nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-02-23 05:15:34 +08:00
Code Issues Projects Releases Packages Wiki Activity

address review

Browse source 
Signed-off-by: szaimen <szaimen@e.mail.de>
This commit is contained in:
szaimen 2022-06-07 21:23:27 +02:00
parent 3f079bd0f3
commit 8a43baf837
1 changed files with 3 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
reverse-proxy.md
View file

@ -29,7 +29,6 @@ Add this as a new Apache site config:
``` ```
<VirtualHost *:80> <VirtualHost *:80>
ServerName <your-nc-domain> ServerName <your-nc-domain>
ServerAlias <your-nc-domain>
RewriteEngine On RewriteEngine On
RewriteCond %{HTTPS} off RewriteCond %{HTTPS} off
@ -40,7 +39,6 @@ Add this as a new Apache site config:
<VirtualHost *:443> <VirtualHost *:443>
ServerName <your-nc-domain> ServerName <your-nc-domain>
ServerAlias <your-nc-domain>
# Reverse proxy # Reverse proxy
RewriteEngine On RewriteEngine On
@ -48,7 +46,6 @@ Add this as a new Apache site config:
RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC] RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule .* "ws://localhost:11000/$1" [P,L] RewriteRule .* "ws://localhost:11000/$1" [P,L]
ProxyRequests off
ProxyPass / http://localhost:11000/ ProxyPass / http://localhost:11000/
ProxyPassReverse / http://localhost:11000/ ProxyPassReverse / http://localhost:11000/
@ -56,11 +53,7 @@ Add this as a new Apache site config:
Protocols h2 h2c http/1.1 Protocols h2 h2c http/1.1
# SSL # SSL
SSLProxyEngine On SSLEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
Include /etc/letsencrypt/options-ssl-apache.conf Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/<your-nc-domain>/fullchain.pem SSLCertificateFile /etc/letsencrypt/live/<your-nc-domain>/fullchain.pem
@ -76,16 +69,8 @@ Add this as a new Apache site config:
Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux) Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
To make the config work you need to enable the following mods: To make the config work you can run the following command:
``` `sudo a2enmod rewrite proxy proxy_http proxy_wstunnel ssl headers http2`
mod_rewrite
mod_proxy
mod_proxy_http
mod_proxy_wstunnel
mod_ssl
mod_headers
mod_http2
```
</details> </details>