# Configuration for {{ gitea.url }} # vim:ft=apache: # Accept connections from non-SNI clients SSLStrictSNIVHostCheck off # Need this for SSL proxying, apparently SSLProxyEngine on # Website configuration ServerName {{ gitea.url }} Redirect permanent / https://{{ gitea.url }} SSLEngine on SSLCertificateFile /etc/pki/cert/crt/{{ gitea.url }}.crt SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea.url }}.key SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea.url }}-fullchain.crt SSLProtocol {{ ssl_protocol }} SSLCipherSuite {{ ssl_cipher_suite }} ServerName {{ gitea.url }} DocumentRoot {{ gitea_webroot }} Require all granted AllowOverride All Options MultiViews FollowSymlinks ProxyPreserveHost On ProxyRequests Off ProxyPass / http://127.0.0.1:3000/ nocanon retry=1 ProxyPassReverse / https://127.0.0.1:3000/ RequestHeader set X_FORWARDED_PROTO 'https' RequestHeader set X-Forwarded-Ssl on