From: Tom Hughes Date: Sun, 11 Feb 2018 19:55:14 +0000 (+0000) Subject: Remove ssl_enabled option for mediawiki sites X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/57ee30ffe5e6106f3cbd9a91c1599eb5b51e8c36?ds=sidebyside Remove ssl_enabled option for mediawiki sites --- diff --git a/cookbooks/foundation/recipes/board.rb b/cookbooks/foundation/recipes/board.rb index d8b2a6171..82012eda9 100644 --- a/cookbooks/foundation/recipes/board.rb +++ b/cookbooks/foundation/recipes/board.rb @@ -25,7 +25,6 @@ mediawiki_site "board.osmfoundation.org" do sitename "OSMF Board Wiki" metanamespace "OSMFBoard" directory "/srv/board.osmfoundation.org" - ssl_enabled true database_name "board-wiki" database_user "board-wikiuser" database_password passwords["board"]["database"] diff --git a/cookbooks/foundation/recipes/dwg.rb b/cookbooks/foundation/recipes/dwg.rb index 6a5ffc8c5..b19e7cfec 100644 --- a/cookbooks/foundation/recipes/dwg.rb +++ b/cookbooks/foundation/recipes/dwg.rb @@ -25,7 +25,6 @@ mediawiki_site "dwg.osmfoundation.org" do sitename "OSMF Data Working Group Wiki" metanamespace "OSMFDWG" directory "/srv/dwg.osmfoundation.org" - ssl_enabled true database_name "dwg-wiki" database_user "dwg-wikiuser" database_password passwords["dwg"]["database"] diff --git a/cookbooks/foundation/recipes/wiki.rb b/cookbooks/foundation/recipes/wiki.rb index f8aa4ec9d..0c0bf6a76 100644 --- a/cookbooks/foundation/recipes/wiki.rb +++ b/cookbooks/foundation/recipes/wiki.rb @@ -26,7 +26,6 @@ mediawiki_site "wiki.osmfoundation.org" do "foundation.openstreetmap.org", "foundation.osm.org"] sitename "OpenStreetMap Foundation" directory "/srv/wiki.osmfoundation.org" - ssl_enabled true database_name "osmf-wiki" database_user "osmf-wikiuser" database_password passwords["wiki"]["database"] diff --git a/cookbooks/mediawiki/resources/site.rb b/cookbooks/mediawiki/resources/site.rb index e972715a7..0781de597 100644 --- a/cookbooks/mediawiki/resources/site.rb +++ b/cookbooks/mediawiki/resources/site.rb @@ -38,7 +38,6 @@ property :site_notice, :kind_of => [String, TrueClass, FalseClass], :default => property :site_readonly, :kind_of => [String, TrueClass, FalseClass], :default => false property :admin_user, :kind_of => String, :default => "Admin" property :admin_password, :kind_of => String, :required => true -property :ssl_enabled, :kind_of => [TrueClass, FalseClass], :default => false property :private_accounts, :kind_of => [TrueClass, FalseClass], :default => false property :private, :kind_of => [TrueClass, FalseClass], :default => false property :recaptcha_public_key, :kind_of => String @@ -475,7 +474,6 @@ action :create do ssl_certificate new_resource.site do domains [new_resource.site] + Array(new_resource.aliases) - only_if { new_resource.ssl_enabled } end apache_site new_resource.site do @@ -483,8 +481,7 @@ action :create do template "apache.erb" directory site_directory variables :aliases => Array(new_resource.aliases), - :private => new_resource.private, - :ssl_enabled => new_resource.ssl_enabled + :private => new_resource.private reload_apache false end @@ -573,7 +570,6 @@ action_class do :skin => new_resource.skin, :site_notice => new_resource.site_notice, :site_readonly => new_resource.site_readonly, - :ssl_enabled => new_resource.ssl_enabled, :extra_file_extensions => new_resource.extra_file_extensions, :private_accounts => new_resource.private_accounts, :private => new_resource.private diff --git a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb index 115bfedd2..51b33115b 100644 --- a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb +++ b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb @@ -26,11 +26,9 @@ $wgScriptExtension = ".php"; $wgServer = "//<%= @name %>"; $wgInternalServer = 'https://<%= @name %>'; -<% if @mediawiki[:ssl_enabled] -%> $wgSecureLogin = true; $wgDefaultUserOptions['prefershttps'] = 1; -<% end -%> -$wgCookieSecure = false; +$wgCookieSecure = true; ## The relative URL path to the skins directory $wgStylePath = "$wgScriptPath/skins"; diff --git a/cookbooks/mediawiki/templates/default/apache.erb b/cookbooks/mediawiki/templates/default/apache.erb index 5c38fc0a2..a4e0e48a4 100644 --- a/cookbooks/mediawiki/templates/default/apache.erb +++ b/cookbooks/mediawiki/templates/default/apache.erb @@ -11,7 +11,6 @@ CustomLog /var/log/apache2/<%= @name %>-access.log combined ErrorLog /var/log/apache2/<%= @name %>-error.log -<% if @ssl_enabled -%> RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ RedirectPermanent / https://<%= @name %>/ @@ -20,7 +19,6 @@ ServerName <%= @name %> <% @aliases.each do |alias_name| -%> ServerAlias <%= alias_name %> -<% end -%> ServerAdmin webmaster@openstreetmap.org diff --git a/cookbooks/wiki/recipes/default.rb b/cookbooks/wiki/recipes/default.rb index 35744d7c8..d4aa62b20 100644 --- a/cookbooks/wiki/recipes/default.rb +++ b/cookbooks/wiki/recipes/default.rb @@ -33,8 +33,6 @@ mediawiki_site "wiki.openstreetmap.org" do "wiki.openstreetmap.pro", "wiki.openstreetmaps.org"] directory "/srv/wiki.openstreetmap.org" - ssl_enabled TRUE - database_name "wiki" database_user "wiki-user" database_password passwords["database"]