aboutsummaryrefslogtreecommitdiffhomepage
path: root/doc/md/Server-configuration.md
diff options
context:
space:
mode:
authornodiscc <nodiscc@gmail.com>2020-08-15 19:59:34 +0200
committernodiscc <nodiscc@gmail.com>2020-09-12 14:31:45 +0200
commitf3ab2616314834508c36b5e97406572ecd9af7a4 (patch)
tree68c8d4ebacb2bda8f1413fb96b8aaf1c2cd4fcd6 /doc/md/Server-configuration.md
parent38d66e1a40c20678e34408a069a615928d2c244c (diff)
downloadShaarli-f3ab2616314834508c36b5e97406572ecd9af7a4.tar.gz
Shaarli-f3ab2616314834508c36b5e97406572ecd9af7a4.tar.zst
Shaarli-f3ab2616314834508c36b5e97406572ecd9af7a4.zip
doc: apache: add example configuration for mod_md
Diffstat (limited to 'doc/md/Server-configuration.md')
-rw-r--r--doc/md/Server-configuration.md13
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md
index d32cc786..73e23886 100644
--- a/doc/md/Server-configuration.md
+++ b/doc/md/Server-configuration.md
@@ -128,20 +128,22 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
128 ServerName shaarli.mydomain.org 128 ServerName shaarli.mydomain.org
129 DocumentRoot /var/www/shaarli.mydomain.org/ 129 DocumentRoot /var/www/shaarli.mydomain.org/
130 130
131 # Redirect HTTP requests to HTTPS 131 # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests
132 RewriteEngine on 132 RewriteEngine on
133 RewriteRule ^.well-known/acme-challenge/ - [L] 133 RewriteRule ^.well-known/acme-challenge/ - [L]
134 # except for Let's Encrypt ACME challenge requests
135 RewriteCond %{HTTP_HOST} =shaarli.mydomain.org 134 RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
136 RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent] 135 RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
136 # If you are using mod_md, use this instead
137 #MDCertificateAgreement accepted
138 #MDContactEmail admin@shaarli.mydomain.org
139 #MDPrivateKeys RSA 4096
137</VirtualHost> 140</VirtualHost>
138 141
139<VirtualHost *:443> 142<VirtualHost *:443>
140 ServerName shaarli.mydomain.org 143 ServerName shaarli.mydomain.org
141 DocumentRoot /var/www/shaarli.mydomain.org/ 144 DocumentRoot /var/www/shaarli.mydomain.org/
142 145
143 # SSL/TLS configuration (for Let's Encrypt certificates) 146 # SSL/TLS configuration for Let's Encrypt certificates acquired with certbot standalone
144 # If certificates were acquired from certbot standalone
145 SSLEngine on 147 SSLEngine on
146 SSLCertificateFile /etc/letsencrypt/live/shaarli.mydomain.org/fullchain.pem 148 SSLCertificateFile /etc/letsencrypt/live/shaarli.mydomain.org/fullchain.pem
147 SSLCertificateKeyFile /etc/letsencrypt/live/shaarli.mydomain.org/privkey.pem 149 SSLCertificateKeyFile /etc/letsencrypt/live/shaarli.mydomain.org/privkey.pem
@@ -152,6 +154,9 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
152 SSLSessionTickets off 154 SSLSessionTickets off
153 SSLOptions +StrictRequire 155 SSLOptions +StrictRequire
154 156
157 # SSL/TLS configuration for Let's Encrypt certificates acquired with mod_md
158 #MDomain shaarli.mydomain.org
159
155 # SSL/TLS configuration (for self-signed certificates) 160 # SSL/TLS configuration (for self-signed certificates)
156 #SSLEngine on 161 #SSLEngine on
157 #SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem 162 #SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem