101 lines
3.2 KiB
Text
101 lines
3.2 KiB
Text
# This example sets up virtual domains for mailtrain protected by HTTPS (including redirect from http to https)
|
|
# Note that you will need mod_proxy and mod_ssl modules installed and enabled
|
|
|
|
# This setup assumes three DNS names:
|
|
# - lists.example.org - public endpoint used for subscriptions, campaign images, etc.
|
|
# - mailtrain.example.org - UI for administration and send out emails
|
|
# - sbox.mailtrain.example.org - sandbox for templates (to prevent potential XSS attacks in templates)
|
|
|
|
# It is OK to point all the three DNS entries to the same IP address
|
|
|
|
# You will need to customize this for your setup. In the least, this means:
|
|
# - replace "example.org" with your domain
|
|
# - point to your certificate (look for /etc/letsencrypt/live/lists.example.org in the config below)
|
|
|
|
<VirtualHost *:80>
|
|
ServerName lists.example.org
|
|
|
|
ServerSignature Off
|
|
|
|
RewriteEngine On
|
|
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
|
|
|
|
ErrorLog logs/lists.example.org_redirect_error.log
|
|
LogLevel warn
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:80>
|
|
ServerName mailtrain.example.org
|
|
|
|
ServerSignature Off
|
|
|
|
RewriteEngine On
|
|
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
|
|
|
|
ErrorLog logs/mailtrain.example.org_redirect_error.log
|
|
LogLevel warn
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:80>
|
|
ServerName sbox.mailtrain.example.org
|
|
|
|
ServerSignature Off
|
|
|
|
RewriteEngine On
|
|
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
|
|
|
|
ErrorLog logs/sbox.mailtrain.example.org_redirect_error.log
|
|
LogLevel warn
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
ServerName lists.example.org:443
|
|
|
|
ErrorLog logs/lists.example.org_ssl_error.log
|
|
TransferLog logs/lists.example.org_ssl_access.log
|
|
LogLevel warn
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/lists.example.org/cert.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/lists.example.org/privkey.pem
|
|
SSLCertificateChainFile /etc/letsencrypt/live/lists.example.org/chain.pem
|
|
|
|
ProxyPreserveHost On
|
|
ProxyPass "/" "http://127.0.0.1:3004/"
|
|
ProxyPassReverse "/" "http://127.0.0.1:3004/"
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
ServerName mailtrain.example.org:443
|
|
|
|
ErrorLog logs/mailtrain.example.org_ssl_error.log
|
|
TransferLog logs/mailtrain.example.org_ssl_access.log
|
|
LogLevel warn
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/lists.example.org/cert.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/lists.example.org/privkey.pem
|
|
SSLCertificateChainFile /etc/letsencrypt/live/lists.example.org/chain.pem
|
|
|
|
ProxyPreserveHost On
|
|
ProxyPass "/" "http://127.0.0.1:3000/"
|
|
ProxyPassReverse "/" "http://127.0.0.1:3000/"
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
ServerName sbox.mailtrain.example.org:443
|
|
|
|
ErrorLog logs/sbox.mailtrain.example.org_ssl_error.log
|
|
TransferLog logs/sbox.mailtrain.example.org_ssl_access.log
|
|
LogLevel warn
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/lists.example.org/cert.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/lists.example.org/privkey.pem
|
|
SSLCertificateChainFile /etc/letsencrypt/live/lists.example.org/chain.pem
|
|
|
|
ProxyPreserveHost On
|
|
ProxyPass "/" "http://127.0.0.1:3003/"
|
|
ProxyPassReverse "/" "http://127.0.0.1:3003/"
|
|
</VirtualHost>
|
|
|