From fbebd6c1c147ec4f83d349e085cad2e0f30d793b Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Wed, 14 Jan 2026 12:02:49 +0100
Subject: [PATCH] Refactor yourpart-https.conf for improved WebSocket handling
 and domain redirection

- Updated www redirect to exclude WebSocket paths for better functionality.
- Consolidated WebSocket upgrade rules for Socket.io and daemon connections.
- Enhanced organization of proxy settings for API and WebSocket requests, improving maintainability.
---
 yourpart-https-alternative.conf | 74 +++++++++++++++++++++++++++++++++
 yourpart-https.conf             | 35 ++++++++--------
 2 files changed, 92 insertions(+), 17 deletions(-)
 create mode 100644 yourpart-https-alternative.conf

diff --git a/yourpart-https-alternative.conf b/yourpart-https-alternative.conf
new file mode 100644
index 0000000..a5bec8f
--- /dev/null
+++ b/yourpart-https-alternative.conf
@@ -0,0 +1,74 @@
+<IfModule mod_ssl.c>
+<VirtualHost your-part.de:443>
+    ServerAdmin webmaster@your-part.de
+    ServerName your-part.de
+    ServerAlias www.your-part.de
+
+    DocumentRoot /opt/yourpart/frontend/dist
+
+    DirectoryIndex index.html
+
+    # Frontend statische Dateien
+    <Directory "/opt/yourpart/frontend/dist">
+        AllowOverride None
+        Options -Indexes +FollowSymLinks
+        Require all granted
+        
+        # Fallback für Vue Router
+        FallbackResource /index.html
+    </Directory>
+
+    # www Redirect (muss zuerst kommen)
+    RewriteEngine on
+    RewriteCond %{SERVER_NAME} =your-part.de
+    RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+    
+    # Proxy-Einstellungen
+    ProxyPreserveHost On
+    ProxyRequests Off
+    RequestHeader set X-Forwarded-Proto "https"
+    AllowEncodedSlashes NoDecode
+    
+    # API-Requests an Backend weiterleiten
+    ProxyPass "/api/" "http://localhost:2020/api/"
+    ProxyPassReverse "/api/" "http://localhost:2020/api/"
+    
+    # Socket.io: WebSocket und HTTP-Polling mit Location-Blöcken
+    <LocationMatch "^/socket.io/">
+        # WebSocket-Upgrade
+        RewriteEngine on
+        RewriteCond %{HTTP:Upgrade} websocket [NC]
+        RewriteCond %{HTTP:Connection} upgrade [NC]
+        RewriteRule .* "ws://localhost:2020%{REQUEST_URI}" [P,L]
+        
+        # HTTP-Fallback für Polling
+        ProxyPass "http://localhost:2020/socket.io/"
+        ProxyPassReverse "http://localhost:2020/socket.io/"
+    </LocationMatch>
+    
+    # Daemon: WebSocket mit Location-Block
+    <LocationMatch "^/ws/">
+        # WebSocket-Upgrade
+        RewriteEngine on
+        RewriteCond %{HTTP:Upgrade} websocket [NC]
+        RewriteCond %{HTTP:Connection} upgrade [NC]
+        RewriteRule .* "ws://localhost:4551%{REQUEST_URI}" [P,L]
+        
+        # HTTP-Fallback (sollte eigentlich nicht benötigt werden)
+        ProxyPass "http://localhost:4551/"
+        ProxyPassReverse "http://localhost:4551/"
+    </LocationMatch>
+
+    ErrorLog /var/log/apache2/yourpart.error.log
+    CustomLog /var/log/apache2/yourpart.access.log combined
+
+    HostnameLookups Off
+    UseCanonicalName Off
+    ServerSignature On
+
+    # SSL-Konfiguration
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    SSLCertificateFile /etc/letsencrypt/live/www.your-part.de/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/www.your-part.de/privkey.pem
+</VirtualHost>
+</IfModule>
diff --git a/yourpart-https.conf b/yourpart-https.conf
index a3426ec..67d9a1e 100644
--- a/yourpart-https.conf
+++ b/yourpart-https.conf
@@ -18,37 +18,38 @@
         FallbackResource /index.html
     </Directory>
 
-    # www Redirect (muss zuerst kommen, damit WebSocket-Regeln nicht beeinflusst werden)
-    RewriteEngine on
-    RewriteCond %{SERVER_NAME} =your-part.de
-    RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
-    
     # Proxy-Einstellungen
     ProxyPreserveHost On
     ProxyRequests Off
     RequestHeader set X-Forwarded-Proto "https"
     AllowEncodedSlashes NoDecode
     
-    # WebSocket-Upgrade mit RewriteRule (muss VOR ProxyPass stehen!)
-    # WebSocket-Upgrade für Socket.io
-    RewriteCond %{HTTP:Upgrade} websocket [NC]
-    RewriteCond %{HTTP:Connection} upgrade [NC]
-    RewriteRule ^/socket.io/(.*)$ "ws://localhost:2020/socket.io/$1" [P,L]
-    
-    # WebSocket-Upgrade für Daemon
-    RewriteCond %{HTTP:Upgrade} websocket [NC]
-    RewriteCond %{HTTP:Connection} upgrade [NC]
-    RewriteRule ^/ws/(.*)$ "ws://localhost:4551/$1" [P,L]
+    # www Redirect (muss zuerst kommen, aber nicht für WebSocket-Pfade)
+    RewriteEngine on
+    RewriteCond %{SERVER_NAME} =your-part.de
+    RewriteCond %{REQUEST_URI} !^/socket\.io/
+    RewriteCond %{REQUEST_URI} !^/ws/
+    RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
     
     # API-Requests an Backend weiterleiten
     ProxyPass "/api/" "http://localhost:2020/api/"
     ProxyPassReverse "/api/" "http://localhost:2020/api/"
     
-    # HTTP-Proxy für Socket.io (Fallback für Polling)
+    # Socket.io: WebSocket-Upgrade (muss VOR ProxyPass stehen!)
+    RewriteCond %{HTTP:Upgrade} websocket [NC]
+    RewriteCond %{HTTP:Connection} upgrade [NC]
+    RewriteRule ^/socket.io/(.*)$ "ws://localhost:2020/socket.io/$1" [P,L]
+    
+    # Socket.io: HTTP-Fallback für Polling
     ProxyPass "/socket.io/" "http://localhost:2020/socket.io/"
     ProxyPassReverse "/socket.io/" "http://localhost:2020/socket.io/"
     
-    # HTTP-Proxy für Daemon (Fallback, sollte eigentlich nicht benötigt werden)
+    # Daemon: WebSocket-Upgrade (muss VOR ProxyPass stehen!)
+    RewriteCond %{HTTP:Upgrade} websocket [NC]
+    RewriteCond %{HTTP:Connection} upgrade [NC]
+    RewriteRule ^/ws/(.*)$ "ws://localhost:4551/$1" [P,L]
+    
+    # Daemon: HTTP-Fallback (sollte eigentlich nicht benötigt werden)
     ProxyPass "/ws/" "http://localhost:4551/"
     ProxyPassReverse "/ws/" "http://localhost:4551/"