#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}

{% if item.upstream is defined and item.upstream %}
upstream {{ item.upstream.name }} {
    {% for upserver in item.upstream.servers %}
    server {{ upserver }};
    {% endfor %}
}
{% endif %}
{% for server in item.servers %}

server {
    listen       {{ server.port }}{{ ' ssl' if server.tls is defined and server.tls else '' }};
    {% if not server.server_name is string and server.server_name is iterable %}
    server_name  {{ server.server_name | join(" ") }};
    {% else %}
    server_name  {{ server.server_name }};
    {% endif %}
    {% if server.tls is defined and server.tls %}

    ssl_certificate /etc/pki/tls/certs/{{ server.tls.cert }};
    ssl_certificate_key /etc/pki/tls/private/{{ server.tls.key }};
    {% if server.tls.dhparam is defined %}
    ssl_dhparam {{ item.value.ssl.dhparam }};
    {% endif %}
    {% endif %}
    {% if server.tls_redirect | default(False) %}

    return 301 https://{% if server.tls_redirect_url is defined %}{{ server.tls_redirect_url }}{% else %}$server_name{% endif %}$request_uri;
    {% else %}
    {% if server.client_max_body_size is defined and server.client_max_body_size %}
    client_max_body_size {{ server.client_max_body_size }};
    {% endif %}
    {% if server.send_timeout is defined and server.send_timeout %}
    send_timeout {{ server.send_timeout }};
    {% endif %}

    {% for location in server.locations %}
    location {{ location.match }} {
        {% if location.root is defined and location.root %}
        root   {{ location.root }};
        {% endif %}
        {% if location.index is defined and location.index %}
        index  {{ location.index }};

        {% endif %}
        {% if location.proxy_pass is defined and location.proxy_pass %}
        proxy_pass {{ location.proxy_pass }};
        {% if location.proxy_http_version is defined and location.proxy_http_version %}
        proxy_http_version {{ location.proxy_http_version }};
        {% endif %}
        {% if location.proxy_buffering is defined and location.proxy_buffering %}
        proxy_buffering {{ location.proxy_buffering }};
        {% endif %}
        {% if location.proxy_connect_timeout is defined and location.proxy_connect_timeout %}
        proxy_connect_timeout {{ location.proxy_connect_timeout }};
        {% endif %}
        {% if location.proxy_read_timeout is defined and location.proxy_read_timeout %}
        proxy_read_timeout {{ location.proxy_read_timeout }};
        {% endif %}
        {% if location.proxy_send_timeout is defined and location.proxy_send_timeout %}
        proxy_send_timeout {{ location.proxy_send_timeout }};
        {% endif %}
        {% if location.proxy_headers is defined and location.proxy_headers %}

        {% for pheader in location.proxy_headers %}
        proxy_set_header {{ pheader }};
        {% endfor %}
        {% endif %}
        {% endif %}
        {% if location.custom_options is defined and location.custom_options %}

        {% for inline_option in location.custom_options %}
        {{ inline_option }};
        {% endfor %}
        {% endif %}
    }

    {% endfor %}
    # redirect server error pages to the static page /50x.html
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   {{ item.error_page | default("/usr/share/nginx/html") }};
    }
    {% endif %}
}
{% endfor %}