diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.forge.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.forge.conf index 6f71a88e29..1310ebb851 100644 --- a/roles/httpd/reverseproxy/templates/reversepassproxy.forge.conf +++ b/roles/httpd/reverseproxy/templates/reversepassproxy.forge.conf @@ -7,6 +7,20 @@ SSLProxyVerify require SSLProxyVerifyDepth 2 SSLProxyCACertificateFile "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" +# Forgejo can't decide whether to render root-relative links as relative +# to the server root or the repo root, and currently behaves differently +# for image and non-image links: +# https://codeberg.org/forgejo/forgejo/issues/6360#issuecomment-9010932 + +# This first match handles cases where the link is rendered relative to +# to repo. As all repos must have an org in Forgejo, if there are more +# than two directories before /issue, this must be repo-relative; the +# third match will be either pagurerepo or pagureorg/pagurerepo +ProxyPassMatch ^/(.+?)/(.+?)/(.+?)/issue/raw/files/(.*)$ https://pagure.io/$3/issue/raw/files/$4 + +# This match handles cases where the link is rendered relative to the +# server root; if we didn't hit the first match, the first match here +# will be pagurerepo or pagureorg/pagurerepo ProxyPassMatch ^/(.+?)/issue/raw/files/(.*)$ https://stg.pagure.io/$1/issue/raw/files/$2 {% endif %}