From 955efaefdfa5dcf9f528e7d95eb6ce24a7c7dc3a Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Tue, 2 Feb 2016 21:20:06 +0100
Subject: [PATCH] Possibility to ProxyPass only ACME challenge URL

---
 .../etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content  | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
index 52dfbb5..b59bfa5 100644
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
@@ -21,9 +21,17 @@ my @groups = split(/[;,]/, ($domain->prop('AllowGroups') || ''));
 # ProxyPass ?
 if ($target =~ m|https?://[\d\w\.\-/]*|){
     $OUT .= "    SetEnv proxy-nokeepalive 1\n" if ($keepalive eq 'yes');
-    $OUT .= "    ProxyPass /.well-known/acme-challenge/ !\n" unless ($proxy_acme eq 'enabled');
-    $OUT .= "    ProxyPass / $target\n";
-    $OUT .= "    ProxyPassReverse / $target\n";
+    if ($proxy_acme eq 'disabled'){
+      $OUT .= "    ProxyPass /.well-known/acme-challenge/ !\n";
+    }
+    elsif ($proxy_acme eq 'only'){
+      $OUT .= "    ProxyPass /.well-known/acme-challenge/ $target" . ".well-known/acme-challenge/\n";
+      $OUT .= "    ProxyPassReverse / $target" . ".well-known/acme-challenge/\n";
+    }
+    else{
+      $OUT .= "    ProxyPass / $target\n";
+      $OUT .= "    ProxyPassReverse / $target\n";
+    }
     $OUT .= "    ProxyPreserveHost on\n" if ($preserve eq 'yes');
 }
 # Rewrite ?