This configuration will disable the let's encrypt part of the configuration. Your BTCPay will still install a reverse proxy, which is needed to allow access to i.e. Ride The Lightning.
Please adapt the configuration to your environment:
Replace btcpay.DOMAIN.TLD with the actual vHost domain name you will be using to tunnel requests through. You may also want to change the pruning setting according to your needs.
mkdir BTCPayServer
cd BTCPayServer/
git clone https://github.com/btcpayserver/btcpayserver-docker
cd btcpayserver-docker/
export BTCPAY_HOST="btcpay.DOMAIN.TLD"
export NBITCOIN_NETWORK="mainnet"
export BTCPAYGEN_CRYPTO1="btc"
export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage-s"
export BTCPAYGEN_LIGHTNING="lnd"
export BTCPAY_ENABLE_SSH="true"
export REVERSEPROXY_HTTP_PORT="127.0.0.1:8083"
export BTCPAYGEN_EXCLUDE_FRAGMENTS="$BTCPAYGEN_EXCLUDE_FRAGMENTS;nginx-https"
export BTCPAYGEN_REVERSEPROXY="nginx"
. ./btcpay-setup.sh -iIn your Apache configuration include the following:
Header add X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Proto "https"
ProxyPreserveHost on
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:8083/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://localhost:8083/$1 [P,L]
ProxyPassReverse / http://localhost:3001/
config looks good to me. Though I don't quite understand why you introduced the proxyPass and proxyPassReverse for /rtl
RTL is configured as part of the nginx that BTCPay configures. No seperate rule should be required for it to work.
Sadly I can't repro as I run on a pretty low end VPS at the moment and don't have the ressources to run LND or CLN with RTL.