Update phppgadmin site to use https

[chef.git] / cookbooks / dev / templates / default / apache.rails.erb

diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb
index 7301fd83415761ed75b199413d085b2a5cbe7d0d..e431cf1a1cb49d1a84fc6fc73f1e630bb1e73fc4 100644 (file)
--- a/cookbooks/dev/templates/default/apache.rails.erb
+++ b/cookbooks/dev/templates/default/apache.rails.erb
@@ -1,20 +1,46 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
-<VirtualHost *:80>
+<VirtualHost *:443>
         ServerName <%= @name %>
 <% @aliases.each do |alias_name| -%>
         ServerAlias <%= alias_name %>
 <% end -%>
         ServerAdmin webmaster@openstreetmap.org
 
-        DocumentRoot /srv/<%= @name %>/public
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
         CustomLog /var/log/apache2/<%= @name %>-access.log combined
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
+        DocumentRoot /srv/<%= @name %>/public
+
         RailsEnv production
 
         SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
+
+        # Ensure robots do not index dev site
+        # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
+        Header set X-Robots-Tag "noindex, nofollow"
+</VirtualHost>
+
+<VirtualHost *:80>
+        ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+        ServerAlias <%= alias_name %>
+<% end -%>
+        ServerAdmin webmaster@openstreetmap.org
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+        RedirectPermanent / https://<%= @name %>/
+
+        # Ensure robots do not index dev site
+        # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
+        Header set X-Robots-Tag "noindex, nofollow"
 </VirtualHost>
 
 <Directory /srv/<%= @name %>/public>