From 1068e7a2d4ab478d789d6cec85f3e59ca8e130bf Mon Sep 17 00:00:00 2001
From: Alfredo Deza <adeza@redhat.com>
Date: Fri, 15 Jul 2016 10:43:49 -0400
Subject: [PATCH] ansible: create a load balance nginx config

Signed-off-by: Alfredo Deza <adeza@redhat.com>
---
 .../roles/nginx/templates/nginx_balancer.conf | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 ansible/roles/nginx/templates/nginx_balancer.conf

diff --git a/ansible/roles/nginx/templates/nginx_balancer.conf b/ansible/roles/nginx/templates/nginx_balancer.conf
new file mode 100644
index 00000000..da1e8c56
--- /dev/null
+++ b/ansible/roles/nginx/templates/nginx_balancer.conf
@@ -0,0 +1,24 @@
+server {
+    listen       443 ssl;
+    server_name  {{ item.fqdn }};
+
+    ssl_certificate     /etc/ssl/certs/{{ item.fqdn }}-bundled.crt;
+    ssl_certificate_key /etc/ssl/private/{{ item.fqdn }}.key;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    add_header Strict-Transport-Security "max-age=31536000";
+
+    access_log  /var/log/nginx/{{ item.name }}-access.log upstreamlog;
+    error_log /var/log/nginx/{{ item.name }}-error.log;
+
+
+    location / {
+      proxy_set_header        Host $host;
+      proxy_set_header        X-Real-IP $remote_addr;
+      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header        X-Forwarded-Proto $scheme;
+
+      proxy_pass          https://{{ item.name }};
+      proxy_read_timeout  30;
+    }
+
+}
-- 
2.39.5