Naptastic

Default vhost:

<VirtualHost *:80>
  ServerAdmin [% serveradmin %]

    <Location "/server-status">
        SetHandler server-status
        Require local
        Require ip 10.0.0.0/8
        Require ip 172.16.0.0/12
        Require ip 192.168.0.0/16
    </Location>

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://[% servername %]/$1 [R,L]

</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Static site:

ServerSignature Off

<VirtualHost *:80>
    ServerName [% servername %]
    
    RewriteEngine On
    RewriteCond %{SERVER_NAME} =[% servername %]
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName [% servername %]
    DocumentRoot /var/www/[% servername %]
    ServerAdmin [% serveradmin %]

    <IfModule ssl_module>
        SSLCertificateFile [% let_certbot_fill_this_in %]
        SSLCertificateKeyFile [% let_certbot_fill_this_in %]
        SSLCACertificateFile [% let_certbot_fill_this_in %]
    </IfModule>

    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

Wordpress blog:

<VirtualHost *:80>
    ServerName [% servername %]

    RewriteEngine On
    RewriteCond %{SERVER_NAME} =[% servername %]
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName [% servername %]
    ServerAdmin [% serveradmin %]
    DocumentRoot /var/www/[% servername %]/

    <Directory /var/www/[% servername %]/>
        DirectoryIndex index.php
        Options -Indexes -MultiViews
        AllowOverride all
    </Directory>

    <IfModule ssl_module>
        SSLCertificateFile [% let_certbot_fill_this_in %]
        SSLCertificateKeyFile [% let_certbot_fill_this_in %]
        SSLCACertificateFile [% let_certbot_fill_this_in %]
    </IfModule>

    <FilesMatch ".+\.ph(ar|p|tml)$">
        SetHandler "proxy:unix:/run/php/[% phpuser %].sock|fcgi://localhost"
    </FilesMatch>

    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

Reverse proxy to Oobabooga with VirtualHost name and SSL:

<VirtualHost *:80>
    ServerName [% servername %]
    ServerAdmin [% serveradmin %]
    DocumentRoot /var/www/[% servername %]/

    RewriteEngine On
    RewriteCond %{SERVER_NAME} =[% servername %]
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<Virtualhost *:443>
    ServerName [% servername %]
    ServerAdmin [% serveradmin %]

    <IfModule ssl_module>
        SSLCertificateFile [% let_certbot_fill_this_in %]
        SSLCertificateKeyFile [% let_certbot_fill_this_in %]
        SSLCACertificateFile [% let_certbot_fill_this_in %]
    </IfModule>

    Include /etc/letsencrypt/options-ssl-apache.conf

    # XXX experimental blocking API proxy endpoint
    ProxyPass /api/ http://[% ooba_ip %]:5000/api/
    # Known-good web UI http reverse-proxy
    ProxyPass / http://[% ooba_ip %]:7860/
    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    # XXX experimental streaming API proxy endpoint
    RewriteRule ^/api/v1/stream/?(.*) "ws://[% ooba_ip %]:5005/api/v1/stream/$1" [P,L]
    # Known-good web UI ws reverse-proxy
    RewriteRule ^/?(.*) "ws://[% ooba_ip %]:7860/$1" [P,L]

</Virtualhost>

Reverse proxy to Transmission (no SSL yet):

<VirtualHost *:80>
    ServerName [% servername %]
    ServerAdmin [% serveradmin %]
    DocumentRoot /var/www/[% servername %]

    <Directory "/">
        Require local
        Require ip 10.0.0.0/8
        Require ip 172.16.0.0/12
        Require ip 192.168.0.0/16
    </Directory>

    RewriteEngine On
    RewriteRule /(.*) http://[% transmission_ip %]:9091/$1 [P]
</VirtualHost>

DokuWiki:

favicon.ico is still the default forever

<VirtualHost *:80>
    ServerName [% servername %]

    RewriteEngine On
    RewriteCond %{SERVER_NAME} =[% servername %]
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName [% servername %]
    ServerAdmin [% serveradmin %]
    DocumentRoot /var/www/[% servername %]/

    <Directory /var/www/[% servername %]/>
        DirectoryIndex doku.php
        AllowOverride all

        RewriteEngine on

        RewriteBase /

        RewriteRule ^_media/(.*)              lib/exe/fetch.php?media=$1  [QSA,L]
        RewriteRule ^_detail/(.*)             lib/exe/detail.php?media=$1  [QSA,L]
        RewriteRule ^_export/([^/]+)/(.*)     doku.php?do=export_$1&id=$2  [QSA,L]
        RewriteRule ^$                        doku.php  [L]
        RewriteCond %{REQUEST_FILENAME}       !-f
        RewriteCond %{REQUEST_FILENAME}       !-d
        RewriteRule (.*)                      doku.php?id=$1  [QSA,L]
        RewriteRule ^index.php$               doku.php
    </Directory>

    <IfModule ssl_module>
        SSLCertificateFile [% let_certbot_fill_this_in %]
        SSLCertificateKeyFile [% let_certbot_fill_this_in %]
        SSLCACertificateFile [% let_certbot_fill_this_in %]
    </IfModule>

    <FilesMatch ".+\.ph(ar|p|tml)$">
        SetHandler "proxy:unix:/run/php/[% phpuser %].sock|fcgi://localhost"
    </FilesMatch>

    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>