]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/git/templates/default/apache.erb
vectortile: Run tilekiln prometheus endpoint
[chef.git] / cookbooks / git / templates / default / apache.erb
index 374ec2cf58c63997af97ad4619390b1c92bf56a7..daff9de8849c8a0e88fc7d88de2a21c79988d4c0 100644 (file)
@@ -7,7 +7,7 @@
 <% end -%>
         ServerAdmin webmaster@openstreetmap.org
 
 <% end -%>
         ServerAdmin webmaster@openstreetmap.org
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
@@ -26,7 +26,7 @@
         SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
         SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
         SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
         SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         RedirectPermanent / https://<%= @name %>/
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         RedirectPermanent / https://<%= @name %>/
         SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
         SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
         SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
         SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         SetEnv GIT_PROJECT_ROOT /var/lib/git
         SetEnv GIT_HTTP_EXPORT_ALL
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         SetEnv GIT_PROJECT_ROOT /var/lib/git
         SetEnv GIT_HTTP_EXPORT_ALL
+        SetEnv GIT_HTTP_MAX_REQUEST_BUFFER 100M
+
+        SetEnvIf Git-Protocol ".*" GIT_PROTOCOL=$0
+
+        # KeepaliveTimeout longer than git config uploadpack.keepalive 5 second default
+        KeepAliveTimeout 20
+
+        RewriteEngine on
+        RewriteRule ^/cgimap\.git.* https://github.com/zerebubuth/openstreetmap-cgimap [QSD,L,R=permanent]
+        RewriteRule ^/planetdump\.git.* https://github.com/openstreetmap/planetdump [QSD,L,R=permanent]
+        RewriteRule ^/gpx-import\.git.* https://github.com/openstreetmap/gpx-import [QSD,L,R=permanent]
+        RewriteRule ^/potlatch2\.git.* https://github.com/openstreetmap/potlatch2 [QSD,L,R=permanent]
 
         ScriptAlias /public /usr/lib/git-core/git-http-backend/public
         ScriptAlias /private /usr/lib/git-core/git-http-backend/private
 
         ScriptAlias /public /usr/lib/git-core/git-http-backend/public
         ScriptAlias /private /usr/lib/git-core/git-http-backend/private
         Alias /git /var/cache/git
         ScriptAlias / /usr/lib/cgi-bin/gitweb.cgi/
 
         Alias /git /var/cache/git
         ScriptAlias / /usr/lib/cgi-bin/gitweb.cgi/
 
-        <Location />
+        <Location /public>
                   Require all granted
         </Location>
                   Require all granted
         </Location>
+<% unless @private_allowed.empty? -%>
 
         <Location /private>
                   Require ip <%= @private_allowed.sort.join(" ") %>
         </Location>
 
         <Location /private>
                   Require ip <%= @private_allowed.sort.join(" ") %>
         </Location>
+<% end -%>
+
+        <Location /private/chef.git>
+                  Require all denied
+        </Location>
 </VirtualHost>
 
 <Directory /usr/lib/git-core>
 </VirtualHost>
 
 <Directory /usr/lib/git-core>