feat(schema): add proxy_websocket_locations for expose settings

The setting "proxy_websocket_locations" below expose settings can be used
to provide paths where WebSocket endpoints are being exposed.
Those require special parameters when proxying!

Author: saitho

Documentation/ansible-playbooks/inventory.md

@@ -23,7 +23,7 @@ all:
       stackhead__webserver: getstackhead.stackhead_webserver_nginx # use NGINX as webserver
       stackhead__container: getstackhead.stackhead_container_docker # use Docker for containers
       stackhead__plugins: [] # list of plugins
-      stackhead__tf_update_realtime: yes # if "no" Terraform updates will be performed via cron (every 5 minutes)
+      stackhead__tf_update_realtime: yes # if "no" Terraform updates will be performed via cron (every 5 minutes of an hour)
       stackhead__tf_update_interval: *:0/5 # Terraform auto-update interval, default: 5 minutes
       ansible_host: 123.456.789.10
       stackhead:

Documentation/introduction/project-definition.md

@@ -34,6 +34,7 @@ domains:
       - internal_port: 80 # port inside the container
         external_port: 80 # port where service can be reached by browsers (i.e. example.com:80)
         service: app # name of service that should be exposed
+        proxy_websocket_locations: ["/socket"] # service provides a WebSocket endpoint at /socket we need to set here!
     security:
       authentication:
         - type: basic # basic authentication: users will have to authenticate with username ("user") and password ("pass")
@@ -91,6 +92,15 @@ Setting _external\_port_ to 443 is not allowed, as HTTPS forwarding is automatic
 Make sure to define the different _external\_port_ within one project definition, so that each port is only used once!
 {% endhint %}
 
+#### proxy_websocket_locations
+
+If your service provides WebSocket endpoint, set them here as those need to be proxied with special parameters.
+
+{% hint style="warning" %}
+Please do not set `/` or `/.well-known/acme-challenge` as WebSocket locations.
+{% endhint %}
+
+
 ### domains.\*.security
 
 These options can be used to add further security to your projects.

Documentation/stackhead-cli/cli-configuration.md

@@ -18,6 +18,8 @@ modules:
   container: docker
   plugins:
     - watchtower # load getstackhead.stackhead_plugin_watchtower plugin
+certificates:
+  register_email: "my-certificates-mail@mydomain.com" # Email address used for creating SSL certificates. Will receive notice when they expire.
 terraform:
   update_interval: "*-*-* 4:00:00" # perform Terraform update everyday at 4am, see Unix timer "OnCalendar" setting
 config:

ansible/roles/stackhead_module_api/testdata/variables.yml

@@ -14,6 +14,7 @@ app_config:
         - service: nginx
           internal_port: 80
           external_port: 80
+          proxy_websocket_locations: ['/socket']
       security:
         authentication:
           - type: basic

ansible/schemas/examples/project-definition/valid/project-secured.stackhead.yaml

@@ -13,6 +13,7 @@ domains:
         - type: basic
           username: user
           password: pass
+          proxy_websocket_locations: ["/socket"]
 container:
   registries:
     - username: dockerhubuser

ansible/schemas/project-definition/container.json

@@ -122,6 +122,13 @@
                 "type": "integer",
                 "description": "Port that is exposed by web server. Traffic received on this port is forwarded to the internal Docker container port. Note that HTTPS forwarding is generated automatically if external_port is 80, so port is not allowed here!"
               },
+              "proxy_websocket_locations": {
+                "type": "array",
+                "description": "Locations that serve as Websocket endpoint. Those need to be proxied separately.",
+                "items": {
+                  "type": "string"
+                }
+              },
               "required": ["service", "internal_port", "external_port"]
             }
           }