mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-04-29 10:10:19 +00:00
5e4a0f0a38
Cockpit uses WebSockets which won't work without HTTPS. For .onion domains, we are not explicitly redirecting to HTTPS since TLS is not necessary. Ensure that Cockpit continues to work with .onion domains by explicitly redirecting to HTTPS. Tests: - Without the patch, on a normal/Onion domain run curl -kv http://{DOMAIN}/_cockpit/. Redirection does not happen. - With the patch, on a normal/Onion domain run curl -kv http://{DOMAIN}/_cockpit/. Redirection happen to https:// occurs. - Redirection is a with HTTP status code 302, the temporary redirection code. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
23 lines
615 B
Plaintext
23 lines
615 B
Plaintext
##
|
|
## On all sites, provide cockpit on the path: /_cockpit/
|
|
##
|
|
## Requires the following Apache modules to be enabled:
|
|
## mod_headers
|
|
## mod_proxy
|
|
## mod_proxy_http
|
|
## mod_proxy_wstunnel
|
|
##
|
|
<Location /_cockpit/>
|
|
# Redirect to HTTPS in case of not already using it. This can happen since
|
|
# we don't redirect for .onion domains.
|
|
RewriteEngine on
|
|
ReWriteCond %{HTTPS} !=on
|
|
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
|
|
|
|
ProxyPass http://localhost:9090/_cockpit/
|
|
</Location>
|
|
|
|
<Location /_cockpit/cockpit/socket>
|
|
ProxyPass ws://localhost:9090/_cockpit/socket
|
|
</Location>
|