X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/ce6272139752d152c4647a478b700d255e1a3df6..205f52838d5bf5dd42a6cc10efbbce3d0b65a892:/cookbooks/git/templates/default/apache.erb?ds=sidebyside
diff --git a/cookbooks/git/templates/default/apache.erb b/cookbooks/git/templates/default/apache.erb
index be5cbab6e..9ec36f7d8 100644
--- a/cookbooks/git/templates/default/apache.erb
+++ b/cookbooks/git/templates/default/apache.erb
@@ -1,22 +1,71 @@
# DO NOT EDIT - This file is being maintained by Chef
- ServerName <%= @name %>
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
- CustomLog /var/log/apache2/<%= @name %>-access.log combined
- ErrorLog /var/log/apache2/<%= @name %>-error.log
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
- DocumentRoot <%= @directory %>
- HeaderName HEADER
- Alias /gitweb /usr/share/gitweb
- Alias /git /var/cache/git
- ScriptAlias /gitweb.cgi /usr/lib/cgi-bin/gitweb.cgi
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
+
+
+<% unless @aliases.empty? -%>
+
+ ServerName <%= @aliases.first %>
+<% @aliases.slice(1..-1).each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ RedirectPermanent / https://<%= @name %>/
+
+
+<% end -%>
+
+ ServerName <%= @name %>
+ ServerAdmin webmaster@openstreetmap.org
+
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ SetEnv GIT_PROJECT_ROOT /var/lib/git
+ SetEnv GIT_HTTP_EXPORT_ALL
+
+ ScriptAlias /public /usr/lib/git-core/git-http-backend/public
+ ScriptAlias /private /usr/lib/git-core/git-http-backend/private
+ Alias /gitweb /usr/share/gitweb
+ Alias /git /var/cache/git
+ ScriptAlias / /usr/lib/cgi-bin/gitweb.cgi/
+
+
+ Require all granted
+
+
+
+ Require ip <%= @private_allowed.sort.join(" ") %>
+
- RewriteEngine On
- RewriteRule ^/$ /gitweb.cgi%{REQUEST_URI} [L,PT]
- RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /gitweb.cgi%{REQUEST_URI} [L,PT]
+
+ Require all denied
+
->
- Require all granted
+
+ Options ExecCGI