Install apache2 modules

# as root
a2enmod proxy_http
a2enmod proxy
a2enmod ssl
a2enmod md
a2enmod rewrite # http --> https

Config apache2.conf

# in /etc/apache2/apache2.conf
ServerAdmin ssl-certificate@<your-domain.com>
MDCertificateAgreement https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf

Config site apache

# in /etc/apache2/sites-available/your-domain.com.conf
MDomain <your-domain.com>
<VirtualHost *:80>
  ServerName <your-domain.com>
  ServerAlias www.<your-domain.com>
  ErrorLog  ${APACHE_LOG_DIR}/<your-domain.com>-error.log
  TransferLog  ${APACHE_LOG_DIR}/<your-domain.com>-access.log

  RewriteEngine on
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>
<VirtualHost *:443>
  ServerName <your-domain.com>

  Protocols h2 http/1.1
  SSLEngine On
  ProxyRequests Off
  ProxyVia On
  ProxyPreserveHost On

  ErrorLog  ${APACHE_LOG_DIR}/<your-domain.com>-error.log
  TransferLog  ${APACHE_LOG_DIR}/<your-domain.com>-access.log

  # If necessary
  ProxyPass /api http://localhost:<exposed_port>/api retry=0
  ProxyPassReverse /api http://localhost:<exposed_port>/api retry=0

</VirtualHost>

Activer les sites

# as root
cd /etc/apache2/sites-available
a2ensite your-domain.com.conf

Restart

# as root
sudo apache2ctl configtest # checks if config is ok
sudo systemctl restart apache2

Logs

# as root
# your domain logs
tail -f /var/log/apache2/<your-domain.com.conf>-error.log
tail -f /var/log/apache2/<your-domain.com.conf>-access.log
# apache 2 logs
tail -f /var/log/apache2/error.log
tail -f /var/log/apache2/access.log