Last active
March 12, 2021 13:18
-
-
Save jhass/719014 to your computer and use it in GitHub Desktop.
Advanced Diaspora Apache reverse proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure to notice the comments at https://gist.github.com/jhass/719014#gistcomment-19774 | |
| <VirtualHost *:80> | |
| ServerName diaspora.example.org | |
| ServerAlias www.diaspora.example.org | |
| RedirectPermanent / https://diaspora.example.org/ | |
| </VirtualHost> | |
| <VirtualHost *:443> | |
| ServerName diaspora.example.org | |
| ServerAlias www.diaspora.example.org | |
| DocumentRoot /home/diaspora/diaspora/public | |
| RewriteEngine On | |
| RewriteCond %{HTTP_HOST} !^diaspora\.example\.org [NC] | |
| RewriteRule ^/(.*)$ https://diaspora\.example\.org/$1 [L,R,QSA] | |
| # For Camo support | |
| #RewriteRule ^/camo/(.*)$ balancer://camo/$1 [P,QSA,L] | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
| RewriteRule ^/(.*)$ balancer://upstream%{REQUEST_URI} [P,QSA,L] | |
| <Proxy balancer://upstream> | |
| # Recommended, using a unix socket (Requires Apache >= 2.4) | |
| BalancerMember unix:///path/to/diaspora/tmp/diaspora.sock|http:// | |
| # Alternatively let diaspora listen on a local port (Use this for Apache < 2.4) | |
| # BalancerMember http://localhost:3000 | |
| </Proxy> | |
| # For Camo support | |
| #<Proxy balancer://camo> | |
| # BalancerMember http://localhost:8081 | |
| #</Proxy> | |
| ProxyRequests Off | |
| ProxyVia On | |
| ProxyPreserveHost On | |
| RequestHeader set X_FORWARDED_PROTO https | |
| <Proxy *> | |
| # Apache < 2.4 | |
| #Order allow,deny | |
| #Allow from all | |
| # Apache >= 2.4 | |
| Require all granted | |
| </Proxy> | |
| <Directory /home/diaspora/diaspora/public> | |
| Options -MultiViews | |
| # Apache < 2.4 | |
| #Allow from all | |
| #AllowOverride all | |
| # Apache >= 2.4 | |
| Require all granted | |
| </Directory> | |
| SSLEngine On | |
| SSLCertificateFile /path/to/cert | |
| SSLCertificateKeyFile /path/to/private_key | |
| # For Let's encrypt it should point to /etc/letsencrypt/live/diaspora.example.org/chain.pem | |
| SSLCertificateChainFile /path/to/chain_file | |
| # Based on https://wiki.mozilla.org/Security/Server_Side_TLS - consider as global configuration | |
| SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 | |
| SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 | |
| SSLHonorCipherOrder off | |
| SSLSessionTickets off | |
| </VirtualHost> |
Please suggest below installation for CentOS 7. I am getting apache default test page only.
I am having the same exact problem. CentOS7/Apache.
I have removed apache, Installed Nginx and followed the nginx proxy guide they provided and it worked for me.
Hi, I am in the process of installing diaspora and setting apache up. Is there any way of nstalling diaspora purely on localhost without any networking or hosting? I want to get a basic idea how it is to work with ROR before I go any further. Thanks.
@heatherita A development setup of diaspora does not need a reverse proxy setup, you just access http://localhost:3000 directly.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please suggest below installation for CentOS 7. I am getting apache default test page only.
requires mod_ssl, mod_rewrite, mod_headers, mod_proxy, mod_proxy_http and mod_proxy_balancer
For Apache 2.4 add mod_lbmethod_byrequests and mod_slotmem_shm to the list.