X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/1c848471a16f9d1ee1fc8a327af110447ea1ef4c..a8930abf977175e1034465cb4e93d4d3673e366c:/cookbooks/dev/templates/default/apache.rails.erb diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb index 7d45abe21..957866c5c 100644 --- a/cookbooks/dev/templates/default/apache.rails.erb +++ b/cookbooks/dev/templates/default/apache.rails.erb @@ -1,16 +1,84 @@ # DO NOT EDIT - This file is being maintained by Chef + + ServerName <%= @name %> +<% @aliases.each do |alias_name| -%> + ServerAlias <%= alias_name %> +<% end -%> + ServerAdmin webmaster@openstreetmap.org + + SSLEngine on + SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem + SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key + + CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended + ErrorLog /var/log/apache2/<%= @name %>-error.log + + DocumentRoot /srv/<%= @name %>/rails/public + + RailsEnv production + PassengerAppGroupName <%= @application_name %> + + SetEnv SECRET_KEY_BASE <%= @secret_key_base %> + + # Ensure robots do not index dev site + # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag + Header set X-Robots-Tag "noindex, nofollow" + + # Force special MIME type for crossdomain.xml files + + ForceType text/x-cross-domain-policy + +<% if @cgimap_enabled -%> + + # Pass authentication related headers to cgimap + + CGIPassAuth On + + + # Set a long timeout for proxying to cgimap + ProxyTimeout 3600 + + # Pass supported calls to cgimap + RewriteEngine on + RewriteRule ^/api/0\.6/map(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$ + RewriteRule ^/api/0\.6/(node|way|relation|changeset)/[0-9]+(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/history(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/relations(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/node/[0-9]+/ways(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/(nodes|ways|relations)(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] + RewriteRule ^/api/0\.6/changeset/[0-9]+/(upload|download)(\.json|\.xml)?$ unix:<%= @cgimap_socket %>|fcgi://127.0.0.1$0 [P] +<% end -%> + + - ServerName <%= @name %> + ServerName <%= @name %> <% @aliases.each do |alias_name| -%> - ServerAlias <%= alias_name %> + ServerAlias <%= alias_name %> <% end -%> - ServerAdmin webmaster@openstreetmap.org + ServerAdmin webmaster@openstreetmap.org - DocumentRoot /srv/<%= @name %>/public + CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended + ErrorLog /var/log/apache2/<%= @name %>-error.log - CustomLog /var/log/apache2/<%= @name %>-access.log combined - ErrorLog /var/log/apache2/<%= @name %>-error.log + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ + RedirectPermanent / https://<%= @name %>/ - RailsEnv production + # Ensure robots do not index dev site + # https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag + Header set X-Robots-Tag "noindex, nofollow" + +/rails/public> + Require all granted + + +/rails/app/assets> + Require all granted + + +/rails/vendor/assets> + Require all granted +