X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/8604bd193412c0bf604d8b8e38b76d0e350f107c..200f486870c88f3916ede7bcb36b47b374a63901:/cookbooks/mailman/templates/default/apache.erb?ds=sidebyside
diff --git a/cookbooks/mailman/templates/default/apache.erb b/cookbooks/mailman/templates/default/apache.erb
index 2262c3fa2..42cdf2092 100644
--- a/cookbooks/mailman/templates/default/apache.erb
+++ b/cookbooks/mailman/templates/default/apache.erb
@@ -1,62 +1,92 @@
# DO NOT EDIT - This file is being maintained by Chef
- ServerName <%= @name %>
- ServerAdmin postmaster@openstreetmap.org
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin postmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- RedirectPermanent / https://<%= @name %>/
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
+<% unless @aliases.empty? -%>
- ServerName <%= @name %>
- ServerAdmin postmaster@openstreetmap.org
- ServerSignature On
-
- SSLEngine on
-
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
- LogLevel warn
-
- AddDefaultCharset off
-
- DocumentRoot <%= @directory %>
-
- RewriteEngine on
-
- RewriteCond %{HTTP_REFERER} www\.mailbait\.info
- RewriteRule . - [F,L]
-
- RedirectMatch ^/$ /listinfo
- RedirectMatch ^/cgi-bin/mailman/(.*)$ /$1
-
-
- Options Indexes FollowSymLinks
- AllowOverride None
- Require all granted
-
-
- Alias /pipermail/ /var/lib/mailman/archives/public/
- Alias /images/ /usr/share/images/mailman/
-
- ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
- ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
- ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
- ScriptAlias /create /usr/lib/cgi-bin/mailman/create
- ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
- ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
- ScriptAlias /options /usr/lib/cgi-bin/mailman/options
- ScriptAlias /private /usr/lib/cgi-bin/mailman/private
- ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
- ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
- ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
- ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
-
-
- ExpiresActive On
- ExpiresDefault "access plus 180 days"
-
+ ServerName <%= @aliases.first %>
+<% @aliases.drop(1).each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ RedirectPermanent / https://<%= @name %>/
+
+<% end -%>
+
+
+ ServerName <%= @name %>
+ ServerAdmin postmaster@openstreetmap.org
+ ServerSignature On
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+ LogLevel warn
+
+ AddDefaultCharset off
+
+ DocumentRoot <%= @directory %>
+
+ RewriteEngine on
+
+ RewriteCond %{HTTP_REFERER} www\.mailbait\.info
+ RewriteRule . - [F,L]
+
+ RedirectMatch ^/$ /listinfo
+ RedirectMatch ^/cgi-bin/mailman/(.*)$ /$1
+
+ # Redact list archive entries per request of talk moderators
+ RedirectMatch 451 ^/pipermail/talk/2022-July/(087645|087647)\.html$
+
+
+ Options Indexes FollowSymLinks
+ AllowOverride None
+ Require all granted
+
+
+ Alias /pipermail/ /var/lib/mailman/archives/public/
+ Alias /images/mailman/ /usr/share/images/mailman/
+ Alias /images/ /usr/share/images/mailman/
+
+ ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
+ ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
+ ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
+ ScriptAlias /create /usr/lib/cgi-bin/mailman/create
+ ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
+ ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
+ ScriptAlias /options /usr/lib/cgi-bin/mailman/options
+ ScriptAlias /private /usr/lib/cgi-bin/mailman/private
+ ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
+ ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
+ ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
+ ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
+
+ <% last_year = year = Time.now.year - 1 %>
+ )">
+ ExpiresActive On
+ ExpiresDefault "access plus 180 days"
+