blob: 357ecb39c5ca0c518a2ca96caf38587a76dcbe5a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
# SPDX-License-Identifier: CC0-1.0
# Sample Apache2 configuration file for Hydrilla server (over HTTPS).
#
# Copyright (C) 2022 Wojtek Kosior
# Please adapt this file according to your needs can place it file under
# Apache2's available site configs directory which will be
# /etc/apache2/sites-available/ or similar. Then, enable it using the following
# command:
# a2ensite hydrilla.example.com.tls
# You also need to install and enable the wsgi module for Apache if you haven't
# already (e.g. with libapache2-mod-wsgi-py3 Debian package).
# The new configuration will only take effect after you restart/reload Apache2
# daemon.
# The following configuration enables TLS encryption. If you want to run a local
# Hydrilla server utilizing plain HTTP, use the attached
# hydrilla.example.com.conf file instead of this one or run a standalone
# development server using the hydrilla command.
# This configuration file assumes Hydrilla is installed under Python's default
# load path and that the attached hydrilla.wsgi sample script has been saved as
# /var/lib/hydrilla/wsgi/hydrilla.wsgi
<VirtualHost *:80>
ServerName hydrilla.example.com
Redirect permanent / https://hydrilla.example.com/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName hydrilla.example.com
ServerAdmin admin@example.com
DocumentRoot /var/lib/hydrilla/malcontent
<Directory /var/lib/hydrilla/malcontent >
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
<Directory ~ "^/var/lib/hydrilla/malcontent/(resource|mapping)/" >
ForceType application/json
</Directory>
# Make Apache2 automatically pick up the new version of the wsgi script when
# it gets written. This line will fail if you don't have mod_wsgi installed
# and enabled.
WSGIScriptReloading On
# The default configuration of mod_wsgi on most *nix systems is to run wsgi
# scripts in so-called embedded mode. The following 2 lines instruct Apache
# to instead run our wsgi script in a daemon process which makes it more
# flexible and reliable. Here we also set environment variables that are
# needed to tell Python that the system supports UTF-8 encoding.
# Feel free to modify the arguments to WSGIDaemonProcess according to your
# needs:
# https://modwsgi.readthedocs.io/en/develop/user-guides/quick-configuration-guide.html#delegation-to-daemon-process
WSGIDaemonProcess hydrilla.example.com lang='C.UTF-8' locale='C.UTF-8'
WSGIProcessGroup hydrilla.example.com
<Directory /var/lib/hydrilla/wsgi >
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
WSGIScriptAliasMatch "^/((resource|mapping)/[^/]+[.]json|query)$" "/var/lib/hydrilla/wsgi/hydrilla.wsgi/$1"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# Change the paths to point to your actual certificate files.
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>
</IfModule>
|
