X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/5d1d6ab7af250de9ceff164e5337a7c8a3319a3e..c4817c654797638bf16b54f4f9b69ed3715625cb:/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb

diff --git a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
index 6f3340a51..c441c039c 100644
--- a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
+++ b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
@@ -1,3 +1,5 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
 upstream tile_cache_backend {
     server 127.0.0.1;
     <% @caches.each do |cache| -%>
@@ -12,16 +14,14 @@ upstream tile_cache_backend {
     keepalive 32;
 }
 
-# Rates table based on cookie value
+# Rates table based on current cookie value
 map $cookie_qos_token $limit_rate_qos {
-  default 8192; # Default Rate
-  "test" 32768; # FIXME - Future TOTP Token
+  include /etc/nginx/conf.d/tile_qos_rates.map;
 }
 
+# Set-Cookie table based on current cookie value
 map $cookie_qos_token $cookie_qos_token_set {
-  # Cookie Domain per RFC 6265
-  default 'qos_token=test; Secure; httponly; Max-Age=3600; Domain=tile.openstreetmap.org; Path=/'; # FIXME - Future TOTP Token
-  "test" ''; # Do not Set-Cookie if current is valid
+  include /etc/nginx/conf.d/tile_qos_cookies.map;
 }
 
 map $http_user_agent $approved_scraper {
@@ -50,8 +50,8 @@ server {
 
     proxy_buffers 8 64k;
 
-    ssl_certificate      /etc/ssl/certs/<%= @certificate %>.pem;
-    ssl_certificate_key  /etc/ssl/private/<%= @certificate %>.key;
+    ssl_certificate      /etc/ssl/certs/tile.openstreetmap.org.pem;
+    ssl_certificate_key  /etc/ssl/private/tile.openstreetmap.org.key;
 
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers <%= node[:ssl][:ciphers] -%>;