diff options
| author | nodiscc <nodiscc@gmail.com> | 2020-08-15 20:03:43 +0200 |
|---|---|---|
| committer | nodiscc <nodiscc@gmail.com> | 2020-09-12 14:31:45 +0200 |
| commit | 02117f7ea35d719351a99cd4f1c339b2ad4ef266 (patch) | |
| tree | f52bdc6a6ba1a39bae3cc82bfe51a754d519b7f0 /doc | |
| parent | e21df1e7296cc7ed33e28989b86edebe7bc85b54 (diff) | |
| download | Shaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.tar.gz Shaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.tar.zst Shaarli-02117f7ea35d719351a99cd4f1c339b2ad4ef266.zip | |
doc: reverse proxy: update HTTP->HTTPS redirect configuration, remove logging options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/md/Reverse-proxy.md | 17 | ||||
| -rw-r--r-- | doc/md/Server-configuration.md | 3 |
2 files changed, 12 insertions, 8 deletions
diff --git a/doc/md/Reverse-proxy.md b/doc/md/Reverse-proxy.md index 2c1c601e..77e4a04d 100644 --- a/doc/md/Reverse-proxy.md +++ b/doc/md/Reverse-proxy.md | |||
| @@ -17,8 +17,17 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9 | |||
| 17 | ```apache | 17 | ```apache |
| 18 | <VirtualHost *:80> | 18 | <VirtualHost *:80> |
| 19 | ServerName shaarli.mydomain.org | 19 | ServerName shaarli.mydomain.org |
| 20 | # Redirect HTTP to HTTPS | 20 | DocumentRoot /var/www/shaarli.mydomain.org/ |
| 21 | Redirect permanent / https://shaarli.mydomain.org | 21 | |
| 22 | # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests | ||
| 23 | RewriteEngine on | ||
| 24 | RewriteRule ^.well-known/acme-challenge/ - [L] | ||
| 25 | RewriteCond %{HTTP_HOST} =shaarli.mydomain.org | ||
| 26 | RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent] | ||
| 27 | # If you are using mod_md, use this instead | ||
| 28 | #MDCertificateAgreement accepted | ||
| 29 | #MDContactEmail admin@shaarli.mydomain.org | ||
| 30 | #MDPrivateKeys RSA 4096 | ||
| 22 | </VirtualHost> | 31 | </VirtualHost> |
| 23 | 32 | ||
| 24 | <VirtualHost *:443> | 33 | <VirtualHost *:443> |
| @@ -28,10 +37,6 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9 | |||
| 28 | SSLCertificateFile /path/to/certificate | 37 | SSLCertificateFile /path/to/certificate |
| 29 | SSLCertificateKeyFile /path/to/private/key | 38 | SSLCertificateKeyFile /path/to/private/key |
| 30 | 39 | ||
| 31 | LogLevel warn | ||
| 32 | ErrorLog /var/log/apache2/error.log | ||
| 33 | CustomLog /var/log/apache2/access.log combined | ||
| 34 | |||
| 35 | # let the proxied shaarli server/container know HTTPS URLs should be served | 40 | # let the proxied shaarli server/container know HTTPS URLs should be served |
| 36 | RequestHeader set X-Forwarded-Proto "https" | 41 | RequestHeader set X-Forwarded-Proto "https" |
| 37 | 42 | ||
diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md index c63e296e..c1cf4310 100644 --- a/doc/md/Server-configuration.md +++ b/doc/md/Server-configuration.md | |||
| @@ -1,7 +1,5 @@ | |||
| 1 | # Server configuration | 1 | # Server configuration |
| 2 | 2 | ||
| 3 | |||
| 4 | |||
| 5 | ## Requirements | 3 | ## Requirements |
| 6 | 4 | ||
| 7 | ### Operating system and web server | 5 | ### Operating system and web server |
| @@ -24,6 +22,7 @@ Setup a **firewall** (using `iptables`, [ufw](https://www.digitalocean.com/commu | |||
| 24 | 22 | ||
| 25 | Shaarli makes outbound HTTP/HTTPS connections to websites you bookmark to fetch page information (title, thumbnails), the server must then have access to the Internet as well, and a working DNS resolver. | 23 | Shaarli makes outbound HTTP/HTTPS connections to websites you bookmark to fetch page information (title, thumbnails), the server must then have access to the Internet as well, and a working DNS resolver. |
| 26 | 24 | ||
| 25 | -------------------------------------------------------------------------------- | ||
| 27 | 26 | ||
| 28 | ### PHP | 27 | ### PHP |
| 29 | 28 | ||