From abdeb8abcc779ec996fd57f0fa4978dce4565a8f Mon Sep 17 00:00:00 2001 From: Grant Slater Date: Fri, 11 Aug 2023 15:32:22 +0100 Subject: [PATCH] civicrm: move aliases out to redirect to avoid session issues --- cookbooks/civicrm/recipes/default.rb | 12 +++++-- .../civicrm/templates/default/apache.erb | 33 +++++++++++++++++++ cookbooks/donate/templates/default/apache.erb | 2 +- 3 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 cookbooks/civicrm/templates/default/apache.erb diff --git a/cookbooks/civicrm/recipes/default.rb b/cookbooks/civicrm/recipes/default.rb index 8858217b7..0a7ae17b8 100644 --- a/cookbooks/civicrm/recipes/default.rb +++ b/cookbooks/civicrm/recipes/default.rb @@ -47,12 +47,20 @@ mysql_database "civicrm" do permissions "civicrm@localhost" => :all end +ssl_certificate "join.osmfoundation.org" do + domains [ "join.osmfoundation.org", "crm.osmfoundation.org", + "supporting.osmfoundation.org", "support.osmfoundation.org", + "support.openstreetmap.org", "supporting.osm.org", + "support.osm.org"] + notifies :reload, "service[apache2]" +end + apache_site "join.osmfoundation.org" do - action :disable + template "apache.erb" end wordpress_site "supporting.openstreetmap.org" do - aliases ["join.osmfoundation.org", "crm.osmfoundation.org", "supporting.osmfoundation.org", "support.osmfoundation.org", "support.openstreetmap.org", "supporting.osm.org", "support.osm.org"] + # Do not add aliases as this causes issues with civicrm PHP sessions database_name "civicrm" database_user "civicrm" database_password database_password diff --git a/cookbooks/civicrm/templates/default/apache.erb b/cookbooks/civicrm/templates/default/apache.erb new file mode 100644 index 000000000..dd6112f12 --- /dev/null +++ b/cookbooks/civicrm/templates/default/apache.erb @@ -0,0 +1,33 @@ +# DO NOT EDIT - This file is being maintained by Chef + +<% [80, 443].each do |port| -%> +> + + ServerName join.osmfoundation.org + ServerAlias crm.osmfoundation.org + ServerAlias supporting.osmfoundation.org + ServerAlias support.osmfoundation.org + ServerAlias support.openstreetmap.org + ServerAlias supporting.osm.org + ServerAlias support.osm.org + + ServerAdmin webmaster@openstreetmap.org + +<% if port == 80 -%> + RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ + RedirectPermanent / https://supporting.openstreetmap.org/ +<% end -%> +<% if port == 443 -%> + SSLEngine on + SSLCertificateFile /etc/ssl/certs/join.osmfoundation.org.pem + SSLCertificateKeyFile /etc/ssl/private/join.osmfoundation.org.key + + RedirectMatch . https://supporting.openstreetmap.org/ + <% end -%> + + CustomLog /var/log/apache2/join.osmfoundation.org-access.log combined + ErrorLog /var/log/apache2/join.osmfoundation.org-error.log + + + +<% end -%> diff --git a/cookbooks/donate/templates/default/apache.erb b/cookbooks/donate/templates/default/apache.erb index 936303285..8cb886e91 100644 --- a/cookbooks/donate/templates/default/apache.erb +++ b/cookbooks/donate/templates/default/apache.erb @@ -12,7 +12,7 @@ <% if port == 80 -%> RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ - RedirectPermanent / https://donate.openstreetmap.org/ + RedirectPermanent / https://supporting.openstreetmap.org/ <% end -%> <% if port == 443 -%> SSLEngine on -- 2.43.2