- Timestamp:
- 2024-01-19T13:41:19+13:00 (4 months ago)
- Location:
- main/trunk/greenstone3/src/ansible-playbooks
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/ansible-playbooks/files/gs3-apache.conf.j2
r38563 r38571 33 33 ProxyPreserveHost On 34 34 35 # Done to allow the proxied web server (localhost, Tomcat in our case)35 # The following is done to allow the proxied web server (localhost, Tomcat in our case) 36 36 # to have this header information passed on to it 37 # RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME} 37 # 38 RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME} 38 39 #HTTPS# RequestHeader set X-Forwarded-SSL expr=%{HTTPS} 39 40 40 41 # 42 # Before working with web-sockets, the following config entries were sufficient 43 # to connect the apache2 server with the tomcat one running Greenstone3 44 # 41 45 # ProxyPass /{{gsdl3servlet_external.context}} {{gsdl3servlet_internal.protocol}}://{{gsdl3servlet_internal.domain}}:{{gsdl3servlet_internal.port}}/{{gsdl3servlet_internal.context}} 42 46 # ProxyPassReverse /{{gsdl3servlet_external.context}} {{gsdl3servlet_internal.protocol}}://{{gsdl3servlet_internal.domain}}:{{gsdl3servlet_internal.port}}/{{gsdl3servlet_internal.context}} … … 46 50 # </Location> 47 51 48 #HTTP-to-HTTPS# RewriteEngine on 49 #HTTP-to-HTTPS# RewriteCond %{SERVER_NAME} ={{ apache2_revproxy_config.webserver_name }} 50 #HTTP-to-HTTPS# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] 52 RewriteEngine on 53 RewriteRule "^/$" "/greenstone3/library" [END,NE,R=permanent] 54 55 #HTTPS# RewriteCond %{HTTP:Upgrade} =websocket 56 #HTTPS# RewriteRule /(.*) ws://localhost:8383/$1 [P,L] 57 58 #HTTPS# RewriteCond %{HTTP:Upgrade} !=websocket 59 #HTTPS# RewriteRule /(.*) http://localhost:8383/$1 [P,L] 51 60 52 61 </VirtualHost> -
main/trunk/greenstone3/src/ansible-playbooks/reverse-proxy-https-tasks.yml
r38567 r38571 4 4 loop: [ 'python3-certbot-apache' ] 5 5 6 #- name: Set up Apache2 virtualhost 7 # template: 8 # src: "files/gs3-apache.conf.j2" 9 # dest: "/etc/apache2/sites-available/{{ apache2_revproxy_config.config_root_name }}.conf" 6 - name: Using 'certbot' to generate PEM certificate and set Apache2 for operation over https 7 command: | 8 certbot --apache --non-interactive --keep-until-expiring --renew-with-new-domains --agree-tos 9 --email {{ tech_support_info.email | quote }} --no-eff-email --domains "{{ gsdl3servlet_external.domain }}" 10 11 - name: Uncommenting #HTTPS# entries in https version of Apache2 config file 12 ansible.builtin.replace: 13 path: "/etc/apache2/sites-enabled/{{ apache2_revproxy_config.config_root_name }}-le-ssl.conf" 14 regexp: '^(\s*)#HTTPS# ' 15 replace: '\1' 16 17 - name: Removing #HTTPS# entries from the http version of Apache2 config file 18 ansible.builtin.lineinfile: 19 path: "/etc/apache2/sites-enabled/{{ apache2_revproxy_config.config_root_name }}.conf" 20 state: absent 21 regexp: '^(\s*)#HTTPS#.*$' 22 23 - name: Reloading Apache2 24 ansible.builtin.meta: noop 25 notify: Reload Apache 26 10 27 11 28 #- name: Adjusting Greenstone3 installations index.html to work in Apache2 DocumentRoot
Note:
See TracChangeset
for help on using the changeset viewer.