kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Fix the Let's Encrypt setup for mediawiki

Browse Source
This commit is contained in:
Greg Karékinian 2017-06-19 18:40:20 +02:00
parent edca6608c7
commit 0bb6204a0d
2 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
site-cookbooks/kosmos-mediawiki/recipes/default.rb
View File

@ -47,6 +47,13 @@ cookbook_file "#{node['mediawiki']['webdir']}/skins/common/images/kosmos.png" do
mode 0640 mode 0640
end end
directory "#{node['mediawiki']['webdir']}/.well-known/acme-challenge" do
owner node["nginx"]["user"]
group node["nginx"]["group"]
recursive true
action :create
end
include_recipe "mediawiki" include_recipe "mediawiki"
include_recipe "kosmos-nginx" include_recipe "kosmos-nginx"
include_recipe "mediawiki::nginx" include_recipe "mediawiki::nginx"

22
site-cookbooks/kosmos-mediawiki/templates/default/nginx.conf.erb
View File

@ -1,5 +1,18 @@
server { server {
listen 80; listen 80;
server_name <%= @server_name %>;
access_log /var/log/nginx/<%= @server_name %>.access.log;
error_log /var/log/nginx/<%= @server_name %>.error.log;
location /.well-known {
root <%= @docroot %>;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%> <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
listen 443 ssl; listen 443 ssl;
<% end -%> <% end -%>
@ -13,15 +26,6 @@ server {
location / { location / {
try_files $uri $uri/ /index.php?$args; try_files $uri $uri/ /index.php?$args;
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
set $redirect_to_ssl "no";
if ($ssl_protocol = "") {
set $redirect_to_ssl "yes";
}
if ($redirect_to_ssl = yes) {
rewrite ^(.*) https://$host$1 permanent;
}
<% end -%>
} }
location ~ \.php$ { location ~ \.php$ {