Permalink
Fetching contributors…
Cannot retrieve contributors at this time
89 lines (80 sloc) 3.3 KB
# This is a sample Apache SSL reverse proxy configuration for use with Sandstorm. Read more:
#
# https://docs.sandstorm.io/en/latest/administering/
# Any line containing example.com MUST be changed for this to work right. All other lines
# should work for an "out of the box" installation.
<VirtualHost *:80>
# Use this VirtualHost for example.com and wildcards.
ServerName example.com
ServerAlias *.example.com
Redirect / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias *.example.com
SSLEngine on
# The following paths will of course need to be replaced with the correct paths
SSLCertificateFile /etc/pki/tls/certs/example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/example.com.key
SSLCertificateChainFile /etc/pki/tls/certs/providedChainFileForexample.com.crt
Header always add Strict-Transport-Security "max-age=15768000; includeSubdomains"
# Enable mod_rewrite so we can dispatch to ws:// vs. http:// based on HTTP Header. To make this
# work, you might need to run:
#
# sudo a2enmod rewrite
RewriteEngine On
SSLProxyEngine On
# If this request wanted a websocket, then give it one. To make this work, you might need to run:
#
# sudo a2enmod proxy_wstunnel
RewriteCond %{HTTP:Upgrade} =websocket
RewriteRule /(.*) ws://127.0.0.1:6080/$1 [P,L]
# If this request did not want a websocket, then give it http:// access to Sandstorm. To make this
# work, you might need to run:
#
# sudo a2enmod proxy_http
RewriteCond %{HTTP:Upgrade} !=websocket
RewriteRule /(.*) http://127.0.0.1:6080/$1 [P,L]
# By default, send all requests to Sandstorm over http://
ProxyPass / http://127.0.0.1:6080/ KeepAlive=On
# Preserve the inbound "Host: ..." header from the HTTP request. This is important so that
# Sandstorm can detect which wildcard host is being requested.
ProxyPreserveHost On
</VirtualHost>
# Uncomment the below section and remove the above section if SSL is not desired.
#
# # This is a sample Apache reverse proxy configuration for use with Sandstorm. Read more:
# #
# # https://docs.sandstorm.io/en/latest/administering/
#
# <VirtualHost *:80>
# # Use this VirtualHost for example.com and wildcards.
# ServerName example.com
# ServerAlias *.example.com
#
# # Enable mod_rewrite so we can dispatch to ws:// vs. http:// based on HTTP Header. To make this
# # work, you might need to run:
# #
# # sudo a2enmod rewrite
# RewriteEngine On
#
# # If this request wanted a websocket, then give it one. To make this work, you might need to run:
# #
# # sudo a2enmod proxy_wstunnel
# RewriteCond %{HTTP:Upgrade} =websocket
# RewriteRule /(.*) ws://localhost:6080/$1 [P,L]
#
# # If this request did not want a websocket, then give it http:// access to Sandstorm. To make this
# # work, you might need to run:
# #
# # sudo a2enmod proxy_http
# RewriteCond %{HTTP:Upgrade} !=websocket
# RewriteRule /(.*) http://localhost:6080/$1 [P,L]
#
# # By default, send all requests to Sandstorm over http://
# ProxyPass / http://localhost:6080/
#
# # Preserve the inbound "Host: ..." header from the HTTP request. This is important so that
# # Sandstorm can detect which wildcard host is being requested.
# ProxyPreserveHost On
# </VirtualHost>