-
-
Save misje/52551fc43754d2e27f32 to your computer and use it in GitHub Desktop.
<VirtualHost *:80> | |
ServerName mattermost.example.org | |
ServerAdmin webmaster@example.org | |
ErrorLog ${APACHE_LOG_DIR}/mattermost-error.log | |
CustomLog ${APACHE_LOG_DIR}/mattermost-access.log combined | |
# Enforce HTTPS: | |
RewriteEngine On | |
RewriteCond %{HTTPS} !=on | |
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] | |
</VirtualHost> | |
<VirtualHost *:443> | |
SSLEngine on | |
ServerName mattermost.example.org | |
ServerAdmin webmaster@example.org | |
ErrorLog ${APACHE_LOG_DIR}/mattermost-error.log | |
CustomLog ${APACHE_LOG_DIR}mattermost-access.log combined | |
RewriteEngine On | |
RewriteCond %{REQUEST_URI} ^/api/v[0-9]+/(users/)?websocket [NC,OR] | |
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR] | |
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC] | |
RewriteRule .* ws://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L] | |
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
RewriteRule .* http://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L] | |
RequestHeader set X-Forwarded-Proto "https" | |
RequestHeader unset If-Modified-Since | |
RequestHeader unset If-None-Match | |
<LocationMatch "/api/(?<version>v[0-9]+)/(?<users>users/)?websocket$"> | |
Require all granted | |
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_VERSION}/%{env:MATCH_USERS}websocket | |
ProxyPassReverseCookieDomain 127.0.0.1 mattermost.example.org | |
</LocationMatch> | |
<Location /> | |
Require all granted | |
ProxyPassReverse http://127.0.0.1:8065/ | |
ProxyPassReverseCookieDomain 127.0.0.1 mattermost.example.org | |
</Location> | |
ProxyPreserveHost On | |
ProxyRequests Off | |
</VirtualHost> |
rewrite, proxy, proxy_http and proxy_wstunnel are needed (a2enmod).
New LocationMatch directive should now support newer protocol versions .
Documentation got recently posted at mattermost/docs#1114 (comment)
gitlab is now shipped with Mattermost v4 and just changing api urls doesn't seem to be enough.
I get this king of error :
[2017/07/24 14:30:11 CEST] [EROR] websocket connect err: websocket: origin not allowed
[2017/07/24 14:30:11 CEST] [EROR] /api/v4/websocket:connect code=500 rid=u9g35wy34b8xb86j3def4smejy uid=7ppr67oe6ibk7pwgkcagbtyg3o ip=https, XX.XX.XX.XX Failed to upgrade websocket connection [details: ]
Sorry it's perfect
I had a header directive which broke everything
is there any specific reason for the Api Version in line "RewriteCond %{REQUEST_URI} ^/api/v1/websocket [NC,OR]" ?
Why not v3, or v4 or a RegEx?
Should i change this manually from version to version of mattermost?
is there any specific reason for the Api Version in line "RewriteCond %{REQUEST_URI} ^/api/v1/websocket [NC,OR]" ?
Why not v3, or v4 or a RegEx?
Should i change this manually from version to version of mattermost?
It always worked for me. I updated the regex with a numeric match to any version anyway. The ProxyPassReverse path also lacked a "v" before the version number, but this never seemed to be a problem.
This config now closely resembles the unofficial apache config in the Mattermost docs.
I'm sure Julian has fixed his issue, but in case anyone else is wondering,
"proxy submodules"
is the critical phrase here. On Debian Jessie, activating moduleproxy_http
was sufficient.sudo a2enmod proxy_http
should do the trick for those in a similar situation.