Configure cloudwatch exporter to collect S3 metrics

[chef.git] / cookbooks / git / templates / default / apache.erb
diff --git a/cookbooks/git/templates/default/apache.erb b/cookbooks/git/templates/default/apache.erb

index e9cb8b701328afad59232683855a3bf7947803ed..07d11a804113d866fd9c9c937c4a3a9e9a93cdbc 100644 (file)
--- a/cookbooks/git/templates/default/apache.erb
+++ b/cookbooks/git/templates/default/apache.erb
@@ -1,18 +1,85 @@
  # DO NOT EDIT - This file is being maintained by Chef
  
  <VirtualHost *:80>
  # DO NOT EDIT - This file is being maintained by Chef
  
  <VirtualHost *:80>
-       ServerName <%= @name %>
+        ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+        ServerAlias <%= alias_name %>
+<% end -%>
+        ServerAdmin webmaster@openstreetmap.org
  
  
-       CustomLog /var/log/apache2/<%= @name %>-access.log combined
-       ErrorLog /var/log/apache2/<%= @name %>-error.log
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
  
  
-       DocumentRoot <%= @directory %>
-       HeaderName HEADER
-       Alias /gitweb /usr/share/gitweb
-       Alias /git /var/cache/git
-       ScriptAlias /gitweb.cgi /usr/lib/cgi-bin/gitweb.cgi
+        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+        RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
+<% unless @aliases.empty? -%>
+<VirtualHost *:443>
+        ServerName <%= @aliases.first %>
+<% @aliases.slice(1..-1).each do |alias_name| -%>
+        ServerAlias <%= alias_name %>
+<% end -%>
+        ServerAdmin webmaster@openstreetmap.org
+
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
  
  
-       RewriteEngine On
-       RewriteRule ^/$ /gitweb.cgi%{REQUEST_URI} [L,PT]
-       RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /gitweb.cgi%{REQUEST_URI} [L,PT]
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        RedirectPermanent / https://<%= @name %>/
  </VirtualHost>
  </VirtualHost>
+
+<% end -%>
+<VirtualHost *:443>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        SetEnv GIT_PROJECT_ROOT /var/lib/git
+        SetEnv GIT_HTTP_EXPORT_ALL
+        SetEnv GIT_HTTP_MAX_REQUEST_BUFFER 100M
+
+        SetEnvIf Git-Protocol ".*" GIT_PROTOCOL=$0
+
+        # KeepaliveTimeout longer than git config uploadpack.keepalive 5 second default
+        KeepAliveTimeout 20
+
+        RewriteEngine on
+        RewriteRule ^/cgimap\.git.* https://github.com/zerebubuth/openstreetmap-cgimap [QSD,L,R=permanent]
+        RewriteRule ^/planetdump\.git.* https://github.com/openstreetmap/planetdump [QSD,L,R=permanent]
+        RewriteRule ^/gpx-import\.git.* https://github.com/openstreetmap/gpx-import [QSD,L,R=permanent]
+        RewriteRule ^/potlatch2\.git.* https://github.com/openstreetmap/potlatch2 [QSD,L,R=permanent]
+
+        ScriptAlias /public /usr/lib/git-core/git-http-backend/public
+        ScriptAlias /private /usr/lib/git-core/git-http-backend/private
+        Alias /gitweb /usr/share/gitweb
+        Alias /git /var/cache/git
+        ScriptAlias / /usr/lib/cgi-bin/gitweb.cgi/
+
+        <Location />
+                  Require all granted
+        </Location>
+<% unless @private_allowed.empty? -%>
+
+        <Location /private>
+                  Require ip <%= @private_allowed.sort.join(" ") %>
+        </Location>
+<% end -%>
+
+        <Location /private/chef.git>
+                  Require all denied
+        </Location>
+</VirtualHost>
+
+<Directory /usr/lib/git-core>
+        Options ExecCGI
+</Directory>