aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authornodiscc <nodiscc@gmail.com>2020-08-15 20:03:43 +0200
committernodiscc <nodiscc@gmail.com>2020-09-12 14:31:45 +0200
commit02117f7ea35d719351a99cd4f1c339b2ad4ef266 (patch)
treef52bdc6a6ba1a39bae3cc82bfe51a754d519b7f0
parente21df1e7296cc7ed33e28989b86edebe7bc85b54 (diff)
downloadShaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.tar.gz
Shaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.tar.zst
Shaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.zip
doc: reverse proxy: update HTTP->HTTPS redirect configuration, remove logging options
-rw-r--r--doc/md/Reverse-proxy.md17
-rw-r--r--doc/md/Server-configuration.md3
2 files changed, 12 insertions, 8 deletions
diff --git a/doc/md/Reverse-proxy.md b/doc/md/Reverse-proxy.md
index 2c1c601e..77e4a04d 100644
--- a/doc/md/Reverse-proxy.md
+++ b/doc/md/Reverse-proxy.md
@@ -17,8 +17,17 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9
17```apache 17```apache
18<VirtualHost *:80> 18<VirtualHost *:80>
19 ServerName shaarli.mydomain.org 19 ServerName shaarli.mydomain.org
20 # Redirect HTTP to HTTPS 20 DocumentRoot /var/www/shaarli.mydomain.org/
21 Redirect permanent / https://shaarli.mydomain.org 21
22 # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests
23 RewriteEngine on
24 RewriteRule ^.well-known/acme-challenge/ - [L]
25 RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
26 RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
27 # If you are using mod_md, use this instead
28 #MDCertificateAgreement accepted
29 #MDContactEmail admin@shaarli.mydomain.org
30 #MDPrivateKeys RSA 4096
22</VirtualHost> 31</VirtualHost>
23 32
24<VirtualHost *:443> 33<VirtualHost *:443>
@@ -28,10 +37,6 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9
28 SSLCertificateFile /path/to/certificate 37 SSLCertificateFile /path/to/certificate
29 SSLCertificateKeyFile /path/to/private/key 38 SSLCertificateKeyFile /path/to/private/key
30 39
31 LogLevel warn
32 ErrorLog /var/log/apache2/error.log
33 CustomLog /var/log/apache2/access.log combined
34
35 # let the proxied shaarli server/container know HTTPS URLs should be served 40 # let the proxied shaarli server/container know HTTPS URLs should be served
36 RequestHeader set X-Forwarded-Proto "https" 41 RequestHeader set X-Forwarded-Proto "https"
37 42
diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md
index c63e296e..c1cf4310 100644
--- a/doc/md/Server-configuration.md
+++ b/doc/md/Server-configuration.md
@@ -1,7 +1,5 @@
1# Server configuration 1# Server configuration
2 2
3
4
5## Requirements 3## Requirements
6 4
7### Operating system and web server 5### Operating system and web server
@@ -24,6 +22,7 @@ Setup a **firewall** (using `iptables`, [ufw](https://www.digitalocean.com/commu
24 22
25Shaarli makes outbound HTTP/HTTPS connections to websites you bookmark to fetch page information (title, thumbnails), the server must then have access to the Internet as well, and a working DNS resolver. 23Shaarli makes outbound HTTP/HTTPS connections to websites you bookmark to fetch page information (title, thumbnails), the server must then have access to the Internet as well, and a working DNS resolver.
26 24
25--------------------------------------------------------------------------------
27 26
28### PHP 27### PHP
29 28