# Configuration for {{ gitlab_url }} # vim:ft=apache: # Accept connections from non-SNI clients SSLStrictSNIVHostCheck off # Website configuration ServerName {{ gitlab_url }} Redirect permanent / https://{{ gitlab_url }} SSLEngine on SSLCertificateFile /etc/pki/cert/crt/{{ gitlab_url }}.crt SSLCertificateKeyFile /etc/pki/cert/private/{{ gitlab_url }}.key SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url }}-fullchain.crt ServerName {{ gitlab_url }} DocumentRoot {{ gitlab_webroot }} Require all granted AllowOverride All Options MultiViews FollowSymlinks Require all granted ProxyPassReverse http://127.0.0.1:8086 ProxyPassReverse http://git.9iron.club/ # Forward all requets to GL except error docs and ACME challenges RewriteEngine on RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR] RewriteCond %{REQUEST_URI} ^/uploads/.* RewriteCond %{REQUEST_URI} !\.well-known-acme-challenge RewriteRule .* http://127.0.0.1:8086%{REQUEST_URI} [P,QSA,NE] RequestHeader set X_FORWARDED_PROTO 'https' RequestHeader set X-Forwarded-Ssl on