ansible: create a load balance nginx config

Signed-off-by: Alfredo Deza <adeza@redhat.com>

diff --git a/ansible/roles/nginx/templates/nginx_balancer.conf b/ansible/roles/nginx/templates/nginx_balancer.conf
new file mode 100644 (file)
index 0000000..da1e8c5
--- /dev/null
+++ b/ansible/roles/nginx/templates/nginx_balancer.conf
@@ -0,0 +1,24 @@
+server {
+    listen       443 ssl;
+    server_name  {{ item.fqdn }};
+
+    ssl_certificate     /etc/ssl/certs/{{ item.fqdn }}-bundled.crt;
+    ssl_certificate_key /etc/ssl/private/{{ item.fqdn }}.key;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    add_header Strict-Transport-Security "max-age=31536000";
+
+    access_log  /var/log/nginx/{{ item.name }}-access.log upstreamlog;
+    error_log /var/log/nginx/{{ item.name }}-error.log;
+
+
+    location / {
+      proxy_set_header        Host $host;
+      proxy_set_header        X-Real-IP $remote_addr;
+      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header        X-Forwarded-Proto $scheme;
+
+      proxy_pass          https://{{ item.name }};
+      proxy_read_timeout  30;
+    }
+
+}