From 25a0c0e69b267c25db039d49b8c27833913b45b1 Mon Sep 17 00:00:00 2001
From: RenonDis <renon@disroot.org>
Date: Thu, 7 Jun 2018 10:15:31 +0200
Subject: [PATCH] XForwardedProto to https & covers granted

---
 deploy/apache.conf | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/deploy/apache.conf b/deploy/apache.conf
index 5b74efecdc..f6f9719f6a 100644
--- a/deploy/apache.conf
+++ b/deploy/apache.conf
@@ -9,7 +9,7 @@ Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
 # Define funkwhale-api-ws ws://localhost:5000
 
 
-# HTTP request redirected to HTTPS
+# HTTP requests redirected to HTTPS
 <VirtualHost *:80>
    ServerName ${funkwhale-sn}
 
@@ -22,7 +22,6 @@ Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
       Options None
       Require all granted
    </Location>
-
 </VirtualHost>
 
 
@@ -46,6 +45,8 @@ Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
    SSLCertificateKeyFile /etc/letsencrypt/live/${funkwhale-sn}/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
 
+   # Tell the api that the client is using https
+   RequestHeader set X-Forwarded-Proto "https"
 
    DocumentRoot /srv/funkwhale/front/dist
 
@@ -112,6 +113,12 @@ Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
       Require all granted
    </Directory>
 
+   <Directory /srv/funkwhale/data/media/albums>
+      Options FollowSymLinks
+      AllowOverride None
+      Require all granted
+   </Directory>
+
    # XSendFile is serving audio files
    # WARNING : permissions on paths specified below overrides previous definition,
    # everything under those paths is potentially exposed.
@@ -123,6 +130,5 @@ Define MUSIC_DIRECTORY_PATH /srv/funkwhale/data/music
       XSendFilePath ${MUSIC_DIRECTORY_PATH}
       SetEnv MOD_X_SENDFILE_ENABLED 1
    </IfModule>
-
 </VirtualHost>
 </IfModule>
-- 
GitLab