contrib/apache: Full, confirmed working, config

contrib/apache-eddn.conf

@@ -1,97 +1,166 @@
 # vim: :filetype=apache
-## dev.eddn.edcd.io
+
+###########################################################################
+#
+# Read **ALL** the comments in this file, don't blindly use it!
+#
+# Be sure to replace 'YOUROWN.eddn.edcd.io' with your hostname.
+#
+# Also edit the DocumentRoot and related statements if you use a
+# different path.
+#
+# Ensure the CustomLog directory actually exists, else apache will not
+# start, or die on a restart/reload. 
+#
+###########################################################################
+
+## YOUROWN.eddn.edcd.io
 <VirtualHost *:80>
-        ServerName dev.eddn.edcd.io
+	ServerName YOUROWN.eddn.edcd.io
 
-        DocumentRoot //home/eddn/.local/share/eddn/dev
+	DocumentRoot /home/eddn/.local/share/eddn/dev
 
-        ErrorLog ${APACHE_LOG_DIR}/dev.eddn.edcd.io/error.log
-        # Possible values include: debug, info, notice, warn, error, crit,
-        # alert, emerg.
-        LogLevel warn
-        CustomLog ${APACHE_LOG_DIR}/dev.eddn.edcd.io/access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/error.log
+	# Possible values include: debug, info, notice, warn, error, crit,
+	# alert, emerg.
+	LogLevel warn
+	CustomLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/access.log combined
 
-        Redirect / https://dev.eddn.edcd.io/
-        RedirectMatch "/^(.*)$" "https://dev.eddn.edcd.io/$1"
+	# Comment these out when initially requesting a LetsEncrypt cert
+	Redirect / https://YOUROWN.eddn.edcd.io/
+	RedirectMatch "/^(.*)$" "https://YOUROWN.eddn.edcd.io/$1"
 
-        # LetsEncrypt
-        Alias /.well-known/ /var/www/letsencrypt/.well-known/
-        <Directory /var/www/letsencrypt/.well-known/>
-                Options -Indexes
-        </Directory>
+	# LetsEncrypt
+	Alias /.well-known/ /var/www/letsencrypt/.well-known/
+	<Directory /var/www/letsencrypt/.well-known/>
+		Options -Indexes
+	</Directory>
 
-        <Directory /home/eddn/.local/share/eddn/dev>
-                Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-                AllowOverride All
-                <Limit GET POST OPTIONS>
-                        Require all granted
-                </Limit>
-                <LimitExcept GET POST OPTIONS>
-                        Require all denied
-                </LimitExcept>
+	<Directory /home/eddn/.local/share/eddn/dev>
+		Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+		AllowOverride All
+		<Limit GET POST OPTIONS>
+			Require all granted
+		</Limit>
+		<LimitExcept GET POST OPTIONS>
+			Require all denied
+		</LimitExcept>
 
-                Include partials/default-directory.conf
-        </Directory>
+		Include partials/default-directory.conf
+	</Directory>
 
 </VirtualHost>
 
+# This will need to be commented out/disabled for initial LetsEncrypt
+# certificate request, as you don't have the certificate yet!
 <IfModule mod_ssl.c>
 <VirtualHost *:443>
-        SSLEngine On
-        SSLCertificateFile /etc/letsencrypt/live/dev.eddn.edcd.io/fullchain.pem
-        SSLCertificateKeyFile /etc/letsencrypt/live/dev.eddn.edcd.io/privkey.pem
+	SSLEngine On
+	SSLCertificateFile /etc/letsencrypt/live/YOUROWN.eddn.edcd.io/fullchain.pem
+	SSLCertificateKeyFile /etc/letsencrypt/live/YOUROWN.eddn.edcd.io/privkey.pem
 
-        ServerName dev.eddn.edcd.io
+	ServerName YOUROWN.eddn.edcd.io
 
-        DocumentRoot /home/eddn/.local/share/eddn/dev/monitor
+	DocumentRoot /home/eddn/.local/share/eddn/YOUROWN/monitor
 
-        ErrorLog ${APACHE_LOG_DIR}/dev.eddn.edcd.io/error.log
-        # Possible values include: debug, info, notice, warn, error, crit,
-        # alert, emerg.
-        LogLevel warn
-        CustomLog ${APACHE_LOG_DIR}/dev.eddn.edcd.io/access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/error.log
+	# Possible values include: debug, info, notice, warn, error, crit,
+	# alert, emerg.
+	LogLevel warn
+	CustomLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/access.log combined
 
