ServerName freshrss.localhost Listen 80 DocumentRoot /var/www/FreshRSS/p/ AllowEncodedSlashes On ServerTokens OS TraceEnable Off ErrorLog /dev/stderr # For logging the original user-agent IP instead of proxy IPs: # Can be disabled by setting the TRUSTED_PROXY environment variable to 0: RemoteIPHeader X-Forwarded-For # Can be overridden by the TRUSTED_PROXY environment variable: RemoteIPInternalProxy 10.0.0.1/8 172.16.0.1/12 192.168.0.1/16 LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_proxy CustomLog "|/var/www/FreshRSS/cli/sensitive-log.sh" combined_proxy Error "The auth_openidc_module is not available. Install it or unset environment variable OIDC_ENABLED." # Workaround to be able to check whether an environment variable is set # See: https://serverfault.com/questions/1022233/using-ifdefine-with-environment-variables/1022234#1022234 Define VStart "${" Define VEnd "}" OIDCProviderMetadataURL ${OIDC_PROVIDER_METADATA_URL} OIDCClientID ${OIDC_CLIENT_ID} OIDCClientSecret ${OIDC_CLIENT_SECRET} OIDCRedirectURI /i/oidc/ OIDCCryptoPassphrase ${OIDC_CLIENT_CRYPTO_KEY} Define "Test_${OIDC_REMOTE_USER_CLAIM}" OIDCRemoteUserClaim preferred_username OIDCRemoteUserClaim "${OIDC_REMOTE_USER_CLAIM}" Define "Test_${OIDC_SCOPES}" OIDCScope openid OIDCScope "${OIDC_SCOPES}" Define "Test_${OIDC_X_FORWARDED_HEADERS}" OIDCXForwardedHeaders ${OIDC_X_FORWARDED_HEADERS} OIDCRefreshAccessTokenBeforeExpiry 30 AllowOverride None Options FollowSymLinks Require all denied AllowOverride None Include /var/www/FreshRSS/p/.htaccess Options FollowSymLinks Require all granted Include /var/www/FreshRSS/p/api/.htaccess ExpiresActive Off AuthType openid-connect Require valid-user IncludeOptional /var/www/FreshRSS/p/i/.htaccess Include /var/www/FreshRSS/p/themes/.htaccess