mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 15:14:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Document reverse proxy config for Apache

Browse source 
As we found out in #616, Apache does not set the `X-Forwarded-Proto` header, which is now required because we switched to secure cookies in 383d791a50.

Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2020-12-13 19:07:26 +01:00
parent 70ff301e15
commit 2f5ca84605
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
docs/setup/reverse-proxy.md
View file

@ -67,3 +67,29 @@ server {
ssl_dhparam ssl-dhparams.pem; ssl_dhparam ssl-dhparams.pem;
} }
``` ```
### Apache
You will need these modules enabled: `proxy`, `proxy_http` and `proxy_wstunnel`.
Here is an example config snippet:
```
<VirtualHost *:443>
ServerName hedgedoc.example.com
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:3000/$1 [P,L]
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/hedgedoc.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hedgedoc.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
```