-        # LetsEncrypt
-        Alias /.well-known/ /var/www/letsencrypt/.well-known/
-        <Directory /var/www/letsencrypt/.well-known/>
-                Options -Indexes
-        </Directory>
+	# LetsEncrypt
+	Alias /.well-known/ /var/www/letsencrypt/.well-known/
+	<Directory /var/www/letsencrypt/.well-known/>
+		Options -Indexes
+	</Directory>
 
-        <Directory /home/eddn/.local/share/eddn/dev>
-                Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-                AllowOverride All
-                <Limit GET POST OPTIONS>
-                        Require all granted
-                </Limit>
-                <LimitExcept GET POST OPTIONS>
-                        Require all denied
-                </LimitExcept>
-        </Directory>
+	<Directory /home/eddn/.local/share/eddn/dev>
+		Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+		AllowOverride All
+		<Limit GET POST OPTIONS>
+			Require all granted
+		</Limit>
+		<LimitExcept GET POST OPTIONS>
+			Require all denied
+		</LimitExcept>
+	</Directory>
 
-        # Serve the schemas
-        Alias /schemas/ /home/eddn/.local/share/eddn/dev/schemas/
+	# Serve the schemas
+	Alias /schemas/ /home/eddn/.local/share/eddn/YOUROWN/schemas/
 
-        # netdata (performance info)
-        <IfModule mod_alias.c>
-                Redirect /netdata /netdata/
-        </IfModule>
-        <LocationMatch /netdata*>
-                SetOutputFilter DEFLATE
+	# netdata (performance info)
+	<IfModule mod_alias.c>
+		Redirect /netdata /netdata/
+	</IfModule>
+	<LocationMatch /netdata*>
+		SetOutputFilter DEFLATE
 
-                <Limit GET POST OPTIONS>
-                        Require all granted
-                </Limit>
-                <LimitExcept GET POST OPTIONS>
-                        Require all denied
-                </LimitExcept>
-        </LocationMatch>
-        <IfModule mod_proxy.c>
-                SSLProxyEngine On
-                SSLProxyVerify none
-                ProxyPreserveHost On
+		<Limit GET POST OPTIONS>
+			Require all granted
+		</Limit>
+		<LimitExcept GET POST OPTIONS>
+			Require all denied
+		</LimitExcept>
+	</LocationMatch>
+	<IfModule mod_proxy.c>
+		SSLProxyEngine On
+		SSLProxyVerify none
+		ProxyPreserveHost On
 
-                ProxyPass "/netdata/" "http://127.0.0.1:19999/"
-        </IfModule>
+		# Yes, plain http for this.
+		ProxyPass "/netdata/" "http://127.0.0.1:19999/"
+	</IfModule>
 
 </VirtualHost>
 </IfModule>
+
+# This is for the Gateway public URLs
+<IfModule mod_ssl.c>
+# This will need to be commented out/disabled for initial LetsEncrypt
+# certificate request, as you don't have the certificate yet!
+# You also need to ensure `Listen 4430` is in ports.conf
+<VirtualHost *:4430>
+	SSLEngine On
+	SSLCertificateFile /etc/letsencrypt/live/YOUROWN.eddn.edcd.io/fullchain.pem
+	SSLCertificateKeyFile /etc/letsencrypt/live/YOUROWN.eddn.edcd.io/privkey.pem
+
+	ServerName YOUROWN.eddn.edcd.io
+
+	DocumentRoot /home/eddn/.local/share/eddn/YOUROWN/monitor
+
+	ErrorLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/error.log
+	# Possible values include: debug, info, notice, warn, error, crit,
+	# alert, emerg.
+	LogLevel warn
+	CustomLog ${APACHE_LOG_DIR}/YOUROWN.eddn.edcd.io/access.log combined
+
+	# LetsEncrypt
+	Alias /.well-known/ /var/www/letsencrypt/.well-known/
+	<Directory /var/www/letsencrypt/.well-known/>
+		Options -Indexes
+	</Directory>
+
+
+	<LocationMatch /*>
+		<Limit GET POST OPTIONS>
+			Require all granted
+		</Limit>
+		<LimitExcept GET POST OPTIONS>
+			Require all denied
+		</LimitExcept>
+	</LocationMatch>
+	<IfModule mod_proxy.c>
+		SSLProxyEngine On
+		SSLProxyVerify none
+		ProxyPreserveHost On
+		ProxyRequests Off
+
+		# Must be https, not http, as the Gateway process is
+		# expecting only https requests.
+		ProxyPass "/" "https://127.0.0.1:8081/"
+		ProxyPassReverse "/" "https://127.0.0.1:8081/"
+	</IfModule>
+</VirtualHost>
+</IfModule>
+