Redirect permanent / https://brutus.gleeze.com ServerName https://brutus.gleeze.com ServerAdmin webmaster@localhost DocumentRoot /var/www Options FollowSymLinks AllowOverride None Options Indexes FollowSymLinks MultiViews AllowOverride None Require all granted Alias /htdocs /var/htdocs Require all granted ErrorDocument 403 /error_pages/404.html ErrorDocument 404 /error_pages/404.html CustomLog ${APACHE_LOG_DIR}/access.log combined ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn SSLEngine On #SSLCertificateFile /etc/apache2/ssl/brutus.crt #SSLCertificateKeyFile /etc/apache2/ssl/brutus.key SSLCertificateFile /etc/letsencrypt/live/brutus.gleeze.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/brutus.gleeze.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/brutus.gleeze.com/fullchain.pem Protocols h2 http/1.1 # Enable only strong encryption ciphers and prefer versions with Forward Secrecy SSLCipherSuite HIGH:RC4-SHA:AES128-SHA:!aNULL:!MD5 SSLHonorCipherOrder on # Disable all SSL/TLS versions except v1.3 SSLProtocol -all +TLSv1.3 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown # --- Nextcloud ------------------------------------------------ Alias /nextcloud/ "/var/www/nextcloud/" Require all granted AllowOverride All Options FollowSymLinks MultiViews Dav off Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" SetEnv HOME /var/www/nextcloud SetEnv HTTP_HOME /var/www/nextcloud # --- Redmine --------------------------------------------------- Alias /redmine /var/www/redmine/ Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all PassengerAppRoot /srv/redmine RailsBaseURI /redmine # --- Redmine Git ---------------------------------------------- PerlLoadModule Apache2::Redmine Alias /git /var/www/grack/public PassengerBaseURI /git PassengerAppRoot /var/www/grack AuthType Basic AuthName "Redmine git repositories" Require valid-user AuthUserFile /dev/null PerlAccessHandler Apache::Authn::Redmine::access_handler PerlAuthenHandler Apache::Authn::Redmine::authen_handler #RedmineDSN "DBI:mysql:database=bitnami_redmine;host=localhost;mysql_socket=/opt/bitnami/mysql/tmp/mysql.sock" RedmineDSN "DBI:Pg:dbname=redmine;host=localhost" RedmineDbUser "redmine" RedmineDbPass "SemolinaPilchardPornographicPriestess" RedmineGitSmartHttp yes Options None AllowOverride None Order allow,deny Allow from all = 2.3> Require all granted # --- Transmission --------------------------------------------- ProxyRequests Off AuthType Digest AuthName "engine" AuthDigestProvider file AuthUserFile /home/dsorber/web_users Require valid-user ProxyPass http://127.0.0.1:9565/transmission ProxyPassReverse http://127.0.0.1:9565/transmission # --- ttyd ----------------------------------------------------- #ProxyRequests Off ProxyPreserveHost On RewriteEngine on RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteCond %{HTTP:Connection} upgrade [NC] RewriteRule /terminal/?(.*) "ws://127.0.0.1:9772/$1" [P,L] ProxyPass http://127.0.0.1:9772/ ProxyPassReverse http://127.0.0.1:9772/ ProxyPass ws://127.0.0.1:9772/ ProxyPassReverse ws://127.0.0.1:9772/ # --- jellyfin ------------------------------------------------- ProxyPreserveHost On ProxyPass "ws://127.0.0.1:8096/daveflix/socket" ProxyPassReverse "ws://127.0.0.1:8096/daveflix/socket" ProxyPass "http://127.0.0.1:8096/daveflix" ProxyPassReverse "http://127.0.0.1:8096/daveflix" # --- Trilium ------------------------------------------------ RewriteEngine On # Proxy WebSocket connections RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule /(.*) ws://127.0.0.1:8086/$1 [P,L] # Proxy standard HTTP connections ProxyPreserveHost On ProxyPass http://127.0.0.1:8086/ ProxyPassReverse http://127.0.0.1:8086/ RequestHeader set X-Forwarded-Proto "https"