X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/f601fd4a5494b22aba8edc3085a338feb67a9a2e..cb58c5f3f68950d65ee72f169345fd2b743691b7:/cookbooks/apache/recipes/ssl.rb

diff --git a/cookbooks/apache/recipes/ssl.rb b/cookbooks/apache/recipes/ssl.rb
index a31ac0c06..700e10e4a 100644
--- a/cookbooks/apache/recipes/ssl.rb
+++ b/cookbooks/apache/recipes/ssl.rb
@@ -17,24 +17,28 @@
 # limitations under the License.
 #
 
-node.default[:ssl][:certificate] = node[:ssl][:certificate] | [ "openstreetmap" ]
+certificate = node[:apache][:ssl][:certificate]
+
+node.default[:ssl][:certificates] = node[:ssl][:certificates] | [ certificate ]
 
 include_recipe "apache"
 include_recipe "ssl"
 
+apache_module "socache_shmcb" do
+  only_if { node[:lsb][:release].to_f >= 14.04 }
+end
+
 apache_module "ssl"
 
-template "/etc/apache2/conf.d/ssl" do
-  source "ssl.erb"
-  owner "root"
-  group "root"
-  mode 0644
-  notifies :reload, resources(:service => "apache2")
+apache_conf "ssl" do
+  template "ssl.erb"
+  variables :certificate => certificate
+  notifies :reload, "service[apache2]"
 end
 
 service "apache2" do
   action :nothing
-  subscribes :restart, resources(:cookbook_file => "/etc/ssl/certs/rapidssl.pem")
-  subscribes :restart, resources(:cookbook_file => "/etc/ssl/certs/openstreetmap.pem")
-  subscribes :restart, resources(:file => "/etc/ssl/private/openstreetmap.key")
+  subscribes :restart, "cookbook_file[/etc/ssl/certs/rapidssl.pem]"
+  subscribes :restart, "cookbook_file[/etc/ssl/certs/#{certificate}.pem]"
+  subscribes :restart, "file[/etc/ssl/private/#{certificate}.key]"
 end