From fba9e26298d4b691a42c75c16fdca887bcf477fb Mon Sep 17 00:00:00 2001
From: Edoardo Putti <edoardo.putti@gmail.com>
Date: Sun, 26 Mar 2017 12:25:25 +0200
Subject: [PATCH] split reverse proxy nginx configuration

The server, map and upstream directives can be splitted into
different files to be included into the nginx.conf configuration.
---
 roles/reverse_proxy/templates/http.j2     | 15 +++++++++++++++
 roles/reverse_proxy/templates/map.j2      | 16 ++--------------
 roles/reverse_proxy/templates/upstream.j2 |  3 +++
 3 files changed, 20 insertions(+), 14 deletions(-)
 create mode 100644 roles/reverse_proxy/templates/http.j2
 create mode 100644 roles/reverse_proxy/templates/upstream.j2

diff --git a/roles/reverse_proxy/templates/http.j2 b/roles/reverse_proxy/templates/http.j2
new file mode 100644
index 0000000..58f93a4
--- /dev/null
+++ b/roles/reverse_proxy/templates/http.j2
@@ -0,0 +1,15 @@
+server {
+    listen 80;
+
+    server_name {{ hostname }}.lilik.it www.{{ hostname }}.lilik.it;
+
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $host;
+    proxy_set_header X-NginX-Proxy true;
+
+    location / {
+        proxy_pass http://{{ hostvars[ansible_hostname]['ansible_host'] }};
+    }
+}
+
diff --git a/roles/reverse_proxy/templates/map.j2 b/roles/reverse_proxy/templates/map.j2
index 189ad28..666b8a5 100644
--- a/roles/reverse_proxy/templates/map.j2
+++ b/roles/reverse_proxy/templates/map.j2
@@ -1,14 +1,2 @@
-stream {
-	map $ssl_preread_server_name $name {
-		default original_dest;
-		{{ nome_macchina }}.lilik.it {{ nome_macchina }}_https;
-	}
-
-	upstream original_dest {
-		server 192.168.15.2:443;
-	}
-
-	upstream {{ nome_macchina }}_https {
-		server {{ hostvars[nome_macchina]['ansible_host'] }}:443;
-	}
-}
+{{ hostname }}.lilik.it {{ hostname }}_https;
+www.{{ hostname }}.lilik.it {{ hostname }}_https;
diff --git a/roles/reverse_proxy/templates/upstream.j2 b/roles/reverse_proxy/templates/upstream.j2
new file mode 100644
index 0000000..7451080
--- /dev/null
+++ b/roles/reverse_proxy/templates/upstream.j2
@@ -0,0 +1,3 @@
+upstream {{ hostname }}_https {
+    server {{ hostvars[ansible_hostname]['ansible_host'] }}:443;
+}