# The port 80 host is required for renewing Let's Encrypt certificates. By default document root is shared by all sites
# requiring SSL support, but this may be changed to {{ deploy.shared_path }}/maint/www in the deployment template if
# a custom maintenance site is required.
ServerName {{ domain_name }}
ServerAlias *.{{ domain_name }}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/.well-known [NC]
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
DocumentRoot /var/www/maint/www
# The 443 host is where the application is actually served.
ServerName {{ domain_name }}
DocumentRoot {{ install_path }}/{{ domain_tld }}
Options FollowSymLinks
Allowoverride All
Require all granted
Options None
Require all denied
Options None
Required all granted
Options None
Required all granted
Options None
Required all granted
ErrorLog ${APACHE_LOG_DIR}/matomo_error.log
CustomLog ${APACHE_LOG_DIR}/matomo_access.log combined
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/{{ domain_name }}/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/{{ domain_name }}/fullchain.pem