X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/080f49f493bbd95abd2e4510e5e2270f5ddced57..002e934c3f9d818e59b74fdb021f93766799ea9c:/cookbooks/web/templates/default/apache.backend.erb?ds=sidebyside diff --git a/cookbooks/web/templates/default/apache.backend.erb b/cookbooks/web/templates/default/apache.backend.erb index aed339f4f..93867a96a 100644 --- a/cookbooks/web/templates/default/apache.backend.erb +++ b/cookbooks/web/templates/default/apache.backend.erb @@ -1,20 +1,19 @@ # DO NOT EDIT - This file is being maintained by Chef -<% [80, 443].each do |port| -%> -> + # # Basic server configuration # ServerName <%= node[:fqdn] %> ServerAlias api.openstreetmap.org www.openstreetmap.org ServerAdmin webmaster@openstreetmap.org -<% if port == 443 -%> # # Enable SSL # SSLEngine on -<% end -%> + SSLCertificateFile /etc/ssl/certs/www.openstreetmap.org.pem + SSLCertificateKeyFile /etc/ssl/private/www.openstreetmap.org.key # # Setup logging @@ -40,19 +39,17 @@ RailsEnv production PassengerMinInstances 3 PassengerMaxRequests 500 -<% if port == 443 -%> PassengerPreStart https://www.openstreetmap.org/ -<% else -%> - PassengerPreStart http://www.openstreetmap.org/ -<% end -%> + PassengerAppGroupName rails + SetEnv OPENSTREETMAP_STATUS <%= @status %> SetEnv SECRET_KEY_BASE <%= @secret_key_base %> # # Get the real remote IP for requests via a trusted proxy # RemoteIPHeader X-Forwarded-For - RemoteIPTrustedProxy 146.179.159.160/27 RemoteIPTrustedProxy 10.0.32.0/24 + RemoteIPTrustedProxy 10.0.48.0/24 # # Pass authentication related headers to cgimap @@ -64,13 +61,16 @@ # # Pass supported calls to cgimap # - RewriteRule ^/api/0\.6/map$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/map(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$ - RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+$ fcgi://127.0.0.1:8000$0 [P] - RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full$ fcgi://127.0.0.1:8000$0 [P] - RewriteRule ^/api/0\.6/(nodes|ways|relations)$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/(node|way|relation|changeset)/[0-9]+(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/history(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/relations(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/node/[0-9]+/ways(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/(nodes|ways|relations)(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] + RewriteRule ^/api/0\.6/changeset/[0-9]+/(upload|download)(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P] -<% end -%> /rails/public> Require all granted