48 lines
1.4 KiB
ApacheConf
48 lines
1.4 KiB
ApacheConf
# Configuration for {{ gitea_url }}
|
|
# vim:ft=apache:
|
|
|
|
# Accept connections from non-SNI clients
|
|
SSLStrictSNIVHostCheck off
|
|
# Need this for SSL proxying, apparently
|
|
SSLProxyEngine on
|
|
|
|
# Website configuration
|
|
<VirtualHost *:80>
|
|
ServerName {{ gitea_url }}
|
|
Redirect permanent / https://{{ gitea_url }}
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
|
|
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
|
|
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
|
|
SSLProtocol {{ ssl_protocol }}
|
|
SSLCipherSuite {{ ssl_cipher_suite }}
|
|
ServerName {{ gitea_url }}
|
|
DocumentRoot {{ gitea_webroot }}
|
|
<Directory "{{ gitea_webroot }}">
|
|
Require all granted
|
|
AllowOverride All
|
|
Options MultiViews FollowSymlinks
|
|
</Directory>
|
|
|
|
RequestHeader set X_FORWARDED_PROTO 'https'
|
|
RequestHeader set X-Forwarded-Ssl on
|
|
</VirtualHost>
|
|
<VirtualHost *:8448>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
|
|
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
|
|
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
|
|
SSLProtocol {{ ssl_protocol }}
|
|
SSLCipherSuite {{ ssl_cipher_suite }}
|
|
ServerName {{ gitea_url }}
|
|
ProxyPreserveHost On
|
|
ProxyRequests Off
|
|
ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
|
|
ProxyPassReverse / https://127.0.0.1:3000/
|
|
|
|
RequestHeader set X_FORWARDED_PROTO 'https'
|
|
RequestHeader set X-Forwarded-Ssl on
|
|
</VirtualHost>
|