# DO NOT EDIT - This file is being maintained by Chef
-<VirtualHost *:80>
+<VirtualHost *:443>
ServerName <%= @name %>
ServerAdmin webmaster@openstreetmap.org
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
CustomLog /var/log/apache2/<%= @name %>-access.log combined
CustomLog /var/log/apache2/<%= @name %>-svn-access.log "%h %t %u %{SVN-ACTION}e" env=SVN-ACTION
ErrorLog /var/log/apache2/<%= @name %>-error.log
- <Location />
- DAV svn
- SVNPath <%= @directory %>
+ <Location />
+ DAV svn
+ SVNPath <%= @directory %>
+
+ AuthType Basic
+ AuthName "<%= @realm %>"
+ AuthUserFile <%= @password_file %>
+
+ LimitXMLRequestBody 0
+ LimitRequestBody 0
+
+ <Limit GET PROPFIND OPTIONS REPORT>
+ Require all granted
+ </Limit>
+
+ <LimitExcept GET PROPFIND OPTIONS REPORT>
+ Require valid-user
+ </LimitExcept>
+ </Location>
+</VirtualHost>
- AuthType Basic
- AuthName "<%= @realm %>"
- AuthUserFile <%= @password_file %>
+<VirtualHost *:80>
+ ServerName <%= @name %>
+ ServerAdmin webmaster@openstreetmap.org
- LimitXMLRequestBody 0
- LimitRequestBody 0
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- <LimitExcept GET PROPFIND OPTIONS REPORT>
- Require valid-user
- </LimitExcept>
- </Location>
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
</VirtualHost>