From 1f4cb30e753dfbb6181302cd6be2e51d1041dd31 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Kadl=C4=8D=C3=ADk?= <frostyx@email.cz>
Date: Wed, 28 Nov 2018 19:27:37 +0100
Subject: [PATCH] Fix letsencrypt cert generation for copr-fe-dev

---
 roles/copr/frontend-cloud/tasks/main.yml             | 7 +++++++
 roles/copr/frontend-cloud/templates/httpd/coprs.conf | 7 +++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/roles/copr/frontend-cloud/tasks/main.yml b/roles/copr/frontend-cloud/tasks/main.yml
index 353495fabf..bd1dbd886f 100644
--- a/roles/copr/frontend-cloud/tasks/main.yml
+++ b/roles/copr/frontend-cloud/tasks/main.yml
@@ -117,6 +117,13 @@
   tags:
   - config
 
+- name: Set SELinux context for certs generation
+  sefcontext:
+    target: "/srv/web/acme-challenge/.well-known"
+    setype: httpd_sys_content_t
+    state: present
+  when: devel
+
 - name: enable services
   service: state=started enabled=yes name={{ item }}
   with_items:
diff --git a/roles/copr/frontend-cloud/templates/httpd/coprs.conf b/roles/copr/frontend-cloud/templates/httpd/coprs.conf
index 453144a8ac..05c9e471da 100644
--- a/roles/copr/frontend-cloud/templates/httpd/coprs.conf
+++ b/roles/copr/frontend-cloud/templates/httpd/coprs.conf
@@ -26,15 +26,14 @@ WSGIScriptAlias / /usr/share/copr/coprs_frontend/application
         WSGIApplicationGroup %{GLOBAL}
     Require all granted
     </Directory>
-</VirtualHost>
 
-{% if devel %}
-<VirtualHost *:80>
+    {% if devel %}
     RewriteEngine on
     RewriteRule ^/\.well-known/(.*) /srv/web/acme-challenge/.well-known/$1 [L]
     RewriteRule "^/?(.*)" "https://%{HTTP_HOST}/$1" [L,R=301,NE]
+    {% endif %}
 </VirtualHost>
-{% endif %}
+
 
 <IfModule mod_status.c>
 ExtendedStatus On