From: Tom Hughes Date: Sat, 11 Feb 2017 20:27:37 +0000 (+0000) Subject: Switch stateofthemap.org to letsencrypt X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/ea44451a0f5505966a3783e82b728e865552ecb2 Switch stateofthemap.org to letsencrypt --- diff --git a/cookbooks/stateofthemap/recipes/default.rb b/cookbooks/stateofthemap/recipes/default.rb index 00e314bed..a707e0c72 100644 --- a/cookbooks/stateofthemap/recipes/default.rb +++ b/cookbooks/stateofthemap/recipes/default.rb @@ -29,6 +29,12 @@ git "/srv/stateofthemap.org" do group "root" end +ssl_certificate "stateofthemap.org" do + domains ["stateofthemap.org", "www.stateofthemap.org", + "stateofthemap.com", "www.stateofthemap.com"] + notifies :reload, "service[apache2]" +end + apache_site "stateofthemap.org" do template "apache.erb" directory "/srv/stateofthemap.org" diff --git a/cookbooks/stateofthemap/templates/default/apache.erb b/cookbooks/stateofthemap/templates/default/apache.erb index 53c3a79c8..7ed9d9251 100644 --- a/cookbooks/stateofthemap/templates/default/apache.erb +++ b/cookbooks/stateofthemap/templates/default/apache.erb @@ -10,6 +10,7 @@ CustomLog /var/log/apache2/stateofthemap.org-access.log combined ErrorLog /var/log/apache2/stateofthemap.org-error.log + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ RedirectPermanent / https://stateofthemap.org/ @@ -23,6 +24,8 @@ ErrorLog /var/log/apache2/stateofthemap.org-error.log SSLEngine on + SSLCertificateFile /etc/ssl/certs/stateofthemap.org.pem + SSLCertificateKeyFile /etc/ssl/private/stateofthemap.org.key RedirectPermanent / https://stateofthemap.org/ @@ -35,6 +38,8 @@ ErrorLog /var/log/apache2/stateofthemap.org-error.log SSLEngine on + SSLCertificateFile /etc/ssl/certs/stateofthemap.org.pem + SSLCertificateKeyFile /etc/ssl/private/stateofthemap.org.key DocumentRoot /srv/stateofthemap.org/html