Project

General

Profile

« Previous | Next » 

Revision 4c67c9e8

Added by david.sorber 6 months ago

  • ID 4c67c9e88103aee2922536a6d4e81ce94250e1e2
  • Parent 65b83771

Adding current brutus Apache config.

View differences:

configs/brutus/main.conf
<VirtualHost *:80>
Redirect permanent / https://brutus.gleeze.com
</VirtualHost>
<VirtualHost _default_:443>
ServerName https://brutus.gleeze.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>
Alias /htdocs /var/htdocs
<Directory /var/htdocs>
Require all granted
</Directory>
ErrorDocument 403 /error_pages/404.html
ErrorDocument 404 /error_pages/404.html
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
SSLEngine On
#SSLCertificateFile /etc/apache2/ssl/brutus.crt
#SSLCertificateKeyFile /etc/apache2/ssl/brutus.key
SSLCertificateFile /etc/letsencrypt/live/brutus.gleeze.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/brutus.gleeze.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/brutus.gleeze.com/fullchain.pem
Protocols h2 http/1.1
# Enable only strong encryption ciphers and prefer versions with Forward Secrecy
SSLCipherSuite HIGH:RC4-SHA:AES128-SHA:!aNULL:!MD5
SSLHonorCipherOrder on
# Disable all SSL/TLS versions except v1.3
SSLProtocol -all +TLSv1.3
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
# --- Nextcloud ------------------------------------------------
Alias /nextcloud/ "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
# --- Redmine ---------------------------------------------------
Alias /redmine /var/www/redmine/
<Directory /var/www/redmine/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
PassengerAppRoot /srv/redmine
RailsBaseURI /redmine
</Directory>
# --- Redmine Git ----------------------------------------------
PerlLoadModule Apache2::Redmine
Alias /git /var/www/grack/public
<Location /git>
PassengerBaseURI /git
PassengerAppRoot /var/www/grack
AuthType Basic
AuthName "Redmine git repositories"
Require valid-user
AuthUserFile /dev/null
PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler
#RedmineDSN "DBI:mysql:database=bitnami_redmine;host=localhost;mysql_socket=/opt/bitnami/mysql/tmp/mysql.sock"
RedmineDSN "DBI:Pg:dbname=redmine;host=localhost"
RedmineDbUser "redmine"
RedmineDbPass "SemolinaPilchardPornographicPriestess"
RedmineGitSmartHttp yes
</Location>
<Directory "/var/www/grack/public">
Options None
AllowOverride None
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
</Directory>
# --- Transmission ---------------------------------------------
ProxyRequests Off
<Location /transmission>
AuthType Digest
AuthName "engine"
AuthDigestProvider file
AuthUserFile /home/dsorber/web_users
Require valid-user
ProxyPass http://127.0.0.1:9565/transmission
ProxyPassReverse http://127.0.0.1:9565/transmission
</Location>
# --- ttyd -----------------------------------------------------
#ProxyRequests Off
<Location /terminal>
ProxyPreserveHost On
RewriteEngine on
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /terminal/?(.*) "ws://127.0.0.1:9772/$1" [P,L]
ProxyPass http://127.0.0.1:9772/
ProxyPassReverse http://127.0.0.1:9772/
ProxyPass ws://127.0.0.1:9772/
ProxyPassReverse ws://127.0.0.1:9772/
</Location>
# --- jellyfin -------------------------------------------------
<Location /daveflix/socket>
ProxyPreserveHost On
ProxyPass "ws://127.0.0.1:8096/daveflix/socket"
ProxyPassReverse "ws://127.0.0.1:8096/daveflix/socket"
</Location>
<Location /daveflix>
ProxyPass "http://127.0.0.1:8096/daveflix"
ProxyPassReverse "http://127.0.0.1:8096/daveflix"
</Location>
# --- Trilium ------------------------------------------------
<Location /trilium/>
RewriteEngine On
# Proxy WebSocket connections
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:8086/$1 [P,L]
# Proxy standard HTTP connections
ProxyPreserveHost On
ProxyPass http://127.0.0.1:8086/
ProxyPassReverse http://127.0.0.1:8086/
RequestHeader set X-Forwarded-Proto "https"
</Location>
</VirtualHost>

Also available in: Unified diff