From f9f76892af837585b940191294b1847c4ce7a61f Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 26 Jul 2025 08:08:51 +0200 Subject: [PATCH] Solved peertube bugs --- roles/srv-proxy-7-4-core/templates/location/html.conf.j2 | 6 ++++-- roles/srv-proxy-7-4-core/templates/location/ws.conf.j2 | 4 ++-- roles/web-app-peertube/tasks/main.yml | 4 +++- roles/web-svc-logout/templates/logout-proxy.conf.j2 | 6 +++--- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/roles/srv-proxy-7-4-core/templates/location/html.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/html.conf.j2 index 65fe950b..745adb69 100644 --- a/roles/srv-proxy-7-4-core/templates/location/html.conf.j2 +++ b/roles/srv-proxy-7-4-core/templates/location/html.conf.j2 @@ -1,10 +1,12 @@ -location {{location | default("/")}} +{% set location = location | default("/")%} + +location {{location}} { {% if oauth2_proxy_enabled | default(false) | bool %} {% include 'roles/web-app-oauth2-proxy/templates/following_directives.conf.j2'%} {% endif %} - proxy_pass http://127.0.0.1:{{ http_port }}{{ location | default("/") }}; + proxy_pass http://127.0.0.1:{{ http_port }}{{ location if not location.startswith('@') else '' }}; # headers proxy_set_header Host $host; diff --git a/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2 index 82a39286..8bf24ddd 100644 --- a/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2 +++ b/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2 @@ -2,8 +2,8 @@ location {{ location_ws }} { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_pass http://127.0.0.1:{{ ws_port }}; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:{{ ws_port }}; # Proxy buffering needs to be disabled for websockets. proxy_buffering off; diff --git a/roles/web-app-peertube/tasks/main.yml b/roles/web-app-peertube/tasks/main.yml index d50884a8..6caa805e 100644 --- a/roles/web-app-peertube/tasks/main.yml +++ b/roles/web-app-peertube/tasks/main.yml @@ -9,7 +9,9 @@ loop_control: loop_var: domain vars: - http: "{{ ports.localhost.http[application_id] }}" + # Websockt and http listen to the same port + http_port: "{{ ports.localhost.http[application_id] }}" + ws_port: "{{ ports.localhost.http[application_id] }}" - name: "Install and activate auth-openid-connect plugin if OIDC is enabled" include_tasks: enable-oidc.yml diff --git a/roles/web-svc-logout/templates/logout-proxy.conf.j2 b/roles/web-svc-logout/templates/logout-proxy.conf.j2 index ca0aec45..0ba188cd 100644 --- a/roles/web-svc-logout/templates/logout-proxy.conf.j2 +++ b/roles/web-svc-logout/templates/logout-proxy.conf.j2 @@ -9,9 +9,9 @@ location = /logout { # CORS headers – allow your central page to call this add_header 'Access-Control-Allow-Origin' '{{ domains | get_url('web-svc-logout', web_protocol) }}' always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept, Authorization' always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Accept, Authorization' always; # Disable caching absolutely add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0" always;