Merge pull request #2686 from edx/arbab/mod-cookie-cutter

added the nginx redirected logic

Merge pull request #2686 from edx/arbab/mod-cookie-cutter
added the nginx redirected logic
c26d5597 · Arbab Nazar · 9ef69789 · be111597 · c26d5597
Commit c26d5597 authored Jan 12, 2016 by Arbab Nazar
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 6 deletions

playbooks/roles/ansible-role-django-ida/templates/templates/edx/app/nginx/sites-available/ROLE_NAME.j2
+22 -6

No files found.
--- a/playbooks/roles/ansible-role-django-ida/templates/templates/edx/app/nginx/sites-available/ROLE_NAME.j2
+++ b/playbooks/roles/ansible-role-django-ida/templates/templates/edx/app/nginx/sites-available/ROLE_NAME.j2
@@ -57,14 +57,30 @@ server {
    proxy_redirect off;
    proxy_pass http://{{ role_name }}_app_server;
  }
+  
+  # Nginx does not support nested condition or or conditions so
+  # there is an unfortunate mix of conditonals here.
+  {{ '{%' }} if NGINX_REDIRECT_TO_HTTPS {{ '%}' }}
+     {{ '{%' }} if NGINX_HTTPS_REDIRECT_STRATEGY == "scheme" {{ '%}' }}
+  # Redirect http to https over single instance
+  if ($scheme != "https") 
+  { 
+   set $do_redirect_to_https "true";
+  }
+
+     {{ '{%' }} elif NGINX_HTTPS_REDIRECT_STRATEGY == "forward_for_proto" {{ '%}' }}

-  # Forward to HTTPS if we're an HTTP request...
-  if ($http_x_forwarded_proto = "http") {
-    set $do_redirect "true";
+  # Forward to HTTPS if we're an HTTP request... and the server is behind ELB 
+  if ($http_x_forwarded_proto = "http") 
+  {
+   set $do_redirect_to_https "true";
  }
+     {{ '{%' }} endif {{ '%}' }}

-  # Run our actual redirect...
-  if ($do_redirect = "true") {
-    rewrite ^ https://$host$request_uri? permanent;
+  # Execute the actual redirect
+  if ($do_redirect_to_https = "true")
+  {
+  rewrite ^ https://$host$request_uri? permanent;
  }
+  {{ '{%' }} endif {{ '%}' }}
 }