projects / sysconfig / apache2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Tweaks to set up more hostnames
[sysconfig/apache2.git] / sites-available / mit-proxy.conf
diff --git a/sites-available/mit-proxy.conf b/sites-available/mit-proxy.conf
index c9c17cb4ddaf6e3614a72f2eb65de53eb667bac7..1ac172ff0d60223f09ecb977c00072ad297d8220 100644 (file)
--- a/sites-available/mit-proxy.conf
+++ b/sites-available/mit-proxy.conf
@@ -4,9 +4,71 @@
     ProxyPassReverse "/"  "http://adehnert-test-b.mit.edu/"
 </VirtualHost>
 
-<VirtualHost *:80>
+#<VirtualHost *:80>
+#    ServerName squaresdb.dehnerts.com
+#    ProxyPass "/"  "http://squaresdb.augsburg.vms.dehnerts.com/"
+#    ProxyPassReverse "/"  "http://squaresdb.augsburg.vms.dehnerts.com/"
+#</VirtualHost>
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
     ServerName squaresdb.dehnerts.com
-    ProxyPass "/"  "http://adehnert-test-a.mit.edu/"
-    ProxyPassReverse "/"  "http://adehnert-test-a.mit.edu/"
+    SSLProxyEngine on
+    SSLProxyVerify require
+    SSLProxyVerifyDepth 2
+    SSLProxyCACertificatePath /etc/ssl/certs
+    SSLProxyCheckPeerName on
+    ProxyPass "/"  "https://squaresdb.augsburg.vms.dehnerts.com/"
+    ProxyPassReverse "/"  "https://squaresdb.augsburg.vms.dehnerts.com/"
+    ProxyPreserveHost on
+    Include sites-common/ssl-common
+    <IfFile "/etc/letsencrypt/live/squaresdb.dehnerts.com/">
+        SSLCertificateFile /etc/letsencrypt/live/squaresdb.dehnerts.com/fullchain.pem
+        SSLCertificateChainFile /etc/letsencrypt/live/squaresdb.dehnerts.com/fullchain.pem
+        SSLCertificateKeyFile /etc/letsencrypt/live/squaresdb.dehnerts.com/privkey.pem
+    </IfFile>
+    <IfFile ! "/etc/letsencrypt/live/squaresdb.dehnerts.com/">
+        #Warning "correct default cert not detected, falling back to snakeoil"
+        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+    </IfFile>
 </VirtualHost>
+</IfModule>
+
+<VirtualHost *:80>
+    ServerName zulip.dehnerts.com
+    ServerAlias *.zulip.dehnerts.com
+    ProxyPassReverse "/"  "http://zulip.augsburg.vms.dehnerts.com/"
+    ProxyPreserveHost on
 
+    DocumentRoot /var/www/html/
+    RewriteEngine on
+    RewriteCond /var/www/html/%{REQUEST_URI} !-f
+    RewriteRule ^/.well-known/acme-challenge/(.*)$ http://zulip.augsburg.vms.dehnerts.com/.well-known/acme-challenge/$1 [P,QSA,L]
+</VirtualHost>
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+    ServerName zulip.dehnerts.com
+    ServerAlias *.zulip.dehnerts.com
+    SSLProxyEngine on
+    SSLProxyVerify require
+    SSLProxyVerifyDepth 2
+    SSLProxyCACertificatePath /etc/ssl/certs
+    SSLProxyCheckPeerName on
+    ProxyPass "/"  "https://zulip.augsburg.vms.dehnerts.com/"
+    ProxyPassReverse "/"  "https://zulip.augsburg.vms.dehnerts.com/"
+    ProxyPreserveHost on
+    Include sites-common/ssl-common
+    <IfFile "/etc/letsencrypt/live/zulip.dehnerts.com/">
+        SSLCertificateFile /etc/letsencrypt/live/zulip.dehnerts.com/fullchain.pem
+        SSLCertificateChainFile /etc/letsencrypt/live/zulip.dehnerts.com/fullchain.pem
+        SSLCertificateKeyFile /etc/letsencrypt/live/zulip.dehnerts.com/privkey.pem
+    </IfFile>
+    <IfFile ! "/etc/letsencrypt/live/zulip.dehnerts.com/">
+        #Warning "correct default cert not detected, falling back to snakeoil"
+        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+    </IfFile>
+</VirtualHost>
+</IfModule>