@tamra tamra / リバースプロキシの設定例
Created at Sat Nov 11 06:23:10 JST 2017
Apache2でmastodonのリバースプロキシを作るサンプル。
リバースプロキシの設定例
Raw
<VirtualHost *:443>
  ServerName mastodon.hoge
  Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload "
  Header add X-Content-Type-Options nosniff
  Header add Referrer-Policy "unsafe-url"
  Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'"
  SSLEngine on
  SSLHonorCipherOrder on
  SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
  SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
  SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem
  ProxyPreserveHost On
  ProxyRequests Off
  ProxyPass /api/v1/streaming/ ws://localhost:4000/
  ProxyPass / http://localhost:3000/
  ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/
  ProxyPassReverse / http://localhost:3000/
  RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>


<VirtualHost *:80>
  ServerName mastodon.hoge
  DocumentRoot /home/htdocs/dummy
  RewriteEngine on
  RewriteRule "^/.well-known/acme-challenge" "-" [END]
  RewriteCond %{HTTP_HOST} ^mastodon\.hoge
  RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L]
</VirtualHost>