# SPDX-License-Identifier: CC0-1.0 # Sample Apache2 configuration file for Hydrilla server (over HTTPS). # # Copyright (C) 2022 Wojtek Kosior # Please adapt this file according to your needs can place it file under # Apache2's available site configs directory which will be # /etc/apache2/sites-available/ or similar. Then, enable it using the following # command: # a2ensite hydrilla.example.com.tls # You also need to install and enable the wsgi module for Apache if you haven't # already (e.g. with libapache2-mod-wsgi-py3 Debian package). # The new configuration will only take effect after you restart/reload Apache2 # daemon. # The following configuration enables TLS encryption. If you want to run a local # Hydrilla server utilizing plain HTTP, use the attached # hydrilla.example.com.conf file instead of this one or run a standalone # development server using the hydrilla command. # This configuration file assumes Hydrilla is installed under Python's default # load path and that the attached hydrilla.wsgi sample script has been saved as # /var/lib/hydrilla/wsgi/hydrilla.wsgi <VirtualHost *:80> ServerName hydrilla.example.com Redirect permanent / https://hydrilla.example.com/ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName hydrilla.example.com ServerAdmin admin@example.com DocumentRoot /var/lib/hydrilla/malcontent <Directory /var/lib/hydrilla/malcontent > <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </Directory> <Directory ~ "^/var/lib/hydrilla/malcontent/(resource|mapping)/" > ForceType application/json </Directory> # Make Apache2 automatically pick up the new version of the wsgi script when # it gets written. This line will fail if you don't have mod_wsgi installed # and enabled. WSGIScriptReloading On # The default configuration of mod_wsgi on most *nix systems is to run wsgi # scripts in so-called embedded mode. The following 2 lines instruct Apache # to instead run our wsgi script in a daemon process which makes it more # flexible and reliable. Here we also set environment variables that are # needed to tell Python that the system supports UTF-8 encoding. # Feel free to modify the arguments to WSGIDaemonProcess according to your # needs: # https://modwsgi.readthedocs.io/en/develop/user-guides/quick-configuration-guide.html#delegation-to-daemon-process WSGIDaemonProcess hydrilla.example.com lang='C.UTF-8' locale='C.UTF-8' WSGIProcessGroup hydrilla.example.com <Directory /var/lib/hydrilla/wsgi > <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </Directory> WSGIScriptAliasMatch "^/((resource|mapping)/[^/]+[.]json|query)$" "/var/lib/hydrilla/wsgi/hydrilla.wsgi/$1" ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # Change the paths to point to your actual certificate files. SSLEngine on SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem </VirtualHost> </IfModule>