yourpart3/yourpart-https.conf

<IfModule mod_ssl.c>
<VirtualHost your-part.de:443>
    ServerAdmin webmaster@your-part.de
    ServerName your-part.de
    ServerAlias www.your-part.de

    DocumentRoot /opt/yourpart/frontend/dist

    DirectoryIndex index.html

    # Frontend statische Dateien
    <Directory "/opt/yourpart/frontend/dist">
        AllowOverride None
        Options -Indexes +FollowSymLinks
        Require all granted
        
        # Fallback für Vue Router
        FallbackResource /index.html
    </Directory>

    # API-Requests an Backend weiterleiten
    ProxyPass "/api/" "http://localhost:2020/api/"
    ProxyPassReverse "/api/" "http://localhost:2020/api/"
    
    # WebSocket-Requests an Backend weiterleiten
    ProxyPass "/socket.io/" "http://localhost:2020/socket.io/"
    ProxyPassReverse "/socket.io/" "http://localhost:2020/socket.io/"
    
    # WebSocket-Upgrade-Header für Socket.io
    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteRule ^/socket.io/(.*)$ "ws://localhost:2020/socket.io/$1" [P,L]
    
    # WebSocket-Upgrade-Header für Daemon-Verbindungen
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteRule ^/ws/(.*)$ "ws://localhost:4551/$1" [P,L]
    
    # Blockiere alle anderen /ws/ Requests (nur WebSocket-Upgrade erlaubt)
    ProxyPass "/ws/" "!"

    ErrorLog /var/log/apache2/yourpart.error.log
    CustomLog /var/log/apache2/yourpart.access.log combined

    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature On

    # SSL-Konfiguration
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/www.your-part.de/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.your-part.de/privkey.pem

    # www Redirect
    RewriteCond %{SERVER_NAME} =your-part.de
    RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</IfModule>