41 lines
1.4 KiB
Django/Jinja
41 lines
1.4 KiB
Django/Jinja
<VirtualHost *:443>
|
|
ServerName {{ matrix_server_name }}
|
|
|
|
Include conf.d/ssl.include
|
|
# This certificate must contain the hostname of THIS MACHINE in its
|
|
# subject/subjectAltName, so it can be validated by the reverse
|
|
# proxy. The reverse proxy presents the "real" certificate to
|
|
# clients on the Internet.
|
|
SSLCertificateKeyFile {{ apache_ssl_certificate_key }}
|
|
SSLCertificateFile {{ apache_ssl_certificate }}
|
|
|
|
AllowEncodedSlashes NoDecode
|
|
ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
|
|
ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
|
|
</VirtualHost>
|
|
|
|
Listen 8448
|
|
|
|
<VirtualHost *:8448>
|
|
ServerName {{ matrix_server_name }}
|
|
|
|
Include conf.d/ssl.include
|
|
{% if matrix_tls_key is defined %}
|
|
# This certificate is the "real" certificate, as clients on the
|
|
# Internet connect to this virtual host directly, not through the
|
|
# reverse proxy.
|
|
SSLCertificateKeyFile /etc/pki/tls/private/{{ matrix_tls_key|basename }}
|
|
{% else %}
|
|
SSLCertificateKeyFile {{ apache_ssl_certificate_key }}
|
|
{% endif %}
|
|
{% if matrix_tls_cert is defined %}
|
|
SSLCertificateFile /etc/pki/tls/certs/{{ matrix_tls_cert|basename }}
|
|
{% else %}
|
|
SSLCertificateFile {{ apache_ssl_certificate }}
|
|
{% endif %}
|
|
|
|
AllowEncodedSlashes NoDecode
|
|
ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon
|
|
ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix
|
|
</VirtualHost>
|