radityo
/
ansible-nginx
mirror of https://github.com/HanXHX/ansible-nginx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Bug fix : redirect https with many names 

On a multiple name vhost with redirect_https, redirection is done with
the origin name not the main name.
pull/2/merge
Emilien Mantel 2017-04-13 14:21:14 +02:00
parent fcb59fd331
commit f1af8991fd
2 changed files with 25 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
templates/etc/nginx/sites-available/_base.j2
View File

@ -22,6 +22,16 @@
ssl_certificate_key {{ nginx_ssl_dir + '/' + ssl_name + '/' + ssl_name + '.key' if sn.dest_key is not defined else sn.dest_key }}; ssl_certificate_key {{ nginx_ssl_dir + '/' + ssl_name + '/' + ssl_name + '.key' if sn.dest_key is not defined else sn.dest_key }};
{% endfor %} {% endfor %}
{%- endmacro %} {%- endmacro %}
{% macro httpsredirect(name) %}
server {
{% for port in __listen %}
listen {{ port }}{% if port | int in __http_proxy_protocol_port %} proxy_protocol{% endif %};
{% endfor %}
server_name {{ name }};
return 301 https://{{ name }}{% if '443' not in __listen_ssl %}:{{ __listen_ssl[0] }}{% endif %}$request_uri;
}
{% endmacro %}
# #
# {{ ansible_managed }} # {{ ansible_managed }}
# #
@ -142,15 +152,14 @@ server {
# #
# Redirect HTTP to HTTPS # Redirect HTTP to HTTPS
# #
server { {% if item.name is string %}
{% for port in __listen %} {{ httpsredirect(item.name) }}
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %}{% if port | int in __http_proxy_protocol_port %} proxy_protocol{% endif %}; {% else %}
{% for i in item.name %}
{{ httpsredirect(i) }}
{% endfor %} {% endfor %}
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ "\n\t\t" }}{{ item.name | join("\n\t\t") }}{% endif %};
return 301 https://{{ __main_name }}{% if '443' not in __listen_ssl %}:{{ __listen_ssl[0] }}{% endif %}$request_uri;
}
{% endif %} {% endif %}
{% endif %}
{% if item.redirect_from is defined and item.redirect_from is iterable %} {% if item.redirect_from is defined and item.redirect_from is iterable %}
# #

9
tests/test.yml
View File

@ -212,6 +212,13 @@
template: '_base' template: '_base'
ssl_name: 'test-ssl.local' ssl_name: 'test-ssl.local'
redirect_https: true redirect_https: true
- name:
- 'test-ssl-redirect-many.local'
- 'test-ssl-redirect-many2.local'
proto: ['https']
template: '_base'
ssl_name: 'test-ssl.local'
redirect_https: true
- name: 'test-ssl-proxy-protocol.local' - name: 'test-ssl-proxy-protocol.local'
proto: ['http', 'https'] proto: ['http', 'https']
listen: [80, 20080] listen: [80, 20080]
@ -382,6 +389,8 @@
sslredirok.stderr.find('https://{{ item }}/') == -1 sslredirok.stderr.find('https://{{ item }}/') == -1
with_items: with_items:
- 'test-ssl-redirect.local' - 'test-ssl-redirect.local'
- 'test-ssl-redirect-many.local'
- 'test-ssl-redirect-many2.local'
# -------------------------------- # --------------------------------
# Default vhosts # Default vhosts