~fkooman/vpn-documentation

ref: fd46c663b61b90594214f4ab25b347635dd80a92 vpn-documentation/resources/vpn.example.debian.conf -rw-r--r-- 1.2 KiB
fd46c663François Kooman mention VPN Server software is licensed under AGPLv3+ 5 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
<VirtualHost *:80>
    ServerName http://vpn.example:80
    UseCanonicalName on

    LogLevel warn
    ErrorLog /var/log/apache2/vpn.example_error_log
    TransferLog /var/log/apache2/vpn.example_access_log

    Redirect permanent / https://vpn.example/
</VirtualHost>

<VirtualHost *:443>
    ServerName https://vpn.example:443
    UseCanonicalName on

    LogLevel warn
    ErrorLog /var/log/apache2/vpn.example_ssl_error_log
    # Do not log (valid) web browser requests
    #TransferLog /var/log/apache2/vpn.example_ssl_access_log

    SSLEngine on

    SSLCertificateFile /etc/ssl/certs/vpn.example.crt
    SSLCertificateKeyFile /etc/ssl/private/vpn.example.key
    #SSLCertificateChainFile /etc/ssl/certs/vpn.example-chain.crt

    # Let's Encrypt
    #SSLCertificateFile /etc/letsencrypt/live/vpn.example/cert.pem
    #SSLCertificateKeyFile /etc/letsencrypt/live/vpn.example/privkey.pem
    #SSLCertificateChainFile /etc/letsencrypt/live/vpn.example/chain.pem

    # Security Headers
    Header always set Strict-Transport-Security "max-age=15768000"
    Header always set Permissions-Policy "interest-cohort=()"

    # Redirect requests to the portal (302)
    RewriteEngine on
    RewriteRule   "^/$"  "/vpn-user-portal/"  [R]
</VirtualHost>