# limitations under the License.
#
-include_recipe "apache"
+include_recipe "apache::ssl"
blocks = data_bag_item("cgiirc", "blocks")
variables :blocks => blocks["addresses"]
end
+ssl_certificate "irc.openstreetmap.org" do
+ domains "irc.openstreetmap.org"
+ fallback_certificate "openstreetmap"
+ notifies :reload, "service[apache2]"
+end
+
apache_site "irc.openstreetmap.org" do
template "apache.erb"
end
# DO NOT EDIT - This file is being maintained by Chef
-<VirtualHost *:80>
+<VirtualHost *:443>
ServerName <%= @name %>
ServerAdmin webmaster@openstreetmap.org
+ SSLEngine on
+ SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
CustomLog /var/log/apache2/<%= @name %>-access.log combined
ErrorLog /var/log/apache2/<%= @name %>-error.log
SetEnv no-gzip
</IfModule>
</VirtualHost>
+
+<VirtualHost *:80>
+ ServerName <%= @name %>
+ ServerAdmin webmaster@openstreetmap.org
+
+ CustomLog /var/log/apache2/<%= @name %>-access.log combined
+ ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+ RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
projects / chef.git / commitdiff