]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/otrs/templates/default/apache.erb
Add logrotate where required
[chef.git] / cookbooks / otrs / templates / default / apache.erb
index da5a60d2f94d520016e556a2ff78f560fa3e6ccd..e51b83ea2d6aba23623c3415fdbe5400ff9c6c98 100644 (file)
 # DO NOT EDIT - This file is being maintained by Chef
 
 <VirtualHost *:80>
-        ServerName <%= @name %>
-        ServerAdmin webmaster@openstreetmap.org
+  ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
+  ServerAdmin webmaster@openstreetmap.org
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
-        ErrorLog /var/log/apache2/<%= @name %>-error.log
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-        RedirectPermanent / https://otrs.openstreetmap.org/
+  RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+  RedirectPermanent / https://<%= @name %>/
 </VirtualHost>
+<% unless @aliases.empty? -%>
 
 <VirtualHost *:443>
-        ServerName <%= @name %>
-        ServerAdmin webmaster@openstreetmap.org
-
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
-        ErrorLog /var/log/apache2/<%= @name %>-error.log
-
-        SSLEngine on
-
-        ScriptAlias /otrs/ /opt/otrs/bin/cgi-bin/
-        Alias /otrs-web/ /opt/otrs/var/httpd/htdocs/
-        RedirectMatch ^/$ /otrs/index.pl
-
-        PerlRequire /opt/otrs/scripts/apache2-perl-startup.pl
-
-        PerlModule Apache2::Reload
-        PerlInitHandler Apache2::Reload
-        PerlModule Apache2::RequestRec
-
-        <Location /otrs>
-                ErrorDocument 403 /otrs/index.pl
-                ErrorDocument 404 /otrs/index.pl
-                SetHandler  perl-script
-                PerlResponseHandler ModPerl::Registry
-                Options +ExecCGI
-                PerlOptions +ParseHeaders
-                PerlOptions +SetupEnv
-                Order allow,deny
-                Allow from all
-        </Location>
-
-        <Location /otrs/nph-genericinterface.pl>
-                PerlOptions -ParseHeaders
-        </Location>
+  ServerName <%= @aliases.first %>
+<% @aliases.drop(1).each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
+  ServerAdmin webmaster@openstreetmap.org
+
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+  RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+<% end -%>
+
+<VirtualHost *:443>
+  ServerName <%= @name %>
+  ServerAdmin webmaster@openstreetmap.org
+
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+  Protocols http/1.1
+
+  ScriptAlias /otrs "/usr/share/otrs/bin/cgi-bin/"
+  Alias /otrs-web "/usr/share/otrs/var/httpd/htdocs/"
+  RedirectMatch ^/$ /otrs/index.pl
+
+  Perlrequire /usr/share/otrs/scripts/apache2-perl-startup.pl
+
+  PerlModule Apache2::Reload
+  PerlInitHandler Apache2::Reload
+
+  <Location /otrs>
+    ErrorDocument 403 /otrs/index.pl
+    ErrorDocument 404 /otrs/index.pl
+    SetHandler  perl-script
+    PerlResponseHandler ModPerl::Registry
+    Options +ExecCGI
+    PerlOptions +ParseHeaders
+    PerlOptions +SetupEnv
+    Require all granted
+  </Location>
+
+  <Location /otrs/nph-genericinterface.pl>
+    PerlOptions -ParseHeaders
+  </Location>
 </VirtualHost>
 
-<Directory /opt/otrs/bin/cgi-bin>
-        AllowOverride None
-        Options +ExecCGI -Includes
-        Order allow,deny
-        Allow from all
+<Directory "/usr/share/otrs/bin/cgi-bin/">
+    AllowOverride None
+    Options +ExecCGI -Includes
+    Require all granted
+</Directory>
+
+<Directory "/usr/share/otrs/var/httpd/htdocs/">
+  AllowOverride None
+  Require all granted
+
+  # Make sure CSS and JS files are read as UTF8 by the browsers.
+  AddCharset UTF-8 .css
+  AddCharset UTF-8 .js
+
+  # Set explicit mime type for woff fonts since it is relatively new and apache may not know about it.
+  AddType application/font-woff .woff
+</Directory>
+
+# Cache css-cache for 30 days
+<Directory "/usr/share/otrs/var/httpd/htdocs/skins/*/*/css-cache">
+    <FilesMatch "\.(css|CSS)$">
+        Header set Cache-Control "max-age=2592000, must-revalidate"
+    </FilesMatch>
 </Directory>
 
-<Directory /opt/otrs/var/httpd/htdocs>
-        AllowOverride None
-        Order allow,deny
-        Allow from all
+<Directory "/usr/share/otrs/var/httpd/htdocs/skins/*/*/css/thirdparty">
+    <FilesMatch "\.(css|CSS|woff|svg)$">
+        Header set Cache-Control "max-age=14400, must-revalidate"
+    </FilesMatch>
 </Directory>
 
-<Directory /opt/otrs/var/httpd/htdocs/skins/*/*/css-cache>
-        <FilesMatch "\.(css|CSS)$">
-                Header set Cache-Control "max-age=2592000 must-revalidate"
-        </FilesMatch>
+<Directory "/usr/share/otrs/var/httpd/htdocs/js/js-cache">
+    <FilesMatch "\.(js|JS)$">
+        Header set Cache-Control "max-age=2592000, must-revalidate"
+    </FilesMatch>
 </Directory>
 
-<Directory /opt/otrs/var/httpd/htdocs/js/js-cache>
-        <FilesMatch "\.(js|JS)$">
-                Header set Cache-Control "max-age=2592000 must-revalidate"
-        </FilesMatch>
+<Directory "/usr/share/otrs/var/httpd/htdocs/js/thirdparty/">
+    <FilesMatch "\.(js|JS)$">
+        Header set Cache-Control "max-age=14400, must-revalidate"
+    </FilesMatch>
 </Directory>