web: add ability to redirect HTTP traffic to HTTPS

Useful if you're running this setup directly on the Internet, with a Let's Encrypt certificate.
6 years ago · cda11bc52f
parent fcf83859e4
commit cda11bc52f
4 changed files with 9 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -161,6 +161,7 @@ Variable | Description | Default value
 `JIGASI_PORT_MIN` | Minimum port for media used by Jigasi | 20000
 `JIGASI_PORT_MAX` | Maximum port for media used by Jigasi | 20050
 `DISABLE_HTTPS` | Disable HTTPS, this can be useful if TLS connections are going to be handled outside of this setup | 1
+`ENABLE_HTTP_REDIRECT` | Redirects HTTP traffic to HTTPS | 1

 ### Running on a LAN environment

--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -13,6 +13,7 @@ services:
            - ENABLE_AUTH
            - ENABLE_GUESTS
            - ENABLE_LETSENCRYPT
+            - ENABLE_HTTP_REDIRECT
            - DISABLE_HTTPS
            - JICOFO_AUTH_USER
            - LETSENCRYPT_DOMAIN
--- a/env.example
+++ b/env.example
@ -121,3 +121,6 @@ JIGASI_PORT_MAX=20050

 # Disable HTTPS. This can be useful if TLS connections are going to be handled outside of this setup.
 #DISABLE_HTTPS=1
+
+# Redirects HTTP traffic to HTTPS. Only works with the standard HTTPS port (443).
+#ENABLE_HTTP_REDIRECT=1
--- a/web/rootfs/defaults/default
+++ b/web/rootfs/defaults/default
@ -1,7 +1,11 @@
 server {
 	listen 80 default_server;

+	{{ if .Env.ENABLE_HTTP_REDIRECT }}
+	return 301 https://$host$request_uri;
+	{{ else }}
 	include /config/nginx/meet.conf;
+	{{ end }}
 }

 {{ if not .Env.DISABLE_HTTPS }}