require "yaml"
require "securerandom"
-include_recipe "apache"
+include_recipe "apache::ssl"
include_recipe "passenger"
include_recipe "git"
include_recipe "mysql"
notifies :run, "execute[#{rails_directory}]"
end
+ ssl_certificate site_name do
+ domains [site_name] + site_aliases
+ notifies :reload, "service[apache2]"
+ end
+
apache_site site_name do
template "apache.rails.erb"
variables :name => site_name, :aliases => site_aliases, :secret_key_base => secret_key_base
mode 0o644
end
+ ssl_certificate "apis.dev.openstreetmap.org" do
+ domains "apis.dev.openstreetmap.org"
+ notifies :reload, "service[apache2]"
+ end
+
apache_site "apis.dev.openstreetmap.org" do
template "apache.apis.erb"
end
# DO NOT EDIT - This file is being maintained by Chef
-<VirtualHost *:80>
+<VirtualHost *:443>
ServerName apis.dev.openstreetmap.org
ServerAdmin webmaster@openstreetmap.org
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/apis.dev.openstreetmap.org.pem
+ SSLCertificateKeyFile /etc/ssl/private/apis.dev.openstreetmap.org.key
+
+ CustomLog /var/log/apache2/apis.dev.openstreetmap.org-access.log combined
+ ErrorLog /var/log/apache2/apis.dev.openstreetmap.org-error.log
+
DocumentRoot /srv/apis.dev.openstreetmap.org
+</VirtualHost>
+
+<VirtualHost *:80>
+ ServerName apis.dev.openstreetmap.org
+ ServerAdmin webmaster@openstreetmap.org
CustomLog /var/log/apache2/apis.dev.openstreetmap.org-access.log combined
ErrorLog /var/log/apache2/apis.dev.openstreetmap.org-error.log
+
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://apis.dev.openstreetmap.org/
</VirtualHost>
<Directory /srv/apis.dev.openstreetmap.org>
# DO NOT EDIT - This file is being maintained by Chef
-<VirtualHost *:80>
+<VirtualHost *:443>
ServerName <%= @name %>
<% @aliases.each do |alias_name| -%>
ServerAlias <%= alias_name %>
<% end -%>
ServerAdmin webmaster@openstreetmap.org
- DocumentRoot /srv/<%= @name %>/public
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
CustomLog /var/log/apache2/<%= @name %>-access.log combined
ErrorLog /var/log/apache2/<%= @name %>-error.log
+ DocumentRoot /srv/<%= @name %>/public
+
RailsEnv production
SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
</VirtualHost>
+<VirtualHost *:80>
+ ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+<% end -%>
+ ServerAdmin webmaster@openstreetmap.org
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
<Directory /srv/<%= @name %>/public>
Require all granted
</Directory>
</tr>
<% node[:dev][:rails].each do |name,details| -%>
<tr>
-<td><a href="http://<%= name %>.apis.dev.openstreetmap.org/"><%= name %></a></td>
+<td><a href="https://<%= name %>.apis.dev.openstreetmap.org/"><%= name %></a></td>
<td><%= details[:repository] %></td>
<td><%= details[:revision] %></td>
</tr>
projects / chef.git / commitdiff