doc: reverse proxy: update HTTP->HTTPS redirect configuration, remove logging options

doc/md/Reverse-proxy.md

@@ -17,8 +17,17 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9
 ```apache
 <VirtualHost *:80>
     ServerName shaarli.mydomain.org
-    # Redirect HTTP to HTTPS
-    Redirect permanent / https://shaarli.mydomain.org
+    DocumentRoot /var/www/shaarli.mydomain.org/
+
+    # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests
+    RewriteEngine on
+    RewriteRule ^.well-known/acme-challenge/ - [L]
+    RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
+    RewriteRule  ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
+    # If you are using mod_md, use this instead
+    #MDCertificateAgreement accepted
+    #MDContactEmail admin@shaarli.mydomain.org
+    #MDPrivateKeys RSA 4096
 </VirtualHost>
 
 <VirtualHost *:443>
@@ -28,10 +37,6 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9
     SSLCertificateFile    /path/to/certificate
     SSLCertificateKeyFile /path/to/private/key
 
-    LogLevel warn
-    ErrorLog  /var/log/apache2/error.log
-    CustomLog /var/log/apache2/access.log combined
-
     # let the proxied shaarli server/container know HTTPS URLs should be served
     RequestHeader set X-Forwarded-Proto "https"
 

doc/md/Server-configuration.md

@@ -1,7 +1,5 @@
 # Server configuration
 
-
-
 ## Requirements
 
 ### Operating system and web server
@@ -24,6 +22,7 @@ Setup a **firewall** (using `iptables`, [ufw](https://www.digitalocean.com/commu
 
 Shaarli makes outbound HTTP/HTTPS connections to websites you bookmark to fetch page information (title, thumbnails), the server must then have access to the Internet as well, and a working DNS resolver.
 
+--------------------------------------------------------------------------------
 
 ### PHP