APACHE:HTTPS-VHOST: grant HTTP access to .well-known/acme-challenge/

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>

5 files changed, 18 insertions, 4 deletions

diff --git a/README.rst b/README.rst
index 85eea13..05b5b18 100644
--- a/README.rst
+++ b/README.rst
@@ -77,7 +77,7 @@ regarding the reporting of bugs and submission of patches/pull requests.
 License
 =======
 
-| Copyright (C) 2015-2018, 2020-2022 Sean Whitton
+| Copyright (C) 2015-2018, 2020-2024 Sean Whitton
 | Copyright (C) 2021-2022 David Bremner
 
 Consfigurator is free software: you can redistribute it and/or modify it under
diff --git a/debian/copyright b/debian/copyright
index f0241b2..6411817 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,7 +1,7 @@
 Consfigurator
 Lisp declarative configuration management system
 
-Copyright (C)2015-2018, 2020-2023 Sean Whitton
+Copyright (C)2015-2018, 2020-2024 Sean Whitton
 Copyright (C)2021-2022            David Bremner
 Copyright (C)2002-2023            Free Software Foundation, Inc.
 
diff --git a/doc/conf.py b/doc/conf.py
index 1deff2d..7a02cee 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -18,7 +18,7 @@
 # -- Project information -----------------------------------------------------
 
 project = 'Consfigurator'
-copyright = '2015-2018, 2020-2023, Sean Whitton, 2021-2022 David Bremner'
+copyright = '2015-2018, 2020-2024, Sean Whitton, 2021-2022 David Bremner'
 author = 'Sean Whitton'
 
 # The full version, including alpha/beta/rc tags
diff --git a/doc/news.rst b/doc/news.rst
index dd61e52..d4b19f1 100644
--- a/doc/news.rst
+++ b/doc/news.rst
@@ -23,6 +23,13 @@ In summary, you should always be able to upgrade to a release which only
 increments ``patch``, but if either of the other two components have changed,
 you should review this document and see if your consfig needs updating.
 
+1.3.3 (unreleased)
+------------------
+
+- APACHE:HTTPS-VHOST now adds an Apache ``<Directory>`` directive which
+  ensures that HTTP access to the ``.well-known/acme-challenge/`` subdirectory
+  of the document root is granted.
+
 1.3.2 (2024-04-24)
 ------------------
 
diff --git a/src/property/apache.lisp b/src/property/apache.lisp
index b299a20..56d0a16 100644
--- a/src/property/apache.lisp
+++ b/src/property/apache.lisp
@@ -1,6 +1,6 @@
 ;;; Consfigurator -- Lisp declarative configuration management system
 
-;;; Copyright (C) 2021  Sean Whitton <spwhitton@spwhitton.name>
+;;; Copyright (C) 2021, 2024  Sean Whitton <spwhitton@spwhitton.name>
 
 ;;; This file is free software; you can redistribute it and/or modify
 ;;; it under the terms of the GNU General Public License as published by
@@ -137,6 +137,13 @@ restart Apache."
                      ,@initial
                      "RewriteEngine On"
                      "RewriteRule ^/.well-known/acme-challenge.* - [L]"
+                     ,(format nil "<Directory ~A>"
+                              (unix-namestring
+                               (merge-pathnames
+                                #P".well-known/acme-challenge/"
+                                (ensure-directory-pathname htdocs))))
+                     "Require all granted"
+                     "</Directory>"
                      ,@additional-config
                      ;; redirect everything else to https
                      "RewriteRule (.*) https://%{SERVER_NAME}$1 [R=301,L,NE]"