# DO NOT EDIT - This file is being maintained by Chef
<% [80, 443].each do |port| -%>
>
#
# Basic server configuration
#
ServerName <%= node[:fqdn] %>
ServerAlias api.openstreetmap.org www.openstreetmap.org
ServerAdmin webmaster@openstreetmap.org
<% if port == 443 -%>
#
# Enable SSL
#
SSLEngine on
SSLProxyEngine on
<% end -%>
#
# Setup logging
#
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %Dus %{UNIQUE_ID}e %{SSL_PROTOCOL}x %{SSL_CIPHER}x" combined_with_time
CustomLog /var/log/apache2/access.log combined_with_time
ErrorLog /var/log/apache2/error.log
#
# Turn on various features
#
ExpiresActive On
RewriteEngine on
#
# Add the unique ID to the request headers
#
RequestHeader set X-Request-Id %{UNIQUE_ID}e
#
# Block troublesome GPX data scrapping
#
RewriteCond %{REQUEST_METHOD} HEAD
RewriteRule ^/trace/\d+/data - [F,L]
#
# Block tilesAtHome
#
RewriteCond %{HTTP_USER_AGENT} tilesAtHome
RewriteRule . - [F,L]
#
# Block requests for the old 404 map tile
#
RewriteRule ^/openlayers/img/404.png$ - [G,L]
#
# Block attempts to access old API versions
#
RewriteRule ^/api/0.[12345]/ - [G,L]
#
# Block JOSM revisions 1722-1727 as they have a serious bug that causes
# lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804)
#
RewriteCond %{HTTP_USER_AGENT} "^JOSM/[0-9]+\.[0-9]+ \(172[234567]\)"
RewriteRule . - [F,L]
#
# Block a changeset that seems to lock things up
#
RewriteRule ^/api/0.6/changeset/6823497/download$ - [F,L]
#
# Force special MIME type for crossdomain.xml files
#
ForceType text/x-cross-domain-policy
#
# Set expiry for assets
#
Header unset Last-Modified
Header unset ETag
FileETag None
ExpiresDefault "access plus 1 year"
#
# Set expiry for attachments
#
Header unset Last-Modified
Header unset ETag
FileETag None
ExpiresDefault "access plus 1 year"
#
# Set expiry for other static content
#
ExpiresDefault "access plus 7 days"
ExpiresDefault "access plus 10 years"
ExpiresDefault "access plus 10 years"
ExpiresDefault "access plus 7 days"
ExpiresDefault "access plus 10 years"
#
# Set expiry for Potlatch 1
#
ExpiresDefault "access plus 7 days"
#
# Set expiry for Potlatch 2
#
ExpiresByType application/x-shockwave-flash "access plus 1 day"
ExpiresByType application/xml "access plus 1 day"
ExpiresByType text/css "access plus 1 day"
ExpiresByType image/png "access plus 7 days"
#
# Configure rails
#
DocumentRoot <%= node[:web][:base_directory] %>/rails/public
RailsEnv production
PassengerMinInstances 10
PassengerMaxRequests 5000
PassengerMaxRequestQueueSize 250
<% if port == 443 -%>
PassengerPreStart https://www.openstreetmap.org/
<% else -%>
PassengerPreStart http://www.openstreetmap.org/
<% end -%>
SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
Alias /favicon.ico <%= node[:web][:base_directory] %>/rails/app/assets/favicons/favicon.ico
Alias /openlayers <%= node[:web][:base_directory] %>/rails/vendor/assets/openlayers
Alias /stats /store/rails/stats
Alias /user/image /store/rails/user/image
Alias /attachments /store/rails/attachments
#
# Preserve the host name when forwarding to the proxy
#
ProxyPreserveHost on
#
# Set a long timeout - changeset uploads can take a long time
#
ProxyTimeout 3600
#
# Allow all proxy requests
#
Allow from all
#
# Pass some other API calls to the backends via a load balancer
#
ProxyPass /api/0.6/map balancer://backend/api/0.6/map
ProxyPass /api/0.6/tracepoints balancer://backend/api/0.6/tracepoints
ProxyPass /api/0.6/amf/read balancer://backend/api/0.6/amf/read
ProxyPass /api/0.6/swf/trackpoints balancer://backend/api/0.6/swf/trackpoints
ProxyPassMatch ^(/api/0\.6/changeset/[0-9]+/(upload|download))$ balancer://backend$1
ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+)$ balancer://backend$1
ProxyPassMatch ^(/api/0\.6/(node|way|relation)/[0-9]+/(full|history|search|ways))$ balancer://backend$1
ProxyPass /api/0.6/nodes balancer://backend/api/0.6/nodes
ProxyPass /api/0.6/ways balancer://backend/api/0.6/ways
ProxyPass /api/0.6/relations balancer://backend/api/0.6/relations
ProxyPassMatch ^(/trace/[0-9]+/data(|/|.xml))$ balancer://backend$1
#
# Redirect trac and wiki requests to the right places
#
RedirectPermanent /trac/ http://trac.openstreetmap.org/
