avm/state-corp-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e9d7f24aaad4b50297769afb0893b6d4cfc7769b
state-corp-backend/deploy/apache/project.conf
Aleksandr Meshchriakov e9d7f24aaa
Some checks failed
CI/CD Pipeline / Run Tests (push) Failing after 0s
Details
CI/CD Pipeline / Code Quality Checks (push) Failing after 1m43s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been skipped
Details
first commit
2026-01-21 12:07:35 +01:00

80 lines
2.7 KiB
Plaintext
Raw Blame History

# Конфигурация Apache 2.4.57 для Django приложения
# Разместить в /etc/apache2/sites-available/project.conf
<VirtualHost *:80>
ServerName your-domain.com
ServerAlias www.your-domain.com
# Редирект на HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName your-domain.com
ServerAlias www.your-domain.com
# SSL конфигурация
SSLEngine on
SSLCertificateFile /etc/ssl/certs/your-cert.pem
SSLCertificateKeyFile /etc/ssl/private/your-key.pem
SSLCertificateChainFile /etc/ssl/certs/your-chain.pem
# SSL настройки безопасности
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
SSLHonorCipherOrder off
SSLSessionTickets off
# Основные настройки
DocumentRoot /var/www/project
# WSGI конфигурация
WSGIDaemonProcess project python-path=/var/www/project/src python-home=/var/www/project/venv
WSGIProcessGroup project
WSGIScriptAlias / /var/www/project/src/config/wsgi.py
WSGIApplicationGroup %{GLOBAL}
# Права доступа к WSGI файлу
<Directory /var/www/project/src>
Require all granted
</Directory>
# Статические файлы
Alias /static/ /var/www/project/staticfiles/
<Directory /var/www/project/staticfiles>
Require all granted
ExpiresActive On
ExpiresDefault "access plus 1 year"
Header append Cache-Control "public"
</Directory>
# Медиа файлы
Alias /media/ /var/www/project/media/
<Directory /var/www/project/media>
Require all granted
ExpiresActive On
ExpiresDefault "access plus 1 year"
Header append Cache-Control "public"
</Directory>
# Логи
ErrorLog ${APACHE_LOG_DIR}/project_error.log
CustomLog ${APACHE_LOG_DIR}/project_access.log combined
# Заголовки безопасности
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Referrer-Policy "no-referrer-when-downgrade"
# Ограничение размера загрузки
LimitRequestBody 104857600
# Health check endpoint
<Location "/health/">
SetHandler none
Require all granted
</Location>
</VirtualHost>
Reference in New Issue View Git Blame Copy Permalink