From 40c27aeef36658055f232dcd46703fb8b8a9e576 Mon Sep 17 00:00:00 2001
From: Valentin Gologuzov <vgologuz@redhat.com>
Date: Thu, 11 Jun 2015 16:32:15 +0200
Subject: [PATCH] [dopr] add nginx to proxy http

---
 roles/dopr/files/nginx.conf      | 32 ++++++++++++++++++++++++++++++++
 roles/dopr/files/nginx/cdic.conf | 17 +++++++++++++++++
 roles/dopr/tasks/main.yml        |  8 ++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 roles/dopr/files/nginx.conf
 create mode 100644 roles/dopr/files/nginx/cdic.conf

diff --git a/roles/dopr/files/nginx.conf b/roles/dopr/files/nginx.conf
new file mode 100644
index 0000000000..2b78a7fb86
--- /dev/null
+++ b/roles/dopr/files/nginx.conf
@@ -0,0 +1,32 @@
+user  nginx;
+worker_processes  8;
+
+error_log  /var/log/nginx/error.log;
+#error_log  /var/log/nginx/error.log  notice;
+#error_log  /var/log/nginx/error.log  info;
+
+pid        /run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type text/plain;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+
+    keepalive_timeout  65;
+    gzip  on;
+
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/roles/dopr/files/nginx/cdic.conf b/roles/dopr/files/nginx/cdic.conf
new file mode 100644
index 0000000000..f8c45770f6
--- /dev/null
+++ b/roles/dopr/files/nginx/cdic.conf
@@ -0,0 +1,17 @@
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server ipv6only=on;
+
+    location / {
+        # checks for static file, if not found proxy to app
+        try_files $uri @proxy_to_app;
+    }
+
+    location @proxy_to_app {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_redirect off;
+
+        proxy_pass   http://127.0.0.1:8000;
+    }
+}
diff --git a/roles/dopr/tasks/main.yml b/roles/dopr/tasks/main.yml
index 47fa3ff195..8e8c31c3c7 100644
--- a/roles/dopr/tasks/main.yml
+++ b/roles/dopr/tasks/main.yml
@@ -32,6 +32,7 @@
   - python3-psycopg2
   - python-psycopg2  # for psql utils
   - phantomjs
+  - nginx
 
 - name: git clone casperjs
   git: repo=git://github.com/n1k0/casperjs.git
@@ -80,6 +81,13 @@
 
 - include: "psql_setup.yml"
 
+- name: Allow nginx to connect to upstream
+  seboolean: name=httpd_can_network_connect state=yes persistent=yes
+
+# copy nginx config
+- copy: src="nginx.conf" dest="/etc/nginx/nginx.conf"
+- copy: src="nginx/cdic.conf" dest="/etc/nginx/conf.d/"
+
 - name: enables services
   service: state=running enabled=yes name={{ item }}
   with_items: