Pass https to the backends over https
authorTom Hughes <tom@compton.nu>
Sat, 15 Feb 2014 17:39:12 +0000 (17:39 +0000)
committerTom Hughes <tom@compton.nu>
Sat, 15 Feb 2014 17:39:12 +0000 (17:39 +0000)
cookbooks/web/recipes/backend.rb
cookbooks/web/templates/default/apache.backend.erb
cookbooks/web/templates/default/apache.frontend.erb

index ed80fd2..6898b42 100644 (file)
@@ -18,6 +18,7 @@
 #
 
 include_recipe "memcached"
+include_recipe "apache::ssl"
 include_recipe "web::rails"
 include_recipe "web::cgimap"
 
index 1c3a5c1..e1e65be 100644 (file)
@@ -1,12 +1,20 @@
 # DO NOT EDIT - This file is being maintained by Chef
+<% [80, 443].each do |port| -%>
 
-<VirtualHost *:80>
+<VirtualHost *:<%= port %>>
   #
   # Basic server configuration
   #
   ServerName <%= node[:fqdn] %>
   ServerAlias api.openstreetmap.org www.openstreetmap.org
   ServerAdmin webmaster@openstreetmap.org
+<% if port == 443 -%>
+
+  #
+  # Enable SSL
+  #
+  SSLEngine on
+<% end -%>
 
   #
   # Setup logging
@@ -44,3 +52,4 @@
   RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full$ - [H=fcgi:127.0.0.1:8000]
   RewriteRule ^/api/0\.6/(nodes|ways|relations)$ - [H=fcgi:127.0.0.1:8000]
 </VirtualHost>
+<% end -%>
index 8effc61..0312712 100644 (file)
   #
   <Proxy balancer://backend>
     ProxySet lbmethod=bybusyness
+<% if port == 443 -%>
+    BalancerMember https://rails1
+    BalancerMember https://rails2
+    BalancerMember https://rails3
+<% else -%>
     BalancerMember http://rails1
     BalancerMember http://rails2
     BalancerMember http://rails3
+<% end -%>
   </Proxy>
 <% if port == 80 -%>