I’ve installed Mastodon, but when I visit the URL where it’s installed, I get a 503 error.
My VHost is as below:
<VirtualHost *:80>
ServerAdmin admin@eml.pm
ServerName social.jbsn.uk
ServerAlias social.jbsn.uk
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin@eml.pm
ServerName social.jbsn.uk
DocumentRoot /home/mastodon/live/public/
<Directory "/home/mastodon/live/public">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Require all granted
</Directory>
##### BE CAREFUL TO NOT USE CRAP OUTSIDE A MODULE
# Header always set Strict-Transport-Security "max-age=31536000"
# Header always set Referrer-Policy "strict-origin-when-cross-origin"
#####
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLHonorCipherOrder on
##### Try a variation on these for extra fun
# SSLCipherSuite EECDH+AESGCM:AES256+EECDH:AES128+EECDH:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:E$
# SSLCipherSuite EECDH+AESGCM:AES256+EECDH:AES128+EECDH
SSLProxyEngine On $
##### Some of these might not be needed with Apache
# SSLCompression off
# SSLSessionTickets off
# SSLStaplingResponderTimeout 5
# SSLStaplingReturnResponderErrors on
# SSLUseStapling on
SSLCertificateFile /etc/letsencrypt/live/social.jbsn.uk/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/social.jbsn.uk/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
<LocationMatch "^/(assets|avatars|emoji|headers|packs|sounds|system)>
Header always set Cache-Control "public, max-age=31536000, immutable"
Require all granted
</LocationMatch>
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set Host "social.jbsn.uk"
##### These settings may not be needed
# <Location /api/v1/streaming/>
# RewriteEngine on
# RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
# RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
# RewriteRule /api/v1/streaming/(.*) ws://127.0.0.1:4000/api/v1/streaming/$1 [P]
# </Location>
ProxyPass / http://localhost:4000
ProxyPassReverse / http://localhost:4000/
##### Vary these as needed for your web settings, some are not needed if you have your own SSL not letsencrypt
ProxyPass /500.html !
ProxyPass /sw.js !
ProxyPass /robots.txt !
ProxyPass /manifest.json !
ProxyPass /browserconfig.xml !
ProxyPass /mask-icon.svg !
ProxyPassMatch ^(/.*\.(png|ico)$) !
ProxyPassMatch ^/(assets|avatars|emoji|headers|packs|sounds|system|.well-known/acme-challenge) !
ProxyPass /.well-known/ https://social.jbsn.uk/webfinger/.well-known/ $
ProxyPassReverse /.well-known/ https://social.jbsn.uk/webfinger/.well-known/
ProxyPass /api/v1/streaming/ ws://localhost:4000/
ProxyPassReverse /api/v1/streaming/ ws://localhost:4000/
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
ErrorDocument 500 /500.html
ErrorDocument 501 /500.html
ErrorDocument 502 /500.html
ErrorDocument 503 /500.html
ErrorDocument 504 /500.html
</VirtualHost>
Also, I need to use Apache, not Nginx. I already have over 50 Apache sites and really don’t want to move them over.