1 # DO NOT EDIT - This file is being maintained by Chef
4 ServerName <%= @name %>
5 <% @aliases.each do |alias_name| -%>
6 ServerAlias <%= alias_name %>
8 ServerAdmin webmaster@openstreetmap.org
10 CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
11 ErrorLog /var/log/apache2/<%= @name %>-error.log
13 RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
14 RedirectPermanent / https://<%= @name %>/
17 <% unless @aliases.empty? -%>
19 ServerName <%= @aliases.first %>
20 <% @aliases.slice(1..-1).each do |alias_name| -%>
21 ServerAlias <%= alias_name %>
23 ServerAdmin webmaster@openstreetmap.org
26 SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
27 SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
29 CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
30 ErrorLog /var/log/apache2/<%= @name %>-error.log
32 RedirectPermanent / https://<%= @name %>/
37 ServerName <%= @name %>
38 ServerAdmin webmaster@openstreetmap.org
41 SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
42 SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
44 CustomLog /var/log/apache2/<%= @name %>-access.log combined_extended
45 ErrorLog /var/log/apache2/<%= @name %>-error.log
47 Alias /robots.txt /srv/<%= node[:git][:host] %>/robots.txt
49 <FilesMatch "^robots\.txt$">
50 # Make absolutely sure it comes out as a plain file
55 SetEnv GIT_PROJECT_ROOT /var/lib/git
56 SetEnv GIT_HTTP_EXPORT_ALL
57 SetEnv GIT_HTTP_MAX_REQUEST_BUFFER 100M
59 SetEnvIf Git-Protocol ".*" GIT_PROTOCOL=$0
61 # KeepaliveTimeout longer than git config uploadpack.keepalive 5 second default
65 RewriteRule ^/cgimap\.git.* https://github.com/zerebubuth/openstreetmap-cgimap [QSD,L,R=permanent]
66 RewriteRule ^/planetdump\.git.* https://github.com/openstreetmap/planetdump [QSD,L,R=permanent]
67 RewriteRule ^/gpx-import\.git.* https://github.com/openstreetmap/gpx-import [QSD,L,R=permanent]
68 RewriteRule ^/potlatch2\.git.* https://github.com/openstreetmap/potlatch2 [QSD,L,R=permanent]
70 # Prevent abuse by an anonymous AI bot
71 RewriteCond %{REQUEST_METHOD} ^(GET|HEAD)$
72 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/blob [OR]
73 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/commitdiff [OR]
74 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/history [OR]
75 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/log [OR]
76 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/patch [OR]
77 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/search [OR]
78 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/shortlog [OR]
79 RewriteCond %{REQUEST_URI} ^/[^/]+\.git/tree
80 RewriteCond %{HTTP_REFERER} ^-?$
81 RewriteCond %{HTTP_USER_AGENT} ((CriOS|Chrome)/[1-9][0-9]?\.0\.|Chrome/100\.0\.|Chrome/122\.0\.0\.0|(Firefox|FxiOS)/[1-6]?[0-9]\.|MSIE\ [5-9]\.0|Opera/[8-9]\.|Windows\ NT\ [3-5]\.|Version/[3-5]\.[0-1]) [NC]
82 RewriteRule ^ - [R=429,L]
84 ScriptAlias /public /usr/lib/git-core/git-http-backend/public
85 ScriptAlias /private /usr/lib/git-core/git-http-backend/private
86 Alias /gitweb /usr/share/gitweb
87 Alias /git /var/cache/git
88 ScriptAlias / /usr/lib/cgi-bin/gitweb.cgi/
93 <% unless @private_allowed.empty? -%>
96 Require ip <%= @private_allowed.sort.join(" ") %>
100 <Location /private/chef.git>
105 <Directory /usr/lib/git-core>
projects / chef.git / blob