Add https support for git.osm.org

author Tom Hughes <tom@compton.nu>

Sat, 10 Feb 2018 17:42:52 +0000 (17:42 +0000)

committer Tom Hughes <tom@compton.nu>

Sat, 10 Feb 2018 17:57:35 +0000 (17:57 +0000)
author Tom Hughes <tom@compton.nu>
Sat, 10 Feb 2018 17:42:52 +0000 (17:42 +0000)
committer Tom Hughes <tom@compton.nu>
Sat, 10 Feb 2018 17:57:35 +0000 (17:57 +0000)
diff --git a/cookbooks/git/recipes/web.rb b/cookbooks/git/recipes/web.rb

index 09954bf1dcb3d983a56ba2add82248d1e66c9374..8eb83bf155feef1a6c069e0b75bbb563057cb6a1 100644 (file)
--- a/cookbooks/git/recipes/web.rb
+++ b/cookbooks/git/recipes/web.rb
@@ -33,13 +33,14 @@ template "/etc/gitweb.conf" do
  end
  
  ssl_certificate node[:git][:host] do
-  domains node[:git][:host]
+  domains [node[:git][:host]] + Array(node[:git][:aliases])
    notifies :reload, "service[apache2]"
  end
  
  apache_site node[:git][:host] do
    template "apache.erb"
    directory git_directory
+  variables :aliases => Array(node[:git][:aliases])
  end
  
  template "#{git_directory}/robots.txt" do
diff --git a/cookbooks/git/templates/default/apache.erb b/cookbooks/git/templates/default/apache.erb

index 21e0aa077d8dea19edfe6af165b615b250860617..c7f85c821376443826e3bb0fed8a262c3c83777f 100644 (file)
--- a/cookbooks/git/templates/default/apache.erb
+++ b/cookbooks/git/templates/default/apache.erb
@@ -1,38 +1,60 @@
  # DO NOT EDIT - This file is being maintained by Chef
  
  <VirtualHost *:80>
-       ServerName <%= @name %>
-       ServerAdmin webmaster@openstreetmap.org
+        ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+        ServerAlias <%= alias_name %>
+<% end -%>
+        ServerAdmin webmaster@openstreetmap.org
  
-       CustomLog /var/log/apache2/<%= @name %>-access.log combined
-       ErrorLog /var/log/apache2/<%= @name %>-error.log
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
  
-       RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
-       RedirectPermanent / https://<%= @name %>/
+        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+        RedirectPermanent / https://<%= @name %>/
  </VirtualHost>
  
+<% unless @aliases.empty? -%>
  <VirtualHost *:443>
-       ServerName <%= @name %>
-       ServerAdmin webmaster@openstreetmap.org
+        ServerName <%= @aliases.first %>
+<% @aliases.slice(1..-1).each do |alias_name| -%>
+        ServerAlias <%= alias_name %>
+<% end -%>
+        ServerAdmin webmaster@openstreetmap.org
  
-       SSLEngine on
-       SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
-       SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
  
-       CustomLog /var/log/apache2/<%= @name %>-access.log combined
-       ErrorLog /var/log/apache2/<%= @name %>-error.log
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
  
-       DocumentRoot <%= @directory %>
-       HeaderName HEADER
-       Alias /gitweb /usr/share/gitweb
-       Alias /git /var/cache/git
-       ScriptAlias /gitweb.cgi /usr/lib/cgi-bin/gitweb.cgi
+        RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
+<% end -%>
+<VirtualHost *:443>
+        ServerName <%= @name %>
+        ServerAdmin webmaster@openstreetmap.org
+
+        SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+        DocumentRoot <%= @directory %>
+        HeaderName HEADER
+        Alias /gitweb /usr/share/gitweb
+        Alias /git /var/cache/git
+        ScriptAlias /gitweb.cgi /usr/lib/cgi-bin/gitweb.cgi
  
-       RewriteEngine On
-       RewriteRule ^/$ /gitweb.cgi%{REQUEST_URI} [L,PT]
-       RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /gitweb.cgi%{REQUEST_URI} [L,PT]
+        RewriteEngine On
+        RewriteRule ^/$ /gitweb.cgi%{REQUEST_URI} [L,PT]
+        RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /gitweb.cgi%{REQUEST_URI} [L,PT]
  </VirtualHost>
  
  <Directory <%= @directory %>>
-       Require all granted
+        Require all granted
  </Directory>
diff --git a/roles/git.rb b/roles/git.rb

index 048490aac98365f432821bcf08a5242e5817e5a2..09b95cbf11273d5ef9d4b2e39ec965b8d783d934 100644 (file)
--- a/roles/git.rb
+++ b/roles/git.rb
@@ -20,6 +20,7 @@ default_attributes(
    },
    :git => {
      :host => "git.openstreetmap.org",
+    :aliases => ["git.osm.org"],
      :backup => "git"
    }
  )
author	Tom Hughes <tom@compton.nu>
	Sat, 10 Feb 2018 17:42:52 +0000 (17:42 +0000)
committer	Tom Hughes <tom@compton.nu>
	Sat, 10 Feb 2018 17:57:35 +0000 (17:57 +0000)
cookbooks/git/recipes/web.rb		patch \| blob \| history
cookbooks/git/templates/default/apache.erb		patch \| blob \| history
roles/git.rb		patch \| blob \| history