default[:apache][:listen_address] = "*"
default[:apache][:ssl][:certificate] = "openstreetmap"
+default[:apache][:ssl][:certificate_chain] = "rapidssl"
default[:apache][:buffered_logs] = true
#
certificate = node[:apache][:ssl][:certificate]
+certificate_chain = node[:apache][:ssl][:certificate_chain]
node.default[:ssl][:certificates] = node[:ssl][:certificates] | [certificate]
apache_conf "ssl" do
template "ssl.erb"
- variables :certificate => certificate
+ variables :certificate => certificate, :certificate_chain => certificate_chain
notifies :reload, "service[apache2]"
end
service "apache2" do
action :nothing
- subscribes :restart, "cookbook_file[/etc/ssl/certs/rapidssl.pem]"
+ subscribes :restart, "cookbook_file[/etc/ssl/certs/#{certificate_chain}.pem]"
subscribes :restart, "cookbook_file[/etc/ssl/certs/#{certificate}.pem]"
subscribes :restart, "file[/etc/ssl/private/#{certificate}.key]"
end
SSLCertificateFile /etc/ssl/certs/<%= @certificate %>.pem
SSLCertificateKeyFile /etc/ssl/private/<%= @certificate %>.key
-SSLCertificateChainFile /etc/ssl/certs/rapidssl.pem
+SSLCertificateChainFile /etc/ssl/certs/<%= @certificate_chain %>.pem
<% if node[:lsb][:release].to_f >= 14.04 -%>
SSLUseStapling On
# limitations under the License.
#
-node.default[:ssl][:certificates] = node[:ssl][:certificates] | ["osmfoundation"]
-
include_recipe "wordpress"
include_recipe "mysql"
wordpress_site "crm.osmfoundation.org" do
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "civicrm"
database_user "civicrm"
database_password database_password
# limitations under the License.
#
-node.default[:ssl][:certificates] = node[:ssl][:certificates] | ["osmfoundation"]
-
include_recipe "wordpress"
passwords = data_bag_item("stateofthemap", "passwords")
aliases "2007.stateofthemap.com"
directory "/srv/2007.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2007"
database_user "sotm2007"
database_password passwords["sotm2007"]
aliases "2008.stateofthemap.com"
directory "/srv/2008.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2008"
database_user "sotm2008"
database_password passwords["sotm2008"]
aliases "2009.stateofthemap.com"
directory "/srv/2009.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2009"
database_user "sotm2009"
database_password passwords["sotm2009"]
aliases "2010.stateofthemap.com"
directory "/srv/2010.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2010"
database_user "sotm2010"
database_password passwords["sotm2010"]
aliases "2011.stateofthemap.com"
directory "/srv/2011.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2011"
database_user "sotm2011"
database_password passwords["sotm2011"]
aliases "2012.stateofthemap.com"
directory "/srv/2012.stateofthemap.org/wp"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "sotm2012"
database_user "sotm2012"
database_password passwords["sotm2012"]
# limitations under the License.
#
-node.default[:ssl][:certificates] = node[:ssl][:certificates] | ["osmfoundation"]
-
include_recipe "wordpress"
passwords = data_bag_item("switch2osm", "passwords")
aliases ["www.switch2osm.org", "switch2osm.com", "www.switch2osm.com"]
directory "/srv/switch2osm.org"
ssl_enabled true
- ssl_certificate "osmfoundation"
- ssl_certificate_chain "startcom"
database_name "switch2osm-blog"
database_user "switch2osm-user"
database_password passwords["switch2osm-user"]
description "Master role applied to ridley"
default_attributes(
+ :apache => {
+ :ssl => {
+ :certificate => "osmfoundation",
+ :certificate_chain => "startcom"
+ }
+ },
:dhcpd => {
:first_address => "10.0.15.1",
:last_address => "10.0.15.254"
projects / chef.git / commitdiff