nexus stuff

host_vars/nexus.yaml

@@ -0,0 +1,14 @@
+---
+webserver:
+  defaultservername: nexus.kmlabz.com
+  customrule: |
+    server {
+            listen 443 ssl http2;
+            listen [::]:443 ssl http2;
+            server_name registry.kmlabz.com;
+            ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+            ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+            location /{
+                proxy_pass  http://127.0.0.1:8080;
+            }
+    }

roles/webgateway/templates/nginx.conf

@@ -92,4 +92,4 @@ http {
         }
 
         {% endfor %}
-}
+}

roles/webserver/defaults/main.yaml

@@ -0,0 +1,3 @@
+webserver:
+  customrule: ""
+  defaultservername: "_"

roles/webserver/tasks/main.yaml

@@ -12,13 +12,13 @@
     state: restarted
     enabled: yes
 
-- name: Upload site config to destination
+- name: "Generate nginx configuration"
-  copy:
+  ansible.builtin.template:
     src: nginx.conf
     dest: /etc/nginx/nginx.conf
-    mode: 644
     owner: root
     group: root
+    mode: '0644'
 
 - name: Reload nginx daemon
   service:

roles/webserver/templates/nginx.conf

@@ -54,6 +54,8 @@ http {
         proxy_buffering    off;
         proxy_request_buffering off;
 
+        {{webserver.customrule}}
+
         server {
 
             listen 80 default_server;
@@ -65,11 +67,11 @@ http {
         server {
             listen 443 ssl http2;
             listen [::]:443 ssl http2;
-            server_name _;
+            server_name {{webserver.defaultservername}};
             ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
             ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
             location /{
                 proxy_pass  http://127.0.0.1:8080;
             }
         }
-}
+}