From 188e1efe5792c7d24d9a2897b74376e24a5ff778 Mon Sep 17 00:00:00 2001
From: Tizian Schmidlin <st@cabag.ch>
Date: Mon, 3 Aug 2020 09:00:55 +0200
Subject: [PATCH] [DOCS] Describe apache proxy configuration exampl

---
 docs/server/ssl.md | 48 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/docs/server/ssl.md b/docs/server/ssl.md
index 95571bb..9adfb00 100644
--- a/docs/server/ssl.md
+++ b/docs/server/ssl.md
@@ -7,7 +7,9 @@ order: 2
 
 Once your Expose server is running, you can only access it over the port that you configure when the server gets started.
 
-If you want to enable SSL support, you will need to use a proxy service - like Nginx, HAProxy or Caddy - to handle the SSL configurations and proxy all non-SSL requests to your expose server.
+If you want to enable SSL support, you will need to use a proxy service - like Nginx, HAProxy, Apache2 or Caddy - to handle the SSL configurations and proxy all non-SSL requests to your expose server.
+
+## Nginx configuration
 
 A basic Nginx configuration would look like this, but you might want to tweak the SSL parameters to your liking.
 
@@ -40,3 +42,47 @@ server {
   }
 }
 ```
+
+## Apache2 configuration
+
+A basic Apache configuration would look like this, but you might want to tweak the SSL parameters to your liking.
+
+```
+Listen 80
+Listen 443
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+	ServerName expose.domain.tld
+	ServerAlias *.expose.domain.tld
+	LoadModule        proxy_module            modules/mod_proxy.so
+	LoadModule        proxy_http_module       modules/mod_proxy_http.so
+
+	ServerAdmin admin@domain.tld
+
+	ProxyPass "/" "http://localhost:8080/"
+	ProxyPassReverse "/" "http://localhost:8080/"
+	ProxyPreserveHost On
+	
+
+	# Needed for websocket support
+	RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
+	RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
+	RewriteRule .* ws://127.0.0.1:8080%{REQUEST_URI} [P,QSA,L]
+
+	<Proxy http://localhost:8080>
+
+		Require all granted
+
+		Options none
+	</Proxy>
+
+	ErrorLog ${APACHE_LOG_DIR}/expose.domain.tld-error.log
+	CustomLog ${APACHE_LOG_DIR}/expose.domain.tld-access.log combined
+
+	SSLCertificateFile /etc/letsencrypt/live/expose.domain.tld-0001/fullchain.pem
+	SSLCertificateKeyFile /etc/letsencrypt/live/expose.domain.tld-0001/privkey.pem
+	Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>
+```