945fd85e39
This commit revises the apache.conf.example file to provide clearer documentation on the configuration structure, emphasizing the separation of HTTP and HTTPS settings. It adds detailed comments regarding the use of separate configuration files for HTTP and HTTPS, and enhances the redirect rules for both www and non-www domains, ensuring proper traffic management and SEO practices.
90 lines
2.9 KiB
Plaintext
90 lines
2.9 KiB
Plaintext
# Apache-Konfiguration für tt-tagebuch.de
|
|
#
|
|
# HINWEIS: Diese Datei ist eine kombinierte Referenz.
|
|
# Für die tatsächliche Konfiguration werden zwei separate Dateien verwendet:
|
|
#
|
|
# 1. apache-http.conf.example -> /etc/apache2/sites-available/tt-tagebuch.de.conf
|
|
# (HTTP, Port 80 - Weiterleitung zu HTTPS)
|
|
#
|
|
# 2. apache-https.conf.example -> /etc/apache2/sites-available/tt-tagebuch.de-le-ssl.conf
|
|
# (HTTPS, Port 443 - Hauptkonfiguration)
|
|
#
|
|
# Oder verwende das Update-Skript: ./update-apache-config.sh
|
|
#
|
|
# WICHTIG: Folgende Module müssen aktiviert sein:
|
|
# sudo a2enmod proxy
|
|
# sudo a2enmod proxy_http
|
|
# sudo a2enmod proxy_wstunnel
|
|
# sudo a2enmod rewrite
|
|
# sudo a2enmod headers
|
|
# sudo systemctl restart apache2
|
|
|
|
# ============================================
|
|
# HTTP (Port 80) - Weiterleitung zu HTTPS
|
|
# ============================================
|
|
|
|
# HTTP: www.tt-tagebuch.de -> HTTPS: tt-tagebuch.de
|
|
<VirtualHost *:80>
|
|
ServerName www.tt-tagebuch.de
|
|
Redirect permanent / https://tt-tagebuch.de/
|
|
</VirtualHost>
|
|
|
|
# HTTP: tt-tagebuch.de -> HTTPS: tt-tagebuch.de
|
|
<VirtualHost *:80>
|
|
ServerName tt-tagebuch.de
|
|
Redirect permanent / https://tt-tagebuch.de/
|
|
</VirtualHost>
|
|
|
|
# ============================================
|
|
# HTTPS (Port 443) - Weiterleitung www -> non-www
|
|
# ============================================
|
|
|
|
# HTTPS: www.tt-tagebuch.de -> HTTPS: tt-tagebuch.de (301-Weiterleitung)
|
|
<VirtualHost *:443>
|
|
ServerName www.tt-tagebuch.de
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/tt-tagebuch.de/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/tt-tagebuch.de/privkey.pem
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
|
|
Redirect permanent / https://tt-tagebuch.de/
|
|
</VirtualHost>
|
|
|
|
# ============================================
|
|
# HTTPS (Port 443) - Hauptkonfiguration (non-www)
|
|
# ============================================
|
|
|
|
<VirtualHost *:443>
|
|
ServerName tt-tagebuch.de
|
|
|
|
DocumentRoot /var/www/tt-tagebuch.de
|
|
|
|
<Directory /var/www/tt-tagebuch.de>
|
|
Options Indexes FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/tt-tagebuch.de_error.log
|
|
CustomLog ${APACHE_LOG_DIR}/tt-tagebuch.de_access.log combined
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/tt-tagebuch.de/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/tt-tagebuch.de/privkey.pem
|
|
Include /etc/letsencrypt/options-ssl-apache.conf
|
|
|
|
ProxyRequests Off
|
|
|
|
# HINWEIS: Socket.IO läuft jetzt direkt auf HTTPS-Port 3051 (nicht über Apache-Proxy)
|
|
# Siehe backend/SOCKET_IO_SSL_SETUP.md für Details
|
|
|
|
# API-Routen
|
|
ProxyPass /api http://localhost:3050/api
|
|
ProxyPassReverse /api http://localhost:3050/api
|
|
|
|
# Alle anderen Anfragen an den Backend-Server (für Frontend)
|
|
ProxyPass / http://localhost:3050/
|
|
ProxyPassReverse / http://localhost:3050/
|
|
</VirtualHost>
|