Give each nominatim server it's own SSL certificate

This allows us to include the server name so that we can query
specific servers when debugging.

diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 8d10a4b93390186b6173b2f2b5e943def0810ee6..76f7cdcedb2c98c92ef22586b3ce3d4011a9e131 100644 (file)
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -360,8 +360,9 @@ systemd_service "apache-nominatim" do
   notifies :restart, "service[apache2]"
 end
 
-ssl_certificate "nominatim.openstreetmap.org" do
-  domains ["nominatim.openstreetmap.org",
+ssl_certificate node[:fqdn] do
+  domains [node[:fqdn],
+           "nominatim.openstreetmap.org",
            "nominatim.osm.org",
            "nominatim.openstreetmap.com",
            "nominatim.openstreetmap.net",