diff --git a/apache.conf.example b/apache.conf.example
index b09b97a..889a683 100644
--- a/apache.conf.example
+++ b/apache.conf.example
@@ -1,104 +1,62 @@
-# Beispiel Apache-Konfiguration für tt-tagebuch.de
-# Diese Datei sollte in /etc/apache2/sites-available/tt-tagebuch.de.conf eingefügt werden
+# Apache-Konfiguration für tt-tagebuch.de mit WebSocket-Support
#
# WICHTIG: Folgende Module müssen aktiviert sein:
# sudo a2enmod proxy
# sudo a2enmod proxy_http
# sudo a2enmod proxy_wstunnel
# sudo a2enmod rewrite
-# sudo a2enmod ssl
# sudo a2enmod headers
# sudo systemctl restart apache2
-
- ServerName tt-tagebuch.de
- ServerAlias www.tt-tagebuch.de
-
- # Redirect HTTP zu HTTPS
- Redirect permanent / https://tt-tagebuch.de/
-
-
ServerName tt-tagebuch.de
ServerAlias www.tt-tagebuch.de
- # SSL-Konfiguration (anpassen je nach Zertifikat)
+ DocumentRoot /var/www/tt-tagebuch.de
+
+
+ Options Indexes FollowSymLinks
+ AllowOverride All
+ Require all granted
+
+
+ ErrorLog ${APACHE_LOG_DIR}/tt-tagebuch.de_error.log
+ CustomLog ${APACHE_LOG_DIR}/tt-tagebuch.de_access.log combined
+
SSLEngine on
- SSLCertificateFile /path/to/ssl/cert.pem
- SSLCertificateKeyFile /path/to/ssl/key.pem
- # Optional: SSLCertificateChainFile /path/to/ssl/chain.pem
+ SSLCertificateFile /etc/letsencrypt/live/tt-tagebuch.de/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/tt-tagebuch.de/privkey.pem
+ Include /etc/letsencrypt/options-ssl-apache.conf
- # SSL-Einstellungen
- SSLProtocol all -SSLv2 -SSLv3
- SSLCipherSuite HIGH:!aNULL:!MD5
- SSLHonorCipherOrder on
-
- # Logging
- ErrorLog ${APACHE_LOG_DIR}/tt-tagebuch.de-error.log
- CustomLog ${APACHE_LOG_DIR}/tt-tagebuch.de-access.log combined
-
- # Max Upload Size
- LimitRequestBody 52428800
+ ProxyRequests Off
# WebSocket-Proxy für Socket.IO
- # WICHTIG: Diese Location muss VOR der allgemeinen /api Location stehen
+ # WICHTIG: Diese LocationMatch muss VOR den anderen ProxyPass-Direktiven stehen
- ProxyPass ws://localhost:3005/socket.io/
- ProxyPassReverse ws://localhost:3005/socket.io/
-
- # WebSocket-Upgrade Headers
+ # WebSocket-Upgrade erkennen und weiterleiten
RewriteEngine on
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
- RewriteRule ^/?(.*) "ws://localhost:3005/$1" [P,L]
+ RewriteRule ^/?(.*) "ws://localhost:3050/$1" [P,L]
- # Fallback für HTTP (Polling)
- ProxyPass http://localhost:3005/socket.io/
- ProxyPassReverse http://localhost:3005/socket.io/
+ # Fallback für HTTP (Polling) - muss nach dem RewriteRule stehen
+ ProxyPass http://localhost:3050/socket.io/
+ ProxyPassReverse http://localhost:3050/socket.io/
- # Headers
+ # Headers für WebSocket
ProxyPreserveHost On
+ ProxyAddHeaders On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
+ RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
# API-Routen
-
- ProxyPass http://localhost:3005/api/
- ProxyPassReverse http://localhost:3005/api/
-
- ProxyPreserveHost On
- RequestHeader set X-Forwarded-Proto "https"
- RequestHeader set X-Real-IP %{REMOTE_ADDR}s
-
+ ProxyPass /api http://localhost:3050/api
+ ProxyPassReverse /api http://localhost:3050/api
- # Statische Frontend-Dateien
- DocumentRoot /var/www/tt-tagebuch.de/frontend/dist
-
-
- Options -Indexes +FollowSymLinks
- AllowOverride All
- Require all granted
-
- # Fallback auf index.html für Vue Router
- RewriteEngine On
- RewriteBase /
- RewriteRule ^index\.html$ - [L]
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule . /index.html [L]
-
-
- # Cache-Control für statische Assets
-
- ExpiresActive On
- ExpiresDefault "access plus 1 year"
- Header set Cache-Control "public, immutable"
-
-
- # Security Headers
- Header always set X-Frame-Options "SAMEORIGIN"
- Header always set X-Content-Type-Options "nosniff"
- Header always set X-XSS-Protection "1; mode=block"
+ # Alle anderen Anfragen an den Backend-Server (für Frontend)
+ ProxyPass / http://localhost:3050/
+ ProxyPassReverse / http://localhost:3050/