crowetic/Qortal-Nextcloud-Integration
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Qortal-Nextcloud-Integration/deploy/templates/proxy/apache-qortal-node.conf.template
T

59 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

# Requires: a2enmod ssl proxy proxy_http proxy_wstunnel headers rewrite
<VirtualHost *:80>
ServerName __QORTAL_PRIMARY_DOMAIN__
ServerAlias __QORTAL_SERVER_ALIASES__
Redirect permanent / https://__QORTAL_PRIMARY_DOMAIN__/
</VirtualHost>
<VirtualHost *:443>
ServerName __QORTAL_PRIMARY_DOMAIN__
ServerAlias __QORTAL_SERVER_ALIASES__
SSLEngine on
SSLCertificateFile __TLS_CERT_PATH__
SSLCertificateKeyFile __TLS_KEY_PATH__
ProxyPreserveHost On
ProxyAddHeaders On
RequestHeader set X-Forwarded-Proto "https"
LimitRequestBody 524288000
Timeout 3600
ProxyTimeout 3600
# Block write methods on sensitive endpoints.
<LocationMatch "^/(lists|admin/(restart|stop|forcesync|apikey/generate|enginestats|orphan|mintingaccounts)|arbitrary/resources/cache/rebuild)$">
<LimitExcept GET HEAD OPTIONS>
Require all denied
</LimitExcept>
</LocationMatch>
# Fully block these endpoints.
<LocationMatch "^/(admin/repository/|admin/logs|arbitrary/hosted|crosschain/tradebot|bootstrap/create)$">
Require all denied
</LocationMatch>
# Optional hard-block for common attack probes.
<LocationMatch "^/(favicon\.ico|\.env|\.git|cgi-bin|actuator|login|robots\.txt|sitemap\.xml)$">
Require all denied
</LocationMatch>
# WebSockets -> API upstream.
ProxyPass "/websockets/" "ws://__QORTAL_API_UPSTREAM__/websockets/"
ProxyPassReverse "/websockets/" "ws://__QORTAL_API_UPSTREAM__/websockets/"
ProxyPass "/websockets/crosschain/" "ws://__QORTAL_API_UPSTREAM__/websockets/crosschain/"
ProxyPassReverse "/websockets/crosschain/" "ws://__QORTAL_API_UPSTREAM__/websockets/crosschain/"
# API and /render -> API upstream.
ProxyPassMatch "^/(addresses|admin|arbitrary|assets|blocks|chat|crosschain|groups|lists|names|payments|peers|polls|render|stats|transactions|utils|at|bootstrap|developer)(.*)$" "http://__QORTAL_API_UPSTREAM__/$1$2"
# QDN website fallback -> gateway upstream.
ProxyPass "/" "http://__QORTAL_GATEWAY_UPSTREAM__/"
ProxyPassReverse "/" "http://__QORTAL_GATEWAY_UPSTREAM__/"
ErrorLog ${APACHE_LOG_DIR}/qortal-node-error.log
CustomLog ${APACHE_LOG_DIR}/qortal-node-access.log combined
</VirtualHost>
Reference in New Issue View Git Blame Copy Permalink