From 21215b4694db988a3e31a285f2b291a5f42bbf14 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 28 Oct 2014 10:34:18 +0000
Subject: [PATCH] Update apache config for 2.4

---
 cookbooks/dev/recipes/default.rb              | 11 +++++---
 .../dev/templates/default/apache.apis.erb     |  4 +++
 .../dev/templates/default/apache.rails.erb    | 28 +++++++++++++------
 .../dev/templates/default/apache.user.erb     | 16 ++---------
 cookbooks/dev/templates/default/fpm.conf.erb  |  7 +----
 5 files changed, 35 insertions(+), 31 deletions(-)

diff --git a/cookbooks/dev/recipes/default.rb b/cookbooks/dev/recipes/default.rb
index ef8e2dc77..fa2c8081b 100644
--- a/cookbooks/dev/recipes/default.rb
+++ b/cookbooks/dev/recipes/default.rb
@@ -53,7 +53,8 @@ easy_install_package "geojson"
 
 apache_module "env"
 apache_module "expires"
-apache_module "fastcgi-handler"
+apache_module "proxy"
+apache_module "proxy_fcgi"
 apache_module "rewrite"
 apache_module "wsgi"
 
@@ -64,6 +65,7 @@ gem_package "rails" do
 end
 
 service "php5-fpm" do
+  provider Chef::Provider::Service::Upstart
   action [ :enable, :start ]
   supports :status => true, :restart => true, :reload => true
 end
@@ -90,7 +92,7 @@ template "/etc/phppgadmin/config.inc.php" do
   mode 0644
 end
 
-link "/etc/apache2/conf.d/phppgadmin" do
+file "/etc/apache2/conf.d/phppgadmin" do
   action :delete
 end
 
@@ -101,6 +103,7 @@ end
 search(:accounts, "*:*").each do |account|
   name = account["id"]
   details = node[:accounts][:users][name] || {}
+  port = 7000 + account["uid"].to_i
 
   if ["user","administrator"].include?(details[:status])
     user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name.to_s}"
@@ -111,14 +114,14 @@ search(:accounts, "*:*").each do |account|
         owner "root"
         group "root"
         mode 0644
-        variables :user => name
+        variables :user => name, :port => port
         notifies :reload, "service[php5-fpm]"
       end
 
       apache_site "#{name}.dev.openstreetmap.org" do
         template "apache.user.erb"
         directory "#{user_home}/public_html"
-        variables :user => name
+        variables :user => name, :port => port
       end
     end
   end
diff --git a/cookbooks/dev/templates/default/apache.apis.erb b/cookbooks/dev/templates/default/apache.apis.erb
index 3e53b00f0..1afec5c93 100644
--- a/cookbooks/dev/templates/default/apache.apis.erb
+++ b/cookbooks/dev/templates/default/apache.apis.erb
@@ -9,3 +9,7 @@
 	CustomLog /var/log/apache2/apis.dev.openstreetmap.org-access.log combined
 	ErrorLog /var/log/apache2/apis.dev.openstreetmap.org-error.log
 </VirtualHost>
+
+<Directory /srv/apis.dev.openstreetmap.org>
+	Require all granted
+</Directory>
diff --git a/cookbooks/dev/templates/default/apache.rails.erb b/cookbooks/dev/templates/default/apache.rails.erb
index 4874416c3..7301fd834 100644
--- a/cookbooks/dev/templates/default/apache.rails.erb
+++ b/cookbooks/dev/templates/default/apache.rails.erb
@@ -1,18 +1,30 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
 <VirtualHost *:80>
-	ServerName <%= @name %>
+        ServerName <%= @name %>
 <% @aliases.each do |alias_name| -%>
-	ServerAlias <%= alias_name %>
+        ServerAlias <%= alias_name %>
 <% end -%>
-	ServerAdmin webmaster@openstreetmap.org
+        ServerAdmin webmaster@openstreetmap.org
 
-	DocumentRoot /srv/<%= @name %>/public
+        DocumentRoot /srv/<%= @name %>/public
 
-	CustomLog /var/log/apache2/<%= @name %>-access.log combined
-	ErrorLog /var/log/apache2/<%= @name %>-error.log
+        CustomLog /var/log/apache2/<%= @name %>-access.log combined
+        ErrorLog /var/log/apache2/<%= @name %>-error.log
 
-	RailsEnv production
+        RailsEnv production
 
-	SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
+        SetEnv SECRET_KEY_BASE <%= @secret_key_base %>
 </VirtualHost>
+
+<Directory /srv/<%= @name %>/public>
+        Require all granted
+</Directory>
+
+<Directory /srv/<%= @name %>/app/assets>
+        Require all granted
+</Directory>
+
+<Directory /srv/<%= @name %>/vendor/assets>
+        Require all granted
+</Directory>
diff --git a/cookbooks/dev/templates/default/apache.user.erb b/cookbooks/dev/templates/default/apache.user.erb
index 9b49158f9..f31ed4f61 100644
--- a/cookbooks/dev/templates/default/apache.user.erb
+++ b/cookbooks/dev/templates/default/apache.user.erb
@@ -26,27 +26,17 @@ WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivit
 	RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
 	RewriteRule ^/cgi-bin-d/(.*)$ /cgi-bin/cgiwrapd/~<%= @user %>/cgi-bin/$1 [PT,L]
 
-	<IfModule mod_fastcgi_handler.c>
-		<FilesMatch "\.ph(p3?|tml)$">
-			SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
-		</FilesMatch>
-		<FilesMatch "\.phps$">
-			SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
-		</FilesMatch>
-	</IfModule>
-
-	<IfModule !mod_fastcgi_handler.c>
-		RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
-		RewriteRule ^(.*\.php)$ /cgi-bin/php-cgiwrap/~<%= @user %>/$1 [PT,L]
-	</IfModule>
+	ProxyPassMatch ^/(.*\.ph(p|ps|p3|tml)(/.*)?)$ fcgi://127.0.0.1:<%= @port %><%= @directory %>/$1
 </VirtualHost>
 
 <Directory <%= @directory %>>
 	AllowOverride AuthConfig FileInfo Indexes Options=RailsBaseURI
 	Options SymLinksIfOwnerMatch Indexes Includes
+	Require all granted
 </Directory>
 
 <Directory <%= @directory %>/wsgi-bin>
 	SetHandler wsgi-script
 	Options ExecCGI SymLinksIfOwnerMatch
+	Require all granted
 </Directory>
diff --git a/cookbooks/dev/templates/default/fpm.conf.erb b/cookbooks/dev/templates/default/fpm.conf.erb
index a864c9250..523d8ca85 100644
--- a/cookbooks/dev/templates/default/fpm.conf.erb
+++ b/cookbooks/dev/templates/default/fpm.conf.erb
@@ -1,13 +1,8 @@
 ; DO NOT EDIT - This file is being maintained by Chef
 
 [<%= @user %>]
-listen = /var/run/php5-fpm-<%= @user %>.sock
-
+listen = 127.0.0.1:<%= @port %>
 listen.backlog = 256
- 
-listen.owner = www-data
-listen.group = www-data
-listen.mode = 0660
 
 user = <%= @user %>
 group = <%= @user %>
-- 
2.43.2