1 # DO NOT EDIT - This file is being maintained by Chef
3 <% [80, 443].each do |port| -%>
4 <VirtualHost *:<%= port %>>
5 ServerName <%= node[:fqdn] %>
6 ServerAlias nominatim.openstreetmap.org
7 ServerAlias nominatim.osm.org
8 ServerAlias nominatim.openstreetmap.com
9 ServerAlias nominatim.openstreetmap.net
10 ServerAlias nominatim.openstreetmaps.org
11 ServerAlias nominatim.openmaps.org
12 ServerAdmin webmaster@openstreetmap.org
18 SSLCertificateFile /etc/ssl/certs/nominatim.openstreetmap.org.pem
19 SSLCertificateKeyFile /etc/ssl/private/nominatim.openstreetmap.org.key
21 # Redirect ACME challenges for certificate issuance
22 RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
25 # Remove Proxy request header to mitigate https://httpoxy.org/
26 RequestHeader unset Proxy early
28 RequestReadTimeout header=15-30,MinRate=500 body=15-30,MinRate=500
30 CustomLog <%= node[:nominatim][:logdir] %>/nominatim.openstreetmap.org-access.log combined
31 ErrorLog /var/log/apache2/nominatim.openstreetmap.org-error.log
33 DocumentRoot <%= @directory %>/website
34 <Directory "<%= @directory %>/website/">
35 DirectoryIndex search.php
36 Options FollowSymLinks
40 ProxyPassMatch ^/([^/]*\.php(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%><%= @directory %>/website/$1
42 <% @pools.each do |name,details| -%>
43 Alias /pool-<%= name %>/ "<%= @directory %>/website/"
44 <% node[:nominatim][:redirects].each do |url,host| -%>
45 ProxyPassMatch ^/pool-<%= name %>/(<%= url %>\.php(/.*)?) http<% if port == 443 -%>s<% end -%>://<%= host %>/pool-<%= name %>/$1
47 ProxyPassMatch ^/pool-<%= name %>/(.*\.php(/.*)?) fcgi://127.0.0.1:<%= details[:port ]%><%= @directory %>/website/$1
50 Redirect 429 /pool-block/
51 ErrorDocument 429 /509.html
52 <Location /pool-block>
53 ErrorDocument 429 /509.html
55 Redirect 403 /pool-ban/
57 ErrorDocument 403 /403.html
59 ErrorDocument 403 /403.html
64 Include <%= @directory %>/settings/apache_blocks.conf
66 # regular requests and autoblocks
67 RewriteMap bulklist txt:<%= @directory %>/settings/ip_blocks.map
68 RewriteRule ^/(search|reverse|lookup)(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|www}/$1.php$3 [PT]
69 RewriteRule ^/details(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|details}/details.php$2 [PT]