Cryptpad: Unterschied zwischen den Versionen
Aus Vosp.info
F (Diskussion | Beiträge) |
F (Diskussion | Beiträge) |
||
| Zeile 2: | Zeile 2: | ||
** https://github.com/xwiki-labs/cryptpad/wiki/Installation-guide | ** https://github.com/xwiki-labs/cryptpad/wiki/Installation-guide | ||
** https://github.com/xwiki-labs/cryptpad/wiki/Apache | ** https://github.com/xwiki-labs/cryptpad/wiki/Apache | ||
| + | |||
| + | |||
| + | == Apache Proxy == | ||
| + | * bash | ||
| + | <source lang=bash> | ||
| + | a2enmod ssl | ||
| + | a2enmod rewrite | ||
| + | a2enmod auth_basic | ||
| + | a2enmod proxy | ||
| + | a2enmod proxy_http | ||
| + | </source> | ||
| + | |||
| + | * /etc/apache2/sites-enabled/cryptpad.domain.tld.conf | ||
| + | <source lang=xml> | ||
| + | <VirtualHost *:80> | ||
| + | ServerName cryptpad.domain.tld | ||
| + | Redirect permanent / https://cryptpad.domain.tld | ||
| + | </VirtualHost> | ||
| + | |||
| + | <VirtualHost *:443> | ||
| + | ServerName cryptpad.domain.tld | ||
| + | ServerAdmin admin@domain.com | ||
| + | |||
| + | # Turn SSL on | ||
| + | SSLEngine on | ||
| + | SSLProxyEngine On | ||
| + | |||
| + | # ProxyPreserveHost On to prevent SSL handshake fail for valid domainn. | ||
| + | # Note: requires valid SSL Certificate obviously | ||
| + | ProxyPreserveHost On | ||
| + | |||
| + | # Do not enable proxying with ProxyRequests until you have secured your server. | ||
| + | # Open proxy servers are dangerous both to your network and to the Internet at large. | ||
| + | ProxyRequests Off | ||
| + | |||
| + | # Certificate chain. Note: also add these in Cryptpad config.js as privKeyAndCertFiles value | ||
| + | # SSLCertificateFile /etc/letsencrypt/live/cryptpad.domain.com/fullchain.pem | ||
| + | # SSLCertificateKeyFile /etc/letsencrypt/live/cryptpad.domain.com/privkey.pem | ||
| + | SSLCertificateKeyFile /etc/ssl/private/live/domain.tld/privkey.pem | ||
| + | SSLCertificateFile /etc/ssl/private/live/domain.tld/cert.pem | ||
| + | SSLCertificateChainFile /etc/ssl/private/live/domain.tld/chain.pem | ||
| + | # Include /etc/letsencrypt/options-ssl-apache.conf | ||
| + | |||
| + | # This is the "httpSafePort" from the Cryptpad config.js. | ||
| + | # Not sure if this should be here. Note: in my setup changing this to port 3000 results in a 502 proxy error | ||
| + | #ProxyPass / http://localhost:3001/ | ||
| + | ProxyPass / http://195.17.149.245:3001/ | ||
| + | ProxyPassReverse / http://195.17.149.245:3001/ | ||
| + | #ProxyPassReverse / http://localhost:3001/ | ||
| + | |||
| + | # Activate the Apache RewriteEngine | ||
| + | RewriteEngine On | ||
| + | |||
| + | # Catch websocket requests. Change this to value of your websocketPath in Cryptpad config.js | ||
| + | RewriteCond %{REQUEST_URI} ^/cryptpad_websocket [NC] | ||
| + | |||
| + | # Rewrite to websocket. Port number should be value of httpPort in Cryptpad config.js | ||
| + | #RewriteRule /(.*) ws://localhost:3000/$1 [P] | ||
| + | RewriteRule /(.*) ws://195.17.149.245:3000/$1 [P] | ||
| + | |||
| + | ErrorLog ${APACHE_LOG_DIR}/error.cryptpad.domain.tld.log | ||
| + | CustomLog ${APACHE_LOG_DIR}/access.cryptpad.domain.tld.log combined | ||
| + | |||
| + | </VirtualHost> | ||
| + | </source> | ||
Version vom 21. November 2020, 10:04 Uhr
Apache Proxy
- bash
a2enmod ssl
a2enmod rewrite
a2enmod auth_basic
a2enmod proxy
a2enmod proxy_http
- /etc/apache2/sites-enabled/cryptpad.domain.tld.conf
<VirtualHost *:80>
ServerName cryptpad.domain.tld
Redirect permanent / https://cryptpad.domain.tld
</VirtualHost>
<VirtualHost *:443>
ServerName cryptpad.domain.tld
ServerAdmin admin@domain.com
# Turn SSL on
SSLEngine on
SSLProxyEngine On
# ProxyPreserveHost On to prevent SSL handshake fail for valid domainn.
# Note: requires valid SSL Certificate obviously
ProxyPreserveHost On
# Do not enable proxying with ProxyRequests until you have secured your server.
# Open proxy servers are dangerous both to your network and to the Internet at large.
ProxyRequests Off
# Certificate chain. Note: also add these in Cryptpad config.js as privKeyAndCertFiles value
# SSLCertificateFile /etc/letsencrypt/live/cryptpad.domain.com/fullchain.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/cryptpad.domain.com/privkey.pem
SSLCertificateKeyFile /etc/ssl/private/live/domain.tld/privkey.pem
SSLCertificateFile /etc/ssl/private/live/domain.tld/cert.pem
SSLCertificateChainFile /etc/ssl/private/live/domain.tld/chain.pem
# Include /etc/letsencrypt/options-ssl-apache.conf
# This is the "httpSafePort" from the Cryptpad config.js.
# Not sure if this should be here. Note: in my setup changing this to port 3000 results in a 502 proxy error
#ProxyPass / http://localhost:3001/
ProxyPass / http://195.17.149.245:3001/
ProxyPassReverse / http://195.17.149.245:3001/
#ProxyPassReverse / http://localhost:3001/
# Activate the Apache RewriteEngine
RewriteEngine On
# Catch websocket requests. Change this to value of your websocketPath in Cryptpad config.js
RewriteCond %{REQUEST_URI} ^/cryptpad_websocket [NC]
# Rewrite to websocket. Port number should be value of httpPort in Cryptpad config.js
#RewriteRule /(.*) ws://localhost:3000/$1 [P]
RewriteRule /(.*) ws://195.17.149.245:3000/$1 [P]
ErrorLog ${APACHE_LOG_DIR}/error.cryptpad.domain.tld.log
CustomLog ${APACHE_LOG_DIR}/access.cryptpad.domain.tld.log combined
</VirtualHost>
