ServerName p7s1.panoo.tv

ServerAdmin webmaster@panoo
DocumentRoot /panoo/www/htdocs/


<Directory /panoo/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

<Directory /panoo/ypics/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>


<Directory /panoo/www/htdocs/docs/>
        Options FollowSymLinks
        AllowOverride None
        Require all granted

        # Enable rewriting for Vue Router
        RewriteEngine On

        # Handle client-side routing - if file/directory doesn't exist, serve index.html
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . /docs/index.html [L]
</Directory>



<Macro Services>

	Alias "/ypics" "/panoo/ypics"


</Macro>




<Macro Proxy>

	ProxyRequests  Off
	ProxyVia  On
	ProxyPass "/index.html" "!"
	ProxyPass "/favicon.ico" "!"
	ProxyPass "/common" "!"
	ProxyPass "/update" "!"
	ProxyPass "/assets" "!"
	ProxyPass "/webrtc" "!"
	ProxyPass "/ypics" "!"
	ProxyPass "/.well-known" "!"

	# disable swagger docs
	ProxyPass /docs/ "!"

	# the panoo relay instance
	# the websocket
	ProxyPass /api/relay/v16/relay-ws ws://relay:1920/api/v16/relay-ws retry=10
	# everything else
	ProxyPass /api/relay/v16/ http://relay:1920/api/v16/ retry=10
	# old, deprecated, DEPRECATED!!!
	ProxyPass /relay/v16/websocket/ ws://relay:1920/api/v16/websocket/ retry=10
	# static files
	ProxyPass /relay/static/ http://relay:1920/static/ retry=10
	#
	# this should be the only config
	ProxyPass /relay/ http://relay:1920/relay/ retry=10



	# the panoo central endpoints
	ProxyPass /central/ http://panoo:8088/central/ retry=10
	ProxyPass /v12/ http://panoo:8088/v12/ retry=10
	ProxyPass /v16/ http://panoo:8088/v16/ retry=10

	# Panoo Live
	ProxyPass /webrtc-ws ws://host.docker.internal:9001/webrtc-ws retry=10
	ProxyPass /panoo-live/ http://host.docker.internal:9000/live/ retry=10
	ProxyPass /live/ http://host.docker.internal:9000/live/ retry=10

	# Panoo Calendar / Scheduler
	ProxyPass /calendar/ http://scheduler:7889/calendar/ retry=10
	ProxyPass /api/calendar/v1/ http://scheduler:7889/api/ retry=10

	# Hanko & Dime
	ProxyPass /auth/ http://dime:7989/auth/ retry=10
	ProxyPass /hanko/ http://hanko:8000/ retry=10
	ProxyPass /secret-deploy/ http://deploy-webhook:3000/ retry=10

	# ================================================================
	# FlypSite API
	# ================================================================
	ProxyPass /playout/ http://live.flyp.tv/ retry=10
	ProxyPass /file/ http://flypapi:5577/file/ retry=10
	ProxyPass /v2/ http://flypapi:5577/v2/ retry=10
	ProxyPass /v1/ http://flypapi:5577/v1/ retry=10
	ProxyPass /f/ http://flypapi:5577/f/ retry=10
	ProxyPassReverse /f/ http://flypapi:5577/f/


	# ================================================================
	# this match is used to redirect the root path to the index page
	# weird construct, but without, it would add a / at the end of the URL
	# ================================================================
	ProxyPassMatch "^(/)$" "http://dime:7989/auth$1index"

	# ================================================================
	# Everything else is proxied to the FlypHQ instance
	# ================================================================
	ProxyPass / http://flyphq:80/ retry=10

</Macro>




<VirtualHost *:80>

	ServerName p7s1.panoo.tv

	ServerAdmin webmaster@panoo
	DocumentRoot /panoo/www/htdocs/

	<Directory /panoo/www/htdocs/>                                                                 
       	 Options Indexes FollowSymLinks                                                  
         AllowOverride None                                                              
         Require all granted                                                             
        </Directory> 
</VirtualHost>

<VirtualHost *:81>

	DocumentRoot /panoo/www/htdocs/

	ScriptAlias "/cgi/" "/panoo/www/cgi/"
	AddHandler cgi-script .cgi .pl .sh

	<Directory "/panoo/www/cgi/">
		Options +ExecCGI
		Require all granted
	</Directory>

</VirtualHost>


<IfFile "/etc/letsencrypt/live/p7s1.panoo.tv/fullchain.pem">
	<VirtualHost *:443>

		DocumentRoot /panoo/www/htdocs/

		Use Services
		Use Proxy

		#
		SSLEngine on

		# enable HTTP/2, if available
		Protocols h2 http/1.1

		# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
		Header always set Strict-Transport-Security "max-age=63072000"


		SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
		SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
		SSLHonorCipherOrder     off
		SSLSessionTickets       off

		# SSLCertificateFile /panoo/www/cert/fullchain.pem
		# SSLCertificateKeyFile /panoo/www/cert/privkey.pem
		SSLCertificateFile /etc/letsencrypt/live/p7s1.panoo.tv/fullchain.pem
		SSLCertificateKeyFile /etc/letsencrypt/live/p7s1.panoo.tv/privkey.pem

	</VirtualHost>
</IfFile>


<IfFile "/panoo/ca/certs/p7s1.panoo.tv.chain.pem">
	<VirtualHost *:8089>

		DocumentRoot /panoo/www/htdocs/

		Use Services
		Use Proxy

		SSLEngine on

		# enable HTTP/2, if available
		Protocols h2 http/1.1

		# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
		Header always set Strict-Transport-Security "max-age=63072000"

		SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
		SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
		SSLHonorCipherOrder     off
		SSLSessionTickets       off


		SSLCertificateFile /panoo/ca/certs/p7s1.panoo.tv.chain.pem
		SSLCertificateKeyFile /panoo/ca/private/p7s1.panoo.tv.key.pem

	</VirtualHost>
</IfFile>