We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I think I found a bug when using variables (locals or module variables) on nginxproxymanager_proxy_host.certificate_id parameter when SSL is forced.
When I try to create a new host ressource:
main.tf:
locals { domain = "mydomain.com" certificate_id = 4 } resource "nginxproxymanager_proxy_host" "app" { domain_names = [local.domain] forward_scheme = "http" forward_host = "192.168.0.1" forward_port = 8080 caching_enabled = false allow_websocket_upgrade = false block_exploits = false access_list_id = 0 # Publicly Accessible certificate_id = local.certificate_id ssl_forced = true hsts_enabled = true hsts_subdomains = true http2_support = true advanced_config = "" }
terraform plan
│ on main.tf line 28, in resource "nginxproxymanager_proxy_host" "app": │ 28: ssl_forced = true │ │ Certificate ID is required when SSL is forced
Replace dynamic variable:
certificate_id = local.certificate_id
by a direct value:
certificate_id = 4
# module.app.nginxproxymanager_proxy_host.app will be created + resource "nginxproxymanager_proxy_host" "app" { + access_list_id = 0 + allow_websocket_upgrade = false + block_exploits = false + caching_enabled = false + certificate_id = "4" + created_on = (known after apply) + domain_names = [ + "mydomain.com", ] + enabled = (known after apply) + forward_host = "192.168.0.1" + forward_port = 8080 + forward_scheme = "http" + hsts_enabled = true + hsts_subdomains = true + http2_support = true + id = (known after apply) + meta = (known after apply) + modified_on = (known after apply) + owner_user_id = (known after apply) + ssl_forced = true # (1 unchanged attribute hidden) }
You can first disable SSL, and then use variables for certiticate_id:
resource "nginxproxymanager_proxy_host" "app" { domain_names = [local.domain] forward_scheme = "http" forward_host = "192.168.0.1" forward_port = 8080 caching_enabled = false allow_websocket_upgrade = false block_exploits = false access_list_id = 0 # Publicly Accessible certificate_id = local.certificate_id # ssl_forced = true # hsts_enabled = true # hsts_subdomains = true # http2_support = true advanced_config = "" }
# module.app.nginxproxymanager_proxy_host.app will be created + resource "nginxproxymanager_proxy_host" "app" { + access_list_id = 0 + allow_websocket_upgrade = false + block_exploits = false + caching_enabled = false + certificate_id = "4" + created_on = (known after apply) + domain_names = [ + "mydomain.com", ] + enabled = (known after apply) + forward_host = "192.168.0.1" + forward_port = 8080 + forward_scheme = "http" + hsts_enabled = false + hsts_subdomains = false + http2_support = false + id = (known after apply) + meta = (known after apply) + modified_on = (known after apply) + owner_user_id = (known after apply) + ssl_forced = false # (1 unchanged attribute hidden) }
And, once the resource is already created, enable SSL and update:
resource "nginxproxymanager_proxy_host" "app" { domain_names = [local.domain] forward_scheme = "http" forward_host = "192.168.0.1" forward_port = 8080 caching_enabled = false allow_websocket_upgrade = false block_exploits = false access_list_id = 0 # Publicly Accessible certificate_id = local.certificate_id ssl_forced = true hsts_enabled = true hsts_subdomains = true http2_support = true advanced_config = "" }
# nginxproxymanager_proxy_host.app will be updated in-place ~ resource "nginxproxymanager_proxy_host" "app" { ~ hsts_enabled = false -> true ~ hsts_subdomains = false -> true ~ http2_support = false -> true id = 17 ~ meta = { - "nginx_err" = "null" - "nginx_online" = "true" } -> (known after apply) ~ modified_on = "2024-08-07 12:23:12" -> (known after apply) ~ ssl_forced = false -> true # (13 unchanged attributes hidden) }
The second workaround is working only with "locals" values. For a terraform module, variables are not working, with this kind of usage:
variable "certificate_id" { type = string }
The text was updated successfully, but these errors were encountered:
No branches or pull requests
I think I found a bug when using variables (locals or module variables) on nginxproxymanager_proxy_host.certificate_id parameter when SSL is forced.
Error Case
When I try to create a new host ressource:
main.tf:
terraform plan
First workaround: don't use variables for certificate_id
Replace dynamic variable:
by a direct value:
Second workaround: disable SSL, create, then enable SSL and update
You can first disable SSL, and then use variables for certiticate_id:
terraform plan
And, once the resource is already created, enable SSL and update:
main.tf:
terraform plan
Impossible to create a terraform module with this bug
The second workaround is working only with "locals" values. For a terraform module, variables are not working, with this kind of usage:
The text was updated successfully, but these errors were encountered: