From ae96024993f111bcb1e48824f5f63be63ef38b1f Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Wed, 27 Apr 2022 12:08:25 +0200 Subject: New upstream version 1.0 --- doc/examples/hydrilla.example.com.tls.conf | 94 ++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 doc/examples/hydrilla.example.com.tls.conf (limited to 'doc/examples/hydrilla.example.com.tls.conf') diff --git a/doc/examples/hydrilla.example.com.tls.conf b/doc/examples/hydrilla.example.com.tls.conf new file mode 100644 index 0000000..357ecb3 --- /dev/null +++ b/doc/examples/hydrilla.example.com.tls.conf @@ -0,0 +1,94 @@ +# SPDX-License-Identifier: CC0-1.0 + +# Sample Apache2 configuration file for Hydrilla server (over HTTPS). +# +# Copyright (C) 2022 Wojtek Kosior + + +# Please adapt this file according to your needs can place it file under +# Apache2's available site configs directory which will be +# /etc/apache2/sites-available/ or similar. Then, enable it using the following +# command: +# a2ensite hydrilla.example.com.tls +# You also need to install and enable the wsgi module for Apache if you haven't +# already (e.g. with libapache2-mod-wsgi-py3 Debian package). +# The new configuration will only take effect after you restart/reload Apache2 +# daemon. + +# The following configuration enables TLS encryption. If you want to run a local +# Hydrilla server utilizing plain HTTP, use the attached +# hydrilla.example.com.conf file instead of this one or run a standalone +# development server using the hydrilla command. + +# This configuration file assumes Hydrilla is installed under Python's default +# load path and that the attached hydrilla.wsgi sample script has been saved as +# /var/lib/hydrilla/wsgi/hydrilla.wsgi + + + ServerName hydrilla.example.com + + Redirect permanent / https://hydrilla.example.com/ + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + + ServerName hydrilla.example.com + ServerAdmin admin@example.com + + DocumentRoot /var/lib/hydrilla/malcontent + + + + Order allow,deny + Allow from all + + = 2.4> + Require all granted + + + + + ForceType application/json + + + # Make Apache2 automatically pick up the new version of the wsgi script when + # it gets written. This line will fail if you don't have mod_wsgi installed + # and enabled. + WSGIScriptReloading On + + # The default configuration of mod_wsgi on most *nix systems is to run wsgi + # scripts in so-called embedded mode. The following 2 lines instruct Apache + # to instead run our wsgi script in a daemon process which makes it more + # flexible and reliable. Here we also set environment variables that are + # needed to tell Python that the system supports UTF-8 encoding. + # Feel free to modify the arguments to WSGIDaemonProcess according to your + # needs: + # https://modwsgi.readthedocs.io/en/develop/user-guides/quick-configuration-guide.html#delegation-to-daemon-process + WSGIDaemonProcess hydrilla.example.com lang='C.UTF-8' locale='C.UTF-8' + WSGIProcessGroup hydrilla.example.com + + + + Order allow,deny + Allow from all + + = 2.4> + Require all granted + + + + WSGIScriptAliasMatch "^/((resource|mapping)/[^/]+[.]json|query)$" "/var/lib/hydrilla/wsgi/hydrilla.wsgi/$1" + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # Change the paths to point to your actual certificate files. + SSLEngine on + SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem + SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem + SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem + + -- cgit v1.2.3