ServerAlias <%= node[:overpass][:fqdn] %>
ServerAdmin webmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-access.log combined
+ CustomLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-access.log combined_extended
ErrorLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-error.log
DocumentRoot <%= @directory %>
ServerAlias <%= node[:overpass][:fqdn] %>
ServerAdmin webmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-access.log combined
+ CustomLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-access.log combined_extended
ErrorLog /var/log/apache2/<%= node[:overpass][:fqdn] %>-error.log
SSLEngine on
DocumentRoot <%= @directory %>
+ RewriteEngine on
RewriteMap totp prg:/srv/query.openstreetmap.org/apache/totp-filter
- RewriteCond "${totp:%{HTTP_COOKIE}}" "0"
- RewriteRule ^.*$ - [F,L]
+ RewriteCond ${totp:%{HTTP_COOKIE}} =0
+ RewriteRule ^/query-features - [F,L]
<% if node[:overpass][:restricted_api] -%>
ScriptAlias /query-features <%= @script_directory %>/interpreter
# Remove Origin so Overpass does not interfere.
RequestHeader unset Origin
Header always add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
+ Header always add Access-Control-Allow-Credentials true
<% else -%>
ScriptAlias /api/ <%= @script_directory %>/
<% end -%>