jonathan-dejong/apache host

## apache host
<VirtualHost *:80>
  ServerName YOUR-OWNCLOUD-URL

  RewriteEngine on
  RewriteCond %{SERVER_NAME} =YOUR-OWNCLOUD-URL
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

</VirtualHost>

<VirtualHost *:443>
  # Basics
  ServerName YOUR-OWNCLOUD-URL
  ServerAlias www.YOUR-OWNCLOUD-URL
  # Next line puts ownCloud at the domain root instead of a /owncloud/ subdirectory (e.g. example.com vs. example.com/o$
  Alias /owncloud "/var/www/owncloud/"
  DocumentRoot /var/www/owncloud

  SSLEngine on
  SSLCertificateFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/privkey.pem
  Include /etc/letsencrypt/options-ssl-apache.conf
  SSLCertificateChainFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/chain.pem

  # Uncomment the following directive when using client certificate authentication
  #SSLCACertificateFile    /path/to/ca_certs_for_client_authentication


  # HSTS (mod_headers is required) (15768000 seconds = 6 months)
  Header always set Strict-Transport-Security "max-age=15768000"

  # ownCloud
  <Directory /var/www/owncloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
	  </IfModule>
      SetEnv HOME /var/www/owncloud
      SetEnv HTTP_HOME /var/www/owncloud

    </Directory>

  </VirtualHost>

  # intermediate configuration, tweak to your needs
  SSLProtocol             all -SSLv3
  SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES1$
  SSLHonorCipherOrder     on
  SSLCompression          off
  SSLSessionTickets       off

  # OCSP Stapling, only in httpd 2.3.3 and later
  SSLUseStapling          on
  SSLStaplingResponderTimeout 5
  SSLStaplingReturnResponderErrors off
  SSLStaplingCache        shmcb:/var/run/ocsp(128000)
	<VirtualHost *:80>
	ServerName YOUR-OWNCLOUD-URL

	RewriteEngine on
	RewriteCond %{SERVER_NAME} =YOUR-OWNCLOUD-URL
	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

	</VirtualHost>

	<VirtualHost *:443>
	# Basics
	ServerName YOUR-OWNCLOUD-URL
	ServerAlias www.YOUR-OWNCLOUD-URL
	# Next line puts ownCloud at the domain root instead of a /owncloud/ subdirectory (e.g. example.com vs. example.com/o$
	Alias /owncloud "/var/www/owncloud/"
	DocumentRoot /var/www/owncloud

	SSLEngine on
	SSLCertificateFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/cert.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf
	SSLCertificateChainFile /etc/letsencrypt/live/YOUR-OWNCLOUD-URL/chain.pem

	# Uncomment the following directive when using client certificate authentication
	#SSLCACertificateFile /path/to/ca_certs_for_client_authentication


	# HSTS (mod_headers is required) (15768000 seconds = 6 months)
	Header always set Strict-Transport-Security "max-age=15768000"

	# ownCloud
	<Directory /var/www/owncloud/>
	Options +FollowSymlinks
	AllowOverride All
	<IfModule mod_dav.c>
	Dav off
	</IfModule>
	SetEnv HOME /var/www/owncloud
	SetEnv HTTP_HOME /var/www/owncloud

	</Directory>

	</VirtualHost>

	# intermediate configuration, tweak to your needs
	SSLProtocol all -SSLv3
	SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES1$
	SSLHonorCipherOrder on
	SSLCompression off
	SSLSessionTickets off

	# OCSP Stapling, only in httpd 2.3.3 and later
	SSLUseStapling on
	SSLStaplingResponderTimeout 5
	SSLStaplingReturnResponderErrors off
	SSLStaplingCache shmcb:/var/run/ocsp(128000)