2.8 KiB
Leon: Apache Reverse Proxy
Reverse Proxy Setup
Apache2
This allows you to access the Leon web app using an Apache virtual host.
Prerequisites
- A domain
DNS A (and/or AAAA) records have to point to your webserver.
- SSL certificate
A valid SSL certificate.
The setup is possible without SSL, though using HTTPS is highly recommended. The following configuration examples apply to a HTTPS enforced site.
- An operating system
Obvious.
- Apache2 / HTTPD
Apache2 needs to be installed, and the modules
mod_ssl
,mod_proxy
as well asmod_wstunnel
need to be loaded.
Refer to the Apache documentation specific to your operating system to find the correct procedure on how to install and load modules as well as on how and where to define virtual hosts.
- Firewall
If a firewall is in place, the ports 80 and 443 need to be opened and/or forwarded accordingly.
If Leon resides on a different machine, the configuredLEON_PORT
needs to be reachable by the webserver.
- Leon
A working Leon installation. It is recommended to test if Leon works as expected before attempting to troubleshoot issues with the reverse proxy.
Warning - As of writing this document, the following configuration examples only apply to the DEVELOPMENT branch of Leon.
Since this branch is deemed stable enough by the author, the complex procedure for setting a reverse proxy up with Leon from the Master branch (it involves tampering with the source files) will not be explained.
Leon configuration (.env)
# Server
LEON_HOST=https://leon.example.com
LEON_PORT=1337
Apache virtual host (leon.conf)
leon.example.com
is the domain we will use to reach the
Leon web app.
localhost
is where the web server reach the Leon
backend. If Leon resides on a different machine, replace this with the
hostname or IP address of that machine.
:1337
is the port the Leon backend listens on (you
specified it above with LEON_PORT
).
<VirtualHost *:80>
ServerName leon.example.com
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName leon.example.com
SSLEngine On
SSLCertificateFile "/path/to/fullchain.pem"
SSLCertificateKeyFile "/path/to/privkey.pem
ProxyPreserveHost Off
ProxyPass / http://127.0.0.1:1337/
ProxyPassReverse / http://127.0.0.1:1337/
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule ^/?(.*) "ws://127.0.0.1:1337/$1" [P,L]
</VirtualHost>
That’s it!