Updated apache config (#776)
You guys asked for one that worked... It took me a little while to tweak, esp. since I'm not a guru with python. The comment about needing mod_wsgi isn't true, unless you want to run lemur as a cgi program... I suspect that's from an older version that ran as cgi and not as a standalone webserver.
This commit is contained in:
csv7
kevgliss
parent
2a2d5a5583
commit
381cd2e1ff
|
|
@ -217,6 +217,23 @@ An example apache config::
|
||||||
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
|
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
|
||||||
Header always set Strict-Transport-Security "max-age=15768000"
|
Header always set Strict-Transport-Security "max-age=15768000"
|
||||||
...
|
...
|
||||||
|
|
||||||
|
# Set the lemur DocumentRoot to static/dist
|
||||||
|
DocumentRoot /www/lemur/lemur/static/dist
|
||||||
|
|
||||||
|
# Uncomment to force http 1.0 connections to proxy
|
||||||
|
# SetEnv force-proxy-request-1.0 1
|
||||||
|
|
||||||
|
#Don't keep proxy connections alive
|
||||||
|
SetEnv proxy-nokeepalive 1
|
||||||
|
|
||||||
|
# Only need to do reverse proxy
|
||||||
|
ProxyRequests Off
|
||||||
|
|
||||||
|
# Proxy requests to the api to the lemur service (and sanitize redirects from it)
|
||||||
|
ProxyPass "/api" "http://127.0.0.1:8000/api"
|
||||||
|
ProxyPassReverse "/api" "http://127.0.0.1:8000/api"
|
||||||
|
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
Also included in the configurations above are several best practices when it comes to deploying TLS. Things like enabling
|
Also included in the configurations above are several best practices when it comes to deploying TLS. Things like enabling
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue