Updated apache config (#776)

You guys asked for one that worked... It took me a little while to tweak, esp. since I'm not a guru with python. The comment about needing mod_wsgi isn't true, unless you want to run lemur as a cgi program... I suspect that's from an older version that ran as cgi and not as a standalone webserver.
2017-05-04 10:45:55 -05:00 · 2017-05-04 10:45:55 -05:00 · 381cd2e1ff
parent 2a2d5a5583
commit 381cd2e1ff
1 changed files with 17 additions and 0 deletions
--- a/docs/production/index.rst
+++ b/docs/production/index.rst
@ -217,6 +217,23 @@ An example apache config::
        # HSTS (mod_headers is required) (15768000 seconds = 6 months)
        Header always set Strict-Transport-Security "max-age=15768000"
        ...
+        
+     # Set the lemur DocumentRoot to static/dist
+     DocumentRoot /www/lemur/lemur/static/dist
+     
+     # Uncomment to force http 1.0 connections to proxy
+     # SetEnv force-proxy-request-1.0 1
+     
+     #Don't keep proxy connections alive
+     SetEnv proxy-nokeepalive 1
+     
+     # Only need to do reverse proxy
+     ProxyRequests Off
+     
+     # Proxy requests to the api to the lemur service (and sanitize redirects from it)
+     ProxyPass "/api" "http://127.0.0.1:8000/api"
+     ProxyPassReverse "/api" "http://127.0.0.1:8000/api"
+     
    </VirtualHost>

 Also included in the configurations above are several best practices when it comes to deploying TLS. Things like enabling