From eba153f8b1930b9152b88c42231a989be3a884dc Mon Sep 17 00:00:00 2001
From: Edoardo Putti <edoardo.putti@gmail.com>
Date: Fri, 24 Mar 2017 12:22:02 +0100
Subject: [PATCH] draft for a role to provide reverse proxy with SNI

---
 roles/reverse_proxy/tasks/main.yaml            |  9 +++++++++
 roles/reverse_proxy/templates/reverse_proxy.j2 | 14 ++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 roles/reverse_proxy/tasks/main.yaml
 create mode 100644 roles/reverse_proxy/templates/reverse_proxy.j2

diff --git a/roles/reverse_proxy/tasks/main.yaml b/roles/reverse_proxy/tasks/main.yaml
new file mode 100644
index 0000000..0fdb755
--- /dev/null
+++ b/roles/reverse_proxy/tasks/main.yaml
@@ -0,0 +1,9 @@
+---
+# possibili nome macchina
+# ansible_nodename
+# ansible_hostname
+- name: Upload reverse proxy configuration
+  template:
+    src: reverse_proxy.j2
+    dest: "/etc/nginx/nginx.conf.d/{{ nome_macchina }}.conf"
+
diff --git a/roles/reverse_proxy/templates/reverse_proxy.j2 b/roles/reverse_proxy/templates/reverse_proxy.j2
new file mode 100644
index 0000000..189ad28
--- /dev/null
+++ b/roles/reverse_proxy/templates/reverse_proxy.j2
@@ -0,0 +1,14 @@
+stream {
+	map $ssl_preread_server_name $name {
+		default original_dest;
+		{{ nome_macchina }}.lilik.it {{ nome_macchina }}_https;
+	}
+
+	upstream original_dest {
+		server 192.168.15.2:443;
+	}
+
+	upstream {{ nome_macchina }}_https {
+		server {{ hostvars[nome_macchina]['ansible_host'] }}:443;
+	}
+}