ServerName vpn02.test.com ServerAdmin support@test.com SSLEngine On SSLCertificateFile /etc/letsencrypt/live/vpn02.test.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/vpn02.test.com/privkey.pem # Enable HTTP/2 for gRPC Protocols h2 http/1.1 KeepAlive On ProxyPreserveHost On ProxyRequests Off # The order of these rules is important: most specific paths must come first. # 1. Management REST API (HTTP) -> internal port 10005 ProxyPass /api/ http://127.0.0.1:10005/api/ ProxyPassReverse /api/ http://127.0.0.1:10005/api/ # 2. Management gRPC -> internal port 10005 ProxyPass /management.ManagementService/ h2c://127.0.0.1:10005/management.ManagementService/ ProxyPassReverse /management.ManagementService/ h2c://127.0.0.1:10005/management.ManagementService/ # 3. Signal gRPC -> internal port 10003 ProxyPass /signalexchange.SignalExchange/ h2c://127.0.0.1:10003/signalexchange.SignalExchange/ ProxyPassReverse /signalexchange.SignalExchange/ h2c://127.0.0.1:10003/signalexchange.SignalExchange/ # 4. Dashboard UI (HTTP) -> internal port 10004 (must be last) ProxyPass / http://127.0.0.1:10004/ ProxyPassReverse / http://127.0.0.1:10004/