-
Notifications
You must be signed in to change notification settings - Fork 846
Jira Confluence HTTPS Reverse Proxy
Michael Adams edited this page Oct 17, 2018
·
3 revisions
Assumes use of Certbot via cron task to stop & restart h2o as needed.
user: http
access-log: /var/log/h2o/access-log
error-log: /var/log/h2o/error-log
http2-reprioritize-blocking-assets: ON
http2-casper: ON
http2-idle-timeout: 300
http2-max-concurrent-requests-per-connection: 256
http2-latency-optimization-min-rtt: 120
compress: ON
http1-request-timeout: 300
proxy.timeout.io: 300000
proxy.preserve-host: ON
hosts:
"WEBSERVER:80":
listen:
port: 80
paths:
"/":
redirect: WEBSERVER:443
"WEBSERVER:443":
listen:
port: 443
ssl:
certificate-file: /etc/letsencrypt/live/WEBSERVER/fullchain.pem
key-file: /etc/letsencrypt/live/WEBSERVER/privkey.pem
minimum-version: TLSv1.2
dh-file: /etc/ssl/dhparam.pem
cipher-suite: TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-CCM8:DHE-RSA-AES256-CCM
paths:
"/jira":
proxy.reverse.url: http://192.0.2.5:8080/jira
"/confluence":
proxy.reverse.url: http://192.0.2.6:8090/confluence
"/server-info.action":
proxy.reverse.url: http://192.0.2.6:8090/confluence/server-info.action
"/synchrony":
proxy.reverse.url: http://192.0.2.6:8091/synchrony
"/":
file.dir: /var/www