From b6f65282483b354d4fe11452f67ddf33c802e7e4 Mon Sep 17 00:00:00 2001 From: Sergio Oliveira Date: Wed, 9 Sep 2015 15:26:44 -0300 Subject: [PATCH] Redirect alternatives domains to main --- config/local/config.yaml | 4 ++++ cookbooks/reverse_proxy/recipes/default.rb | 14 ++++++++++++++ cookbooks/reverse_proxy/templates/redirect.conf.erb | 17 +++++++++++++++++ 3 files changed, 35 insertions(+), 0 deletions(-) create mode 100644 cookbooks/reverse_proxy/templates/redirect.conf.erb diff --git a/config/local/config.yaml b/config/local/config.yaml index 5a930a3..6501497 100644 --- a/config/local/config.yaml +++ b/config/local/config.yaml @@ -2,6 +2,10 @@ admins: - ["Paulo Meirelles", "paulo@softwarelivre.org"] site_url: https://softwarepublico.dev external_hostname: softwarepublico.dev +alternative_hostnames: + - www.softwarepublico.dev + - beta.softwarepublico.dev + - portal.softwarepublico.dev external_ip: 10.10.10.6 colab_from_address: '"Portal do Software Publico" ' server_email: '"Portal do Software Publico" ' diff --git a/cookbooks/reverse_proxy/recipes/default.rb b/cookbooks/reverse_proxy/recipes/default.rb index 20ece6a..379dcbe 100644 --- a/cookbooks/reverse_proxy/recipes/default.rb +++ b/cookbooks/reverse_proxy/recipes/default.rb @@ -29,3 +29,17 @@ template '/etc/nginx/conf.d/reverse_proxy.conf' do mode 0644 notifies :restart, 'service[nginx]' end + +template '/etc/nginx/conf.d/redirect.conf' do + owner 'root' + group 'root' + mode 0644 + notifies :restart, 'service[nginx]' + only_if { node['config']['alternative_hostnames'] } +end + +file '/etc/nginx/conf.d/redirect.conf' do + action :delete + notifies :restart, 'service[nginx]' + not_if { node['config']['alternative_hostnames'] } +end diff --git a/cookbooks/reverse_proxy/templates/redirect.conf.erb b/cookbooks/reverse_proxy/templates/redirect.conf.erb new file mode 100644 index 0000000..40c70c8 --- /dev/null +++ b/cookbooks/reverse_proxy/templates/redirect.conf.erb @@ -0,0 +1,17 @@ + +server { + listen *:80; + listen *:443 ssl; + + server_name <% node['config']['alternative_hostnames'].each do |hostname| -%><%= hostname %> <% end %>; + + ssl_certificate /etc/nginx/<%= node['config']['external_hostname'] %>.crt; + ssl_certificate_key /etc/nginx/<%= node['config']['external_hostname'] %>.key; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 5m; + ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + rewrite ^ <%= node['config']['site_url']%>$request_uri?; +} -- libgit2 0.21.2