docker/portainer-docker-compose
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update README.md

Browse Source
This commit is contained in:
Gilles Mouchet 2024-11-23 17:57:46 +01:00
parent 7b5d51b300
commit a14e9fccaa
1 changed files with 42 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
README.md
View File

@ -31,54 +31,52 @@ docker run --rm -v /home/docker/portainer/data:/data portainer/helper-reset-pass
## Apache ## Apache
### http-portainer.conf ### http-portainer.conf
``` ```
DocumentRoot "/var/www/html" <VirtualHost *:80>
ServerName portainer.gmolab.net ServerName portainer.gmolab.net
ServerAlias portainer ServerAlias portainer
CustomLog logs/portainer_access_log common CustomLog logs/portainer_access_log common
ErrorLog logs/portainer_error_log ErrorLog logs/portainer_error_log
# redirect to https
# Redirect http to https RewriteEngine on
Redirect / https://portainer.gmolab.net/ RewriteCond %{SERVER_NAME} =portainer [OR]
RewriteCond %{SERVER_NAME} =portainer.gmolab.net
<Directory "/var/www/html"> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Options FollowSymLinks </VirtualHost>
AllowOverride None
Require all granted
</Directory
``` ```
### https-portainer.conf ### https-portainer.conf
``` ```
DocumentRoot "/var/www/html" ##
ServerName portainer.gmolab.net ## SSL Virtual Host Context
ServerAlias portainer ##
CustomLog logs/portainer_access_log common # General setup for the virtual host
ErrorLog logs/portainer_error_log <VirtualHost *:443>
ServerName portainer.gmolab.net
ServerAlias portainer
CustomLog logs/portainer_access_log common
ErrorLog logs/portainer_error_log
SSLEngine on # SSL
SSLEngine on
SSLHonorCipherOrder on SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on SSLHonorCipherOrder on
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA- SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-
CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4 RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
# Enable HTTP/2, if available # Enable HTTP/2, if available
Protocols h2 http/1.1 Protocols h2 http/1.1
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds) # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000" Header always set Strict-Transport-Security "max-age=63072000"
# certificats
SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt" SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt"
SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key" SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key"
SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt" SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt"
<Directory "/var/www/html"> # proxy
Options FollowSymLinks SSLProxyEngine On
AllowOverride None ProxyPreserveHost On
Require all granted ProxyRequests off
</Directory> ProxyPass "/" "https://127.0.0.1:9443/"
SSLProxyEngine On ProxyPassReverse "/" "https://127.0.0.1:9443/"
ProxyPreserveHost On </VirtualHost>
ProxyRequests off
ProxyPass "/" "https://127.0.0.1:9443/"
ProxyPassReverse "/" "https://127.0.0.1:9443/"
``` ```
## Access ## Access
https://portainer.gmolab.net https://portainer.gmolab.net