squeegily
/
pleroma
1
0
Forkuj 0
Kod Zgłoszenia 0 Oczekujące zmiany 0 Wydania 42 Wiki Aktywność
Fork of Pleroma with site-specific changes and feature branches https://git.pleroma.social/pleroma/pleroma
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.
9418 Commity
154 Gałęzie
503MB
Drzewo: 3c42caa85c
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '3c42caa85c'
${ noResults }
pleroma/installation/pleroma-apache.conf

74 wiersze
2.8KB
Czysty Wina Historia 

  1. # default Apache site config for Pleroma

  2. #

  3. # needed modules: define headers proxy proxy_http proxy_wstunnel rewrite ssl

  4. # optional modules: cache cache_disk

  5. #

  6. # Simple installation instructions:

  7. # 1. Install your TLS certificate, possibly using Let's Encrypt.

  8. # 2. Replace 'example.tld' with your instance's domain wherever it appears.

  9. # 3. This assumes a Debian style Apache config. Copy this file to

  10. #    /etc/apache2/sites-available/ and then add a symlink to it in

  11. #    /etc/apache2/sites-enabled/ by running 'a2ensite pleroma-apache.conf', then restart Apache.

  12. #

  13. # Optional: enable disk-based caching for the media proxy

  14. # For details, see https://git.pleroma.social/pleroma/pleroma/wikis/How%20to%20activate%20mediaproxy

  15. #

  16. # 1. Create the directory listed below as the CacheRoot, and make sure

  17. #    the Apache user can write to it.

  18. # 2. Configure Apache's htcacheclean to clean the directory periodically.

  19. # 3. Run 'a2enmod cache cache_disk' and restart Apache.

  20. 

  21. Define servername example.tld

  22. 

  23. ServerName ${servername}

  24. ServerTokens Prod

  25. 

  26. ErrorLog ${APACHE_LOG_DIR}/error.log

  27. CustomLog ${APACHE_LOG_DIR}/access.log combined

  28. 

  29. <VirtualHost *:80>

  30.     Redirect permanent / https://${servername}

  31. </VirtualHost>

  32. 

  33. <VirtualHost *:443>

  34.     SSLEngine on

  35.     SSLCertificateFile      /etc/letsencrypt/live/${servername}/fullchain.pem

  36.     SSLCertificateKeyFile   /etc/letsencrypt/live/${servername}/privkey.pem

  37. 

  38.     # Mozilla modern configuration, tweak to your needs

  39.     SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1

  40.     SSLCipherSuite          ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

  41.     SSLHonorCipherOrder     on

  42.     SSLCompression          off

  43.     SSLSessionTickets       off

  44. 

  45.     # uncomment the following to enable mediaproxy caching on disk

  46.     # <IfModule mod_cache_disk.c>

  47.     #     CacheRoot /var/cache/apache2/mod_cache_disk

  48.     #     CacheDirLevels 1

  49.     #     CacheDirLength 2

  50.     #     CacheEnable disk /proxy

  51.     #     CacheLock on

  52.     # </IfModule>

  53. 

  54.     RewriteEngine On

  55.     RewriteCond %{HTTP:Connection} Upgrade [NC]

  56.     RewriteCond %{HTTP:Upgrade} websocket [NC]

  57.     RewriteRule /(.*) ws://localhost:4000/$1 [P,L]

  58. 

  59.     ProxyRequests off

  60.     # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only

  61.     # and `localhost.` resolves to [::0] on some systems: see issue #930

  62.     ProxyPass / http://127.0.0.1:4000/

  63.     ProxyPassReverse / http://127.0.0.1:4000/

  64. 

  65.     RequestHeader set Host ${servername}

  66.     ProxyPreserveHost On

  67. </VirtualHost>

  68. 

  69. # OCSP Stapling, only in httpd 2.3.3 and later

  70. SSLUseStapling          on

  71. SSLStaplingResponderTimeout 5

  72. SSLStaplingReturnResponderErrors off

  73. SSLStaplingCache        shmcb:/var/run/ocsp(128000)