New feature: redirect_https (HTTP -> HTTPS)
Emilien Mantel
parent
3666b29184
commit
97aeda5678
|
|
@ -16,6 +16,7 @@ Common
|
||||||
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
||||||
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
||||||
- `redirect_to_code`: Redirect code (default: 302)
|
- `redirect_to_code`: Redirect code (default: 302)
|
||||||
|
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS.
|
||||||
- `location`: (O) Add new custom locations (it does not overwrite!)
|
- `location`: (O) Add new custom locations (it does not overwrite!)
|
||||||
- `more`: (O) Add more custom infos.
|
- `more`: (O) Add more custom infos.
|
||||||
- `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
|
- `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
|
||||||
|
|
|
||||||
|
|
@ -118,6 +118,20 @@ server {
|
||||||
{% endif %}
|
{% endif %}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{% if item.redirect_https is defined and item.redirect_https %}
|
||||||
|
#
|
||||||
|
# Redirect HTTP to HTTPS
|
||||||
|
#
|
||||||
|
server {
|
||||||
|
{% for port in __listen %}
|
||||||
|
listen {{ port }};
|
||||||
|
{% endfor %}
|
||||||
|
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ item.name | join(' ') }}{% endif %};
|
||||||
|
return 301 https://{{ __main_name }}{% if '443' not in __listen_ssl %}:__listen_ssl[0]{% endif %}/$request_uri;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
{% if item.redirect_from is defined and item.redirect_from is iterable %}
|
{% if item.redirect_from is defined and item.redirect_from is iterable %}
|
||||||
#
|
#
|
||||||
# Redirect from
|
# Redirect from
|
||||||
|
|
|
||||||
|
|
@ -172,6 +172,11 @@
|
||||||
ssl_name: 'test-ssl-predeployed.local'
|
ssl_name: 'test-ssl-predeployed.local'
|
||||||
more:
|
more:
|
||||||
- 'add_header X-ansible-default 1;'
|
- 'add_header X-ansible-default 1;'
|
||||||
|
- name: 'test-ssl-redirect.local'
|
||||||
|
proto: ['https']
|
||||||
|
template: '_base'
|
||||||
|
ssl_name: 'test-ssl.local'
|
||||||
|
redirect_https: true
|
||||||
nginx_dh_length: 1024
|
nginx_dh_length: 1024
|
||||||
roles:
|
roles:
|
||||||
- ../../
|
- ../../
|
||||||
|
|
@ -289,6 +294,15 @@
|
||||||
with_items:
|
with_items:
|
||||||
- 'test-ssl-predeployed.local'
|
- 'test-ssl-predeployed.local'
|
||||||
- 'test-ssl.local'
|
- 'test-ssl.local'
|
||||||
|
- name: -- VERIFY SSL REDIRECT --
|
||||||
|
command: "curl -v --insecure -H 'Host: {{ item }}' http://127.0.0.1/"
|
||||||
|
changed_when: false
|
||||||
|
register: sslredirok
|
||||||
|
failed_when: >
|
||||||
|
sslredirok.stderr.find('< Location') == -1 and
|
||||||
|
sslredirok.stderr.find('https://{{ item }}/') == -1
|
||||||
|
with_items:
|
||||||
|
- 'test-ssl-redirect.local'
|
||||||
|
|
||||||
# --------------------------------
|
# --------------------------------
|
||||||
# Default vhosts
|
# Default vhosts
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue