From 891d124699c14c4b91f8924d06dd2af8697e6e87 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sat, 11 Feb 2017 19:51:44 +0000 Subject: [PATCH 1/1] Switch wordpress sites to letsencrypt certificates --- cookbooks/blog/recipes/default.rb | 2 -- cookbooks/wordpress/providers/site.rb | 4 +--- cookbooks/wordpress/resources/site.rb | 2 -- cookbooks/wordpress/templates/default/apache.erb | 12 ++---------- 4 files changed, 3 insertions(+), 17 deletions(-) diff --git a/cookbooks/blog/recipes/default.rb b/cookbooks/blog/recipes/default.rb index 02479580b..33e34dbb7 100644 --- a/cookbooks/blog/recipes/default.rb +++ b/cookbooks/blog/recipes/default.rb @@ -34,8 +34,6 @@ wordpress_site "blog.openstreetmap.org" do "blog.openstreetmap.net", "blog.openstreetmaps.org", "blog.osmfoundation.org"] ssl_enabled true - ssl_certificate "osmfoundation" - ssl_certificate_chain "startcom" directory "/srv/blog.openstreetmap.org/wp" database_name "osm-blog" database_user "osm-blog-user" diff --git a/cookbooks/wordpress/providers/site.rb b/cookbooks/wordpress/providers/site.rb index 25c5aadb2..0920fe9c1 100644 --- a/cookbooks/wordpress/providers/site.rb +++ b/cookbooks/wordpress/providers/site.rb @@ -134,9 +134,7 @@ action :create do directory site_directory variables :aliases => Array(new_resource.aliases), :urls => new_resource.urls, - :ssl_enabled => new_resource.ssl_enabled, - :ssl_certificate => new_resource.ssl_certificate, - :ssl_certificate_chain => new_resource.ssl_certificate_chain + :ssl_enabled => new_resource.ssl_enabled reload_apache false end diff --git a/cookbooks/wordpress/resources/site.rb b/cookbooks/wordpress/resources/site.rb index 9b5e4dabf..a5e19a1ef 100644 --- a/cookbooks/wordpress/resources/site.rb +++ b/cookbooks/wordpress/resources/site.rb @@ -29,8 +29,6 @@ attribute :database_user, :kind_of => String, :required => true attribute :database_password, :kind_of => String, :required => true attribute :database_prefix, :kind_of => String, :default => "wp_" attribute :ssl_enabled, :kind_of => [TrueClass, FalseClass], :default => false -attribute :ssl_certificate, :kind_of => String -attribute :ssl_certificate_chain, :kind_of => String attribute :urls, :kind_of => Hash, :default => {} attribute :reload_apache, :kind_of => [TrueClass, FalseClass], :default => true diff --git a/cookbooks/wordpress/templates/default/apache.erb b/cookbooks/wordpress/templates/default/apache.erb index b62705100..6281fc2db 100644 --- a/cookbooks/wordpress/templates/default/apache.erb +++ b/cookbooks/wordpress/templates/default/apache.erb @@ -24,17 +24,9 @@ ServerAdmin webmaster@openstreetmap.org - # - # Enable SSL - # SSLEngine on -<% if @ssl_certificate -%> - SSLCertificateFile /etc/ssl/certs/<%= @ssl_certificate %>.pem - SSLCertificateKeyFile /etc/ssl/private/<%= @ssl_certificate %>.key -<% end -%> -<% if @ssl_certificate -%> - SSLCertificateChainFile /etc/ssl/certs/<%= @ssl_certificate_chain %>.pem -<% end -%> + SSLCertificateFile /etc/ssl/certs/<%= @name %>.pem + SSLCertificateKeyFile /etc/ssl/private/<%= @name %>.key CustomLog /var/log/apache2/<%= @name %>-access.log combined ErrorLog /var/log/apache2/<%= @name %>-error.log -- 2.43.2