched diaspora over to http rather that unix socket -- edit /home/diaspora/diaspora/config/diaspora.yml and search for '3000' -- and it works. That workaround is fine for me for now, but if anyone has ideas on why the socket fails would be curious. Apache 2.4.7, Ubuntu 14.04, Diaspora 0.7.4.1

In order to get it working with the socket file on ubuntu 18.04, run this to enable all the required Apache modules:
# a2enmod ssl rewrite headers proxy proxy_http proxy_balancer lbmethod_byrequests slotmem_shm

Please suggest below installation for CentOS 7. I am getting apache default test page only.

requires mod_ssl, mod_rewrite, mod_headers, mod_proxy, mod_proxy_http and mod_proxy_balancer

For Apache 2.4 add mod_lbmethod_byrequests and mod_slotmem_shm to the list.

Please suggest below installation for CentOS 7. I am getting apache default test page only.

I am having the same exact problem. CentOS7/Apache.

I have removed apache, Installed Nginx and followed the nginx proxy guide they provided and it worked for me.

Hi, I am in the process of installing diaspora and setting apache up. Is there any way of nstalling diaspora purely on localhost without any networking or hosting? I want to get a basic idea how it is to work with ROR before I go any further. Thanks.

@heatherita A development setup of diaspora does not need a reverse proxy setup, you just access http://localhost:3000 directly.