aboutsummaryrefslogtreecommitdiff
path: root/extra/fuss.conf.apache
diff options
context:
space:
mode:
Diffstat (limited to 'extra/fuss.conf.apache')
-rw-r--r--extra/fuss.conf.apache60
1 files changed, 60 insertions, 0 deletions
diff --git a/extra/fuss.conf.apache b/extra/fuss.conf.apache
new file mode 100644
index 0000000..661b708
--- /dev/null
+++ b/extra/fuss.conf.apache
@@ -0,0 +1,60 @@
+# Apache example config for fuss application
+<VirtualHost *:80>
+
+ ServerName d2-03a.ipa.example.com
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+
+ #LogLevel info ssl:warn
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+ # OPTION 1: send to https
+ # force https for this path
+ RewriteEngine On
+ RewriteCond %{HTTPS} !=on
+ RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
+ RewriteRule ^/fuss(.*) https://%{SERVER_NAME}/fuss$1 [R,L]
+
+ # OPTION 2: Just use unencrypted
+ #ProxyPass /fuss http://localhost:5003/
+ #ProxyPassReverse /fuss http://localhost:5003/
+ #<Location /fuss>
+ # RequestHeader append X-Forwarded-Prefix "/fuss"
+ # RequestHeader set X-Forwarded-Proto "http"
+ #</Location>
+
+</VirtualHost>
+
+# To use OPTION 2 above, just disable this whole 443 virtualhost.
+<VirtualHost *:443>
+ ServerName d2-03a.ipa.example.com
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+
+ #LogLevel info ssl:warn
+
+ ErrorLog ${APACHE_LOG_DIR}/ssl-error.log
+ CustomLog ${APACHE_LOG_DIR}/ssl-access.log combined
+
+ SSLEngine on
+ SSLProtocol all -SSLv2 -SSLv3
+ SSLHonorCipherOrder on
+ SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
+
+ SSLCertificateFile /etc/ssl/private/https-d2-03a.ipa.example.com.pem
+ SSLCertificateKeyFile /etc/ssl/private/https-d2-03a.ipa.example.com-nopw.key
+
+ ProxyPass /fuss http://localhost:5003/
+ ProxyPassReverse /fuss http://localhost:5003/
+ <Location /fuss>
+ # a2enmod headers. These are extra ones that are not provided by Apache natively.
+ RequestHeader append X-Forwarded-Prefix "/fuss"
+ RequestHeader set X-Forwarded-Proto "https"
+ </Location>
+
+</VirtualHost>
+# vim:set syntax=apache ts=3 sw=3 sts=3 sr noet:
bgstack15