X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/e253a46db2813271fce34759eaeb7a1c7cd56f1f..e92ed5e09215d67f2bd7dc21a32425d7ec5aa26f:/cookbooks/chef/templates/default/apache.erb diff --git a/cookbooks/chef/templates/default/apache.erb b/cookbooks/chef/templates/default/apache.erb index fed8d3a2d..917759a7c 100644 --- a/cookbooks/chef/templates/default/apache.erb +++ b/cookbooks/chef/templates/default/apache.erb @@ -5,9 +5,10 @@ ServerAlias chef.osm.org ServerAdmin webmaster@openstreetmap.org - CustomLog /var/log/apache2/chef.openstreetmap.org-access.log combined + CustomLog /var/log/apache2/chef.openstreetmap.org-access.log combined_extended ErrorLog /var/log/apache2/chef.openstreetmap.org-error.log + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ Redirect permanent / https://chef.openstreetmap.org/ @@ -15,16 +16,15 @@ ServerName chef.openstreetmap.org ServerAdmin webmaster@openstreetmap.org - SSLEngine on - SSLProtocol all -SSLv2 - SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW - SSLCertificateFile /etc/ssl/certs/openstreetmap.pem - SSLCertificateKeyFile /etc/ssl/private/openstreetmap.key - - CustomLog /var/log/apache2/chef.openstreetmap.org-access.log combined + CustomLog /var/log/apache2/chef.openstreetmap.org-access.log combined_extended ErrorLog /var/log/apache2/chef.openstreetmap.org-error.log + SSLEngine on SSLProxyEngine on + SSLCertificateFile /etc/ssl/certs/chef.openstreetmap.org.pem + SSLCertificateKeyFile /etc/ssl/private/chef.openstreetmap.org.key - ProxyPass / http://127.0.0.1:4000/ + ProxyPassMatch ^/.*\.git/ ! + ProxyPass / https://<%= node[:fqdn] %>:4443/ + ProxyPreserveHost on