ServerName ${FQDN} # Redirect HTTP to HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] ServerName ${FQDN} # SSL Configuration (adjust paths as needed) SSLEngine on SSLCertificateFile /etc/letsencrypt/live/${FQDN}/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/${FQDN}/privkey.pem # Document root for static files served directly by Apache DocumentRoot /site/${FQDN}/public # Serve static files directly via Apache (bypasses Go app) Options -Indexes +FollowSymLinks AllowOverride None Require all granted # Cache static assets Header set Cache-Control "max-age=31536000, public" # Static files served by Apache Alias /static /site/${FQDN}/public # WebSocket support (Requires mod_proxy_wstunnel) # Must be placed BEFORE the generic ProxyPass / ProxyPass /ws/ ws://127.0.0.1:8080/ws/ ProxyPassReverse /ws/ ws://127.0.0.1:8080/ws/ # Proxy all other requests to Go application ProxyPreserveHost On ProxyPass /static ! ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/ # Logging ErrorLog ${APACHE_LOG_DIR}/${FQDN}-error.log CustomLog ${APACHE_LOG_DIR}/${FQDN}-access.log combined