From 94d50a5072b69cfe758e9df1ca9f77e51997bf40 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torma=20Krist=C3=B3f?= <tormakristof@tormakristof.eu>
Date: Sat, 16 Apr 2022 18:04:52 +0200
Subject: [PATCH] nexus stuff

---
 host_vars/nexus.yaml                            | 14 ++++++++++++++
 roles/webgateway/templates/nginx.conf           |  2 +-
 roles/webserver/defaults/main.yaml              |  3 +++
 roles/webserver/tasks/main.yaml                 |  6 +++---
 roles/webserver/{files => templates}/nginx.conf |  6 ++++--
 5 files changed, 25 insertions(+), 6 deletions(-)
 create mode 100644 host_vars/nexus.yaml
 create mode 100644 roles/webserver/defaults/main.yaml
 rename roles/webserver/{files => templates}/nginx.conf (95%)

diff --git a/host_vars/nexus.yaml b/host_vars/nexus.yaml
new file mode 100644
index 0000000..e206b79
--- /dev/null
+++ b/host_vars/nexus.yaml
@@ -0,0 +1,14 @@
+---
+webserver:
+  defaultservername: nexus.kmlabz.com
+  customrule: |
+    server {
+            listen 443 ssl http2;
+            listen [::]:443 ssl http2;
+            server_name registry.kmlabz.com;
+            ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+            ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+            location /{
+                proxy_pass  http://127.0.0.1:8080;
+            }
+    }
diff --git a/roles/webgateway/templates/nginx.conf b/roles/webgateway/templates/nginx.conf
index fe01e74..15c96af 100644
--- a/roles/webgateway/templates/nginx.conf
+++ b/roles/webgateway/templates/nginx.conf
@@ -92,4 +92,4 @@ http {
         }
 
         {% endfor %}
-}
\ No newline at end of file
+}
diff --git a/roles/webserver/defaults/main.yaml b/roles/webserver/defaults/main.yaml
new file mode 100644
index 0000000..47a1986
--- /dev/null
+++ b/roles/webserver/defaults/main.yaml
@@ -0,0 +1,3 @@
+webserver:
+  customrule: ""
+  defaultservername: "_"
diff --git a/roles/webserver/tasks/main.yaml b/roles/webserver/tasks/main.yaml
index 545ae12..ef21678 100644
--- a/roles/webserver/tasks/main.yaml
+++ b/roles/webserver/tasks/main.yaml
@@ -12,13 +12,13 @@
     state: restarted
     enabled: yes
 
-- name: Upload site config to destination
-  copy:
+- name: "Generate nginx configuration"
+  ansible.builtin.template:
     src: nginx.conf
     dest: /etc/nginx/nginx.conf
-    mode: 644
     owner: root
     group: root
+    mode: '0644'
 
 - name: Reload nginx daemon
   service:
diff --git a/roles/webserver/files/nginx.conf b/roles/webserver/templates/nginx.conf
similarity index 95%
rename from roles/webserver/files/nginx.conf
rename to roles/webserver/templates/nginx.conf
index 40ce8c9..93e6915 100644
--- a/roles/webserver/files/nginx.conf
+++ b/roles/webserver/templates/nginx.conf
@@ -54,6 +54,8 @@ http {
         proxy_buffering    off;
         proxy_request_buffering off;
 
+        {{webserver.customrule}}
+
         server {
 
             listen 80 default_server;
@@ -65,11 +67,11 @@ http {
         server {
             listen 443 ssl http2;
             listen [::]:443 ssl http2;
-            server_name _;
+            server_name {{webserver.defaultservername}};
             ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
             ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
             location /{
                 proxy_pass  http://127.0.0.1:8080;
             }
         }
-}
\ No newline at end of file
+}