From b21a3e9126a1734b2cea975e57b5c9e8206f12fa Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Mon, 27 Jun 2016 15:49:30 -0700
Subject: Fix the permissions on the DOMAIN/provider.json file for static
 sites.

---
 puppet/modules/site_static/templates/apache.conf.erb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'puppet/modules/site_static/templates')

diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index 6b969d1c..b3e5fc09 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -23,6 +23,10 @@
   bootstrap_client = scope.lookupvar('site_static::bootstrap_client')
 -%>
 
+<Directory "/srv/static/public/">
+  Require all granted
+</Directory>
+
 <VirtualHost *:80>
   ServerName <%= @domain %>
   ServerAlias www.<%= @domain %>
@@ -46,7 +50,7 @@
   #RewriteLogLevel 3
 
   Include include.d/ssl_common.inc
-  
+
 <%- if @tls_only -%>
   Header always set Strict-Transport-Security: "max-age=15768000;includeSubdomains"
 <%- end -%>
@@ -63,7 +67,7 @@
   AccessFileName .htaccess
 
 <%- if ([@aliases]+[@domain]).flatten.include?(bootstrap_domain) -%>
-  Alias /provider.json /srv/leap/provider.json
+  Alias /provider.json /srv/static/public/provider.json
   <Location /provider.json>
     Header set X-Minimum-Client-Version <%= bootstrap_client['min'] %>
   </Location>
-- 
cgit v1.2.3