Uptime Kuma (Docker) – Configuring Apache Reverse Proxy with Let’s Encrypt SSL(Ubuntu 22.04)

Feb 22, 2023 | Tech

This tutorial assumes that you already have uptime kuma installed in a Docker Container and the that Apache Web Server have been installed.

First let’s install the certbot for apache.

sudo apt install certbot python3-certbot-apache

You can use the default Apache web server config in /var/www/html/index.html folder and the default configuration in /etc/apache2/site-available/000-default.conf.

If you have not enable the default site you can issue the following command. 

sudo a2ensite 000-default.conf

Every time you change a configuration remember to restart Apache Web Service.

sudo systemctl reload apache2.service

Next run the command to get a certificate.

certbot --apache

You will need to go through the process of providing your domain and email address.

You need to ensure that the firewall port for HTTP (80) is open.

Once the process complete the certificate will be downloaded and store in the following folder.

/etc/letsencrypt/live/<your domain name>/

Next create a new config file in the /etc/apache2/site-available/ folder.

sudo nano /etc/apache2/sites-available/<your domain name>.conf

Enter the following into the config file. Change the ServerName (sub.domain.com) to your actual domain.
also change the Certificate Path. Include the options-ssl-apache.conf file that is provided by Let’s Encrypt. 

<VirtualHost *:443>
  ServerName sub.domain.com
  SSLEngine On
  SSLCertificateFile /etc/letsencrypt/live/<your domain name>/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/<your domain name>/privkey.pem
  Include /etc/letsencrypt/options-ssl-apache.conf
  # Protocol 'h2' is only supported on Apache 2.4.17 or newer.
  Protocols h2 http/1.1

  ProxyPass / http://localhost:3001/
  RewriteEngine on
  RewriteCond %{HTTP:Upgrade} =websocket
  RewriteRule /(.*) ws://localhost:3001/$1 [P,L]
  RewriteCond %{HTTP:Upgrade} !=websocket
  RewriteRule /(.*) http://localhost:3001/$1 [P,L]
</VirtualHost>

Once you have done that enable the config.

sudo a2ensite <your domain name>.conf

Reload Apache and now you will have https access to your uptime server.

sudo systemctl reload apache2.service