New feature: redirect_https (HTTP -> HTTPS)

pull/22/head
Emilien Mantel 2016-03-14 19:20:08 +01:00
parent 3666b29184
commit 97aeda5678
3 changed files with 29 additions and 0 deletions

View File

@ -16,6 +16,7 @@ Common
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www - `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme). - `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
- `redirect_to_code`: Redirect code (default: 302) - `redirect_to_code`: Redirect code (default: 302)
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS.
- `location`: (O) Add new custom locations (it does not overwrite!) - `location`: (O) Add new custom locations (it does not overwrite!)
- `more`: (O) Add more custom infos. - `more`: (O) Add more custom infos.
- `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP) - `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)

View File

@ -118,6 +118,20 @@ server {
{% endif %} {% endif %}
} }
{% if item.redirect_https is defined and item.redirect_https %}
#
# Redirect HTTP to HTTPS
#
server {
{% for port in __listen %}
listen {{ port }};
{% endfor %}
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ item.name | join(' ') }}{% endif %};
return 301 https://{{ __main_name }}{% if '443' not in __listen_ssl %}:__listen_ssl[0]{% endif %}/$request_uri;
}
{% endif %}
{% if item.redirect_from is defined and item.redirect_from is iterable %} {% if item.redirect_from is defined and item.redirect_from is iterable %}
# #
# Redirect from # Redirect from

View File

@ -172,6 +172,11 @@
ssl_name: 'test-ssl-predeployed.local' ssl_name: 'test-ssl-predeployed.local'
more: more:
- 'add_header X-ansible-default 1;' - 'add_header X-ansible-default 1;'
- name: 'test-ssl-redirect.local'
proto: ['https']
template: '_base'
ssl_name: 'test-ssl.local'
redirect_https: true
nginx_dh_length: 1024 nginx_dh_length: 1024
roles: roles:
- ../../ - ../../
@ -289,6 +294,15 @@
with_items: with_items:
- 'test-ssl-predeployed.local' - 'test-ssl-predeployed.local'
- 'test-ssl.local' - 'test-ssl.local'
- name: -- VERIFY SSL REDIRECT --
command: "curl -v --insecure -H 'Host: {{ item }}' http://127.0.0.1/"
changed_when: false
register: sslredirok
failed_when: >
sslredirok.stderr.find('< Location') == -1 and
sslredirok.stderr.find('https://{{ item }}/') == -1
with_items:
- 'test-ssl-redirect.local'
# -------------------------------- # --------------------------------
# Default vhosts # Default vhosts