Switch OTRS to letsencrypt
authorTom Hughes <tom@compton.nu>
Sun, 12 Feb 2017 10:52:09 +0000 (10:52 +0000)
committerTom Hughes <tom@compton.nu>
Sun, 12 Feb 2017 10:52:09 +0000 (10:52 +0000)
cookbooks/otrs/recipes/default.rb
cookbooks/otrs/templates/default/apache.erb

index c1a027e5656b8eb9d5670e4e776dc327bd1b4289..03eb43aa0f0abc63d1b5441985246d19ef2452e6 100644 (file)
@@ -139,6 +139,12 @@ Dir.glob("/opt/otrs/var/cron/*.dist") do |distname|
   end
 end
 
+ssl_certificate site do
+  domains site
+  fallback_certificate "openstreetmap"
+  notifies :reload, "service[apache2]"
+end
+
 apache_site site do
   template "apache.erb"
 end
index 3b889ce3d4980097a0e08cea63f1520b565555b1..e392d87652d6346a23175dc26dbf0e732b2c7605 100644 (file)
@@ -7,6 +7,7 @@
         CustomLog /var/log/apache2/<%= @name %>-access.log combined
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
+        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
         RedirectPermanent / https://otrs.openstreetmap.org/
 </VirtualHost>
 
@@ -18,6 +19,8 @@
         ErrorLog /var/log/apache2/<%= @name %>-error.log
 
         SSLEngine on
+        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
         ScriptAlias /otrs/ /opt/otrs/bin/cgi-bin/
         Alias /otrs-web/ /opt/otrs/var/httpd/htdocs/