use SSL

2 files changed, 17 insertions, 2 deletions

diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net
index d329c049..4b8aa586 100644
--- a/etc/apache2/sites-available/jenkins.debian.net
+++ b/etc/apache2/sites-available/jenkins.debian.net
@@ -1,5 +1,19 @@
+NameVirtualHost *:80
 <VirtualHost *:80>
-	ServerAdmin webmaster@localhost
+	ServerName jenkins.debian.net
+	RewriteEngine On
+	RewriteCond %{HTTPS} !=on
+	RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+</VirtualHost>
+
+NameVirtualHost *:443
+<VirtualHost *:443>
+	SSLEngine on
+	SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
+	SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+	ServerName jenkins.debian.net
+	ServerAdmin holger@layer-acht.org
 
 	DocumentRoot /var/www
 	<Directory />
@@ -19,6 +33,7 @@
 		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
 		Order allow,deny
 		Allow from all
+		SSLOptions +StdEnvVars
 	</Directory>
 
 	# allow certain params only from alioth (token is used to trigger builds)
diff --git a/etc/shorewall/rules b/etc/shorewall/rules
index 4b95dd6f..7e998cba 100644
--- a/etc/shorewall/rules
+++ b/etc/shorewall/rules
@@ -27,6 +27,6 @@ Ping(DROP)	net		$FW
 ACCEPT		$FW		net		icmp
 
 # incoming http and ssh are allowed
-ACCEPT    net       $FW             tcp          80
+ACCEPT    net       $FW             tcp          80,443
 ACCEPT    net       $FW             tcp          22