138 lines
4.5 KiB
Text
138 lines
4.5 KiB
Text
# GameServerPanel (GSP) Apache vhost examples
|
|
#
|
|
# Copy these into real files under /etc/apache2/sites-available/, for example:
|
|
# /etc/apache2/sites-available/panel.example.com.conf
|
|
# /etc/apache2/sites-available/website.example.com.conf
|
|
#
|
|
# Example deployment paths:
|
|
# Panel -> /var/www/gsp/Panel
|
|
# Website -> /var/www/gsp/Website
|
|
#
|
|
# Required Apache modules:
|
|
# sudo a2enmod ssl rewrite headers
|
|
# sudo systemctl reload apache2
|
|
#
|
|
# Initial activation (HTTP first):
|
|
# sudo a2ensite panel.example.com.conf website.example.com.conf
|
|
# sudo apache2ctl configtest
|
|
# sudo systemctl reload apache2
|
|
#
|
|
# Certbot (Apache plugin):
|
|
# sudo certbot --apache -d panel.example.com -d www.panel.example.com
|
|
# sudo certbot --apache -d gsp.example.com -d www.gsp.example.com
|
|
#
|
|
# Certbot dry run / renewal test:
|
|
# sudo certbot renew --dry-run
|
|
#
|
|
# Notes:
|
|
# - Replace all example domains and paths.
|
|
# - Keep all user-facing website routes root-relative in Website/.
|
|
# - If you use Cloudflare or another proxy, ensure TLS mode and DNS records are correct.
|
|
|
|
######################################################################
|
|
# PANEL SITE (Panel/)
|
|
######################################################################
|
|
|
|
# HTTP: allow ACME challenge, redirect everything else to HTTPS
|
|
<VirtualHost *:80>
|
|
ServerName panel.example.com
|
|
ServerAlias www.panel.example.com
|
|
DocumentRoot /var/www/gsp/Panel
|
|
|
|
<Directory /var/www/gsp/Panel>
|
|
Options FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
RewriteEngine On
|
|
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
|
|
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/panel_example_error.log
|
|
CustomLog ${APACHE_LOG_DIR}/panel_example_access.log combined
|
|
</VirtualHost>
|
|
|
|
# HTTPS: panel site with Let's Encrypt cert paths
|
|
<VirtualHost *:443>
|
|
ServerName panel.example.com
|
|
ServerAlias www.panel.example.com
|
|
DocumentRoot /var/www/gsp/Panel
|
|
|
|
<Directory /var/www/gsp/Panel>
|
|
Options FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/panel.example.com/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/panel.example.com/privkey.pem
|
|
|
|
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/panel_example_ssl_error.log
|
|
CustomLog ${APACHE_LOG_DIR}/panel_example_ssl_access.log combined
|
|
</VirtualHost>
|
|
|
|
######################################################################
|
|
# WEBSITE SITE (Website/ standalone storefront)
|
|
######################################################################
|
|
|
|
# HTTP: allow ACME challenge, redirect everything else to HTTPS
|
|
<VirtualHost *:80>
|
|
ServerName gsp.example.com
|
|
ServerAlias www.gsp.example.com
|
|
DocumentRoot /var/www/gsp/Website
|
|
|
|
<Directory /var/www/gsp/Website>
|
|
Options FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
RewriteEngine On
|
|
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
|
|
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/website_example_error.log
|
|
CustomLog ${APACHE_LOG_DIR}/website_example_access.log combined
|
|
</VirtualHost>
|
|
|
|
# HTTPS: website site with Let's Encrypt cert paths
|
|
<VirtualHost *:443>
|
|
ServerName gsp.example.com
|
|
ServerAlias www.gsp.example.com
|
|
DocumentRoot /var/www/gsp/Website
|
|
|
|
<Directory /var/www/gsp/Website>
|
|
Options FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/letsencrypt/live/gsp.example.com/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/gsp.example.com/privkey.pem
|
|
|
|
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/website_example_ssl_error.log
|
|
CustomLog ${APACHE_LOG_DIR}/website_example_ssl_access.log combined
|
|
</VirtualHost>
|
|
|
|
######################################################################
|
|
# Optional webroot-based Certbot alternative (instead of --apache):
|
|
#
|
|
# sudo certbot certonly --webroot \
|
|
# -w /var/www/gsp/Panel \
|
|
# -d panel.example.com -d www.panel.example.com
|
|
#
|
|
# sudo certbot certonly --webroot \
|
|
# -w /var/www/gsp/Website \
|
|
# -d gsp.example.com -d www.gsp.example.com
|
|
#
|
|
# Then verify and reload:
|
|
# sudo apache2ctl configtest
|
|
# sudo systemctl reload apache2
|
|
######################################################################
|