Fix reverse_proxy

ComputeCanada · Jul 14, 2023 · 8676d76 · 8676d76
1 parent 2b040ca
commit 8676d76
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 16 deletions.
diff --git a/data/common.yaml b/data/common.yaml
@@ -251,6 +251,7 @@ profile::nfs::client::server_ip: "%{alias('terraform.tag_ip.nfs.0')}"
 profile::nfs::server::devices: "%{alias('terraform.volumes.nfs')}"
 
 profile::reverse_proxy::domain_name: "%{alias('terraform.data.domain_name')}"
+
 profile::reverse_proxy::subdomains:
   ipa: "ipa.int.%{lookup('terraform.data.domain_name')}"
   mokey: "%{lookup('terraform.tag_ip.mgmt.0')}:%{lookup('profile::freeipa::mokey::port')}"

diff --git a/site/profile/manifests/reverse_proxy.pp b/site/profile/manifests/reverse_proxy.pp
@@ -28,9 +28,6 @@
     require => Yumrepo['caddy-copr-repo'],
   }
 
-  $ipa_server_ip = lookup('profile::freeipa::client::server_ip')
-  $mokey_port = lookup('profile::freeipa::mokey::port')
-
   if $domain_name in $::facts['letsencrypt'] {
     $fullchain_exists = $::facts['letsencrypt'][$domain_name]['fullchain']
     $privkey_exists = $::facts['letsencrypt'][$domain_name]['privkey']
@@ -81,20 +78,22 @@
 | EOT
   }
 
-  if $main2sub_redir != '' {
-    file { '/etc/caddy/conf.d/host.conf':
-      owner   => 'root',
-      group   => 'root',
-      mode    => '0644',
-      seltype => 'httpd_config_t',
-      require => File['/etc/caddy/conf.d'],
-      content => @("END"),
-${domain_name} {
-  import tls
-  redir https://${main2sub_redir}.${domain_name}
-}
-END
+  $host_conf_template = @("END")
+    ${domain_name} {
+      import tls
+      <% if ${main2sub_redir} != '' { -%>
+      redir https://${main2sub_redir}.${domain_name}
+      <% } -%>
     }
+    |END
+
+  file { '/etc/caddy/conf.d/host.conf':
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    seltype => 'httpd_config_t',
+    require => File['/etc/caddy/conf.d'],
+    content => inline_epp($host_conf_template),
   }
 
   $caddy_conf_template = @(EOT)
@@ -135,6 +134,7 @@
     ],
     subscribe => [
       File['/etc/caddy/Caddyfile'],
+      File['/etc/caddy/conf.d/host.conf'],
     ] + $subdomains.map |$key, $value| { File["/etc/caddy/conf.d/${key}.conf"] },
   }
 }