<Directory <%= @directory %>>
Options -Indexes
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all granted
-<% end -%>
</Directory>
<Directory <%= @mediawiki[:directory] %>/images/>
AllowOverride None
AddType text/plain .html .htm .shtml
<% if @mediawiki[:private] -%>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
<% end -%>
</Directory>
</Directory>
<Directory <%= @mediawiki[:directory] %>/maintenance/>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Files <%= @mediawiki[:directory] %>/LocalSettings.php>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Files>
<Directory <%= @mediawiki[:directory] %>/cache/>
</Directory>
<Directory ~ "\.svn">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Directory ~ "\.git">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Files ~ "~$">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Files>
</VirtualHost>
<% if @mediawiki[:enable_ssl] -%>
<Directory <%= @directory %>>
Options -Indexes
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all granted
-<% end -%>
</Directory>
<Directory <%= @mediawiki[:directory] %>/images/>
Options -ExecCGI -Includes -Indexes
AllowOverride None
<% if @mediawiki[:private] -%>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
<% end -%>
</Directory>
</Directory>
<Directory <%= @mediawiki[:directory] %>/maintenance/>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Files <%= @mediawiki[:directory] %>/LocalSettings.php>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Files>
<Directory <%= @mediawiki[:directory] %>/images/>
</Directory>
<Directory ~ "\.svn">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Directory ~ "\.git">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Directory>
<Files ~ "~$">
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all denied
-<% else -%>
- Order allow,deny
- Deny from all
-<% end -%>
</Files>
</VirtualHost>
<% end -%>
# DO NOT EDIT - This file is being maintained by Chef
-<% if node[:lsb][:release].to_f >= 14.04 -%>
- user www-data;
-<% else -%>
- user nginx;
-<% end -%>
+user www-data;
worker_processes <%= node['cpu']['total'] %>;
error_log /var/log/nginx/error.log warn;
package "php-apc"
apache_module "rewrite"
-
-if node[:lsb][:release].to_f >= 14.04
- apache_module "proxy"
- apache_module "proxy_fcgi"
-else
- apache_module "fastcgi-handler"
-end
+apache_module "proxy"
+apache_module "proxy_fcgi"
home_directory = data_bag_item("accounts", "nominatim")["home"]
source_directory = "#{home_directory}/nominatim"
postgis_version = node[:nominatim][:database][:postgis]
service "php5-fpm" do
- if node[:lsb][:release].to_f >= 14.04
- provider Chef::Provider::Service::Upstart
- end
+ provider Chef::Provider::Service::Upstart
action [ :enable, :start ]
supports :status => true, :restart => true, :reload => true
end
<Directory "<%= @directory %>/website/">
DirectoryIndex search.php
Options FollowSymLinks
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all granted
-<% end -%>
</Directory>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
ProxyPassMatch ^/([^/]*\.php(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%><%= @directory %>/website/$1
-<% else -%>
- <LocationMatch ^/([^/]*\.php(/.*)?)$>
- SetHandler fcgi:/var/run/php5-fpm-www.sock
- </LocationMatch>
-<% end -%>
<% @pools.each do |name,details| -%>
Alias /pool-<%= name %>/ "<%= @directory %>/website/"
-<% if node[:lsb][:release].to_f >= 14.04 -%>
ProxyPassMatch ^/pool-<%= name %>/(.*\.php(/.*)?) fcgi://127.0.0.1:<%= details[:port ]%><%= @directory %>/website/$1
-<% else -%>
- <LocationMatch ^/pool-<%= name %>/(.*\.php(/.*)?)$>
- SetHandler fcgi:/var/run/php5-fpm-<%= name %>.sock
- </LocationMatch>
-<% end -%>
<% end -%>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Redirect 429 /pool-block/
ErrorDocument 429 /509.html
<Location /pool-block>
ErrorDocument 429 /509.html
</Location>
-<% else -%>
- Redirect 420 /pool-block/
- ErrorDocument 420 /509.html
- <Location /pool-block>
- ErrorDocument 420 /509.html
- </Location>
-<% end -%>
Redirect 403 /pool-ban/
<Location /pool-ban>
ErrorDocument 403 /403.html
notifempty
create 640 www-data adm
}
-<% if node[:lsb][:release].to_f < 14.04 -%>
-
-/var/log/php5-fpm.log {
- weekly
- missingok
- rotate 3
- compress
- delaycompress
- postrotate
- /usr/bin/service php5-fpm restart > /dev/null
- endscript
-}
-<% end -%>
end
service "squid" do
- if node[:lsb][:release].to_f >= 14.04
- provider Chef::Provider::Service::Upstart
- end
- action [ :enable, :start ]
+ provider Chef::Provider::Service::Upstart
+ action [ :enable, :start ]
supports :status => true, :restart => true, :reload => true
subscribes :reload, "template[/etc/squid/squid.conf]"
subscribes :restart, "template[/etc/default/squid]"
projects / chef.git / commitdiff