Do not https_redirect 000-default vhost

[muelli]

The problem is that the currently generated default Redirect line takes
the "name" as redirection target. The name, in this default case, is
"000-default", so Apache would redirect to https://000-default/ which is
nonsensical.

By setting redirect_to_https to False the redirection won't be
established.

[ypid]

Thanks for the PR! #8 addresses this issue already by adding a apache__default_vhost_name. The times of no redirect to https or http as default are over 😄
Does this work for you?

[muelli]

True. The proposed changes in #8 make it indeed not redirect to "000-default". Feel free to close this issue.
It may be more appropriate for the default host to redirect to the host the client requested, because obviously the request came for a host that Apache doesn't know about. In that case, the following group snippet works better, I think:

            # From http://serverfault.com/a/739128/193114
            <ifmodule mod_rewrite.c>
                RewriteEngine On
                RewriteOptions InheritDown
                RewriteCond %{HTTPS} off
                RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
                RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
            </ifmodule>

As an added bonus, if put in global scope rather than for the default vhost, this snippet also works for all vhosts and the vhosts can probably selectively disable it with RewriteOption IgnoreInherit.

[ypid]

I can see that there are use cases for the rewrite snippet you posted. My use case is a bit different:

apache__default_vhost:

  name: '{{ apache__default_vhost_name }}'
  filename: '000-default'
  redirect_http: 'https://main-service-running-on-server.example.org/'
  redirect_https: 'https://main-service-running-on-server.example.org/'
  redirect_http_code: '301'
  redirect_https_code: '301'
  hsts_enabled: False

But I am open for PRs which implement your snippet in vhost context as an option.
ACME support ref: #1
Closing this issue as discussed.

[muelli]

I feel like your use case is a more narrow form of the general snippet I posted and is not inherently incompatible.
Theoretically, it should be possible to check whether a vhost defined redirect_https and then use that value in a Rewrite clause. If no redirect_https is defined the globally configured Rewrite rule applies and the client gets a redirect.

The benefit would be that it's globally configured thus vhosts have to opt out. Also, it allows for easier integration with, say, the global ACME rule.