playbooks: enable proxy protocol forwarding

Setting `reverse_proxy_proxy_protocol: true` and
`nginx_proxy_protocol: true` in nginx roles enable the forwarding of
the original connection address from the reverse_proxy to the target
nginx instance, using the established TCP PROXY PROTOCOL (adding a TCP
header, so working also for TLS connections that are not terminated at
the reverse proxy).

**Warning**

The `reverse_proxy_proxy_protocol` settings acts globally on the
reverse proxy nodes, so every virtual server on the reverse proxy must
accept and correctly handle proxy protocol headers.

This settings must be the same for every host sharing the same reverse
proxy, otherwise the setting will be changed globally at every run.

host_login.yaml

@@ -7,8 +7,8 @@
 
 - hosts: 'login'
   vars:
-    reverse_proxy_proxy_protocol: false
-    nginx_proxy_protocol: false
+    reverse_proxy_proxy_protocol: true
+    nginx_proxy_protocol: true
   roles:
     - role: 'dns_record'
     - role: 'reverse_proxy'

host_matrix.yaml

@@ -5,6 +5,9 @@
     vm_size: '10G'
 
 - hosts: 'matrix'
+  vars:
+    nginx_proxy_protocol: true
+    reverse_proxy_proxy_protocol: true
   roles:
     - role: 'dns_record'
     - role: 'reverse_proxy'

host_nextcloud.yaml

@@ -7,8 +7,8 @@
 
 - hosts: 'nextcloud'
   vars:
-    reverse_proxy_proxy_protocol: false
-    nginx_proxy_protocol: false
+    reverse_proxy_proxy_protocol: true
+    nginx_proxy_protocol: true
     nginx_tls_1_2: true
   roles:
     - role: 'dns_record'

host_status.yaml

@@ -7,8 +7,8 @@
 
 - hosts: 'status'
   vars:
-    nginx_proxy_protocol: false
-    reverse_proxy_proxy_protocol: false
+    nginx_proxy_protocol: true
+    reverse_proxy_proxy_protocol: true
   roles:
       - role: 'dns_record'
       - role: 'reverse_proxy'