# DO NOT EDIT - This file is being maintained by Chef
<VirtualHost *:80>
- ServerName <%= @name %>
- ServerAdmin webmaster@openstreetmap.org
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- RedirectPermanent / https://otrs.openstreetmap.org/
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
</VirtualHost>
+<% unless @aliases.empty? -%>
<VirtualHost *:443>
- ServerName <%= @name %>
- ServerAdmin webmaster@openstreetmap.org
-
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
-
- SSLEngine on
-
- ScriptAlias /otrs/ /opt/otrs/bin/cgi-bin/
- Alias /otrs-web/ /opt/otrs/var/httpd/htdocs/
- RedirectMatch ^/$ /otrs/index.pl
-
- PerlRequire /opt/otrs/scripts/apache2-perl-startup.pl
-
- PerlModule Apache2::Reload
- PerlInitHandler Apache2::Reload
- PerlModule Apache2::RequestRec
-
- <Location /otrs>
- ErrorDocument 403 /otrs/index.pl
- ErrorDocument 404 /otrs/index.pl
- SetHandler perl-script
- PerlResponseHandler ModPerl::Registry
- Options +ExecCGI
- PerlOptions +ParseHeaders
- PerlOptions +SetupEnv
- Order allow,deny
- Allow from all
- </Location>
-
- <Location /otrs/nph-genericinterface.pl>
- PerlOptions -ParseHeaders
- </Location>
+ ServerName <%= @aliases.first %>
+<% @aliases.drop(1).each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+<% end -%>
+
+<VirtualHost *:443>
+ ServerName <%= @name %>
+ ServerAdmin webmaster@openstreetmap.org
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ Protocols http/1.1
+
+ ScriptAlias /otrs "/usr/share/otrs/bin/cgi-bin/"
+ Alias /otrs-web "/usr/share/otrs/var/httpd/htdocs/"
+ RedirectMatch ^/$ /otrs/index.pl
+
+ Perlrequire /usr/share/otrs/scripts/apache2-perl-startup.pl
+
+ PerlModule Apache2::Reload
+ PerlInitHandler Apache2::Reload
+
+ <Location /otrs>
+ ErrorDocument 403 /otrs/index.pl
+ ErrorDocument 404 /otrs/index.pl
+ SetHandler perl-script
+ PerlResponseHandler ModPerl::Registry
+ Options +ExecCGI
+ PerlOptions +ParseHeaders
+ PerlOptions +SetupEnv
+ Require all granted
+ </Location>
+
+ <Location /otrs/nph-genericinterface.pl>
+ PerlOptions -ParseHeaders
+ </Location>
</VirtualHost>
-<Directory /opt/otrs/bin/cgi-bin>
- AllowOverride None
- Options +ExecCGI -Includes
- Order allow,deny
- Allow from all
+<Directory "/usr/share/otrs/bin/cgi-bin/">
+ AllowOverride None
+ Options +ExecCGI -Includes
+ Require all granted
+</Directory>
+
+<Directory "/usr/share/otrs/var/httpd/htdocs/">
+ AllowOverride None
+ Require all granted
+
+ # Make sure CSS and JS files are read as UTF8 by the browsers.
+ AddCharset UTF-8 .css
+ AddCharset UTF-8 .js
+
+ # Set explicit mime type for woff fonts since it is relatively new and apache may not know about it.
+ AddType application/font-woff .woff
+</Directory>
+
+# Cache css-cache for 30 days
+<Directory "/usr/share/otrs/var/httpd/htdocs/skins/*/*/css-cache">
+ <FilesMatch "\.(css|CSS)$">
+ Header set Cache-Control "max-age=2592000, must-revalidate"
+ </FilesMatch>
</Directory>
-<Directory /opt/otrs/var/httpd/htdocs>
- AllowOverride None
- Order allow,deny
- Allow from all
+<Directory "/usr/share/otrs/var/httpd/htdocs/skins/*/*/css/thirdparty">
+ <FilesMatch "\.(css|CSS|woff|svg)$">
+ Header set Cache-Control "max-age=14400, must-revalidate"
+ </FilesMatch>
</Directory>
-<Directory /opt/otrs/var/httpd/htdocs/skins/*/*/css-cache>
- <FilesMatch "\.(css|CSS)$">
- Header set Cache-Control "max-age=2592000 must-revalidate"
- </FilesMatch>
+<Directory "/usr/share/otrs/var/httpd/htdocs/js/js-cache">
+ <FilesMatch "\.(js|JS)$">
+ Header set Cache-Control "max-age=2592000, must-revalidate"
+ </FilesMatch>
</Directory>
-<Directory /opt/otrs/var/httpd/htdocs/js/js-cache>
- <FilesMatch "\.(js|JS)$">
- Header set Cache-Control "max-age=2592000 must-revalidate"
- </FilesMatch>
+<Directory "/usr/share/otrs/var/httpd/htdocs/js/thirdparty/">
+ <FilesMatch "\.(js|JS)$">
+ Header set Cache-Control "max-age=14400, must-revalidate"
+ </FilesMatch>
</Directory>