X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/3a4d52bd4c0f8e6ae7679145846b7bc7845d8ace..37c0446fb32977edfa5647799a62bde3256a6d32:/cookbooks/dns/recipes/default.rb diff --git a/cookbooks/dns/recipes/default.rb b/cookbooks/dns/recipes/default.rb index 3ea745d3c..4fbde88c0 100644 --- a/cookbooks/dns/recipes/default.rb +++ b/cookbooks/dns/recipes/default.rb @@ -18,7 +18,7 @@ # include_recipe "git" -include_recipe "apache" +include_recipe "apache::ssl" passwords = data_bag_item("dns", "passwords") @@ -34,17 +34,17 @@ package "libjson-xs-perl" directory "/srv/dns.openstreetmap.org" do owner "root" group "root" - mode 0755 + mode 0o755 end remote_directory "/srv/dns.openstreetmap.org/html" do source "html" owner "root" group "root" - mode 0755 + mode 0o755 files_owner "root" files_group "root" - files_mode 0644 + files_mode 0o644 end zones = [] @@ -56,7 +56,7 @@ Dir.glob("/var/lib/dns/json/*.json").each do |kmlfile| source "zone.html.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables :zone => zone end @@ -67,10 +67,16 @@ template "/srv/dns.openstreetmap.org/html/index.html" do source "index.html.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables :zones => zones end +ssl_certificate "dns.openstreetmap.org" do + domains "dns.openstreetmap.org" + fallback_certificate "openstreetmap" + notifies :reload, "service[apache2]" +end + apache_site "dns.openstreetmap.org" do template "apache.erb" directory "/srv/dns.openstreetmap.org" @@ -80,7 +86,7 @@ template "/usr/local/bin/dns-update" do source "dns-update.erb" owner "root" group "git" - mode 0750 + mode 0o750 variables :passwords => passwords end @@ -94,7 +100,7 @@ end directory "/var/lib/dns" do owner "git" group "git" - mode 02775 + mode 0o2775 notifies :run, "execute[dns-update]" end @@ -102,14 +108,14 @@ cookbook_file "#{node[:dns][:repository]}/hooks/post-receive" do source "post-receive" owner "git" group "git" - mode 0750 + mode 0o750 end template "/usr/local/bin/dns-check" do source "dns-check.erb" owner "root" group "git" - mode 0750 + mode 0o750 variables :passwords => passwords end @@ -117,5 +123,5 @@ template "/etc/cron.d/dns" do source "cron.erb" owner "root" group "root" - mode 0644 + mode 0o644 end