# DO NOT EDIT - This file is being maintained by Chef

<VirtualHost *:80>
  # Basic server configuration
  ServerName <%= node[:fqdn] %>
  ServerAlias tile.openstreetmap.org
  ServerAlias render.openstreetmap.org
  ServerAlias *.render.openstreetmap.org
  ServerAlias parent.tile.openstreetmap.org
  ServerAdmin webmaster@openstreetmap.org

  # Configure location of static files and CGI scripts
  DocumentRoot /srv/tile.openstreetmap.org/html
  ScriptAlias /cgi-bin/ /srv/tile.openstreetmap.org/cgi-bin/

  # Get the real remote IP for requests via a trusted proxy
  RemoteIPHeader X-Forwarded-For
<% @caches.each do |cache| -%>
<% cache.ipaddresses(:role => :external).sort.each do |address| -%>
  RemoteIPTrustedProxy <%= address %>
<% end -%>
<% end -%>

  # Setup logging
  LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_with_remoteip
  CustomLog /var/log/apache2/access.log combined_with_remoteip
  ErrorLog /var/log/apache2/error.log
  BufferedLogs on

  # Always set Access-Control-Allow-Origin so that simple CORS requests
  # will always work and can be cached
  Header set Access-Control-Allow-Origin "*"

  # Remove Proxy request header to mitigate https://httpoxy.org/
  RequestHeader unset Proxy early

  # Enable the rewrite engine
  RewriteEngine on

  # Rewrite tile requests to the default style
  RewriteRule ^/(-?\d+)/(-?\d+)/(-?\d+)\.png$ /default/$1/$2/$3.png [PT,T=image/png,L]
  RewriteRule ^/(-?\d+)/(-?\d+)/(-?\d+)\.png/status/?$  /default/$1/$2/$3.png/status [PT,T=text/plain,L]
  RewriteRule ^/(-?\d+)/(-?\d+)/(-?\d+)\.png/dirty/?$   /default/$1/$2/$3.png/dirty  [PT,T=text/plain,L]

  # Historical Files redirect
  Redirect /processed_p.tar.bz2 http://planet.openstreetmap.org/historical-shapefiles/processed_p.tar.bz2
  Redirect /shoreline_300.tar.bz2 http://planet.openstreetmap.org/historical-shapefiles/shoreline_300.tar.bz2
  Redirect /world_boundaries-spherical.tgz http://planet.openstreetmap.org/historical-shapefiles/world_boundaries-spherical.tgz
</VirtualHost>

<Directory /srv/tile.openstreetmap.org/html>
  Options None
  AllowOverride None
  Require all granted
</Directory>

<Directory /srv/tile.openstreetmap.org/cgi-bin>
  Options ExecCGI
  AllowOverride None
  Require all granted
</Directory>

<Location /cgi-bin/export>
  <RequireAll>
    Require all granted
    Require not ip 60.199.131.39
    Require not ip 92.217.67.26
    Require not ip 103.53.208.109
    Require not ip 113.196.123.178
    Require not ip 118.193.51.194
    Require not ip 119.188.70.34
    Require not ip 165.228.125.15
    Require not ip 171.13.14.152
    Require not ip 171.15.132.56
    Require not ip 199.203.108.5
    Require not ip 210.209.89.127
    Require not ip 210.65.88.6
  </RequireAll>
</Location>