From: Grant Slater <git@firefishy.com>
Date: Sat, 4 Aug 2018 15:30:45 +0000 (+0100)
Subject: Teach subversion cookbook about site aliases
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/a7ac67b5bde2b06fd0626707930977d7ef3b305b?ds=sidebyside

Teach subversion cookbook about site aliases
---

diff --git a/cookbooks/subversion/recipes/default.rb b/cookbooks/subversion/recipes/default.rb
index 8ec5431ab..d2eb7dfea 100644
--- a/cookbooks/subversion/recipes/default.rb
+++ b/cookbooks/subversion/recipes/default.rb
@@ -21,7 +21,6 @@ include_recipe "apache"
 
 package "subversion"
 
-site_name = "svn.openstreetmap.org"
 repository_directory = "/var/lib/subversion/repos/openstreetmap"
 
 remote_directory "#{repository_directory}/hooks" do
@@ -51,15 +50,15 @@ apache_module "authz_svn" do
   package "libapache2-svn"
 end
 
-ssl_certificate site_name do
-  domains site_name
+ssl_certificate "svn.openstreetmap.org" do
+  domains ["svn.openstreetmap.org", "svn.osm.org"]
   notifies :reload, "service[apache2]"
 end
 
-apache_site site_name do
+apache_site "svn.openstreetmap.org" do
   template "apache.erb"
   directory repository_directory
-  variables :realm => "Subversion Repository", :password_file => "/etc/apache2/svn.passwd"
+  variables :realm => "Subversion Repository", :password_file => "/etc/apache2/svn.passwd", :aliases => ["svn.osm.org"]
 end
 
 template "/etc/cron.daily/svn-backup" do
diff --git a/cookbooks/subversion/templates/default/apache.erb b/cookbooks/subversion/templates/default/apache.erb
index 2ae7d0a19..251dbc8e4 100644
--- a/cookbooks/subversion/templates/default/apache.erb
+++ b/cookbooks/subversion/templates/default/apache.erb
@@ -1,45 +1,68 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
 <VirtualHost *:443>
-        ServerName <%= @name %>
-        ServerAdmin webmaster@openstreetmap.org
+  ServerName <%= @name %>
+  ServerAdmin webmaster@openstreetmap.org
 
-        SSLEngine on
-        SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
-        SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
-        CustomLog /var/log/apache2/<%= @name %>-svn-access.log "%h %t %u %{SVN-ACTION}e" env=SVN-ACTION
-        ErrorLog /var/log/apache2/<%= @name %>-error.log
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  CustomLog /var/log/apache2/<%= @name %>-svn-access.log "%h %t %u %{SVN-ACTION}e" env=SVN-ACTION
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-        <Location />
-                DAV svn
-                SVNPath <%= @directory %>
+  <Location />
+    DAV svn
+    SVNPath <%= @directory %>
 
-                AuthType Basic
-                AuthName "<%= @realm %>"
-                AuthUserFile <%= @password_file %>
+    AuthType Basic
+    AuthName "<%= @realm %>"
+    AuthUserFile <%= @password_file %>
 
-                LimitXMLRequestBody 0
-                LimitRequestBody 0
+    LimitXMLRequestBody 0
+    LimitRequestBody 0
 
-                <Limit GET PROPFIND OPTIONS REPORT>
-                        Require all granted
-                </Limit>
+    <Limit GET PROPFIND OPTIONS REPORT>
+      Require all granted
+    </Limit>
 
-                <LimitExcept GET PROPFIND OPTIONS REPORT>
-                        Require valid-user
-                </LimitExcept>
-        </Location>
+    <LimitExcept GET PROPFIND OPTIONS REPORT>
+      Require valid-user
+    </LimitExcept>
+  </Location>
 </VirtualHost>
+<% unless @aliases.empty? -%>
+
+<VirtualHost *:443>
+  ServerName <%= @aliases.first %>
+<% @aliases.drop(1).each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
+  ServerAdmin webmaster@openstreetmap.org
+
+  SSLEngine on
+  SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem
+  SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key
+
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+
+  RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+<% end -%>
 
 <VirtualHost *:80>
-        ServerName <%= @name %>
-        ServerAdmin webmaster@openstreetmap.org
+  ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
+
+  ServerAdmin webmaster@openstreetmap.org
 
-        CustomLog /var/log/apache2/<%= @name %>-access.log combined
-        ErrorLog /var/log/apache2/<%= @name %>-error.log
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-        RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
-        RedirectPermanent / https://<%= @name %>/
+  RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
+  RedirectPermanent / https://<%= @name %>/
 </VirtualHost>