Fix the permissions on the DOMAIN/provider.json file for static sites.

author: elijah <elijah@riseup.net> 2016-06-27 15:49:30 -0700
committer: elijah <elijah@riseup.net> 2016-06-27 16:15:26 -0700
commit: b21a3e9126a1734b2cea975e57b5c9e8206f12fa (patch)
tree: 98d974e139f5068cd9189c2419e364846c73b411 /puppet/modules/site_static/templates
parent: 46f1c8ee0a12971b0d1b80eb7300941f9d696aa2 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index 6b969d1c..b3e5fc09 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -23,6 +23,10 @@
   bootstrap_client = scope.lookupvar('site_static::bootstrap_client')
 -%>
 
+<Directory "/srv/static/public/">
+  Require all granted
+</Directory>
+
 <VirtualHost *:80>
   ServerName <%= @domain %>
   ServerAlias www.<%= @domain %>
@@ -46,7 +50,7 @@
   #RewriteLogLevel 3
 
   Include include.d/ssl_common.inc
-  
+
 <%- if @tls_only -%>
   Header always set Strict-Transport-Security: "max-age=15768000;includeSubdomains"
 <%- end -%>
@@ -63,7 +67,7 @@
   AccessFileName .htaccess
 
 <%- if ([@aliases]+[@domain]).flatten.include?(bootstrap_domain) -%>
-  Alias /provider.json /srv/leap/provider.json
+  Alias /provider.json /srv/static/public/provider.json
   <Location /provider.json>
     Header set X-Minimum-Client-Version <%= bootstrap_client['min'] %>
   </Location>
author	elijah <elijah@riseup.net>	2016-06-27 15:49:30 -0700
committer	elijah <elijah@riseup.net>	2016-06-27 16:15:26 -0700
commit	b21a3e9126a1734b2cea975e57b5c9e8206f12fa (patch)
tree	98d974e139f5068cd9189c2419e364846c73b411 /puppet/modules/site_static/templates
parent	46f1c8ee0a12971b0d1b80eb7300941f9d696aa2 (diff)