mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-25 09:33:25 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			70 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			70 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| # SPDX-FileCopyrightText: 2024 MDAD Team and contributors
 | |
| #
 | |
| # SPDX-License-Identifier: AGPL-3.0-or-later
 | |
| 
 | |
| # This is a sample file demonstrating how to set up reverse-proxy for matrix.example.com
 | |
| 
 | |
| <VirtualHost *:80>
 | |
| 	ServerName matrix.example.com
 | |
| 
 | |
| 	# You may wish to handle the /.well-known/acme-challenge paths here somehow,
 | |
| 	# if you're using ACME (Let's Encrypt) certificates.
 | |
| 
 | |
| 	Redirect permanent / https://matrix.example.com/
 | |
| </VirtualHost>
 | |
| 
 | |
| # Client-Server API
 | |
| <VirtualHost *:443>
 | |
| 	ServerName matrix.example.com
 | |
| 
 | |
| 	SSLEngine On
 | |
| 
 | |
| 	# If you manage SSL certificates by yourself, these paths will differ.
 | |
| 	SSLCertificateFile /path/to/matrix.example.com/fullchain.pem
 | |
| 	SSLCertificateKeyFile /path/to/matrix.example.com/privkey.pem
 | |
| 
 | |
| 	SSLProxyEngine on
 | |
| 	SSLProxyProtocol +TLSv1.2 +TLSv1.3
 | |
| 	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
 | |
| 
 | |
| 	ProxyPreserveHost On
 | |
| 	ProxyRequests Off
 | |
| 	ProxyVia On
 | |
| 	RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
 | |
| 
 | |
| 	AllowEncodedSlashes NoDecode
 | |
| 	ProxyPass / http://127.0.0.1:81/ retry=0 nocanon
 | |
| 	ProxyPassReverse / http://127.0.0.1:81/
 | |
| 
 | |
| 	ErrorLog ${APACHE_LOG_DIR}/matrix.example.com-error.log
 | |
| 	CustomLog ${APACHE_LOG_DIR}/matrix.example.com-access.log combined
 | |
| </VirtualHost>
 | |
| 
 | |
| # Server-Server (federation) API
 | |
| Listen 8448
 | |
| <VirtualHost *:8448>
 | |
| 	ServerName matrix.example.com
 | |
| 
 | |
| 	SSLEngine On
 | |
| 
 | |
| 	# If you manage SSL certificates by yourself, these paths will differ.
 | |
| 	SSLCertificateFile /matrix/ssl/config/live/matrix.example.com/fullchain.pem
 | |
| 	SSLCertificateKeyFile /matrix/ssl/config/live/matrix.example.com/privkey.pem
 | |
| 
 | |
| 	SSLProxyEngine on
 | |
| 	SSLProxyProtocol +TLSv1.2 +TLSv1.3
 | |
| 	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
 | |
| 
 | |
| 	ProxyPreserveHost On
 | |
| 	ProxyRequests Off
 | |
| 	ProxyVia On
 | |
| 	RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
 | |
| 
 | |
| 	AllowEncodedSlashes NoDecode
 | |
| 	ProxyPass / http://127.0.0.1:8449/ retry=0 nocanon
 | |
| 	ProxyPassReverse / http://127.0.0.1:8449/
 | |
| 
 | |
| 	ErrorLog ${APACHE_LOG_DIR}/matrix.example.com-error.log
 | |
| 	CustomLog ${APACHE_LOG_DIR}/matrix.example.com-access.log combined
 | |
| </VirtualHost>
 |