X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/3b563e12600d3519011cde414ee0465698a7814f..aa631a37ed7af957d7b0c6c80b0257c183428132:/cookbooks/overpass/recipes/default.rb diff --git a/cookbooks/overpass/recipes/default.rb b/cookbooks/overpass/recipes/default.rb index d807eab69..4ec94b895 100644 --- a/cookbooks/overpass/recipes/default.rb +++ b/cookbooks/overpass/recipes/default.rb @@ -23,6 +23,7 @@ include_recipe "apache" username = "overpass" basedir = data_bag_item("accounts", username)["home"] +web_passwords = data_bag_item("web", "passwords") %w[bin site diffs db src].each do |dirname| directory "#{basedir}/#{dirname}" do @@ -71,6 +72,22 @@ end ## Setup Apache +gem_package "rotp" + +directory "#{basedir}/apache" do + owner "root" + group "root" + mode "755" +end + +template "#{basedir}/apache/totp-filter" do + source "totp-filter.erb" + owner "root" + group "root" + mode "755" + variables :totp_key => web_passwords["totp_key"] +end + ssl_certificate node[:fqdn] do domains [node[:fqdn], node[:overpass][:fqdn]] @@ -79,6 +96,11 @@ end apache_module "cgi" apache_module "headers" +apache_module "rewrite" + +apache_site "default" do + action :disable +end apache_site "#{node[:overpass][:fqdn]}" do template "apache.erb"