From: Clinton Ebadi <clinton@unknownlamer.org>
Date: Thu, 6 Sep 2018 01:42:05 +0000 (-0400)
Subject: lib: add webSsl directive
X-Git-Tag: release_20181012~1
X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/commitdiff_plain/6052cb791358d8865851ce8d3ce4fd24d672fee2?ds=sidebyside

lib: add webSsl directive

Allows sharing config between http/https vhosts and optionally can
force https.
---

diff --git a/lib/defaults.dtl b/lib/defaults.dtl
index 6b6fbe7..38857ed 100644
--- a/lib/defaults.dtl
+++ b/lib/defaults.dtl
@@ -34,6 +34,7 @@ var TTL : int = defaultTTL;
 
 var WWW : [Vhost] = Skip;
 var CreateWWW : bool = true;
+var ForceSSL : bool = true;
 var DefaultA : bool = true;
 var DefaultAlias : bool = true;
 var DefaultAliasSource : aliasSource = userSource defaultMailUser;
diff --git a/lib/easy_domain.dtl b/lib/easy_domain.dtl
index 61ae8f8..0f05a7c 100644
--- a/lib/easy_domain.dtl
+++ b/lib/easy_domain.dtl
@@ -37,6 +37,26 @@ val webAtIp =
     end
   end;
 
+val webSsl = \ host -> \ certFile -> \\ config : Vhost -> begin
+  n <- DefaultWebNode;
+  webAt n host where
+    SSL = certFile;
+  with config end;
+
+  force_ssl <- ForceSSL;
+  if force_ssl then
+    webAt n host where
+      SSL = no_ssl;
+    with
+      rewriteRule "^(.*)$" "https://%{HTTP_HOST}$1" [redirect];
+    end;
+  else
+    webAt n host where
+      SSL = no_ssl;
+    with config end;
+  end;
+end;
+
 val addDefaultAlias = begin
   mailbox <- Mailbox;
   source <- DefaultAliasSource;