static: add default site
If you currently hit https://static.opendev.org you get redirected to the default site, which is just the first site in alphabetical order, which happens to be governance.openstack.org. Add a 00-static.opendev.org.conf file so this is the default site. It will just serve up the top-level afs directory. Change-Id: Icdcee962b76545c12e84d4cadb0b60a68cabe38b
This commit is contained in:
parent
2f1b2f3eae
commit
b2eb6c7003
|
@ -0,0 +1,43 @@
|
||||||
|
Define AFS_ROOT /afs/openstack.org/
|
||||||
|
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName static.opendev.org
|
||||||
|
ServerAlias static.openstack.org
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule ^/(.*) https://static.opendev.org/$1 [last,redirect=permanent]
|
||||||
|
LogLevel warn
|
||||||
|
ErrorLog /var/log/apache2/static.opendev.org_error.log
|
||||||
|
CustomLog /var/log/apache2/static.opendev.org_access.log combined
|
||||||
|
ServerSignature Off
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<IfModule mod_ssl.c>
|
||||||
|
<VirtualHost *:443>
|
||||||
|
|
||||||
|
ServerName static.opendev.org
|
||||||
|
ServerAlias static.openstack.org
|
||||||
|
|
||||||
|
DocumentRoot ${AFS_ROOT}
|
||||||
|
|
||||||
|
SSLCertificateFile /etc/letsencrypt-certs/static.opendev.org/static.opendev.org.cer
|
||||||
|
SSLCertificateKeyFile /etc/letsencrypt-certs/static.opendev.org/static.opendev.org.key
|
||||||
|
SSLCertificateChainFile /etc/letsencrypt-certs/static.opendev.org/ca.cer
|
||||||
|
SSLProtocol All -SSLv2 -SSLv3
|
||||||
|
# Note: this list should ensure ciphers that provide forward secrecy
|
||||||
|
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
|
||||||
|
SSLHonorCipherOrder on
|
||||||
|
|
||||||
|
<Directory ${AFS_ROOT}>
|
||||||
|
Options Indexes FollowSymLinks MultiViews
|
||||||
|
AllowOverrideList Redirect RedirectMatch
|
||||||
|
Satisfy Any
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
LogLevel warn
|
||||||
|
ErrorLog /var/log/apache2/static.opendev.org_error.log
|
||||||
|
CustomLog /var/log/apache2/static.opendev.org_access.log combined
|
||||||
|
ServerSignature Off
|
||||||
|
|
||||||
|
</VirtualHost>
|
||||||
|
</IfModule>
|
|
@ -50,11 +50,28 @@
|
||||||
state: present
|
state: present
|
||||||
name: headers
|
name: headers
|
||||||
|
|
||||||
- name: Make sure default site disabled
|
|
||||||
|
# Default site
|
||||||
|
- name: Make sure packaged default site disabled
|
||||||
command: a2dissite 000-default.conf
|
command: a2dissite 000-default.conf
|
||||||
args:
|
args:
|
||||||
removes: /etc/apache2/sites-enabled/000-default.conf
|
removes: /etc/apache2/sites-enabled/000-default.conf
|
||||||
|
|
||||||
|
- name: Add custom default site
|
||||||
|
copy:
|
||||||
|
src: 00-static.opendev.org.conf
|
||||||
|
dest: /etc/apache2/sites-available/
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Enable static.opendev.org
|
||||||
|
command: a2ensite 00-static.opendev.org
|
||||||
|
args:
|
||||||
|
creates: /etc/apache2/sites-enabled/00-static.opendev.org
|
||||||
|
notify:
|
||||||
|
- Reload apache2
|
||||||
|
|
||||||
# governance.openstack.org
|
# governance.openstack.org
|
||||||
- name: Install governance.openstack.org
|
- name: Install governance.openstack.org
|
||||||
copy:
|
copy:
|
||||||
|
|
|
@ -20,6 +20,12 @@ def test_apache(host):
|
||||||
apache = host.service('apache2')
|
apache = host.service('apache2')
|
||||||
assert apache.is_running
|
assert apache.is_running
|
||||||
|
|
||||||
|
def test_static_opendev_org(host):
|
||||||
|
cmd = host.run('curl --insecure '
|
||||||
|
'--resolve static.opendev.org:443:127.0.0.1 '
|
||||||
|
'https://static.opendev.org/')
|
||||||
|
assert 'Index of /' in cmd.stdout
|
||||||
|
|
||||||
def test_governance_openstack_org(host):
|
def test_governance_openstack_org(host):
|
||||||
cmd = host.run('curl --insecure '
|
cmd = host.run('curl --insecure '
|
||||||
'--resolve governance.openstack.org:443:127.0.0.1 '
|
'--resolve governance.openstack.org:443:127.0.0.1 '
|
||||||
|
|
Loading…
Reference in New Issue