ansible/roles/gitea/templates/apache2-vhost-ssl.conf

36 lines
1.0 KiB
Plaintext
Raw Normal View History

2020-08-02 19:39:39 -05:00
# Configuration for {{ gitea.url }}
2020-04-30 05:06:49 -05:00
# vim:ft=apache:
# Accept connections from non-SNI clients
SSLStrictSNIVHostCheck off
2020-04-30 07:38:06 -05:00
# Need this for SSL proxying, apparently
SSLProxyEngine on
2020-04-30 05:06:49 -05:00
# Website configuration
<VirtualHost *:80>
2020-08-02 19:39:39 -05:00
ServerName {{ gitea.url }}
Redirect permanent / https://{{ gitea.url }}
2020-04-30 05:06:49 -05:00
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
2020-08-02 19:39:39 -05:00
SSLCertificateFile /etc/pki/cert/crt/{{ gitea.url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea.url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea.url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
2020-06-03 06:07:11 -05:00
SSLCipherSuite {{ ssl_cipher_suite }}
2020-08-02 19:39:39 -05:00
ServerName {{ gitea.url }}
2020-04-30 05:06:49 -05:00
DocumentRoot {{ gitea_webroot }}
<Directory "{{ gitea_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
2020-04-30 06:21:25 -05:00
ProxyPreserveHost On
ProxyRequests Off
2020-04-30 07:38:06 -05:00
ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
2020-04-30 05:06:49 -05:00
ProxyPassReverse / https://127.0.0.1:3000/
RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on
</VirtualHost>