Add certificate for opengeodata.org
authorGrant Slater <git@firefishy.com>
Sun, 26 Mar 2017 10:20:46 +0000 (11:20 +0100)
committerGrant Slater <git@firefishy.com>
Sun, 26 Mar 2017 10:20:46 +0000 (11:20 +0100)
cookbooks/blog/recipes/default.rb
cookbooks/blog/templates/default/opengeodata.erb

index e9440d7..83f022e 100644 (file)
@@ -91,6 +91,10 @@ git "/srv/blog.openstreetmap.org/static" do
   group "wordpress"
 end
 
+ssl_certificate "opengeodata.org" do
+  domains ["opengeodata.org", "www.opengeodata.org", "old.opengeodata.org"]
+  notifies :reload, "service[apache2]"
+end
 apache_site "opengeodata.org" do
   template "opengeodata.erb"
   directory "/srv/opengeodata.org"
index 43dbf01..1150145 100644 (file)
@@ -3,7 +3,7 @@
 <VirtualHost *:80>
   ServerName opengeodata.org
   ServerAlias www.opengeodata.org
-  ServerAlias old.opengeodata.org
+  ServerAlias old.opengeodata.org # https://blog.openstreetmap.org/2010/02/25/old-opengeodata-posts-now-up-at-old-opengeodata-org/
 
   ServerAdmin webmaster@openstreetmap.org
 
   ErrorLog /var/log/apache2/<%= @name %>-error.log
 
   RewriteEngine on
-  RewriteRule ^(.*/)index\.html$ http://blog.openstreetmap.org/$1 [R,L]
+  RewriteRule ^(.*/)index\.html$ https://blog.openstreetmap.org/$1 [R=permanent,L]
 
-  RedirectPermanent / http://blog.openstreetmap.org/
+  RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+  RedirectPermanent / https://blog.openstreetmap.org/
+</VirtualHost>
+
+<VirtualHost *:443>
+  ServerName opengeodata.org
+  ServerAlias www.opengeodata.org
+  ServerAlias old.opengeodata.org # https://blog.openstreetmap.org/2010/02/25/old-opengeodata-posts-now-up-at-old-opengeodata-org/
+
+  ServerAdmin webmaster@openstreetmap.org
+
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/opengeodata.org.pem
+  SSLCertificateKeyFile /etc/ssl/private/opengeodata.org.key
+
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+  RewriteEngine on
+  RewriteRule ^(.*/)index\.html$ https://blog.openstreetmap.org/$1 [R=permanent,L]
+
+  RedirectPermanent / https://blog.openstreetmap.org/
 </VirtualHost>