Just add this line first: ProxyPass /.well-known ! You use the path and ! to specify this as an exception to not proxy. Always try to define ProxyPass in virtualhost (without location), as you show possibility A is the simpler one for me, less hassle assured, less convoluted, imo. 2017-05-16 15:19 GMT+02:00 Florian Lindner <mailinglists@xxxxxx>: > Am 15.05.2017 um 17:05 schrieb Florian Lindner: >> Hello, >> >> Apache 2.4 on Debian Testing, mpm_itk >> >> I have the Discourse web forum running in a docker container. The container's webserver is bount to localhost:2080. The >> forum should be reachable at either forum.csc-stuttgart.org or csc-stuttgart.org/forum. >> >> Possibility A: >> >> <VirtualHost *:80> >> ServerName forum.csc-stuttgart.org >> AssignUserID csc-stuttgart csc-stuttgart >> ProxyPreserveHost On >> ProxyPass "/" "http://localhost:2080/"; >> ProxyPassReverse "/" "http://localhost:2080/"; >> DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub >> [...] >> </VirtualHost> >> >> That works fine, beside on little problem. I want to use Let's Encrypt SSL certificates on that which require a path >> forum.csc-stuttgart.org/.well-known to be writable from the file system. >> How can I take just one path out of the Proxy? >> >> Wrap the ProxyPass/Reverse in a <LocationMatch> with a PCRE that match everything except .well-known? Haven't tested it >> yet. Any better solution? > > Ok, I was able to achieve it using: > > <VirtualHost *:80> > ServerName forum.csc-stuttgart.org > AssignUserID csc-stuttgart csc-stuttgart > <LocationMatch "^/(?!\.well-known)"> > Redirect permanent / https://forum.csc-stuttgart.org/ > </LocationMatch> > DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub > CustomLog /home/csc-stuttgart/csc-stuttgart.org/log/access.log combined > ErrorLog /home/csc-stuttgart/csc-stuttgart.org/log/error.log > </VirtualHost> > > <VirtualHost *:443> > ServerName forum.csc-stuttgart.org > AssignUserID csc-stuttgart csc-stuttgart > ProxyPreserveHost On > ProxyPass "/" "http://localhost:2080/"; > ProxyPassReverse "/" "http://localhost:2080/"; > DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub > CustomLog /home/csc-stuttgart/csc-stuttgart.org/log/access.log combined > ErrorLog /home/csc-stuttgart/csc-stuttgart.org/log/error.log > > SSLEngine On > SSLCertificateFile /home/csc-stuttgart/csc-stuttgart.org/ssl/forum.csc-stuttgart.org.cert > SSLCertificateKeyFile /home/csc-stuttgart/csc-stuttgart.org/ssl/forum.csc-stuttgart.org.key > </VirtualHost> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > -- Daniel Ferradal IT Specialist email dferradal at gmail.com linkedin es.linkedin.com/in/danielferradal --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|