[Systems] git.sugarlabs.org Secure Connection Failed

Bernie Innocenti bernie at codewiz.org
Mon May 11 20:46:13 EDT 2015


FOUND! The solution was to move a virtualhost defined in 
conf.d/000-default.conf to sites-enabled/000-default and split it in two 
separate hosts, one for port 80 and one for port 443.

I *think* I didn't break anything else, but please double check. The 
details of my change are in commit 6b78a6d4306 of etckeeper.

This could be further improved by moving all the stuff in common between 
http and https to a shared include file.

On 05/11/2015 08:14 PM, Bernie Innocenti wrote:
> The Apache error.log is huge because debug logging was enabled in
> sites-available/default-common.inc. I reduced it to 'warn'.
>
> On 05/11/2015 08:10 PM, Bernie Innocenti wrote:
>> On 05/11/2015 08:08 PM, Bernie Innocenti wrote:
>>> Jita is listening for plain HTTP connections on port 443 :-/
>>>
>>> On first inspection, the Apache virtualhost config seems correct:
>>>
>>> <VirtualHost *:443>
>>>      Include "/etc/apache2/sites-available/default-common.inc"
>>>      Include "/etc/apache2/sites-available/ssl-common.inc"
>>>
>>>          ServerName src.sugarlabs.org
>>>          ServerAlias src.sugarlabs.*
>>>          DocumentRoot /srv/gitorious/repositories-mirror
>>>
>>>          <Directory /srv/gitorious/repositories-mirror>
>>>                  Options FollowSymLinks Indexes
>>>                  AllowOverride Options Indexes FileInfo
>>>          </Directory>
>>>
>>>          RedirectMatch permanent ^/(.*)\.git$        /$1
>>>          RedirectMatch permanent ^/(.*)\.git/(.*)$    /$1/$2
>>>
>>>      CustomLog /var/log/apache2/src.sugarlabs.org.log combined
>>> </VirtualHost>
>>
>> Pasted the wrong virtualhost. This is the git.sl.o one:
>>
>> <VirtualHost *:443>
>>      Include "/etc/apache2/sites-available/default-common.inc"
>>      Include "/etc/apache2/sites-available/ssl-common.inc"
>>      Include "/etc/apache2/sites-available/git.sugarlabs.org.inc"
>>
>>          ServerName git.sugarlabs.org
>>          ServerAlias git.sugarlabs.*
>>          DocumentRoot /srv/gitorious/app/public
>>
>>          RailsEnv production
>>          PassengerUser gitorious
>>          PassengerGroup gitorious
>>
>>          <Directory /srv/gitorious/app/public>
>>                  AllowOverride all
>>                  Options -MultiViews
>>          </Directory>
>>
>>      # Bots
>>      RewriteEngine On
>>      RewriteCond %{REQUEST_URI} /wp-login.php
>>      RewriteRule .* -
>> [F,E=force-response-1.0,E=downgrade-1.0,E=nokeepalive]
>>
>>      CustomLog /var/log/apache2/git.sugarlabs.org.log combined
>> </VirtualHost>
>>
>>
>
>


-- 
  _ // Bernie Innocenti
  \X/  http://codewiz.org


More information about the Systems mailing list