diff --git a/roles/docker-compose/handlers/main.yml b/roles/docker-compose/handlers/main.yml
index 3bc80690..5165c502 100644
--- a/roles/docker-compose/handlers/main.yml
+++ b/roles/docker-compose/handlers/main.yml
@@ -11,14 +11,23 @@
- docker compose restart
- docker compose just up
-- name: Build docker
- command:
- cmd: docker compose build
+- name: Build docker compose
+ shell: |
+ set -euo pipefail
+ docker compose build || {
+ echo "Retrying without cache and pulling bases...";
+ docker compose build --no-cache --pull;
+ }
+ args:
chdir: "{{ docker_compose.directories.instance }}"
+ executable: /bin/bash
environment:
COMPOSE_HTTP_TIMEOUT: 600
DOCKER_CLIENT_TIMEOUT: 600
- listen:
+ # Faster build
+ DOCKER_BUILDKIT: "1"
+ COMPOSE_DOCKER_CLI_BUILD: "1"
+ listen:
- docker compose build
- name: docker compose up
diff --git a/roles/srv-proxy-7-4-core/templates/location/html.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/html.conf.j2
index 745adb69..93f10801 100644
--- a/roles/srv-proxy-7-4-core/templates/location/html.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/html.conf.j2
@@ -6,7 +6,8 @@ location {{location}}
{% include 'roles/web-app-oauth2-proxy/templates/following_directives.conf.j2'%}
{% endif %}
- proxy_pass http://127.0.0.1:{{ http_port }}{{ location if not location.startswith('@') else '' }};
+ {% set _loc = location|trim %}
+ proxy_pass http://127.0.0.1:{{ http_port }}{{ (_loc|regex_replace('^(?:=|\\^~)\\s*','')) if not (_loc is match('^(@|~)')) else '' }};
# headers
proxy_set_header Host $host;
@@ -14,25 +15,27 @@ location {{location}}
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port {{ WEB_PORT }};
- proxy_set_header Accept-Encoding "";
{% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
# WebSocket specific header
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- # Activate buffering
- # Needs to be enabled, so that lua can do str replaces
- proxy_buffering on;
- proxy_request_buffering on;
+ proxy_set_header Connection $connection_upgrade;
# timeouts
- proxy_connect_timeout 1s;
- proxy_send_timeout 900s;
- proxy_read_timeout 900s;
- send_timeout 900s;
+ proxy_connect_timeout 5s;
+ proxy_send_timeout 900s;
+ proxy_read_timeout 900s;
+ send_timeout 900s;
+
+ {% set proxy_lua_enabled = proxy_lua_enabled | default(true) | bool %}
+ # Buffering needs to be activ, so that lua can do str replaces
+ proxy_buffering {{ 'on' if proxy_lua_enabled else 'off' }};
+ proxy_request_buffering {{ 'on' if proxy_lua_enabled else 'off' }};
+ {% if proxy_lua_enabled %}
+ proxy_set_header Accept-Encoding "";
{% include 'roles/srv-web-7-7-inj-compose/templates/location.lua.j2'%}
+ {% endif %}
}
\ No newline at end of file
diff --git a/roles/srv-proxy-7-4-core/templates/location/media.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/media.conf.j2
index 67d73936..4518e991 100644
--- a/roles/srv-proxy-7-4-core/templates/location/media.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/media.conf.j2
@@ -4,7 +4,7 @@ location ~* \.(jpg|jpeg|png|gif|webp|ico|svg)$ {
add_header Cache-Control "public, max-age=2592000, immutable";
# Cache on reverse proxy side
- proxy_pass http://127.0.0.1:{{http_port}};
+ proxy_pass http://127.0.0.1:{{ http_port }};
proxy_cache imgcache;
proxy_cache_valid 200 302 60m;
proxy_cache_valid 404 1m;
diff --git a/roles/srv-web-7-7-inj-css/templates/head_sub.j2 b/roles/srv-web-7-7-inj-css/templates/head_sub.j2
index dc1b15c7..fa1120bd 100644
--- a/roles/srv-web-7-7-inj-css/templates/head_sub.j2
+++ b/roles/srv-web-7-7-inj-css/templates/head_sub.j2
@@ -1 +1 @@
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/roles/web-app-bigbluebutton/tasks/main.yml b/roles/web-app-bigbluebutton/tasks/main.yml
index 940de3c2..4e0895e1 100644
--- a/roles/web-app-bigbluebutton/tasks/main.yml
+++ b/roles/web-app-bigbluebutton/tasks/main.yml
@@ -1,4 +1,14 @@
---
+- name: Render HTML-Location-Block in Variable
+ set_fact:
+ proxy_extra_configuration: >-
+ {{ lookup('ansible.builtin.template',
+ playbook_dir ~ '/roles/srv-proxy-7-4-core/templates/location/html.conf.j2') | trim }}
+ vars:
+ location: '^~ /html5client'
+ oauth2_proxy_enabled: false
+ proxy_lua_enabled: false
+
- name: "load docker, proxy for '{{application_id}}'"
include_role:
name: cmp-docker-proxy
@@ -7,6 +17,10 @@
- name: "include 04_seed-database-to-backup.yml"
include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml"
+- name: "Unset 'proxy_extra_configuration'"
+ set_fact:
+ proxy_extra_configuration: "{{ undef() }}"
+
- name: configure websocket_upgrade.conf
copy:
src: "websocket_upgrade.conf"
diff --git a/roles/web-app-bigbluebutton/vars/main.yml b/roles/web-app-bigbluebutton/vars/main.yml
index a2d43452..8d1ac94a 100644
--- a/roles/web-app-bigbluebutton/vars/main.yml
+++ b/roles/web-app-bigbluebutton/vars/main.yml
@@ -16,4 +16,4 @@ http_port: "{{ ports.localhost.http[application_id] }}"
docker_compose_skipp_file_creation: true # Handled in this role
docker_repository_address: "{{ applications | get_app_conf(application_id, 'docker.services.bigbluebutton.repository') }}"
docker_repository_branch: "{{ applications | get_app_conf(application_id, 'docker.services.bigbluebutton.version') }}"
-docker_pull_git_repository: true
\ No newline at end of file
+docker_pull_git_repository: true