40 lines
1.2 KiB
ApacheConf
40 lines
1.2 KiB
ApacheConf
# Configuration for {{ gitlab_url }}
|
|
# vim:ft=apache:
|
|
|
|
# Accept connections from non-SNI clients
|
|
SSLStrictSNIVHostCheck off
|
|
|
|
# Website configuration
|
|
<VirtualHost *:80>
|
|
ServerName {{ gitlab_url }}
|
|
Redirect permanent / https://{{ gitlab_url }}
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/pki/cert/crt/{{ gitlab_url }}.crt
|
|
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitlab_url }}.key
|
|
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url }}-fullchain.crt
|
|
ServerName {{ gitlab_url }}
|
|
DocumentRoot {{ gitlab_webroot }}
|
|
<Directory "{{ gitlab_webroot }}">
|
|
Require all granted
|
|
AllowOverride All
|
|
Options MultiViews FollowSymlinks
|
|
</Directory>
|
|
<Location />
|
|
Require all granted
|
|
ProxyPassReverse http://127.0.0.1:8086
|
|
ProxyPassReverse http://git.9iron.club/
|
|
</Location>
|
|
|
|
# Forward all requets to GL except error docs and ACME challenges
|
|
RewriteEngine on
|
|
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
|
|
RewriteCond %{REQUEST_URI} ^/uploads/.*
|
|
RewriteCond %{REQUEST_URI} !\.well-known-acme-challenge
|
|
RewriteRule .* http://127.0.0.1:8086%{REQUEST_URI} [P,QSA,NE]
|
|
|
|
RequestHeader set X_FORWARDED_PROTO 'https'
|
|
RequestHeader set X-Forwarded-Ssl on
|
|
</VirtualHost>
|