X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d228f465b5bf9f5dffedcebad5c7fadcbba21cc3..1d23c59f10b2636d9c20b3da441aa22373f88af4:/cookbooks/apache/recipes/ssl.rb

diff --git a/cookbooks/apache/recipes/ssl.rb b/cookbooks/apache/recipes/ssl.rb
index 37bf822c5..f87971157 100644
--- a/cookbooks/apache/recipes/ssl.rb
+++ b/cookbooks/apache/recipes/ssl.rb
@@ -17,22 +17,24 @@
 # limitations under the License.
 #
 
+certificate = node[:apache][:ssl][:certificate]
+certificate_chain = node[:apache][:ssl][:certificate_chain]
+
+node.default[:ssl][:certificates] = node[:ssl][:certificates] | [certificate]
+
 include_recipe "apache"
 include_recipe "ssl"
 
 apache_module "ssl"
 
-template "/etc/apache2/conf.d/ssl" do
-  source "ssl.erb"
-  owner "root"
-  group "root"
-  mode 0644
-  notifies :reload, resources(:service => "apache2")
+apache_conf "ssl" do
+  template "ssl.erb"
+  variables :certificate => certificate, :certificate_chain => certificate_chain
+  notifies :reload, "service[apache2]"
 end
 
-service "apache2" do
-  action :nothing
-  subscribes :restart, resources(:cookbook_file => "/etc/ssl/certs/rapidssl.pem")
-  subscribes :restart, resources(:cookbook_file => "/etc/ssl/certs/openstreetmap.pem")
-  subscribes :restart, resources(:file => "/etc/ssl/private/openstreetmap.key")
-end
+apache = resources("service[apache2]")
+
+apache.subscribes(:restart, "cookbook_file[/etc/ssl/certs/#{certificate_chain}.pem]")
+apache.subscribes(:restart, "cookbook_file[/etc/ssl/certs/#{certificate}.pem]")
+apache.subscribes(:restart, "file[/etc/ssl/private/#{certificate}.key]")