X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/1c848471a16f9d1ee1fc8a327af110447ea1ef4c..a8930abf977175e1034465cb4e93d4d3673e366c:/cookbooks/dev/templates/default/apache.rails.erb
diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb
index 7d45abe21..957866c5c 100644
--- a/cookbooks/dev/templates/default/apache.rails.erb
+++ b/cookbooks/dev/templates/default/apache.rails.erb
@@ -1,16 +1,84 @@
# DO NOT EDIT - This file is being maintained by Chef
+
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ DocumentRoot /srv/<%= @name %>/rails/public
+
+ RailsEnv production
+ PassengerAppGroupName <%= @application_name %>
+
+ SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
+
+ # Ensure robots do not index dev site
+ # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
+ Header set X-Robots-Tag "noindex, nofollow"
+
+ # Force special MIME type for crossdomain.xml files
+
+ ForceType text/x-cross-domain-policy
+
+<% if @cgimap_enabled -%>
+
+ # Pass authentication related headers to cgimap
+
+ CGIPassAuth On
+
+
+ # Set a long timeout for proxying to cgimap
+ ProxyTimeout 3600
+
+ # Pass supported calls to cgimap
+ RewriteEngine on
+ RewriteRule ^/api/0\.6/map(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$
+ RewriteRule ^/api/0\.6/(node|way|relation|changeset)/[0-9]+(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/history(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/relations(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/node/[0-9]+/ways(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/(nodes|ways|relations)(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+ RewriteRule ^/api/0\.6/changeset/[0-9]+/(upload|download)(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P]
+<% end -%>
+
+
- ServerName <%= @name %>
+ ServerName <%= @name %>
<% @aliases.each do |alias_name| -%>
- ServerAlias <%= alias_name %>
+ ServerAlias <%= alias_name %>
<% end -%>
- ServerAdmin webmaster@openstreetmap.org
+ ServerAdmin webmaster@openstreetmap.org
- DocumentRoot /srv/<%= @name %>/public
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
- RailsEnv production
+ # Ensure robots do not index dev site
+ # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
+ Header set X-Robots-Tag "noindex, nofollow"
+
+/rails/public>
+ Require all granted
+
+
+/rails/app/assets>
+ Require all granted
+
+
+/rails/vendor/assets>
+ Require all granted
+