From 1adae2f702a4848bac67e5608a9bda835eafcd5e Mon Sep 17 00:00:00 2001
From: Mark Janssen <mark@sig-io.nl>
Date: Wed, 25 Sep 2024 14:26:34 +0200
Subject: [PATCH] pad config

---
 group_vars/pad.yaml                | 15 +++++++++++++++
 roles/nginx/templates/site.conf.j2 |  4 ++++
 2 files changed, 19 insertions(+)

diff --git a/group_vars/pad.yaml b/group_vars/pad.yaml
index fd642a9..3d2f69c 100644
--- a/group_vars/pad.yaml
+++ b/group_vars/pad.yaml
@@ -1,10 +1,25 @@
 ---
 
+acme_domains:
+ - pad.bitlair.nl
+
 etherpad_domain: pad.bitlair.nl
 
 nginx_sites:
   - server_name: "pad.bitlair.nl"
     localproxy: "9001"
+    pre_config:
+      - "# WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html"
+      - "map $http_upgrade $connection_upgrade {"
+      - "   default upgrade;"
+      - "   ''      close;"
+      - "}"
+    config:
+      - "location / {"
+      - "  # WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html"
+      - "  proxy_set_header  Upgrade $http_upgrade;"
+      - "  proxy_set_header  Connection $connection_upgrade;"
+      - "}"
 
 group_nft_input:
   - "# Allow web-traffic from world"
diff --git a/roles/nginx/templates/site.conf.j2 b/roles/nginx/templates/site.conf.j2
index 786f7da..181e604 100644
--- a/roles/nginx/templates/site.conf.j2
+++ b/roles/nginx/templates/site.conf.j2
@@ -1,5 +1,9 @@
 # {{ ansible_managed }}
 
+{% for line in site.pre_config | default([]) %}
+{{ line }}
+{% endfor %}
+
 server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;