From 08b3569ed67d99f5eb3e2d1364230393f5408eee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miroslav=20Such=C3=BD?= <msuchy@redhat.com>
Date: Wed, 15 Jan 2014 13:31:55 +0000
Subject: [PATCH] setup copr-fe to use https

selfigned certs, not stored here.
It will be replaced in matter of days by properly signed certs, which we store in private repo
---
 files/copr/fe/httpd/coprs.conf                | 25 +++++++++++++++++++
 .../hosts/copr-fe.cloud.fedoraproject.org.yml |  1 +
 2 files changed, 26 insertions(+)

diff --git a/files/copr/fe/httpd/coprs.conf b/files/copr/fe/httpd/coprs.conf
index 8ba86c60eb..bb0502c5f5 100644
--- a/files/copr/fe/httpd/coprs.conf
+++ b/files/copr/fe/httpd/coprs.conf
@@ -18,3 +18,28 @@ WSGISocketPrefix /var/run/wsgi
 	Require all granted
     </Directory>
 </VirtualHost>
+
+<VirtualHost *:443>
+    SSLEngine on
+    SSLProtocol all -SSLv2
+    #optimeize on speed
+    SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
+    SSLHonorCipherOrder on
+
+    SSLCertificateFile /etc/pki/tls/ca.crt
+    SSLCertificateKeyFile /etc/pki/tls/private/ca.key
+    ServerName copr-fe.cloud.fedoraproject.org:443
+
+    WSGIPassAuthorization On
+    #WSGIDaemonProcess 127.0.0.1 user=copr-fe group=copr-fe threads=5
+    WSGIScriptAlias / /usr/share/copr/coprs_frontend/application
+    WSGIProcessGroup 127.0.0.1
+
+    ErrorLog logs/error_coprs
+    CustomLog logs/access_coprs common
+
+    <Directory /usr/share/copr>
+        WSGIApplicationGroup %{GLOBAL}
+        Require all granted
+    </Directory>
+</VirtualHost>
diff --git a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
index 014574b5da..d44e933783 100644
--- a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
@@ -47,6 +47,7 @@
     - postgresql-server
     - bash-completion
     - fail2ban
+    - mod_ssl
     tags:
     - packages