# DO NOT EDIT - This file is being maintained by Chef <% [80, 443].each do |port| -%> > # # Basic server configuration # ServerName <%= node[:fqdn] %> ServerAlias api.openstreetmap.org www.openstreetmap.org ServerAdmin webmaster@openstreetmap.org <% if port == 443 -%> # # Enable SSL # SSLEngine on SSLProxyEngine on <% end -%> # # Setup logging # LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %Dus %{UNIQUE_ID}e %{SSL_PROTOCOL}x %{SSL_CIPHER}x" combined_with_time CustomLog /var/log/apache2/access.log combined_with_time ErrorLog /var/log/apache2/error.log # # Turn on various features # ExpiresActive On RewriteEngine on # # Add the unique ID to the request headers # RequestHeader set X-Request-Id %{UNIQUE_ID}e # # Block troublesome GPX data scrapping # RewriteCond %{REQUEST_METHOD} HEAD RewriteRule ^/trace/\d+/data - [F,L] # # Block tilesAtHome # RewriteCond %{HTTP_USER_AGENT} tilesAtHome RewriteRule . - [F,L] # # Block requests for the old 404 map tile # RewriteRule ^/openlayers/img/404.png$ - [G,L] # # Block attempts to access old API versions # RewriteRule ^/api/0.[12345]/ - [G,L] # # Block JOSM revisions 1722-1727 as they have a serious bug that causes # lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804) # RewriteCond %{HTTP_USER_AGENT} "^JOSM/[0-9]+\.[0-9]+ \(172[234567]\)" RewriteRule . - [F,L] # # Block a changeset that seems to lock things up # RewriteRule ^/api/0.6/changeset/6823497/download$ - [F,L] # # Force special MIME type for crossdomain.xml files # ForceType text/x-cross-domain-policy # # Set expiry for assets # Header unset Last-Modified Header unset ETag FileETag None ExpiresDefault "access plus 1 year" # # Set expiry for attachments # Header unset Last-Modified Header unset ETag FileETag None ExpiresDefault "access plus 1 year" # # Set expiry for other static content # ExpiresDefault "access plus 7 days" ExpiresDefault "access plus 10 years" ExpiresDefault "access plus 10 years" ExpiresDefault "access plus 7 days" ExpiresDefault "access plus 10 years" # # Set expiry for Potlatch 1 # ExpiresDefault "access plus 7 days" # # Set expiry for Potlatch 2 # ExpiresByType application/x-shockwave-flash "access plus 1 day" ExpiresByType application/xml "access plus 1 day" ExpiresByType text/css "access plus 1 day" ExpiresByType image/png "access plus 7 days" # # Configure rails # DocumentRoot <%= node[:web][:base_directory] %>/rails/public RailsEnv production PassengerMinInstances 10 PassengerMaxRequests 5000 PassengerMaxRequestQueueSize 250 <% if port == 443 -%> PassengerPreStart https://www.openstreetmap.org/ <% else -%> PassengerPreStart http://www.openstreetmap.org/ <% end -%> SetEnv SECRET_KEY_BASE <%= @secret_key_base %> Alias /favicon.ico <%= node[:web][:base_directory] %>/rails/app/assets/favicons/favicon.ico Alias /openlayers <%= node[:web][:base_directory] %>/rails/vendor/assets/openlayers Alias /stats /store/rails/stats Alias /user/image /store/rails/user/image Alias /attachments /store/rails/attachments # # Preserve the host name when forwarding to the proxy # ProxyPreserveHost on # # Set a long timeout - changeset uploads can take a long time # ProxyTimeout 3600 # # Allow all proxy requests # Allow from all # # Pass some other API calls to the backends via a load balancer # ProxyPass /api/0.6/map balancer://backend/api/0.6/map ProxyPass /api/0.6/tracepoints balancer://backend/api/0.6/tracepoints ProxyPass /api/0.6/amf/read balancer://backend/api/0.6/amf/read ProxyPass /api/0.6/swf/trackpoints balancer://backend/api/0.6/swf/trackpoints ProxyPassMatch ^(/api/0\.6/changeset/[0-9]+/(upload|download))$ balancer://backend$1 ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+)$ balancer://backend$1 ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+/(full|history|search|ways))$ balancer://backend$1 ProxyPass /api/0.6/nodes balancer://backend/api/0.6/nodes ProxyPass /api/0.6/ways balancer://backend/api/0.6/ways ProxyPass /api/0.6/relations balancer://backend/api/0.6/relations ProxyPassMatch ^(/trace/[0-9]+/data(|/|.xml))$ balancer://backend$1 # # Redirect trac and wiki requests to the right places # RedirectPermanent /trac/ http://trac.openstreetmap.org/ RedirectPermanent /wiki/ http://wiki.openstreetmap.org/ # # Redirect requests for various images to the right place # RedirectPermanent /images/osm_logo.png http://www.openstreetmap.org/assets/osm_logo.png RedirectPermanent /images/cc_button.png http://www.openstreetmap.org/assets/cc_button.png # # Define a load balancer for the backends # ProxySet lbmethod=bybusyness <% if port == 443 -%> BalancerMember https://rails1 disablereuse=on BalancerMember https://rails2 disablereuse=on BalancerMember https://rails3 disablereuse=on <% else -%> BalancerMember http://rails1 BalancerMember http://rails2 BalancerMember http://rails3 <% end -%> <% if port == 80 -%> # # Redirect requests which should be secure to https # RewriteCond %{REQUEST_URI} ^/login(\.html)?$ [OR] RewriteCond %{REQUEST_URI} ^/user/(new|create-account\.html)$ [OR] RewriteCond %{REQUEST_URI} ^/user/terms$ [OR] RewriteCond %{REQUEST_URI} ^/user/save$ [OR] RewriteCond %{REQUEST_URI} ^/user/([^/]+)/account$ [OR] RewriteCond %{REQUEST_URI} ^/user/reset-password$ RewriteRule ^(.*)$ https://www.openstreetmap.org$1 [L,NE,R=permanent] # # Redirect api requests made to www.osm.org to api.osm.org # # RewriteCond %{HTTP_HOST} =www.openstreetmap.org # RewriteRule ^/api/(.*)$ http://api.openstreetmap.org/api/$1 [L,NE,R=permanent] # # Redirect non-api requests made to api.osm.org to www.osm.org # RewriteCond %{HTTP_HOST} =api.openstreetmap.org RewriteCond %{REQUEST_URI} !^/api/ RewriteRule ^(.*)$ http://www.openstreetmap.org$1 [L,NE,R=permanent] <% elsif port == 443 -%> # # Redirect api requests made to www.osm.org to api.osm.org # # RewriteCond %{HTTP_HOST} =www.openstreetmap.org # RewriteRule ^/api/(.*)$ https://api.openstreetmap.org/api/$1 [L,NE,R=permanent] # # Redirect non-api requests made to api.osm.org to www.osm.org # RewriteCond %{HTTP_HOST} =api.openstreetmap.org RewriteCond %{REQUEST_URI} !^/api/ RewriteRule ^(.*)$ https://www.openstreetmap.org$1 [L,NE,R=permanent] <% end -%> <% end -%> ServerName openstreetmap.org ServerAlias maps.openstreetmap.org mapz.openstreetmap.org ServerAlias openstreetmap.com www.openstreetmap.com ServerAlias maps.openstreetmap.com mapz.openstreetmap.com ServerAlias openstreetmap.net www.openstreetmap.net ServerAlias maps.openstreetmap.net mapz.openstreetmap.net ServerAlias openstreetmap.ca www.openstreetmap.ca ServerAlias maps.openstreetmap.ca mapz.openstreetmap.ca ServerAlias openstreetmap.eu www.openstreetmap.eu ServerAlias maps.openstreetmap.eu mapz.openstreetmap.eu ServerAlias openstreetmap.pro www.openstreetmap.pro ServerAlias maps.openstreetmap.pro mapz.openstreetmap.pro ServerAlias openstreetmaps.org www.openstreetmaps.org ServerAlias maps.openstreetmaps.org mapz.openstreetmaps.org ServerAlias osm.org www.osm.org ServerAlias maps.osm.org mapz.osm.org ServerAlias openmaps.org www.openmaps.org ServerAlias maps.openmaps.org mapz.openmaps.org ServerAlias openstreetmap.io www.openstreetmap.io ServerAlias maps.openstreetmap.io mapz.openstreetmap.io ServerAlias osm.io www.osm.io ServerAlias maps.osm.io mapz.osm.io ServerAlias openworldmap.org www.openworldmap.org ServerAlias maps.openworldmap.org mapz.openworldmap.org ServerAlias freeosm.org www.freeosm.org ServerAlias maps.freeosm.org mapz.freeosm.org ServerAlias open-maps.org www.open-maps.org ServerAlias maps.open-maps.org mapz.open-maps.org ServerAlias open-maps.com www.open-maps.com ServerAlias maps.open-maps.com mapz.open-maps.com ServerAlias osmbugs.org www.osmbugs.org ServerAlias maps.osmbugs.org mapz.osmbugs.org #Third Party Sites ServerAlias openstreetmap.pm www.openstreetmap.pm RedirectPermanent / http://www.openstreetmap.org/ ServerName openstreetmap.org ServerAlias maps.openstreetmap.org mapz.openstreetmap.org SSLEngine on RedirectPermanent / https://www.openstreetmap.org/ ServerName openstreetmap.org.uk ServerAlias www.openstreetmap.org.uk ServerAlias openstreetmap.co.uk ServerAlias www.openstreetmap.co.uk RedirectPermanent /events.ics http://calendar.openstreetmap.org.uk/events.ics RedirectPermanent / http://www.openstreetmap.org/ /rails/public> Require all granted Require all granted Require all granted Require all granted Require all granted Require all granted