add apache config

README.md

@@ -4,14 +4,67 @@
 This docker compose run portainer on docker
 
 ## Certificats
-Copy .crt and .key on `/home/docker/certs/`
+Copy crt and key files on `/home/docker/certs/`
 
 ## Run
 ```bash
 docker compose up -d
 ```
+
+## Apache 
+### http-portainer.conf
+```
+DocumentRoot "/var/www/html"
+ServerName portainer.gmolab.net
+ServerAlias portainer
+CustomLog logs/portainer_access_log common
+ErrorLog  logs/portainer_error_log
+
+# Redirect http to https
+Redirect / https://portainer.gmolab.net/
+
+<Directory "/var/www/html">
+    Options FollowSymLinks
+    AllowOverride None
+    Require all granted
+</Directory
+```
+### https-portainer.conf
+```
+DocumentRoot "/var/www/html"
+ServerName portainer.gmolab.net
+ServerAlias portainer
+CustomLog logs/portainer_access_log common
+ErrorLog  logs/portainer_error_log
+
+SSLEngine on
+
+SSLHonorCipherOrder on
+SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLHonorCipherOrder on
+SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-
+CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
+# Enable HTTP/2, if available
+Protocols h2 http/1.1
+# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
+Header always set Strict-Transport-Security "max-age=63072000"
+
+SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt"
+SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key"
+SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt"
+<Directory "/var/www/html">
+    Options FollowSymLinks
+    AllowOverride None
+    Require all granted
+</Directory>
+SSLProxyEngine On
+ProxyPreserveHost On
+ProxyRequests off
+ProxyPass "/" "https://127.0.0.1:9443/"
+ProxyPassReverse "/" "https://127.0.0.1:9443/"
+```
 ## Access
-https://<docker_server>:9443.gmolab.net
+https://portainer.gmolab.net
 
 ## Changelog
 ### v1.0 - 2024-11-11