From 6a0727c9e68dd9d9e30ac7ca2511d77b2a915f0d Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 3 Jun 2022 20:15:36 -0700
Subject: [PATCH] proxies / openqa: rework conf file to avoid issue with openqa
 and its websockets

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 .../templates/reversepassproxy.openqa.conf    | 60 ++++++++++++++++++-
 1 file changed, 59 insertions(+), 1 deletion(-)

diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.openqa.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.openqa.conf
index ee26261dfd..29168fe565 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.openqa.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.openqa.conf
@@ -1,5 +1,63 @@
 {% if 'iad2' in inventory_hostname %}
-{% include "reversepassproxy.conf" %}
+{% if rewrite %}
+RewriteEngine On
+RewriteRule ^{{remotepath}}$ %{REQUEST_URI}/ [R=301]
+
+{% endif %}
+{% if header_scheme %}
+RequestHeader set X-Forwarded-Scheme https early
+RequestHeader set X-Scheme https early
+RequestHeader set X-Forwarded-Proto https early
+
+{% endif %}
+{% if header_expect %}
+RequestHeader unset Expect early
+
+{% endif %}
+{% if keephost %}
+ProxyPreserveHost On
+{% endif %}
+
+{% if balancer_name is defined %}
+SSLProxyEngine On
+
+<Proxy "balancer://{{balancer_name}}-websocket">
+  {% for member in balancer_members %}
+    {% if http_not_https_yes_this_is_insecure_and_i_feel_bad %}
+    {% if remotepath is defined and remotepath != "/" %}
+    BalancerMember "ws://{{ member }}{{ remotepath }}"
+    {% else %}
+    BalancerMember "ws://{{ member }}"
+    {% endif %}
+    {% else %}
+    {% if remotepath is defined and remotepath != "/" %}
+    BalancerMember "wss://{{ member }}{{ remotepath }}"
+    {% else %}
+    BalancerMember "wss://{{ member }}"
+    {% endif %}
+    {% endif %}
+  {% endfor %}
+</Proxy>
+
+RewriteEngine on
+RewriteCond %{HTTP:Upgrade} ^WebSocket$ [NC]
+RewriteCond %{HTTP:Connection} Upgrade [NC]
+{% if remotepath is defined and remotepath != "/" %}
+RewriteCond %{REQUEST_URI} ^{{ remotepath }}/(.)*
+{% endif %}
+RewriteRule .* "balancer://{{ balancer_name }}-websocket%{REQUEST_URI}" [P]
+
+<Proxy "balancer://{{balancer_name}}">
+  {% for member in balancer_members %}
+    {% if http_not_https_yes_this_is_insecure_and_i_feel_bad %}
+    BalancerMember "http://{{ member }}"
+    {% else %}
+    BalancerMember "https://{{ member }}"
+    {% endif %}
+  {% endfor %}
+</Proxy>
+ProxyPass {{ localpath }} "balancer://{{balancer_name}}{{remotepath}}"
+ProxyPassReverse {{ localpath }} "balancer://{{balancer_name}}{{remotepath}}"
 {% else %}
 Redirect 421 /
 {% endif %}