Apache image - Migrating existing Drupal sites may have challenges with http / https

[g7morris]

Issue description

During a test migration of a non-ISLE site to ISLE, I've noticed that one existing Drupal site was unable to properly use the https protocol for urls. The end result was that some of the site was using http for URLs and the other was https. Thus any browser would complain of "mixed media" mode and thus block serving of assets.

Setting the $base_url with the site domain of course would work but this caused issues with the reverse proxy and services like adore-djatoka in early testing with ISLE v1.0.

I tested adding the following under the commented out $base_url section:

$_SERVER['HTTPS'] = 'on';
$conf['https'] = TRUE;

^ This made the site work properly and serve up the critical css, js etc. I'd recommend we use this to enforce the site's use of the https rather than falling back to using $base_url.

Recommend we add this code snippet to the Apache image Dockerfile, @br2490 and I'll leave it to you to determine and workout that process given the creation of the settings.php file is a dynamic process with confd.

[br2490]

We do not use or suggest setting the base_url Please look at the .htaccess for how to resolve the SSL issue. Even if the base URL is SET and http is hardcorded the .htaccess should overwrite it. This would be in the install_site script. Could you review this and remove the blocking status.

Best

Benjamin Rosner

Instructional Application Developer Instructional Media and Technology, Barnard Library and Academic Information Services p: 212-854-9005

On Fri, Oct 26, 2018 at 10:02 AM Gavin Morris notifications@github.com wrote:

Assigned #188 https://github.com/Islandora-Collaboration-Group/ISLE/issues/188 to @br2490 https://github.com/br2490.

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/Islandora-Collaboration-Group/ISLE/issues/188#event-1928922064, or mute the thread https://github.com/notifications/unsubscribe-auth/ANhlbEf0M5zzBBC-dlvHRA1ko895N62eks5uoxXYgaJpZM4X8TAw .

[g7morris]

So @br2490 if I understand your request to review, you're indicating that ISLE users migrating their sites should be adding line 22 from the https://github.com/Islandora-Collaboration-Group/ISLE-Drupal-Build-Tools/blob/master/isle_islandora_installer.sh to their .htaccess file regardless of their potential customization?

# Respond with HTTPS if front-end proxy is using HTTPS.
echo "SetEnvIf X-Forwarded-Proto https HTTPS=on" | tee -a /tmp/drupal_install/.htaccess

ISLE enduser would have to modify to something like

echo "SetEnvIf X-Forwarded-Proto https HTTPS=on" | tee -a /var/www/html/.htaccess

when shelled into the apache container.

@marksandford I think ultimately this is a documentation issue and a "blocker" for those who need to migrate a site. This is not readily apparent as a step necessary for full site functionality per se. Given that there are multiple steps here we should flesh this out more to avoid challenges.

I'm going to test this now per @br2490 's direction.

[g7morris]

Confirming that @br2490 's recommendation works as expected. Thank you @br2490 However I'm going to leave the blocker up as this is a big step missing from the documentation in my opinion.

[br2490]

add to .gitignore "acme.json"

[marksandford]

Just checking.. did Add edit to .htaccess #92 resolve this fully in terms of documentation?

[marksandford]

I added this to the docs, and Ben has approved. This can probably be closed, pending Ben's okay.