ansible-base/roles/hedgedoc-and-lighttpd/templates/conf.j2

$HTTP["host"] == "{{var_hedgedoc_and_lighttpd_domain}}" {
	server.name = "{{var_hedgedoc_and_lighttpd_domain}}"
	proxy.server = (
		"" => (
			"" => (
				"host" => "127.0.0.1",
				"port" => 2400
			)
		)
	)
	proxy.header = (
		"upgrade" => "enable"
	)
	
{% if var_hedgedoc_and_lighttpd_tls_enable %}
	## alle Anfragen auf Port 80
	$SERVER["socket"] == ":80" {
		## auf HTTPS umleiten
		url.redirect = ("^/(.*)$" => "https://{{var_hedgedoc_and_lighttpd_domain}}/$1")
	}
	
	## alle Anfragen auf Port 443
	$SERVER["socket"] == ":443" {
		## mit dem SSL-Kram beglücken
		ssl.engine  = "enable"
		ssl.pemfile = "/etc/ssl/certs/{{var_hedgedoc_and_lighttpd_domain}}.pem"
		ssl.privkey = "/etc/ssl/keys/{{var_hedgedoc_and_lighttpd_domain}}.pem"
		ssl.ca-file = "/etc/ssl/fullchains/{{var_hedgedoc_and_lighttpd_domain}}.pem"
		ssl.use-sslv2 = "disable"
		ssl.use-sslv3 = "disable"
	}
{% endif %}
}
[add] role:hedgedoc-and-lighttpd 2023-12-17 23:55:42 +01:00			`$HTTP["host"] == "{{var_hedgedoc_and_lighttpd_domain}}" {`
			`server.name = "{{var_hedgedoc_and_lighttpd_domain}}"`
			`proxy.server = (`
			`"" => (`
			`"" => (`
			`"host" => "127.0.0.1",`
			`"port" => 2400`
			`)`
			`)`
			`)`
			`proxy.header = (`
			`"upgrade" => "enable"`
			`)`

			`{% if var_hedgedoc_and_lighttpd_tls_enable %}`
			`## alle Anfragen auf Port 80`
			`$SERVER["socket"] == ":80" {`
			`## auf HTTPS umleiten`
			`url.redirect = ("^/(.*)$" => "https://{{var_hedgedoc_and_lighttpd_domain}}/$1")`
			`}`

			`## alle Anfragen auf Port 443`
			`$SERVER["socket"] == ":443" {`
			`## mit dem SSL-Kram beglücken`
			`ssl.engine = "enable"`
			`ssl.pemfile = "/etc/ssl/certs/{{var_hedgedoc_and_lighttpd_domain}}.pem"`
			`ssl.privkey = "/etc/ssl/keys/{{var_hedgedoc_and_lighttpd_domain}}.pem"`
			`ssl.ca-file = "/etc/ssl/fullchains/{{var_hedgedoc_and_lighttpd_domain}}.pem"`
			`ssl.use-sslv2 = "disable"`
			`ssl.use-sslv3 = "disable"`
			`}`
			`{% endif %}`
			`}`