X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/b98a1b8f0ddc17ebf934add6fc310931d72805c8..7171b94a0526152910353dbf1f07a0ee597976da:/cookbooks/mailman/templates/default/apache.erb
diff --git a/cookbooks/mailman/templates/default/apache.erb b/cookbooks/mailman/templates/default/apache.erb
index 7e4007962..7b4037c48 100644
--- a/cookbooks/mailman/templates/default/apache.erb
+++ b/cookbooks/mailman/templates/default/apache.erb
@@ -1,61 +1,91 @@
# DO NOT EDIT - This file is being maintained by Chef
- ServerName <%= @name %>
- ServerAdmin postmaster@openstreetmap.org
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin postmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- RedirectPermanent / https://<%= @name %>/
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
+<% unless @aliases.empty? -%>
- ServerName <%= @name %>
- ServerAdmin postmaster@openstreetmap.org
- ServerSignature On
+ ServerName <%= @aliases.first %>
+<% @aliases.drop(1).each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
- SSLEngine on
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
- LogLevel warn
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- AddDefaultCharset off
+ RedirectPermanent / https://<%= @name %>/
+
+<% end -%>
+
+
+ ServerName <%= @name %>
+ ServerAdmin postmaster@openstreetmap.org
+ ServerSignature On
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+ LogLevel warn
+
+ AddDefaultCharset off
+
+ DocumentRoot <%= @directory %>
- DocumentRoot <%= @directory %>
+ RewriteEngine on
- RewriteEngine on
+ RewriteCond %{HTTP_REFERER} www\.mailbait\.info
+ RewriteRule . - [F,L]
- RewriteCond %{HTTP_REFERER} www\.mailbait\.info
- RewriteRule . - [F,L]
+ RedirectMatch ^/$ /listinfo
+ RedirectMatch ^/cgi-bin/mailman/(.*)$ /$1
- RedirectMatch ^/$ /listinfo
- RedirectMatch ^/cgi-bin/mailman/(.*)$ /$1
+ # Redact list archive entries per request of talk moderators
+ RedirectMatch 451 ^/pipermail/talk/2022-July/(087645|087647)\.html$
-
- Options Indexes FollowSymLinks
- AllowOverride None
-
+
+ Options Indexes FollowSymLinks
+ AllowOverride None
+ Require all granted
+
- Alias /pipermail/ /var/lib/mailman/archives/public/
- Alias /images/ /usr/share/images/mailman/
+ Alias /pipermail/ /var/lib/mailman/archives/public/
+ Alias /images/mailman/ /usr/share/images/mailman/
+ Alias /images/ /usr/share/images/mailman/
- ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
- ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
- ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
- ScriptAlias /create /usr/lib/cgi-bin/mailman/create
- ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
- ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
- ScriptAlias /options /usr/lib/cgi-bin/mailman/options
- ScriptAlias /private /usr/lib/cgi-bin/mailman/private
- ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
- ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
- ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
- ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
+ ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
+ ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
+ ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
+ ScriptAlias /create /usr/lib/cgi-bin/mailman/create
+ ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
+ ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
+ ScriptAlias /options /usr/lib/cgi-bin/mailman/options
+ ScriptAlias /private /usr/lib/cgi-bin/mailman/private
+ ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
+ ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
+ ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
+ ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
-
- ExpiresActive On
- ExpiresDefault "access plus 180 days"
-
+
+ ExpiresActive On
+ ExpiresDefault "access plus 180 days"
+