extract out cors_origin from server and conditioned xblock j2 files

CHANGELOG.md

@@ -397,3 +397,8 @@
 - Role: edxapp
   - Added `EDXAPP_VIDEO_TRANSCRIPTS_SETTINGS` to configure S3-backed video transcripts.
   - Removed unused `EDXAPP_BOOK_URL` setting
+
+- Role: nginx
+  - Added `EDXAPP_ENV_EXTRA`, with default value as it was in the server template.
+  - Added `SCORM_PKG_STORAGE_DIR`, with default value as it was in the server template.
+  - Added `NGINX_EDXAPP_LMS_APP_EXTRA`, with default value as it was in the server template.

playbooks/roles/nginx/defaults/main.yml

@@ -176,3 +176,20 @@ NGINX_CREATE_HTPASSWD_FILE: >
 NGINX_EDXAPP_CMS_APP_EXTRA: ""
 # Extra settings to add to site configuration for LMS
 NGINX_EDXAPP_LMS_APP_EXTRA: ""
+NGINX_EDXAPP_LMS_APP_EXTRA: ""
+
+EDXAPP_ENV_EXTRA:
+  XBLOCK_SETTINGS:
+    ScormXBlock:
+      SCORM_PLAYER_LOCAL_STORAGE_ROOT: ""
+      SCORM_PLAYER_BACKENDS:
+        ssla:
+          name: ""
+          location: ""
+          configuration: {}
+      SCORM_PKG_STORAGE_DIR: ""
+  CORS_ORIGIN_WHITELIST: []
+
+# Scorm Xblock configurations
+SCORM_PKG_STORAGE_DIR: "scorms"
+SCORM_PLAYER_LOCAL_STORAGE_ROOT: "scormplayers"

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/extra_locations_lms.j2

+{% if EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock %}
+    location ~ ^/{{ EDXAPP_MEDIA_URL }}/{{ EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR }}/(?P<file>.*) {
+        add_header 'Access-Control-Allow-Origin' $cors_origin;
+        add_header 'Access-Control-Allow-Credentials' 'true';
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
 
-# The Origin request header indicates where a fetch originates from. It doesn't include any path information,
-# but only the server name (e.g. https://www.example.com).
-# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
-#
-# Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
-# of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
-map $http_origin $cors_origin {
-default "null";
-{% for host in CORS_ORIGIN_WHITELIST %}
-  "~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
-{% endfor %}
-}
-
-location ~ ^/{{ EDXAPP_MEDIA_URL }}/{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR }}/(?P<file>.*) {
-    add_header 'Access-Control-Allow-Origin' $cors_origin;
-    add_header 'Access-Control-Allow-Credentials' 'true';
-    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-
-    root {{ edxapp_media_dir }}/{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR }};
-    try_files /$file =404;
-    expires 31536000s;
-}
\ No newline at end of file
+        root {{ edxapp_media_dir }}/{{ EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR or SCORM_PKG_STORAGE_DIR}};
+        try_files /$file =404;
+        expires 31536000s;
+    }
+{% endif %}

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2

@@ -43,6 +43,23 @@ geo $http_x_forwarded_for $embargo {
 }
 {%- endif %}
 
+
+{% if EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock %}
+  # The Origin request header indicates where a fetch originates from. It doesn't include any path information,
+  # but only the server name (e.g. https://www.example.com).
+  # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
+  #
+  # Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
+  # of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
+  map $http_origin $cors_origin {
+  default "null";
+  {% for host in EDXAPP_ENV_EXTRA.CORS_ORIGIN_WHITELIST %}
+    "~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
+  {% endfor %}
+  }
+{% endif %}
+
+
 server {
   # LMS configuration file for nginx, templated by ansible
 

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/static-files-extra.j2

+{% if EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock %}
+  # w/in scorm/, override default return 403 for these file types
+  location ~ ^/static/scorm/(?:.*)(?:\.xml|\.json) {
+      try_files /{{ EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT }}/$file =404;
+  }
 
-# The Origin request header indicates where a fetch originates from. It doesn't include any path information,
-# but only the server name (e.g. https://www.example.com).
-# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
-#
-# Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
-# of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
-map $http_origin $cors_origin {
-default "null";
-{% for host in CORS_ORIGIN_WHITELIST %}
-  "~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
-{% endfor %}
-}
-
-# w/in scorm/, override default return 403 for these file types
-location ~ ^/static/scorm/(?:.*)(?:\.xml|\.json) {
-    try_files /{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT }}/$file =404;
-}
-
-location ~ "/scorm/(?P<file>.*)" {
-  add_header 'Access-Control-Allow-Origin' $cors_origin;
-  add_header 'Access-Control-Allow-Credentials' 'true';
-  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-  try_files /{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT }}/$file =404;
-}
\ No newline at end of file
+  location ~ "/scorm/(?P<file>.*)" {
+    add_header 'Access-Control-Allow-Origin' $cors_origin;
+    add_header 'Access-Control-Allow-Credentials' 'true';
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+    try_files /{{ EDXAPP_ENV_EXTRA.XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT or SCORM_PLAYER_LOCAL_STORAGE_ROOT}}/$file =404;
+  }
+{% endif %}