Teach wordpress cookbook about SSL. Enabled on blog

author Grant Slater <git@firefishy.com>

Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)

committer Grant Slater <git@firefishy.com>

Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)
author Grant Slater <git@firefishy.com>
Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)
committer Grant Slater <git@firefishy.com>
Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)
diff --git a/cookbooks/blog/recipes/default.rb b/cookbooks/blog/recipes/default.rb

index b0ff4aec098fd77f4d4fbc4546e502440ca4ecbb..41970b977b6abdda2b1c7a2aa47dfd092221862f 100644 (file)
--- a/cookbooks/blog/recipes/default.rb
+++ b/cookbooks/blog/recipes/default.rb
@@ -31,6 +31,7 @@ wordpress_site "blog.openstreetmap.org" do
    aliases "blog.osm.org", "blog.openstreetmap.com",
            "blog.openstreetmap.net", "blog.openstreetmaps.org",
            "blog.osmfoundation.org"
    aliases "blog.osm.org", "blog.openstreetmap.com",
            "blog.openstreetmap.net", "blog.openstreetmaps.org",
            "blog.osmfoundation.org"
+  ssl_enabled true
    directory "/srv/blog.openstreetmap.org/wp"
    database_name "osm-blog"
    database_user "osm-blog-user"
    directory "/srv/blog.openstreetmap.org/wp"
    database_name "osm-blog"
    database_user "osm-blog-user"
diff --git a/cookbooks/wordpress/definitions/wordpress_site.rb b/cookbooks/wordpress/definitions/wordpress_site.rb

index fcdf6948530d9ec8a8e9fe2c23898f2f1b26e541..1a3fa24235dd0a5258a5e0fe3bb288387f6785e3 100644 (file)
--- a/cookbooks/wordpress/definitions/wordpress_site.rb
+++ b/cookbooks/wordpress/definitions/wordpress_site.rb
@@ -19,6 +19,7 @@
  
  define :wordpress_site, :action => [ :create, :enable ] do
    name = params[:name]
  
  define :wordpress_site, :action => [ :create, :enable ] do
    name = params[:name]
+  ssl_enabled = params[:ssl_enabled] || false
    aliases = Array(params[:aliases])
    urls = Array(params[:urls])
    directory = params[:directory] || "/srv/#{name}"
    aliases = Array(params[:aliases])
    urls = Array(params[:urls])
    directory = params[:directory] || "/srv/#{name}"
@@ -85,6 +86,10 @@ define :wordpress_site, :action => [ :create, :enable ] do
        line += " * Don't allow file editing.\n"
        line += " */\n"
        line += "define('DISALLOW_FILE_EDIT', true);\n"
        line += " * Don't allow file editing.\n"
        line += " */\n"
        line += "define('DISALLOW_FILE_EDIT', true);\n"
+      if ssl_enabled
+        line += "define('FORCE_SSL_LOGIN', true);\n"
+        line += "define('FORCE_SSL_ADMIN', true);\n"
+      end
      end
  
      line
      end
  
      line
@@ -128,7 +133,7 @@ define :wordpress_site, :action => [ :create, :enable ] do
      cookbook "wordpress"
      template "apache.erb"
      directory directory
      cookbook "wordpress"
      template "apache.erb"
      directory directory
-    variables :aliases => aliases, :urls => urls
+    variables :aliases => aliases, :urls => urls, :ssl_enabled => ssl_enabled
      notifies :reload, "service[apache2]"
    end
  
      notifies :reload, "service[apache2]"
    end
  
diff --git a/cookbooks/wordpress/recipes/default.rb b/cookbooks/wordpress/recipes/default.rb

index 688dd189f09c8249ac50c286275d0376cc4a18d0..545025bcd7b6babbe394c3ff1647b3067813e33f 100644 (file)
--- a/cookbooks/wordpress/recipes/default.rb
+++ b/cookbooks/wordpress/recipes/default.rb
@@ -17,7 +17,7 @@
  # limitations under the License.
  #
  
  # limitations under the License.
  #
  
-include_recipe "apache"
+include_recipe "apache::ssl"
  include_recipe "chef::gems"
  include_recipe "mysql"
  
  include_recipe "chef::gems"
  include_recipe "mysql"
  
diff --git a/cookbooks/wordpress/templates/default/apache.erb b/cookbooks/wordpress/templates/default/apache.erb

index 1af8f3bb32d0732d3bc13b304b76abf4e82b9e92..90adc23a29c6ae908af45fdb3a9b36d3ed3aed28 100644 (file)
--- a/cookbooks/wordpress/templates/default/apache.erb
+++ b/cookbooks/wordpress/templates/default/apache.erb
@@ -11,6 +11,27 @@
    CustomLog /var/log/apache2/<%= @name %>-access.log combined
    ErrorLog /var/log/apache2/<%= @name %>-error.log
  
    CustomLog /var/log/apache2/<%= @name %>-access.log combined
    ErrorLog /var/log/apache2/<%= @name %>-error.log
  
+
+<% if @ssl_enabled -%>
+    RedirectPermanent / https://<%= @name %>/
+  </VirtualHost>
+  <VirtualHost *:443>
+    ServerName <%= @name %>
+  <% @aliases.each do |alias_name| -%>
+    ServerAlias <%= alias_name %>
+  <% end -%>
+
+    ServerAdmin webmaster@openstreetmap.org
+
+    #
+    # Enable SSL
+    #
+    SSLEngine on
+
+    CustomLog /var/log/apache2/<%= @name %>-access.log combined
+    ErrorLog /var/log/apache2/<%= @name %>-error.log
+<% end -%>
+
    DocumentRoot <%= @directory %>
  <% @urls.each do |url,directory| -%>
    Alias <%= url %> <%= directory %>
    DocumentRoot <%= @directory %>
  <% @urls.each do |url,directory| -%>
    Alias <%= url %> <%= directory %>
author	Grant Slater <git@firefishy.com>
	Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)
committer	Grant Slater <git@firefishy.com>
	Tue, 25 Feb 2014 07:20:13 +0000 (07:20 +0000)
cookbooks/blog/recipes/default.rb		patch \| blob \| history
cookbooks/wordpress/definitions/wordpress_site.rb		patch \| blob \| history
cookbooks/wordpress/recipes/default.rb		patch \| blob \| history
cookbooks/wordpress/templates/default/apache.erb		patch \| blob \| history