Example Pump.io apache configuration

Someone on IRC asked how to run pump behind an Apache2 proxy, I thought I'd extract my configuration and try to post it so maybe it'd be helpful for others.

You'll need to enable proxy, proxy_http and proxy_wstunnel:

a2enmod proxy proxy_http proxy_wstunnel

<foo> represent variables to be replaced

You'll need to pick a consistent <port>, just pick an unused localhost one

sites-enabled/<name>.conf:

<VirtualHost *:80>
    ServerName <domain name>
    RedirectPermanent / https://<domain name>/
</VirtualHost>

<VirtualHost *:443>
    #LogLevel Debug
    ServerName <domain name>
    DocumentRoot /var/www/
    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/<domain name>/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<domain name>/privkey.pem
    SSLCACertificateFile /etc/ssl/certs/ca-certificates.crt

    SSLProxyEngine On
    ProxyPreserveHost On

    <Location /main/realtime/sockjs/>
        ProxyPass wss://127.0.0.1:<port>/main/realtime/sockjs/
        ProxyPassReverse wss://127.0.0.1:<port>/main/realtime/sockjs/
    </Location>

    ProxyPass / https://127.0.0.1:<port>/
    ProxyPassReverse / https://127.0.0.1:<port>/

</VirtualHost>

example settings for pump.io.json:

{
    "driver":  "mongodb",
    "params":  {"host": "localhost", "dbname": <dbname>},
    "secret":  <secret>,
    "noweb":  false,
    "site":  <domain name>,
    "owner":  <your public name>,
    "ownerURL":  <default url>,
    "port":  <port>,
    "hostname":  <domain name>,
    "urlPort": 443,
    "address":  "localhost",
    "nologger":  false,
    "logfile": "/var/log/pump.io/pump.log",
    "serverUser":  "pumpio",
    "key":  "/etc/letsencrypt/live/<domain name>/privkey.pem",
    "cert":  "/etc/letsencrypt/live/<domain name>/fullchain.pem",
    "datadir": <your data dir>,
    "debugClient": false,
    "firehose": false,
    "smtpserver": "locahost",
    "smtpfrom": "<sender>@<mail name>",
    "noCDN": true,
    "sockjs": false,
    "disableRegistration": true
}

Yes its silly to speak HTTPS over localhost but, some of the URLs generated by the pump server were wrong without pump thinking that its talking HTTPS.