Listen 8000
Listen 8080

# Deny access to .ht files
<Files ".ht*">
    Require all denied
</Files>

# Http host
<VirtualHost *:8000>
    ServerName localhost

    # Add error log
    CustomLog /proc/self/fd/1 proxy
    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
    ErrorLog /proc/self/fd/2
    ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]"
    LogLevel warn

    # PHP match
    <FilesMatch "\.php$">
        SetHandler "proxy:fcgi://127.0.0.1:9000"
    </FilesMatch>
    # Master dir
    DocumentRoot /var/www/docker-aio/php/public/
    <Directory /var/www/docker-aio/php/public/>
        RewriteEngine On
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^ index.php [QSA,L]
        Options Indexes FollowSymLinks
        Require all granted
        AllowOverride All
        Options FollowSymLinks MultiViews
        Satisfy Any
        <IfModule mod_dav.c>
            Dav off
        </IfModule>
    </Directory>
</VirtualHost>

# Https host
<VirtualHost *:8080>
    # Proxy to https
    ProxyPass / http://127.0.0.1:8000/
    ProxyPassReverse / http://127.0.0.1:8000/
    ProxyPreserveHost On
    # SSL
    SSLCertificateKeyFile /etc/apache2/certs/ssl.key
    SSLCertificateFile /etc/apache2/certs/ssl.crt
    SSLEngine               on
    SSLProtocol             -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
    SSLHonorCipherOrder     off
    SSLSessionTickets       off
</VirtualHost>

# Increase timeout in case e.g. the initial download takes a long time
Timeout 7200
ProxyTimeout 7200

# See https://httpd.apache.org/docs/trunk/mod/core.html#traceenable
TraceEnable Off