Required Apache modules:
- rewrite
- headers
- proxy_http
- proxy_fcgi
- proxy_wstunnel
The Apache2 virtual hosting configuration,
/etc/apache2/sites-available/01-drupal8.conf
- created by the Ansible playbook from template - is the following:
<virtualhost> ServerName test.ip6m.net ServerAdmin info@ip6m.net DocumentRoot /var/www/drupal8/web ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <directory drupal8="" var="" www="">; AllowOverride All SetEnvIf Origin "http(s)?://(mobile\.)?(test.ip6m.net|localhost:8080)$" AccessControlAllowOrigin=$0 Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin Header add Access-Control-Allow-Credentials true Header add Access-Control-Allow-Headers "x-csrf-token, authorization, content-type, accept, origin, x-requested-with, access-control-allow-origin, x-allowed-header, *" Header add Access-Control-Allow-Methods: * </directory>; RewriteEngine On RewriteCond %{REQUEST_URI} ^/socket.io [NC] RewriteCond %{QUERY_STRING} transport=websocket [NC] RewriteRule /(.*) ws://localhost:8082/$1 [P,L] ProxyPass /socket.io http://localhost:8082/socket.io ProxyPassReverse /socket.io http://localhost:8082/socket.io </virtualhost>
The following section works as reverse http proxy that separates the Drupal http and the NodeJS server's websocket traffic:
RewriteEngine On RewriteCond %{REQUEST_URI} ^/socket.io [NC] RewriteCond %{QUERY_STRING} transport=websocket [NC] RewriteRule /(.*) ws://localhost:8082/$1 [P,L] ProxyPass /socket.io http://localhost:8082/socket.io ProxyPassReverse /socket.io http://localhost:8082/socket.io
The SSL version of the configuration has the following additional lines, expecting that a Letsencrypt https certicifated is installed:
SSLEngine on SSLCertificateFile /etc/letsencrypt/live/test.ip6m.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/test.ip6m.net/privkey.pem