ansible-role-nginx-config-s3svc/tasks/main.yml

---
- ansible.builtin.blockinfile:
    path: /etc/nginx/nginx.conf
    block: |
      upstream storage_nemunaire {
      {% for server in s3_hosts %}
          server {{ server.host }}:{{ server.port | default(9000) }}{% if server.backup is defined and server.backup %} backup{% endif %};
      {% endfor %}
      }      
    insertafter: 'http {'
    marker: "# {mark} ANSIBLE MANAGED BLOCK storage_nemunaire"

- ansible.builtin.set_fact:
    server: |
        location / {
            gzip            on;
            gzip_types      application/javascript text/javascript text/css;

            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            proxy_connect_timeout 300;
            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            proxy_set_header Authorization "";
            proxy_intercept_errors on;
            chunked_transfer_encoding off;
            proxy_pass https://storage_nemunaire/{{ bucket }}{{ path }}/;

            if ($uri ~ (.css|.js|.jpg|.png|.webp|.ico|.woff|.woff2|.ttf)$) {
                expires max;
            }

            error_page 404 = @rewrite_proxy;
            {% for error_page in error_pages %}
            {% if error_page != 404 %}
            error_page {{ error_page }} {{ error_pages[error_page] }};
            {% endif %}
            {% endfor %}

            {% for r in rewrite %}
            rewrite {{ r }};
            {% endfor %}
        }
        location ~ /$ {
            rewrite ^(.*)/ $1/index.html;
        }
        location @rewrite_proxy {
            rewrite ^/(.*)$ /alpo-website/master/$1/index.html break;

            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            proxy_connect_timeout 300;
            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            proxy_set_header Authorization "";
            proxy_intercept_errors on;
            chunked_transfer_encoding off;
            proxy_pass https://storage_nemunaire;

            {% for error_page in error_pages %}
            error_page {{ error_page }} {{ error_pages[error_page] }};
            {% endfor %}
        }        
  when: server is not defined

- ansible.builtin.include_role:
    name: re.nemunai.nginx-config-svc