X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/904c9868df60d82a048f38227279534abeba4717..HEAD:/cookbooks/dev/templates/default/apache.user.erb

diff --git a/cookbooks/dev/templates/default/apache.user.erb b/cookbooks/dev/templates/default/apache.user.erb
index a63829afb..373d12258 100644
--- a/cookbooks/dev/templates/default/apache.user.erb
+++ b/cookbooks/dev/templates/default/apache.user.erb
@@ -1,12 +1,16 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
-WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivity-timeout=600
+WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> processes=2 threads=8 restart-interval=3600 inactivity-timeout=600 graceful-timeout=60 maximum-requests=2000
 
-<VirtualHost *:80>
+<VirtualHost *:443>
 	ServerName <%= @user %>.dev.openstreetmap.org
 	ServerAdmin webmaster@openstreetmap.org
 	ServerAlias <%= @user %>.dev.osm.org
 
+	SSLEngine on
+	SSLCertificateFile /etc/ssl/certs/<%= @user %>.dev.openstreetmap.org.pem
+	SSLCertificateKeyFile /etc/ssl/private/<%= @user %>.dev.openstreetmap.org.key
+
 	# Remove Proxy request header to mitigate https://httpoxy.org/
 	RequestHeader unset Proxy early
 
@@ -19,17 +23,27 @@ WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivit
 	RewriteEngine on
 	#LogLevel rewrite:trace2
 
-	CustomLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log combined
+	CustomLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log combined_extended
 	ErrorLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log
 
-#	RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
-#	RewriteRule ^/cgi-bin/(.*)$ /cgi-bin/cgiwrap/~<%= @user %>/cgi-bin/$1 [PT,L]
+	RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
+	RewriteRule ^/cgi-bin/(.*)$ /~<%= @user %>/cgi-bin/$1 [PT,L]
+
+	<FilesMatch ".+\.ph(p|ps|p3|tml)$">
+		SetHandler "proxy:unix:/run/php/php-<%= @user %>-fpm.sock|fcgi://127.0.0.1"
+	</FilesMatch>
+</VirtualHost>
+
+<VirtualHost *:80>
+	ServerName <%= @user %>.dev.openstreetmap.org
+	ServerAdmin webmaster@openstreetmap.org
+	ServerAlias <%= @user %>.dev.osm.org
 
-#	RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
-#	RewriteRule ^/cgi-bin-d/(.*)$ /cgi-bin/cgiwrapd/~<%= @user %>/cgi-bin/$1 [PT,L]
+	CustomLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log combined_extended
+	ErrorLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log
 
-        RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
-	RewriteRule ^/(.*\.ph(p|ps|p3|tml)(/.*)?)$ fcgi://127.0.0.1:<%= @port %><%= @directory %>/$1 [P]
+	RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+	RedirectPermanent / https://<%= @user %>.dev.openstreetmap.org/
 </VirtualHost>
 
 <Directory <%= @directory %>>
@@ -38,6 +52,12 @@ WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivit
 	Require all granted
 </Directory>
 
+<Directory <%= @directory %>/cgi-bin>
+	SetHandler cgi-script
+	Options ExecCGI SymLinksIfOwnerMatch
+	Require all granted
+</Directory>
+
 <Directory <%= @directory %>/wsgi-bin>
 	SetHandler wsgi-script
 	Options ExecCGI SymLinksIfOwnerMatch