- creato editor di Pagine (iniziato)

- fix: mancano i "t," su alcuni componenti...

docs/apache2/OLD_sites-available/dominioinclude_test.riso.app.conf

@@ -0,0 +1,4 @@
+Define MIODOMINIO riso.app
+Define MIODOMINIO_COMPLETO test.riso.app
+Define MIOURL_API testapi.riso.app
+Define PORTA 3005

docs/apache2/OLD_sites-available/websites_ssl_virtualhost.conf

@@ -0,0 +1,30 @@
+<VirtualHost 65.108.222.97:80>
+    ServerName ${MIODOMINIO_COMPLETO}
+    RewriteEngine On
+
+    # Forza la connessione HTTPS
+    RewriteCond %{HTTPS} off
+    RewriteRule ^ https://${MIODOMINIO_COMPLETO}%{REQUEST_URI} [L,R=301]
+</VirtualHost>
+
+<VirtualHost 65.108.222.97:443>
+  ServerName ${MIODOMINIO_COMPLETO}
+  DocumentRoot /var/www/${MIODOMINIO_COMPLETO}
+  ServerAdmin surya@riso.app
+  SSLEngine On
+  SSLProtocol -ALL +TLSv1.2
+  SSLCompression Off
+  SSLHonorCipherOrder off
+  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
+  SSLVerifyDepth 10
+  SSLCertificateFile /etc/letsencrypt/live/${MIODOMINIO}/cert.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
+  <Directory /var/www/${MIODOMINIO_COMPLETO}/>
+    CGIPassAuth On
+    Require all granted
+    AllowOverride All
+  </Directory>
+  LogLevel warn
+  ErrorLog "/var/www/${MIODOMINIO_COMPLETO}/logs/error.log"
+  CustomLog "/var/www/${MIODOMINIO_COMPLETO}/logs/access.log" combined
+</VirtualHost>

docs/apache2/sites-available/000-default-ssl.conf

@@ -0,0 +1,11 @@
+<VirtualHost *:443>
+    ServerName _default_
+    SSLEngine on
+    SSLCertificateFile    /etc/letsencrypt/live/riso.app/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/riso.app/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    Protocols h2 http/1.1
+
+    # Puoi anche fare un 403:
+    Redirect 403 /
+</VirtualHost>

docs/apache2/sites-available/dominioinclude.riso.app.conf

@@ -0,0 +1,4 @@
+Define MIODOMINIO riso.app
+Define MIODOMINIO_COMPLETO riso.app
+Define MIOURL_API api.riso.app
+Define PORTA 3006

docs/apache2/sites-available/websites_ssl.riso.app.conf

@@ -0,0 +1,3 @@
+Include /etc/apache2/sites-available/dominioinclude.riso.app.conf
+
+Include /etc/apache2/sites-available/websites_ssl_virtualhost.conf

docs/apache2/sites-available/websites_ssl_test.riso.app.conf

@@ -0,0 +1,3 @@
+Include /etc/apache2/sites-available/dominioinclude_test.riso.app.conf
+
+Include /etc/apache2/sites-available/websites_ssl_virtualhost_sottodomini.conf

docs/apache2/sites-available/websites_ssl_virtualhost.conf

@@ -1,30 +1,94 @@
-<VirtualHost 65.108.222.97:80>
-    ServerName ${MIODOMINIO_COMPLETO}
-    RewriteEngine On
+# ==================== APEX (SITO) ====================
+# HTTP -> HTTPS
+<VirtualHost *:80>
+    ServerName ${MIODOMINIO}
+    ServerAlias www.${MIODOMINIO}
 
-    # Forza la connessione HTTPS
-    RewriteCond %{HTTPS} off
-    RewriteRule ^ https://${MIODOMINIO_COMPLETO}%{REQUEST_URI} [L,R=301]
+    RewriteEngine On
+    RewriteRule ^ https://${MIODOMINIO}%{REQUEST_URI} [R=301,L]
+
+    ErrorLog  /var/log/apache2/${MIODOMINIO}-error.log
+    CustomLog /var/log/apache2/${MIODOMINIO}-access.log combined
 </VirtualHost>
 
