GitBucket
Pull requests
Issues
Snippets
Sign in
tamra
/
リバースプロキシの設定例
Fork
0
Created at Sat Nov 11 06:23:10 JST 2017
Download ZIP
HTTP
Embed
Embed this snippet in your website.
HTTP
Clone with Git using the repository's web address.
Code
Revision
Forks
TAM (Teppei Tamra)
revised this
on 10 Jan 2018
No changes.
d7bebc5
TAM (Teppei Tamra)
revised this
on 10 Jan 2018
84cec0a
reverseproxy
<VirtualHost *:443> ServerName mastodon.hoge Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload " Header add X-Content-Type-Options nosniff Header add Referrer-Policy "unsafe-url" Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'" SSLEngine on SSLHonorCipherOrder on SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem ProxyPreserveHost On ProxyRequests Off ProxyPass /api/v1/streaming/ ws://localhost:4000/ ProxyPass / http://localhost:3000/ ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/ ProxyPassReverse / http://localhost:3000/ RequestHeader set X-Forwarded-Proto "https" </VirtualHost> <VirtualHost *:80> ServerName mastodon.hoge DocumentRoot /home/htdocs/dummy RewriteEngine on RewriteRule "^/.well-known/acme-challenge" "-" [END] RewriteCond %{HTTP_HOST} ^mastodon\.hoge RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L] </VirtualHost>
リバースプロキシの設定例
<VirtualHost *:443> ServerName mastodon.hoge Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload " Header add X-Content-Type-Options nosniff Header add Referrer-Policy "unsafe-url" Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'" SSLEngine on SSLHonorCipherOrder on SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem ProxyPreserveHost On ProxyRequests Off ProxyPass /api/v1/streaming/ ws://localhost:4000/ ProxyPass / http://localhost:3000/ ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/ ProxyPassReverse / http://localhost:3000/ RequestHeader set X-Forwarded-Proto "https" </VirtualHost> <VirtualHost *:80> ServerName mastodon.hoge DocumentRoot /home/htdocs/dummy RewriteEngine on RewriteRule "^/.well-known/acme-challenge" "-" [END] RewriteCond %{HTTP_HOST} ^mastodon\.hoge RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L] </VirtualHost>
TAM (Teppei Tamra)
revised this
on 11 Nov 2017
f66c371
reverseproxy
<VirtualHost *:443> ServerName mastodon.hoge Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload " Header add X-Content-Type-Options nosniff Header add Referrer-Policy "unsafe-url" Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'" SSLEngine on SSLHonorCipherOrder on SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem ProxyPreserveHost On ProxyRequests Off ProxyPass /api/v1/streaming/ ws://localhost:4000/ ProxyPass / http://localhost:3000/ ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/ ProxyPassReverse / http://localhost:3000/ RequestHeader set X-Forwarded-Proto "https" </VirtualHost> <VirtualHost *:80> ServerName mastodon.hoge DocumentRoot /home/htdocs/dummy RewriteEngine on RewriteRule "^/.well-known/acme-challenge" "-" [END] RewriteCond %{HTTP_HOST} ^mastodon\.hoge RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L] </VirtualHost>
<VirtualHost *:443> ServerName mastodon.hoge Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload " Header add X-Content-Type-Options nosniff Header add Referrer-Policy "unsafe-url" Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'" SSLEngine on SSLHonorCipherOrder on SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem ProxyPreserveHost On ProxyRequests Off ProxyPass /api/v1/streaming/ ws://localhost:4000/ ProxyPass / http://localhost:3000/ ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/ ProxyPassReverse / http://localhost:3000/ RequestHeader set X-Forwarded-Proto "https" </VirtualHost> <VirtualHost *:80> ServerName mastodon.hoge DocumentRoot /home/htdocs/dummy RewriteEngine on RewriteRule "^/.well-known/acme-challenge" "-" [END] RewriteCond %{HTTP_HOST} ^mastodon\.hoge RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L] </VirtualHost>
TAM (Teppei Tamra)
revised this
on 11 Nov 2017
4a78238
reverseproxy
<VirtualHost *:443> ServerName mastodon.hoge Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload " Header add X-Content-Type-Options nosniff Header add Referrer-Policy "unsafe-url" Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'" SSLEngine on SSLHonorCipherOrder on SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/letsencrypt/live/mastodon.hoge/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mastodon.hoge/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mastodon.hoge/chain.pem ProxyPreserveHost On ProxyRequests Off ProxyPass /api/v1/streaming/ ws://localhost:4000/ ProxyPass / http://localhost:3000/ ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/ ProxyPassReverse / http://localhost:3000/ RequestHeader set X-Forwarded-Proto "https" </VirtualHost> <VirtualHost *:80> ServerName mastodon.hoge DocumentRoot /home/htdocs/dummy RewriteEngine on RewriteRule "^/.well-known/acme-challenge" "-" [END] RewriteCond %{HTTP_HOST} ^mastodon\.hoge RewriteRule ^/(.*)$ https://mastodon.hoge/$1 [R=301,L] </VirtualHost>