X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/3ce3f0c3311b306f9808355397ee43424f14aa31..20e6d4524062198d6521c5e692e73c57984a322a:/cookbooks/apache/recipes/ssl.rb

diff --git a/cookbooks/apache/recipes/ssl.rb b/cookbooks/apache/recipes/ssl.rb
index 8efbe03d2..3e3941099 100644
--- a/cookbooks/apache/recipes/ssl.rb
+++ b/cookbooks/apache/recipes/ssl.rb
@@ -18,28 +18,23 @@
 #
 
 certificate = node[:apache][:ssl][:certificate]
+certificate_chain = node[:apache][:ssl][:certificate_chain]
 
-node.default[:ssl][:certificates] = node[:ssl][:certificates] | [ certificate ]
+node.default[:ssl][:certificates] = node[:ssl][:certificates] | [certificate]
 
 include_recipe "apache"
 include_recipe "ssl"
 
-apache_module "socache_shmcb" do
-  only_if { node[:lsb][:release].to_f >= 14.04 }
-end
-
 apache_module "ssl"
-apache_module "headers"
 
 apache_conf "ssl" do
   template "ssl.erb"
-  variables :certificate => certificate
+  variables :certificate => certificate, :certificate_chain => certificate_chain
   notifies :reload, "service[apache2]"
 end
 
-service "apache2" do
-  action :nothing
-  subscribes :restart, "cookbook_file[/etc/ssl/certs/rapidssl.pem]"
-  subscribes :restart, "cookbook_file[/etc/ssl/certs/#{certificate}.pem]"
-  subscribes :restart, "file[/etc/ssl/private/#{certificate}.key]"
-end
+apache = resources("service[apache2]")
+
+apache.subscribes(:restart, "cookbook_file[/etc/ssl/certs/#{certificate_chain}.pem]")
+apache.subscribes(:restart, "file[/etc/ssl/certs/#{certificate}.pem]")
+apache.subscribes(:restart, "file[/etc/ssl/private/#{certificate}.key]")