mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-15 16:40:45 +02:00
Kevin Veen-Birkenbach
03290eafe1
- proxy(html.conf.j2): * Make proxy_pass more robust (strip '=', '^~' prefixes; ignore @/~ match locations) * Switch WS header to $connection_upgrade * Unify timeouts (proxy_connect_timeout 5s) * Lua optional: include only when proxy_lua_enabled=true; unset Accept-Encoding only then * Buffering via flag: proxy_buffering/proxy_request_buffering 'on' with Lua, otherwise 'off' - proxy(media.conf.j2): minor formatting/spacing fix - inj-css(head_sub.j2): consistent spacing for global_css_version - bigbluebutton(tasks/main.yml): * Render HTML location block once before include_role (location='^~ /html5client', OAuth2/Lua disabled) * Pass rendered snippet via proxy_extra_configuration to the vHost * Cleanup afterwards: proxy_extra_configuration = undef() - docker-compose(handlers): * Build with retry: if 'docker compose build' fails -> retry with '--no-cache --pull' * Enable BuildKit (DOCKER_BUILDKIT=1, COMPOSE_DOCKER_CLI_BUILD=1) - vars: trailing newline / minor formatting Motivation: - BBB HTML5 client (^~ /html5client) needs a separate location without Lua/buffering. - More resilient CI/CD builds via automatic no-cache retry. - Cleaner headers/proxy defaults and fewer side effects. Files: - roles/docker-compose/handlers/main.yml - roles/srv-proxy-7-4-core/templates/location/html.conf.j2 - roles/srv-proxy-7-4-core/templates/location/media.conf.j2 - roles/srv-web-7-7-inj-css/templates/head_sub.j2 - roles/web-app-bigbluebutton/tasks/main.yml - roles/web-app-bigbluebutton/vars/main.yml
41 lines
1.4 KiB
Django/Jinja
41 lines
1.4 KiB
Django/Jinja
{% set location = location | default("/")%}
|
|
|
|
location {{location}}
|
|
{
|
|
{% if oauth2_proxy_enabled | default(false) | bool %}
|
|
{% include 'roles/web-app-oauth2-proxy/templates/following_directives.conf.j2'%}
|
|
{% endif %}
|
|
|
|
{% set _loc = location|trim %}
|
|
proxy_pass http://127.0.0.1:{{ http_port }}{{ (_loc|regex_replace('^(?:=|\\^~)\\s*','')) if not (_loc is match('^(@|~)')) else '' }};
|
|
|
|
# headers
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port {{ WEB_PORT }};
|
|
|
|
{% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
|
|
|
|
# WebSocket specific header
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
# timeouts
|
|
proxy_connect_timeout 5s;
|
|
proxy_send_timeout 900s;
|
|
proxy_read_timeout 900s;
|
|
send_timeout 900s;
|
|
|
|
{% set proxy_lua_enabled = proxy_lua_enabled | default(true) | bool %}
|
|
# Buffering needs to be activ, so that lua can do str replaces
|
|
proxy_buffering {{ 'on' if proxy_lua_enabled else 'off' }};
|
|
proxy_request_buffering {{ 'on' if proxy_lua_enabled else 'off' }};
|
|
|
|
{% if proxy_lua_enabled %}
|
|
proxy_set_header Accept-Encoding "";
|
|
{% include 'roles/srv-web-7-7-inj-compose/templates/location.lua.j2'%}
|
|
{% endif %}
|
|
} |