Initial

2023-06-13 14:05:43 +02:00 · 2023-06-13 14:05:43 +02:00 · f0bc57caf6
commit f0bc57caf6
parent 3362931a75
1 changed files with 118 additions and 0 deletions
--- a/118
+++ b/118
@ -0,0 +1,118 @@
+Apache Reverse Proxy for OpenTalk
+
+Please note that I do the SSL-certification on another part of my Apache config for all domains and not in the virtual part. If you do so, you need to implement the certs in this config too.
+
+*********** Domain: ************
+
+<Proxy *>
+     Order Allow,Deny
+     Allow from all
+     AllowOverride all
+     Header set Access-Control-Allow-Origin "*"
+        </proxy>
+
+<Location />
+    Order allow,deny
+    Allow from all
+    Require all granted
+  </Location>
+
+<ifmodule mod_headers.c>
+Header always edit Set-Cookie (.*) "$1; SameSite=strict"
+</ifmodule> 
+
+RequestHeader set X-Forwarded-Proto "https"
+RequestHeader set X-Forwarded-Port "443"
+ProxyPreserveHost On
+ProxyRequests Off
+AllowEncodedSlashes NoDecode
+Header add Access-Control-Allow-Origin "*"
+
+RequestHeader set X-Forwarded-Proto "https"
+RequestHeader set X-Forwarded-Port "443"
+ProxyPass /.well-known/ !
+ProxyPass / http://127.0.0.1:7080/ retry=1 acquire=3000 timeout=600 Keepalive=On
+ProxyPassReverse / http://127.0.0.1:7080/
+
+RewriteCond %{HTTP:Upgrade} =websocket [NC]
+RewriteRule ^/ws/(.*)    wss://localhost:7080/$1 [P,L]
+ProxyRequests off
+ProxyPreserveHost on
+
+SSLProxyVerify none 
+SSLProxyCheckPeerCN off
+SSLProxyCheckPeerName off
+
+
+
+
+************** accounts **************
+
+<Proxy *>
+     Order Allow,Deny
+     Allow from all
+     AllowOverride all
+     Header set Access-Control-Allow-Origin "*"
+        </proxy>
+
+<Location />
+    Order allow,deny
+    Allow from all
+    Require all granted
+  </Location>
+
+<ifmodule mod_headers.c>
+Header always edit Set-Cookie (.*) "$1; SameSite=strict"
+</ifmodule> 
+
+RequestHeader set X-Forwarded-Proto "https"
+RequestHeader set X-Forwarded-Port "443"
+ProxyPreserveHost On
+ProxyRequests Off
+AllowEncodedSlashes NoDecode
+Header add Access-Control-Allow-Origin "*"
+
+RequestHeader set X-Forwarded-Proto "https"
+RequestHeader set X-Forwarded-Port "443"
+ProxyPass /.well-known/ !
+ProxyPass / http://127.0.0.1:7087/ retry=1 acquire=3000 timeout=600 Keepalive=On
+ProxyPassReverse / http://127.0.0.1:7087/
+
+RewriteCond %{HTTP:Upgrade} =websocket [NC]
+RewriteRule ^/ws/(.*)    wss://localhost:7087/$1 [P,L]
+ProxyRequests off
+ProxyPreserveHost on
+
+SSLProxyVerify none 
+SSLProxyCheckPeerCN off
+SSLProxyCheckPeerName off
+
+
+
+
+
+**************** controller ***************
+
+
+<Proxy *>
+     Order Allow,Deny
+     Allow from all
+     AllowOverride all
+     Header set Access-Control-Allow-Origin "*"
+        </proxy>
+
+ProxyPreserveHost On
+ProxyPass /.well-known/ !
+ProxyPass / http://127.0.0.1:7090/ retry=1 acquire=3000 timeout=600 Keepalive=On
+ProxyPassReverse / http://127.0.0.1:7090/
+
+RewriteEngine on
+RewriteCond %{HTTP:Upgrade} websocket [NC]
+RewriteCond %{HTTP:Connection} upgrade [NC]
+RewriteRule ^/?(.*) "ws://localhost:7090/$1" [P,L]
+
+ProxyRequests off
+
+SSLProxyVerify none 
+SSLProxyCheckPeerCN off
+SSLProxyCheckPeerName off