kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-07 18:05:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
eca7ffea3613c6b012f4194fdaf1a6dc1b630b0f
computer-playbook/roles/sys-svc-proxy/templates/location
History
Kevin Veen-Birkenbach 986f959696 Refactor webserver proxy variables and fix BigBlueButton deployment behavior 
Refactor proxy/webserver configuration variables to a consistent webserver_* naming scheme across roles. Replace legacy variables like proxy_extra_configuration, client_max_body_size, vhost_flavour, location_ws and ws_port with webserver_extra_configuration, webserver_client_max_body_size, webserver_vhost_flavour, webserver_websocket_location and webserver_websocket_port. Update NGINX vhost and location templates (html, upload, ws, basic, ws_generic) as well as callers (sys-front-inj-all, sys-stk-front-proxy, various web-app-* and web-svc-* roles) to use the new naming.

Tighten docker-compose Git repository handling by making docker_git_repository_pull depend on docker_git_repository_address being defined, a string and non-empty. This avoids accidental Git operations when the repository address is unset or of the wrong type.

Refactor the BigBlueButton role structure and fix deployment bugs: introduce 01_core.yml to orchestrate docker/proxy setup, database seeding, websocket map deployment, docker-compose overrides and admin/bootstrap logic in a single once-executed entrypoint. Rename supporting task files (02_docker-compose.yml, 03_administrator.yml, 04_dependencies.yml) and update tasks/main.yml to delegate via include_tasks with run_once_web_app_bigbluebutton. Improve Greenlight admin creation behavior by treating the 'Email has already been taken' error as a non-fatal, unchanged outcome and running user:set_admin_role as a fallback, both for the primary password and the OIDC starred-password path.

Also standardize vhost flavour selection for services like Mailu, Discourse, CDN, Collabora, Coturn, OnlyOffice, Simpleicons and web-svc-logout by explicitly passing webserver_vhost_flavour where needed and aligning client_max_body_size and websocket configuration with the new webserver_* variables.

Reference: ChatGPT conversation https://chatgpt.com/share/6931c530-bba8-800f-9997-dd61dc1d497b
2025-12-04 18:31:09 +01:00
..
html.conf.j2
Refactor webserver proxy variables and fix BigBlueButton deployment behavior
2025-12-04 18:31:09 +01:00
media.conf.j2
README.md
TODO.md
upload.conf.j2
Refactor webserver proxy variables and fix BigBlueButton deployment behavior
2025-12-04 18:31:09 +01:00
ws.conf.j2
Refactor webserver proxy variables and fix BigBlueButton deployment behavior
2025-12-04 18:31:09 +01:00

README.md

Nginx Location Templates

This directory contains Jinja2 templates for different Nginx location blocks, each designed to proxy and optimize different types of web traffic. These templates are used by the sys-svc-proxy role to modularize and standardize reverse proxy configuration across a wide variety of applications.

Overview of Files

html.conf.j2

  • Purpose:
    Handles "normal" web traffic such as HTML pages, API endpoints, and general HTTP(S) requests.
  • Features:
    • Proxies requests to the backend service.
    • Optionally integrates with OAuth2 proxy for authentication.
    • Sets all necessary proxy headers.
    • Applies a Content Security Policy header.
    • Activates buffering for advanced features such as Lua-based string replacements.
    • Supports WebSocket upgrades for hybrid APIs.

ws.conf.j2

  • Purpose:
    Handles WebSocket connections, enabling real-time features such as live updates or chats.
  • Features:
    • Sets all headers required for WebSocket upgrades.
    • Disables proxy buffering (required for WebSockets).
    • Uses tcp_nodelay for low latency.
    • Proxies traffic to the backend WebSocket server.

media.conf.j2

  • Purpose:
    Proxies and caches static media files (images, icons, etc.).
  • Features:
    • Matches image file extensions (jpg, png, gif, webp, ico, svg, etc.).
    • Enables browser-side and proxy-side caching for efficient delivery.
    • Adds cache control headers and exposes the upstream cache status.

Usage

These templates are intended for inclusion in larger Nginx configuration files via Jinja2.
They modularize your configuration by separating HTML, WebSocket, and media proxying, allowing for clear, reusable, and maintainable reverse proxy logic.

  • Use html.conf.j2 for standard application HTTP/S endpoints.
  • Use ws.conf.j2 for dedicated WebSocket endpoints.
  • Use media.conf.j2 for efficient handling of static media content.

Best Practices

  • Only enable WebSocket proxying (ws.conf.j2) for routes that actually require it, to avoid breaking buffering for standard HTTP.
  • Activate media proxying (media.conf.j2) if your application benefits from image caching at the proxy layer.
  • Keep templates modular for maintainability and scalability as your application grows.
Reference in New Issue View Git Blame Copy Permalink