X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/0b7714eed0056d4e80732fe94475d1aee67abf62..733ae98541c57b39d1a3237fc211b91d36b79c19:/cookbooks/irc/templates/default/apache.erb

diff --git a/cookbooks/irc/templates/default/apache.erb b/cookbooks/irc/templates/default/apache.erb
index ceb112e18..55dc39c18 100644
--- a/cookbooks/irc/templates/default/apache.erb
+++ b/cookbooks/irc/templates/default/apache.erb
@@ -1,17 +1,17 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
-<VirtualHost *:443>
+<VirtualHost *:80>
   ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
   ServerAdmin webmaster@openstreetmap.org
 
-  SSLEngine on
-  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
-  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
-
   CustomLog /var/log/apache2/<%= @name %>-access.log combined
   ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-  DocumentRoot <%= @directory %>
+  RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+  RedirectPermanent / https://<%= @name %>/
 </VirtualHost>
 <% unless @aliases.empty? -%>
 
@@ -22,31 +22,31 @@
 <% end -%>
   ServerAdmin webmaster@openstreetmap.org
 
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+
   SSLEngine on
   SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
   SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
-  CustomLog /var/log/apache2/<%= @name %>-access.log combined
-  ErrorLog /var/log/apache2/<%= @name %>-error.log
-
   RedirectPermanent / https://<%= @name %>/
 </VirtualHost>
 <% end -%>
 
-<VirtualHost *:80>
+<VirtualHost *:443>
   ServerName <%= @name %>
-<% @aliases.each do |alias_name| -%>
-  ServerAlias <%= alias_name %>
-<% end -%>
   ServerAdmin webmaster@openstreetmap.org
 
   CustomLog /var/log/apache2/<%= @name %>-access.log combined
   ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-  RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
-  RedirectPermanent / https://<%= @name %>/
-</VirtualHost>
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+  RequestHeader set X-Forwarded-Proto "https"
+  RequestHeader set X-Forwarded-Port "443"
 
-<Directory <%= @directory %>>
-  Require all granted
-</Directory>
+  ProxyPass / http://localhost:<%= @docker_external_port %>/
+  ProxyPreserveHost on
+</VirtualHost>