From: Sarah Hoffmann <lonvia@denofr.de>
Date: Mon, 17 Jan 2022 14:13:20 +0000 (+0100)
Subject: add site for qa-tile.nominatim
X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/dd1a109031990dc3748d97ff4c1a57dd555ef6c7

add site for qa-tile.nominatim
---

diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 7fa5a4488..90539f73f 100644
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -522,9 +522,17 @@ if node[:nominatim][:enable_qa_tiles]
     variables :outputdir => "#{qa_data_directory}/new"
   end
 
-  link "#{build_directory}/website/qa-data" do
-    to "#{qa_data_directory}/current"
-    owner "nominatim"
-    group "nominatim"
+  ssl_certificate qa-tile.nominatim.openstreetmap.org do
+    domains ["qa-tile.nominatim.openstreetmap.org"]
+    notifies :reload, "service[nginx]"
+  end
+
+  nginx_site "qa-tiles.nominatim" do
+    template "nginx-qa-tiles.erb"
+    directory build_directory
+    variables :qa_data_directory => qa_data_directory
   end
+
+end
+
 end
diff --git a/cookbooks/nominatim/templates/default/nginx-qa-tiles.erb b/cookbooks/nominatim/templates/default/nginx-qa-tiles.erb
new file mode 100644
index 000000000..2703f4fb3
--- /dev/null
+++ b/cookbooks/nominatim/templates/default/nginx-qa-tiles.erb
@@ -0,0 +1,23 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    listen 443 ssl deferred backlog=16384 reuseport http2;
+    listen [::]:443 ssl deferred backlog=16384 reuseport http2;
+
+    ssl_certificate /etc/ssl/certs/qa-tile.nominatim.openstreetmap.org.pem;
+    ssl_certificate_key /etc/ssl/private/qa-tile.nominatim.openstreetmap.org.key;
+
+    server_name qa-tile.nominatim.openstreetmap.org;
+
+    root <%= qa_data_directory %>/current;
+
+    access_log <%= node[:nominatim][:logdir] %>/qa-tile.nominatim.openstreetmap.org-access.log combined;
+    error_log <%= node[:nominatim][:logdir] %>/qa-tile.nominatim.openstreetmap.org-error.log;
+
+    rewrite ^/\.well-known/acme-challenge/(.*)$ http://acme.openstreetmap.org/.well-known/acme-challenge/$1 permanent;
+
+    location / {
+        add_header Access-Control-Allow-Origin "*" always;
+    }
+}