-<VirtualHost 65.108.222.97:443>
-  ServerName ${MIODOMINIO_COMPLETO}
-  DocumentRoot /var/www/${MIODOMINIO_COMPLETO}
-  ServerAdmin surya@riso.app
-  SSLEngine On
-  SSLProtocol -ALL +TLSv1.2
-  SSLCompression Off
-  SSLHonorCipherOrder off
-  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
-  SSLVerifyDepth 10
-  SSLCertificateFile /etc/letsencrypt/live/${MIODOMINIO}/cert.pem
-  SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
-  <Directory /var/www/${MIODOMINIO_COMPLETO}/>
-    CGIPassAuth On
-    Require all granted
-    AllowOverride All
-  </Directory>
-  LogLevel warn
-  ErrorLog "/var/www/${MIODOMINIO_COMPLETO}/logs/error.log"
-  CustomLog "/var/www/${MIODOMINIO_COMPLETO}/logs/access.log" combined
+# HTTPS (servizio sito - NO proxy qui)
+<VirtualHost *:443>
+    ServerName ${MIODOMINIO}
+    ServerAlias www.${MIODOMINIO}
+
+    DocumentRoot /var/www/${MIODOMINIO_COMPLETO}
+
+    SSLEngine on
+    SSLCertificateFile    /etc/letsencrypt/live/${MIODOMINIO}/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    Protocols h2 http/1.1
+
+    <Directory "/var/www/${MIODOMINIO_COMPLETO}">
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    DirectoryIndex index.html
+
+    # (Opzionale per SPA Quasar/Vue)
+    # RewriteEngine On
+    # RewriteCond %{REQUEST_FILENAME} !-f
+    # RewriteCond %{REQUEST_FILENAME} !-d
+    # RewriteRule ^ /index.html [L]
+
+    ErrorLog  /var/log/apache2/${MIODOMINIO}-error.log
+    CustomLog /var/log/apache2/${MIODOMINIO}-access.log combined
+</VirtualHost>
+
+
+# ==================== API ====================
+# HTTP -> HTTPS
+<VirtualHost *:80>
+    ServerName ${MIOURL_API}
+
+    RewriteEngine On
+    RewriteRule ^ https://${MIOURL_API}%{REQUEST_URI} [R=301,L]
+
+    ErrorLog  /var/log/apache2/${MIOURL_API}-error.log
+    CustomLog /var/log/apache2/${MIOURL_API}-access.log combined
+</VirtualHost>
+
+# HTTPS (proxy verso backend)
+<VirtualHost *:443>
+    ServerName ${MIOURL_API}
+    ServerAdmin surya@riso.app
+
+    SSLEngine on
+    SSLCertificateFile    /etc/letsencrypt/live/${MIODOMINIO}/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    Protocols h2 http/1.1
+
+    ProxyPreserveHost On
+
+    # ===== SCEGLI UNO DEI DUE BLOCCHI, in base al TUO backend su ${PORTA} =====
+    # --- Backend HTTP (più comune) ---
+    # ProxyPass        / http://127.0.0.1:${PORTA}/ retry=0 timeout=310 connectiontimeout=30
+    # ProxyPassReverse / http://127.0.0.1:${PORTA}/
+
+    # --- Backend HTTPS (nel tuo caso probabile, visto l’“Empty reply” via HTTP) ---
+    SSLProxyEngine On
+    SSLProxyVerify none
+    SSLProxyCheckPeerName off
+    ProxyPass        / https://127.0.0.1:${PORTA}/ retry=0 timeout=310 connectiontimeout=30
+    ProxyPassReverse / https://127.0.0.1:${PORTA}/
+    # ==========================================================================
+
+    <Proxy *>
+        Require all granted
+    </Proxy>
+
+    ProxyTimeout 310
+    Timeout 310
+    ProxyBadHeader Ignore
+
+    ErrorLog  /var/log/apache2/${MIOURL_API}-error.log
+    CustomLog /var/log/apache2/${MIOURL_API}-access.log combined
 </VirtualHost>

