nominatim: only redirect traffic for www pool

[chef.git] / cookbooks / nominatim / templates / default / apache.erb

diff --git a/cookbooks/nominatim/templates/default/apache.erb b/cookbooks/nominatim/templates/default/apache.erb
index 1c8c82f7d22683b0c0bc58066c1872b6dcbf892a..517967f09fbc126daa8e1ce2ba459bf36576879c 100644 (file)
--- a/cookbooks/nominatim/templates/default/apache.erb
+++ b/cookbooks/nominatim/templates/default/apache.erb
@@ -16,6 +16,7 @@
     # Enable SSL
     #
     SSLEngine on
+    SSLProxyEngine on
 <% end -%>
 
     CustomLog /var/log/apache2/nominatim.openstreetmap.org-access.log combined
@@ -24,43 +25,26 @@
     DocumentRoot <%= @directory %>/website
     <Directory "<%= @directory %>/website/">
         DirectoryIndex search.php
-        Options MultiViews FollowSymLinks
-        AddType text/html   .php
-        AddType application/xml   .phpx
-        AddType application/json   .phpj
+        Options FollowSymLinks
+        Require all granted
     </Directory>
 
-    <Location />
-<% if node[:lsb][:release].to_f >= 14.04 -%>
-        ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%>/
-        ProxyPassMatch ^/(.*\.phpx(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%>/
-        ProxyPassMatch ^/(.*\.phpj(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%>/
-<% else -%>
-        AddHandler fcgi:/var/run/php5-fpm-www.sock .php
-        AddHandler fcgi:/var/run/php5-fpm-www.sock .phpx
-        AddHandler fcgi:/var/run/php5-fpm-www.sock .phpj
-<% end -%>
-    </Location>
+    ProxyPassMatch ^/([^/]*\.php(/.*)?)$ fcgi://127.0.0.1:<%= @pools[:www][:port ]%><%= @directory %>/website/$1
 
     <% @pools.each do |name,details| -%>
     Alias /pool-<%= name %>/ "<%= @directory %>/website/"
-    <Location /pool-<%= name %>>
-<% if node[:lsb][:release].to_f >= 14.04 -%>
-        ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:<%= details[:port ]%>/
-        ProxyPassMatch ^/(.*\.phpx(/.*)?)$ fcgi://127.0.0.1:<%= details[:port ]%>/
-        ProxyPassMatch ^/(.*\.phpj(/.*)?)$ fcgi://127.0.0.1:<%= details[:port ]%>/
-<% else -%>
-        AddHandler fcgi:/var/run/php5-fpm-<%= name %>.sock .php
-        AddHandler fcgi:/var/run/php5-fpm-<%= name %>.sock .phpx
-        AddHandler fcgi:/var/run/php5-fpm-<%= name %>.sock .phpj
-<% end -%>
-    </Location>
+    <% end -%>
+    <% node[:nominatim][:redirects].each do |url,host| -%>
+    ProxyPassMatch ^/pool-www/(<%= url %>\.php(/.*)?) http<% if port == 443 -%>s<% end -%>://<%= host %>/pool-www/$1
+    <% end -%>
+    <% @pools.each do |name,details| -%>
+    ProxyPassMatch ^/pool-<%= name %>/(.*\.php(/.*)?) fcgi://127.0.0.1:<%= details[:port ]%><%= @directory %>/website/$1
     <% end -%>
 
-    Redirect 420 /pool-block/
-    ErrorDocument 420 /509.html
+    Redirect 429 /pool-block/
+    ErrorDocument 429 /509.html
     <Location /pool-block>
-        ErrorDocument 420 /509.html
+        ErrorDocument 429 /509.html
     </Location>
     Redirect 403 /pool-ban/
     <Location /pool-ban>
@@ -75,7 +59,7 @@
 
     # regular requests and autoblocks
     RewriteMap bulklist txt:<%= @directory %>/settings/ip_blocks.map
-    RewriteRule ^/([sdr].*) /pool-${bulklist:%{REMOTE_ADDR}|www}/$1 [PT]
+    RewriteRule ^/(search|reverse|details|lookup)(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|www}/$1.php$3 [PT]
 
 </VirtualHost>