37 lines
1.4 KiB
Plaintext
37 lines
1.4 KiB
Plaintext
|
<VirtualHost 192.168.122.42:80>
|
||
|
# ReverseProxy with https redirect template
|
||
|
#
|
||
|
# Written by Doug Le Tough
|
||
|
#
|
||
|
# Usage:
|
||
|
# sed -s 's/SITE_NAME/example.com/g' site_template.conf > example.org.conf
|
||
|
# sed -i 's/SITE_HOST/hostname.local.tetalab.org/g' example.org.conf
|
||
|
#
|
||
|
Define FQDN SITE_NAME
|
||
|
Define HOST SITE_HOST
|
||
|
Define HOST_PORT SITE_PORT
|
||
|
ServerName ${FQDN}
|
||
|
### All HTTP requests are converted to HTTPS requests
|
||
|
<IfModule mod_rewrite.c>
|
||
|
RewriteEngine On
|
||
|
RewriteCond %{HTTPS} off
|
||
|
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
|
||
|
</IfModule>
|
||
|
ErrorLog "/var/log/httpd/${FQDN}_error.log"
|
||
|
CustomLog "/var/log/httpd/${FQDN}_access.log" Combined
|
||
|
</VirtualHost>
|
||
|
<VirtualHost 192.168.122.42:443>
|
||
|
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
|
||
|
ServerName ${FQDN}
|
||
|
ProxyPreserveHost On
|
||
|
SSLEngine on
|
||
|
SSLCertificateFile /etc/dehydrated/certs/${FQDN}/cert.pem
|
||
|
SSLCertificateKeyFile /etc/dehydrated/certs/${FQDN}/privkey.pem
|
||
|
SSLCertificateChainFile /etc/dehydrated/certs/${FQDN}/fullchain.pem
|
||
|
RequestHeader set X_FORWARDED_PROTO 'https'
|
||
|
ProxyPass / http://${HOST}:${HOST_PORT}/
|
||
|
ProxyPassReverse / http://${HOST}:${HOST_PORT}/
|
||
|
ErrorLog "/var/log/httpd/${FQDN}_error.log"
|
||
|
CustomLog "/var/log/httpd/${FQDN}_access.log" Combined
|
||
|
</VirtualHost>
|