First shot proxy (unstable)

defaults/main.yml

@@ -70,3 +70,4 @@ nginx_http:
 #  etag: 'off'
 
 nginx_vhosts: []
+nginx_upstreams: []

tasks/upstream.yml

@@ -4,3 +4,7 @@
   template: src=etc/nginx/upstream/php.conf.j2 dest=/etc/nginx/conf.d/php.conf
   notify: reload nginx
 
+- name: TEMPLATE | Deploy other upstreams
+  template: src=etc/nginx/upstream/upstream.conf.j2 dest=/etc/nginx/conf.d/upstream-{{ item.name }}.conf
+  with_items: nginx_upstreams
+  notify: reload nginx

tasks/vhost.yml

@@ -8,7 +8,7 @@
     group={{ item.group | default('www-data') }}
     mode={{ item.mode | default('0755') }}
   with_items: nginx_vhosts
-  when: item.root is not defined
+  when: item.root is not defined and item.template != '_proxy'
 
 - name: TEMPLATE | Create vhosts
   template: >

templates/etc/nginx/sites-available/_base.j2

@@ -43,6 +43,7 @@ server {
 		deny all;
 	}
 
+{% block template_local_content %}
 	location = /favicon.ico {
 		expires 30d;
 		access_log off;
@@ -53,6 +54,7 @@ server {
 		expires 30d;
 		log_not_found off;
 	}
+{% endblock %}
 
 {% if __location is iterable and __location | length > 0 %}
 	# --> Custom locations

templates/etc/nginx/sites-available/_proxy.j2

@@ -0,0 +1,23 @@
+{% extends "_base.j2" %}
+
+{% block template_try_files %}
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		
+		proxy_pass http://{{ item.upstream_name }};
+		proxy_read_timeout 90;
+		
+		{#proxy_redirect http://{{ upstream.name }} https://jenkins.domain.tld;#}
+
+{% if item.proxy_params is defined and item.proxy_params is iterable %}
+{% for param in item.proxy_params %}
+		{{ param }}
+{% endfor %}
+{% endif %}
+{% endblock %}
+
+{# We flush the default local content (locations) #}
+{% block template_local_content %}
+{% endblock %}

templates/etc/nginx/upstream/upstream.conf.j2

@@ -0,0 +1,19 @@
+{%- macro s(key, value, is_bool, min_version) %}
+{% if nginx_version.stdout | version_compare(min_version, 'ge') %}
+{% if is_bool and value %} {{ key }}{% else %} {{ key }}={{ value }}{% endif %}
+{% endif %}
+{%- endmacro -%}
+#
+# {{ ansible_managed }}
+#
+
+upstream {{ item.name }} {
+{% for server in item.servers %}
+	server {{ server.name }}{% for p in nginx_upstream_server_params if server[p.key] is defined %}{{ s(p.key, server[p.key] | default(p.default), p.is_bool | default(false), p.min_version | default('0.0.1')) }}{% endfor %};
+{% endfor %}
+{% if item.params is defined and item.params is iterable %}
+{% for param in item.params %}
+	{{ param }};
+{% endfor %}
+{% endif %}
+}

tests/test.yml

@@ -8,6 +8,13 @@
         - curl
   vars:
     nginx_php: true
+    nginx_upstreams:
+      - name: 'test'
+        servers:
+          - name: '127.0.0.1:10000'
+            max_conns: 150
+            weight: 10
+            down: false
     nginx_vhosts:
       - name:
           - 'test.local'
@@ -28,6 +35,10 @@
         redirect_from:
           - 'www.test-php.local'
         template: '_php'
+      - name:
+          - 'test-proxy.local'
+        template: '_proxy'
+        upstream_name: 'test'
       - name:
           - 'deleted.local'
         template: '_base'

vars/main.yml

@@ -1 +1,24 @@
 nginx_dh_path: /etc/nginx/ssl/dhparams.pem
+
+nginx_upstream_server_params:
+  - key: 'weight'
+    default: 1
+  - key: 'max_fails'
+    default: 1
+  - key: 'fail_timeout'
+    default: '10s'
+  - key: 'backup'
+    is_bool: true
+  - key: 'down'
+    is_bool: true
+    default: false
+  - key: 'route'
+    default: 'configuration_error'
+  - key: 'slow_start'
+    default: 0
+  - key: 'max_conns'
+    default: 0
+    min_version: '1.5.9'
+  - key: 'resolve'
+    is_bool: true
+    min_version: '1.5.12'