|
|
@@ -1,8 +1,21 @@
|
|
|
-###
|
|
|
-### Apache configuration file for Signal-Server
|
|
|
-###
|
|
|
+<VirtualHost *:443>
|
|
|
+ ServerName cable-service-ca.cable.im
|
|
|
+ SSLEngine On
|
|
|
+
|
|
|
+ # Su cable-service-ca.cable.im serve un certificato valido (letsencrypt).
|
|
|
+ # È l'hostname a cui si connette Twilio per ottenere le informazioni
|
|
|
+ # necessarie a fare la verifica del numero tramite chiamata vocale.
|
|
|
+
|
|
|
+ SSLCertificateFile /etc/letsencrypt/live/cable-service-ca.cable.im/cert.pem
|
|
|
+ SSLCertificateKeyFile /etc/letsencrypt/live/cable-service-ca.cable.im/privkey.pem
|
|
|
+ Include /etc/letsencrypt/options-ssl-apache.conf
|
|
|
+ SSLCertificateChainFile /etc/letsencrypt/live/cable-service-ca.cable.im/chain.pem
|
|
|
|
|
|
-### VirtualHost for the main service:
|
|
|
+ ProxyVia On
|
|
|
+ ProxyPreserveHost On
|
|
|
+ ProxyPass / http://127.0.0.1:4242/
|
|
|
+ ProxyPassReverse / http://127.0.0.1:4242/
|
|
|
+</VirtualHost>
|
|
|
|
|
|
<VirtualHost *:443>
|
|
|
ServerName cable-service.cable.im
|
|
|
@@ -27,31 +40,6 @@
|
|
|
ProxyPassReverse / ws://127.0.0.1:4242/
|
|
|
</VirtualHost>
|
|
|
|
|
|
-
|
|
|
-### VirtualHost for letting Twilio call back:
|
|
|
-
|
|
|
-<VirtualHost *:443>
|
|
|
- ServerName cable-service-ca.cable.im
|
|
|
- SSLEngine On
|
|
|
-
|
|
|
- # Su cable-service-ca.cable.im serve un certificato valido (letsencrypt).
|
|
|
- # È l'hostname a cui si connette Twilio per ottenere le informazioni
|
|
|
- # necessarie a fare la verifica del numero tramite chiamata vocale.
|
|
|
-
|
|
|
- SSLCertificateFile /etc/letsencrypt/live/cable-service-ca.cable.im/cert.pem
|
|
|
- SSLCertificateKeyFile /etc/letsencrypt/live/cable-service-ca.cable.im/privkey.pem
|
|
|
- Include /etc/letsencrypt/options-ssl-apache.conf
|
|
|
- SSLCertificateChainFile /etc/letsencrypt/live/cable-service-ca.cable.im/chain.pem
|
|
|
-
|
|
|
- ProxyVia On
|
|
|
- ProxyPreserveHost On
|
|
|
- ProxyPass / http://127.0.0.1:4242/
|
|
|
- ProxyPassReverse / http://127.0.0.1:4242/
|
|
|
-</VirtualHost>
|
|
|
-
|
|
|
-
|
|
|
-### Giphy proxy:
|
|
|
-
|
|
|
<VirtualHost *:80>
|
|
|
ServerName giphy.com
|
|
|
ServerAlias *.giphy.com
|
|
|
@@ -59,11 +47,14 @@
|
|
|
ProxyVia Block
|
|
|
ProxyPreserveHost On
|
|
|
|
|
|
- # The AllowConnect directive specifies a list of ports
|
|
|
- # to which the proxy CONNECT method may connect.
|
|
|
+ ## The AllowConnect directive specifies a list of ports
|
|
|
+ ## to which the proxy CONNECT method may connect.
|
|
|
AllowConnect 443
|
|
|
|
|
|
- # Only allow HTTP CONNECT requests, denying the others (GET, POST, ...).
|
|
|
+ ## Only ever allow incoming HTTP CONNECT requests.
|
|
|
+ ## Explicitly deny other request types like GET, POST, etc.
|
|
|
+ ## This tells Apache to return a 403 Forbidden if this virtual
|
|
|
+ ## host receives anything other than an HTTP CONNECT.
|
|
|
<Location />
|
|
|
<LimitExcept CONNECT>
|
|
|
Order allow,deny
|