docs/apache2/sites-available/websites_ssl_virtualhost_sottodomini.conf

@@ -0,0 +1,92 @@
+# ==================== APEX (SITO) ====================
+# HTTP -> HTTPS
+<VirtualHost *:80>
+    ServerName ${MIODOMINIO_COMPLETO}
+
+    RewriteEngine On
+    RewriteRule ^ https://${MIODOMINIO_COMPLETO}%{REQUEST_URI} [R=301,L]
+
+    ErrorLog  /var/log/apache2/${MIODOMINIO_COMPLETO}-error.log
+    CustomLog /var/log/apache2/${MIODOMINIO_COMPLETO}-access.log combined
+</VirtualHost>
+
+# HTTPS (servizio sito - NO proxy qui)
+<VirtualHost *:443>
+    ServerName ${MIODOMINIO_COMPLETO}
+
+    DocumentRoot /var/www/${MIODOMINIO_COMPLETO}
+
+    SSLEngine on
+    SSLCertificateFile    /etc/letsencrypt/live/${MIODOMINIO}/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    Protocols h2 http/1.1
+
+    <Directory "/var/www/${MIODOMINIO_COMPLETO}">
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    DirectoryIndex index.html
+
+    # (Opzionale per SPA Quasar/Vue)
+    # RewriteEngine On
+    # RewriteCond %{REQUEST_FILENAME} !-f
+    # RewriteCond %{REQUEST_FILENAME} !-d
+    # RewriteRule ^ /index.html [L]
+
+    ErrorLog  /var/log/apache2/${MIODOMINIO_COMPLETO}-error.log
+    CustomLog /var/log/apache2/${MIODOMINIO_COMPLETO}-access.log combined
+</VirtualHost>
+
+
+# ==================== API ====================
+# HTTP -> HTTPS
+<VirtualHost *:80>
+    ServerName ${MIOURL_API}
+
+    RewriteEngine On
+    RewriteRule ^ https://${MIOURL_API}%{REQUEST_URI} [R=301,L]
+
+    ErrorLog  /var/log/apache2/${MIOURL_API}-error.log
+    CustomLog /var/log/apache2/${MIOURL_API}-access.log combined
+</VirtualHost>
+
+# HTTPS (proxy verso backend)
+<VirtualHost *:443>
+    ServerName ${MIOURL_API}
+    ServerAdmin surya@riso.app
+
+    SSLEngine on
+    SSLCertificateFile    /etc/letsencrypt/live/${MIODOMINIO}/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/${MIODOMINIO}/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+    Protocols h2 http/1.1
+
+    ProxyPreserveHost On
+
+    # ===== SCEGLI UNO DEI DUE BLOCCHI, in base al TUO backend su ${PORTA} =====
+    # --- Backend HTTP (più comune) ---
+    # ProxyPass        / http://127.0.0.1:${PORTA}/ retry=0 timeout=310 connectiontimeout=30
+    # ProxyPassReverse / http://127.0.0.1:${PORTA}/
+
+    # --- Backend HTTPS (nel tuo caso probabile, visto l’“Empty reply” via HTTP) ---
+    SSLProxyEngine On
+    SSLProxyVerify none
+    SSLProxyCheckPeerName off
+    ProxyPass        / https://127.0.0.1:${PORTA}/ retry=0 timeout=310 connectiontimeout=30
+    ProxyPassReverse / https://127.0.0.1:${PORTA}/
+    # ==========================================================================
+
+    <Proxy *>
+        Require all granted
+    </Proxy>
+
+    ProxyTimeout 310
+    Timeout 310
+    ProxyBadHeader Ignore
+
+    ErrorLog  /var/log/apache2/${MIOURL_API}-error.log
+    CustomLog /var/log/apache2/${MIOURL_API}-access.log combined
+</VirtualHost>