enforce ssl protocoll for a vhost

2013-05-13 10:51:47 +02:00 · 2013-05-13 10:51:47 +02:00 · 3c0c836626
commit 3c0c836626
parent 8144b4f27a
2 changed files with 7 additions and 0 deletions
--- a/manifests/resource/vhost.pp
+++ b/manifests/resource/vhost.pp
@ -26,6 +26,7 @@
 #   [*rewrite_www_to_non_www*]  - Adds a server directive and rewrite rule to rewrite www.domain.com to domain.com in order to avoid
 #                             duplicate content (SEO);
 #   [*try_files*]           - Specifies the locations for files to be checked as an array. Cannot be used in conjuction with $proxy.
+#   [*rewrite_to_https*]    - Adds a server directive and rewrite rule to rewrite to ssl
 #
 # Actions:
 #
@ -62,6 +63,7 @@ define nginx::resource::vhost (
  $server_name            = [$name],
  $www_root               = undef,
  $rewrite_www_to_non_www = false,
+  $rewrite_to_https 	  = undef,
  $location_cfg_prepend   = undef,
  $location_cfg_append    = undef,
  $try_files              = undef) {
--- a/templates/vhost/vhost_header.erb
+++ b/templates/vhost/vhost_header.erb
@ -9,3 +9,8 @@ server {

  <% proxy_set_header.each do |header| %>
  proxy_set_header        <%= header %>;<% end %>
+  <% if @rewrite_to_https %>
+  if ($ssl_protocol = "") {
+       return 301 https://$host$request_uri ;
+  }
+   <% end %>