squeegily
/
pleroma
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 42 Wiki Aktivität
Fork of Pleroma with site-specific changes and feature branches https://git.pleroma.social/pleroma/pleroma
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
5181 Commits
154 Branches
503MB
Struktur: 356c047759
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „356c047759“
${ noResults }
pleroma/installation/pleroma-apache.conf

75 Zeilen
2.9KB
Originalformat Blame Verlauf 

  1. # default Apache site config for Pleroma

  2. #

  3. # needed modules: define headers proxy proxy_http proxy_wstunnel rewrite ssl

  4. # optional modules: cache cache_disk

  5. #

  6. # Simple installation instructions:

  7. # 1. Install your TLS certificate, possibly using Let's Encrypt.

  8. # 2. Replace 'example.tld' with your instance's domain wherever it appears.

  9. # 3. This assumes a Debian style Apache config. Copy this file to

  10. #    /etc/apache2/sites-available/ and then add a symlink to it in

  11. #    /etc/apache2/sites-enabled/ by running 'a2ensite pleroma-apache.conf', then restart Apache.

  12. #

  13. # Optional: enable disk-based caching for the media proxy

  14. # For details, see https://git.pleroma.social/pleroma/pleroma/wikis/How%20to%20activate%20mediaproxy

  15. #

  16. # 1. Create the directory listed below as the CacheRoot, and make sure

  17. #    the Apache user can write to it.

  18. # 2. Configure Apache's htcacheclean to clean the directory periodically.

  19. # 3. Run 'a2enmod cache cache_disk' and restart Apache.

  20. 

  21. Define servername example.tld

  22. 

  23. ServerName ${servername}

  24. ServerTokens Prod

  25. 

  26. ErrorLog ${APACHE_LOG_DIR}/error.log

  27. CustomLog ${APACHE_LOG_DIR}/access.log combined

  28. 

  29. <VirtualHost *:80>

  30.     Redirect permanent / https://${servername}

  31. </VirtualHost>

  32. 

  33. <VirtualHost *:443>

  34.     SSLEngine on

  35.     SSLCertificateFile      /etc/letsencrypt/live/${servername}/cert.pem

  36.     SSLCertificateKeyFile   /etc/letsencrypt/live/${servername}/privkey.pem

  37.     SSLCertificateChainFile /etc/letsencrypt/live/${servername}/fullchain.pem

  38. 

  39.     # Mozilla modern configuration, tweak to your needs

  40.     SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1

  41.     SSLCipherSuite          ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

  42.     SSLHonorCipherOrder     on

  43.     SSLCompression          off

  44.     SSLSessionTickets       off

  45. 

  46.     # uncomment the following to enable mediaproxy caching on disk

  47.     # <IfModule mod_cache_disk.c>

  48.     #     CacheRoot /var/cache/apache2/mod_cache_disk

  49.     #     CacheDirLevels 1

  50.     #     CacheDirLength 2

  51.     #     CacheEnable disk /proxy

  52.     #     CacheLock on

  53.     # </IfModule>

  54. 

  55.     RewriteEngine On

  56.     RewriteCond %{HTTP:Connection} Upgrade [NC]

  57.     RewriteCond %{HTTP:Upgrade} websocket [NC]

  58.     RewriteRule /(.*) ws://localhost:4000/$1 [P,L]

  59. 

  60.     ProxyRequests off

  61.     # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only

  62.     # and `localhost.` resolves to [::0] on some systems: see issue #930

  63.     ProxyPass / http://127.0.0.1:4000/

  64.     ProxyPassReverse / http://127.0.0.1:4000/

  65. 

  66.     RequestHeader set Host ${servername}

  67.     ProxyPreserveHost On

  68. </VirtualHost>

  69. 

  70. # OCSP Stapling, only in httpd 2.3.3 and later

  71. SSLUseStapling          on

  72. SSLStaplingResponderTimeout 5

  73. SSLStaplingReturnResponderErrors off

  74. SSLStaplingCache        shmcb:/var/run/ocsp(128000)