RedirectPermanent /wiki/ http://wiki.openstreetmap.org/
#
# Redirect requests for various images to the right place
#
RedirectPermanent /images/osm_logo.png http://www.openstreetmap.org/assets/osm_logo.png
RedirectPermanent /images/cc_button.png http://www.openstreetmap.org/assets/cc_button.png
#
# Define a load balancer for the backends
#
ProxySet lbmethod=bybusyness
<% if port == 443 -%>
BalancerMember https://rails1 disablereuse=on
BalancerMember https://rails2 disablereuse=on
BalancerMember https://rails3 disablereuse=on
<% else -%>
BalancerMember http://rails1
BalancerMember http://rails2
BalancerMember http://rails3
<% end -%>
<% if port == 80 -%>
#
# Redirect requests which should be secure to https
#
RewriteCond %{REQUEST_URI} ^/login(\.html)?$ [OR]
RewriteCond %{REQUEST_URI} ^/user/(new|create-account\.html)$ [OR]
RewriteCond %{REQUEST_URI} ^/user/terms$ [OR]
RewriteCond %{REQUEST_URI} ^/user/save$ [OR]
RewriteCond %{REQUEST_URI} ^/user/([^/]+)/account$ [OR]
RewriteCond %{REQUEST_URI} ^/user/reset-password$
RewriteRule ^(.*)$ https://www.openstreetmap.org$1 [L,NE,R=permanent]
#
# Redirect api requests made to www.osm.org to api.osm.org
#
# RewriteCond %{HTTP_HOST} =www.openstreetmap.org
# RewriteRule ^/api/(.*)$ http://api.openstreetmap.org/api/$1 [L,NE,R=permanent]
#
# Redirect non-api requests made to api.osm.org to www.osm.org
#
RewriteCond %{HTTP_HOST} =api.openstreetmap.org
RewriteCond %{REQUEST_URI} !^/api/
RewriteRule ^(.*)$ http://www.openstreetmap.org$1 [L,NE,R=permanent]
<% elsif port == 443 -%>
#
# Redirect api requests made to www.osm.org to api.osm.org
#
# RewriteCond %{HTTP_HOST} =www.openstreetmap.org
# RewriteRule ^/api/(.*)$ https://api.openstreetmap.org/api/$1 [L,NE,R=permanent]
#
# Redirect non-api requests made to api.osm.org to www.osm.org
#
RewriteCond %{HTTP_HOST} =api.openstreetmap.org
RewriteCond %{REQUEST_URI} !^/api/
RewriteRule ^(.*)$ https://www.openstreetmap.org$1 [L,NE,R=permanent]
<% end -%>
<% end -%>
ServerName openstreetmap.org
ServerAlias maps.openstreetmap.org mapz.openstreetmap.org
ServerAlias openstreetmap.com www.openstreetmap.com
ServerAlias maps.openstreetmap.com mapz.openstreetmap.com
ServerAlias openstreetmap.net www.openstreetmap.net
ServerAlias maps.openstreetmap.net mapz.openstreetmap.net
ServerAlias openstreetmap.ca www.openstreetmap.ca
ServerAlias maps.openstreetmap.ca mapz.openstreetmap.ca
ServerAlias openstreetmap.eu www.openstreetmap.eu
ServerAlias maps.openstreetmap.eu mapz.openstreetmap.eu
ServerAlias openstreetmap.pro www.openstreetmap.pro
ServerAlias maps.openstreetmap.pro mapz.openstreetmap.pro
ServerAlias openstreetmaps.org www.openstreetmaps.org
ServerAlias maps.openstreetmaps.org mapz.openstreetmaps.org
ServerAlias osm.org www.osm.org
ServerAlias maps.osm.org mapz.osm.org
ServerAlias openmaps.org www.openmaps.org
ServerAlias maps.openmaps.org mapz.openmaps.org
ServerAlias openstreetmap.io www.openstreetmap.io
ServerAlias maps.openstreetmap.io mapz.openstreetmap.io
ServerAlias osm.io www.osm.io
ServerAlias maps.osm.io mapz.osm.io
ServerAlias openworldmap.org www.openworldmap.org
ServerAlias maps.openworldmap.org mapz.openworldmap.org
ServerAlias freeosm.org www.freeosm.org
ServerAlias maps.freeosm.org mapz.freeosm.org
ServerAlias open-maps.org www.open-maps.org
ServerAlias maps.open-maps.org mapz.open-maps.org
ServerAlias open-maps.com www.open-maps.com
ServerAlias maps.open-maps.com mapz.open-maps.com
ServerAlias osmbugs.org www.osmbugs.org
ServerAlias maps.osmbugs.org mapz.osmbugs.org
#Third Party Sites
ServerAlias openstreetmap.pm www.openstreetmap.pm
RedirectPermanent / http://www.openstreetmap.org/
ServerName openstreetmap.org
ServerAlias maps.openstreetmap.org mapz.openstreetmap.org
SSLEngine on
RedirectPermanent / https://www.openstreetmap.org/
ServerName openstreetmap.org.uk
ServerAlias www.openstreetmap.org.uk
ServerAlias openstreetmap.co.uk
ServerAlias www.openstreetmap.co.uk
RedirectPermanent /events.ics http://calendar.openstreetmap.org.uk/events.ics
RedirectPermanent / http://www.openstreetmap.org/
/rails/public>
Require all granted
Require all granted
Require all granted
Require all granted
Require all granted
Require all granted