From 70ef187c93f9681cb15440ac4b772ca47ebaabad Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 11 Sep 2023 10:34:06 -0500 Subject: [PATCH] Enable osmcha Update apache rules for CORS Set CORS headers Set CORS option for cgimap Set CORS headers --- images/web/Dockerfile | 2 ++ images/web/config/lighttpd.conf | 7 ++++++- images/web/config/production.conf | 28 +++++++++++++++++++--------- values.staging.template.yaml | 2 +- 4 files changed, 28 insertions(+), 11 deletions(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index a7f44cfa..0fe062b4 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -88,6 +88,8 @@ RUN apt-get update && apt-get install -y libapache2-mod-passenger lighttpd # Enable the Passenger Apache module and restart Apache RUN echo "ServerName $(cat /etc/hostname)" >> /etc/apache2/apache2.conf RUN a2enmod passenger +RUN a2enmod headers +RUN a2enmod setenvif # Check installation RUN /usr/bin/passenger-config validate-install diff --git a/images/web/config/lighttpd.conf b/images/web/config/lighttpd.conf index 85520b80..3e11ed9a 100644 --- a/images/web/config/lighttpd.conf +++ b/images/web/config/lighttpd.conf @@ -7,7 +7,12 @@ server.port = 81 server.reject-expect-100-with-417 = "disable" # selecting modules -server.modules = ( "mod_access", "mod_rewrite", "mod_fastcgi", "mod_proxy", "mod_alias" ) +server.modules = ( "mod_access", "mod_rewrite", "mod_fastcgi", "mod_proxy", "mod_alias", "mod_setenv" ) # Added mod_setenv + +# Add CORS headers to all responses +setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*", + "Access-Control-Allow-Methods" => "GET, POST, PUT, OPTIONS", + "Access-Control-Allow-Headers" => "origin, x-requested-with, content-type" ) # handling unknown routes server.error-handler-404 = "/dispatch.map" diff --git a/images/web/config/production.conf b/images/web/config/production.conf index 9920645f..79db2d19 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -1,40 +1,50 @@ # ServerName localhost + # Tell Apache and Passenger where your app's 'public' directory is DocumentRoot /var/www/public PassengerRuby /usr/bin/ruby + RewriteEngine On - RewriteCond %{HTTP:X-Forwarded-Proto} =http - # Development mode in case domain is localhost + + # Development mode in case domain is localhost # Rewrite to HTTPS + RewriteCond %{HTTP:X-Forwarded-Proto} =http RewriteCond %{HTTP_HOST} !=localhost RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] + # Rewrite to www. [NC] is a case-insensitive match RewriteCond %{HTTP_HOST} !=localhost - # Avoid redirect staging sites RewriteCond %{HTTP_HOST} !=staging.openhistoricalmap.org RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - # ======Redirect trafict to CGIMAP==== + # ======Redirect traffic to CGIMAP==== # Rules to redirect to port 81 RewriteCond %{REQUEST_URI} ^/api/0\.6/map RewriteRule ^.*$ http://127.0.0.1:81%{REQUEST_URI} [P,L] + # Existing rewrites RewriteRule ^0\.6/map$ - [L,H=fcgi:127.0.0.1:81] RewriteRule ^0\.6/(nodes|ways|relations)$ - [L,H=fcgi:127.0.0.1:81] RewriteRule ^0\.6/(way|relation)/([^/]+)/full$ - [L,H=fcgi:127.0.0.1:81] - + # If no match found, fall through to port 80 RewriteCond %{REQUEST_METHOD} ^(GET|HEAD)$ RewriteRule ^0\.6/(node|way|relation)/([^/]+)$ - [L,H=fcgi:127.0.0.1:80] + # Set CORS headers for any request within openhistoricalmap.org + Header set Access-Control-Allow-Origin "*" + Header set Access-Control-Allow-Methods "GET, POST, OPTIONS" + Header set Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" + Header set Access-Control-Expose-Headers "Content-Length,Content-Range" + # Relax Apache security settings - AllowOverride None - Allow from all - Options -MultiViews + AllowOverride None + Require all granted + # Allow from all + Options -MultiViews - diff --git a/values.staging.template.yaml b/values.staging.template.yaml index 4b2cddeb..3bf59c4f 100644 --- a/values.staging.template.yaml +++ b/values.staging.template.yaml @@ -742,7 +742,7 @@ osm-seed: # Variables for changeset-replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== osmchaDb: - enabled: true + enabled: false env: POSTGRES_DB: {{STAGING_OSMCHA_PG_DATABASE}} POSTGRES_USER: {{STAGING_OSMCHA_PG_USER}}