Verified Commit 24425ea5 authored by Eliot Berriot's avatar Eliot Berriot
Browse files

Updated documentation with apache2 reverse-proxy instructions

parent 770f9fbd
Sample virtual-host file for Apache2 reverse-proxy (!165)
# Following variables should be modified according to your setup
Define funkwhale-api http://192.168.1.199:5000
Define funkwhale-api-ws ws://192.168.1.199:5000
Define funkwhale-sn funkwhale.duckdns.org
Define MUSIC_DIRECTORY_PATH /music/directory/path
# Following variables MUST be modified according to your setup
Define funkwhale-sn funkwhale.yourdomain.com
# Following variables should be modified according to your setup and if you
# use different configuration than what is described in our installation guide.
Define funkwhale-api http://localhost:5000
Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
# websockets are not working yet
# Define funkwhale-api-ws ws://localhost:5000
# HTTP request redirected to HTTPS
<VirtualHost *:80>
ServerName ${funkwhale-sn}
# Default is to force https
RewriteEngine on
RewriteCond %{SERVER_NAME} =${funkwhale-sn}
......@@ -26,7 +30,7 @@ Define MUSIC_DIRECTORY_PATH /music/directory/path
<VirtualHost *:443>
ServerName ${funkwhale-sn}
# Path to ErrorLog and access log
# Path to ErrorLog and access log
ErrorLog ${APACHE_LOG_DIR}/funkwhale/error.log
CustomLog ${APACHE_LOG_DIR}/funkwhale/access.log combined
......@@ -56,26 +60,21 @@ Define MUSIC_DIRECTORY_PATH /music/directory/path
</IfModule>
# Turning ProxyRequests on and allowing proxying from all may allow
# spammers to use your proxy to send email.
# spammers to use your proxy to send email.
ProxyRequests Off
<Proxy *>
<Proxy *>
AddDefaultCharset off
Order Allow,Deny
Allow from all
# Here you can set a password using htpasswd to protect your proxy server
#Authtype Basic
#Authname "Password Required"
#AuthUserFile /etc/apache2/.htpasswd
#Require valid-user
</Proxy>
# Activating WebSockets (not working)
ProxyPass "/api/v1/instance/activity" "ws://192.168.1.199:5000/api/v1/instance/activity"
# ProxyPass "/api/v1/instance/activity" "ws://localhost:5000/api/v1/instance/activity"
<Location "/api">
# similar to nginx 'client_max_body_size 30M;'
LimitRequestBody 31457280
LimitRequestBody 31457280
ProxyPass ${funkwhale-api}/api
ProxyPassReverse ${funkwhale-api}/api
......@@ -84,7 +83,7 @@ Define MUSIC_DIRECTORY_PATH /music/directory/path
ProxyPass ${funkwhale-api}/federation
ProxyPassReverse ${funkwhale-api}/federation
</Location>
<Location "/.well-known/webfinger">
ProxyPass ${funkwhale-api}/.well-known/webfinger
ProxyPassReverse ${funkwhale-api}/.well-known/webfinger
......@@ -95,9 +94,9 @@ Define MUSIC_DIRECTORY_PATH /music/directory/path
Alias /staticfiles /srv/funkwhale/data/static
# Setting appropriate access levels to serve frontend
<Directory "/srv/funkwhale/data/static">
<Directory "/srv/funkwhale/data/static">
Options FollowSymLinks
AllowOverride None
AllowOverride None
Require all granted
</Directory>
......@@ -114,7 +113,7 @@ Define MUSIC_DIRECTORY_PATH /music/directory/path
#LoadModule xsendfile_module modules/mod_xsendfile.so
<IfModule mod_xsendfile.c>
XSendFile On
XSendFilePath /srv/funkwhale/data/media
XSendFilePath /srv/funkwhale/data/media
XSendFilePath ${MUSIC_DIRECTORY_PATH}
SetEnv MOD_X_SENDFILE_ENABLED 1
</IfModule>
......
......@@ -86,7 +86,7 @@ Files for the web frontend are purely static and can simply be downloaded, unzip
Reverse proxy
--------------
In order to make funkwhale accessible from outside your server and to play nicely with other applications on your machine, you should configure a reverse proxy. At the moment, we only have documentation for nginx, if you know how to implement the same thing for apache, you're welcome.
In order to make funkwhale accessible from outside your server and to play nicely with other applications on your machine, you should configure a reverse proxy.
Nginx
^^^^^
......@@ -106,7 +106,41 @@ Then, download our sample virtualhost file and proxy conf:
curl -L -o /etc/nginx/sites-available/funkwhale.conf "https://code.eliotberriot.com/funkwhale/funkwhale/raw/|version|/deploy/nginx.conf"
ln -s /etc/nginx/sites-available/funkwhale.conf /etc/nginx/sites-enabled/
Ensure static assets and proxy pass match your configuration, and check the configuration is valid with ``nginx -t``. If everything is fine, you can restart your nginx server with ``service nginx restart``.
Ensure static assets and proxy pass match your configuration, and check the configuration is valid with ``nginx -t``.
If everything is fine, you can restart your nginx server with ``service nginx restart``.
Apache2
^^^^^^^
.. note::
Apache2 support is still very recent and the following features
are not working yet:
- Websocket (used for real-time updates on Instance timeline)
- Transcoding of audio files
Those features are not necessary to use your Funkwhale instance, and
transcoding in particular is still in alpha-state anyway.
Ensure you have a recent version of apache2 installed on your server.
You'll also need the following dependencies::
apt install libapache2-mod-xsendfile
Then, download our sample virtualhost file:
.. parsed-literal::
curl -L -o /etc/apache2/sites-available/funkwhale.conf "https://code.eliotberriot.com/funkwhale/funkwhale/raw/|version|/deploy/apache.conf"
ln -s /etc/apache2/sites-available/funkwhale.conf /etc/apache2/sites-enabled/
You can tweak the configuration file according to your setup, especially the
TLS configuration. Otherwise, defaults, should work if you followed the
installation guide.
Check the configuration is valid with ``apache2ctl configtest``, and once you're
done, load the new configuration with ``service apache2 restart``.
About internal locations
~~~~~~~~~~~~~~~~~~~~~~~~
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment