Skip to content

Commit 8dbc8df

Browse files
committed
Added apache__redirect_to_https variable
Currently, each vhost can define "redirect_to_https". If True, which is the current default, then the Apache configuration will include a Redirect line. This is good, except that VirtualHost rules seem to have precedence over other rules. That is annoying when you want to define a global rule to serve, say, ACME requests, because Apache would respect the VirtualHost rules and redirect the plain HTTP request instead of serving the token. To help debops users to not having to touch each and every defined vhost, the new variable defines the default value for redirect_to_https, which used to be "True". The default is still "True", but now you can override that easily.
1 parent da11455 commit 8dbc8df

3 files changed

Lines changed: 11 additions & 2 deletions

File tree

defaults/main.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -362,7 +362,15 @@ apache__combined_snippets: '{{ apache__dependent_snippets
362362
apache__https_enabled: '{{ ansible_local|d() and ansible_local.pki|d() and
363363
(ansible_local.pki.enabled|d() | bool) and
364364
apache__https_listen|length > 0 }}'
365+
# ]]]
366+
365367

368+
# .. envvar:: apache__redirect_to_https [[[
369+
#
370+
# Each vhost can define a boolean ``redirect_to_https``.
371+
# If not set, it defaults to the value defined in ``apache__redirect_to_https``.
372+
# Defaults to ``True``.
373+
apache__redirect_to_https: True
366374
# ]]]
367375
# PKI [[[
368376
# ~~~~~~~

docs/defaults-detailed.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -315,7 +315,7 @@ Refer to the `Apache Redirect directive documentation`_ for details.
315315
HTTPS, by default 301 Moved Permanently.
316316

317317
``redirect_to_https``
318-
Optional, boolean. Defaults to ``True``
318+
Optional, boolean. Defaults to ``apache__redirect_to_https``
319319
If ``True``, redirect connection from HTTP to the HTTPS version of the site.
320320
Set to ``False`` to allow to serve the website via HTTP and HTTPS and don't
321321
redirect HTTP to HTTPS.

templates/etc/apache2/sites-available/default.conf.j2

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@
1212

1313
{% if item.redirect_http|d() %}
1414
{{ apache__tpl_macros.get_redirect( item.redirect_http_code|d(307), "/", item.redirect_http) | indent(4) }}
15-
{% elif item.redirect_to_https|d(True) | bool %}
15+
{% elif item.redirect_to_https|default(apache__redirect_to_https) | bool %}
16+
# Item's redirect: {{ item.redirect_to_https | default() }} default: {{ apache__redirect_to_https }}
1617
Redirect {{ item.redirect_to_https_with_code|d("301") }} "/" "https://{{ (debops__tpl_macros.get_yaml_list_for_elem(item.name) | from_yaml)[0] }}/"
1718
{% else %}
1819
{{ apache__tpl_macros.get_content_directives(item) | indent(4) }}

0 commit comments

Comments
 (0)