aliases "blog.osm.org", "blog.openstreetmap.com",
"blog.openstreetmap.net", "blog.openstreetmaps.org",
"blog.osmfoundation.org"
+ ssl_enabled true
directory "/srv/blog.openstreetmap.org/wp"
database_name "osm-blog"
database_user "osm-blog-user"
define :wordpress_site, :action => [ :create, :enable ] do
name = params[:name]
+ ssl_enabled = params[:ssl_enabled] || false
aliases = Array(params[:aliases])
urls = Array(params[:urls])
directory = params[:directory] || "/srv/#{name}"
line += " * Don't allow file editing.\n"
line += " */\n"
line += "define('DISALLOW_FILE_EDIT', true);\n"
+ if ssl_enabled
+ line += "define('FORCE_SSL_LOGIN', true);\n"
+ line += "define('FORCE_SSL_ADMIN', true);\n"
+ end
end
line
cookbook "wordpress"
template "apache.erb"
directory directory
- variables :aliases => aliases, :urls => urls
+ variables :aliases => aliases, :urls => urls, :ssl_enabled => ssl_enabled
notifies :reload, "service[apache2]"
end
# limitations under the License.
#
-include_recipe "apache"
+include_recipe "apache::ssl"
include_recipe "chef::gems"
include_recipe "mysql"
CustomLog /var/log/apache2/<%= @name %>-access.log combined
ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+<% if @ssl_enabled -%>
+ RedirectPermanent / https://<%= @name %>/
+ </VirtualHost>
+ <VirtualHost *:443>
+ ServerName <%= @name %>
+ <% @aliases.each do |alias_name| -%>
+ ServerAlias <%= alias_name %>
+ <% end -%>
+
+ ServerAdmin webmaster@openstreetmap.org
+
+ #
+ # Enable SSL
+ #
+ SSLEngine on
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+<% end -%>
+
DocumentRoot <%= @directory %>
<% @urls.each do |url,directory| -%>
Alias <%= url %> <%= directory %>
projects / chef.git / commitdiff