Enable SSL for dns.osm.org
[chef.git] / cookbooks / dns / templates / default / apache.erb
index 100d24e07846ea1b81e1543f412e3ea9d39c8597..fd555e886cf67f7c92c815a789bbb927fe19f53f 100644 (file)
@@ -7,6 +7,21 @@
        CustomLog /var/log/apache2/<%= @name %>-access.log combined
        ErrorLog /var/log/apache2/<%= @name %>-error.log
 
+        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+        RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
+<VirtualHost *:443>
+       ServerName <%= @name %>
+       ServerAdmin webmaster@openstreetmap.org
+
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+       CustomLog /var/log/apache2/<%= @name %>-access.log combined
+       ErrorLog /var/log/apache2/<%= @name %>-error.log
+
        DocumentRoot <%= @directory %>/html
        Alias /json/ /var/lib/dns/json/
 </VirtualHost>