From cc76ab21dbb6976e33419810736ee0cfd2be01b5 Mon Sep 17 00:00:00 2001
From: Samuel Clay <samuel@ofbrooklyn.com>
Date: Thu, 18 Feb 2021 22:00:54 -0500
Subject: [PATCH] Splitting nginx into docker and consul due to hostname
 changes.

---
 ansible/roles/base/templates/nginx.conf |  97 -----------------
 ansible/roles/nginx/tasks/main.yml      |   2 +-
 docker/nginx/nginx.consul.conf          | 138 ++++++++++++++++++++++++
 3 files changed, 139 insertions(+), 98 deletions(-)
 delete mode 100644 ansible/roles/base/templates/nginx.conf
 create mode 100644 docker/nginx/nginx.consul.conf

diff --git a/ansible/roles/base/templates/nginx.conf b/ansible/roles/base/templates/nginx.conf
deleted file mode 100644
index 1a83f8808..000000000
--- a/ansible/roles/base/templates/nginx.conf
+++ /dev/null
@@ -1,97 +0,0 @@
-upstream app_server {
-    server 127.0.0.1:8080 fail_timeout=10 max_fails=3 ;
-}
-
-server {
-    listen   80;
-    listen   443 default_server ssl;
-
-    client_max_body_size 40M;
-    server_name www.turntouch.com *.turntouch.com turntouch.com;
-    add_header X-nginx-server nginx_{{ ansible_nodename }};
-
-    set_real_ip_from  0.0.0.0/0;
-    real_ip_header    X-Forwarded-For;
-    real_ip_recursive on;
-
-    if (-f /srv/turntouch-web/templates/error/maintenance_on.html) {
-        return 503;
-    }
-    
-    location = /_nginxchk {
-        return 200;
-    }
-    
-    error_page 502 @down;
-    location @down {
-        root /srv/turntouch-web/;
-        rewrite ^(.*)$ /templates/error/502.html break;
-    }
-    
-    error_page 503 @maintenance;
-    location @maintenance {
-        if ($uri !~ ^/media/) {
-            root /srv/turntouch-web/;
-            rewrite ^(.*)$ /templates/error/maintenance_on.html break;
-        }
-        root /srv/turntouch-web;
-    }
-    
-    error_page 504 @timeout;
-    location @timeout {
-        root /srv/turntouch-web/;
-        rewrite ^(.*)$ /templates/error/502.html break;
-    }
-
-    location /static/  {
-        expires max;
-        keepalive_timeout 1;
-        root /srv/turntouch-web;
-    }
-
-    location /favicon.ico {
-        alias      /srv/turntouch-web/static/images/logos/favicon32.png;
-        expires max;
-    }
-
-    location /maintenance {
-        alias      /srv/turntouch-web/templates/error/maintenance_on.html;
-    }
-
-    location ^~ /robots.txt {
-        expires max;
-        alias /srv/turntouch-web/static/templates/home/robots.txt;
-    }
-
-    location /munin/static/ {
-        alias /etc/munin/static/;
-    }
-
-    location /munin/ {
-        alias  /var/cache/munin/www/;
-        # fastcgi_split_path_info ^(/munin)(.*);
-        # fastcgi_param PATH_INFO $fastcgi_path_info;
-        # fastcgi_pass unix:/var/run/munin/fcgi-html.sock;
-        # include fastcgi_params;
-    }
-    
-    location ^~ /cgi-bin/munin-cgi-graph/ {
-        fastcgi_split_path_info ^(/cgi-bin/munin-cgi-graph)(.*);
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-        fastcgi_pass unix:/var/run/munin/fcgi-graph.sock;
-        include fastcgi_params;
-    }
-
-    location / {
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header Host $http_host;
-        proxy_redirect off;
-
-        if (!-f $request_filename) {
-            proxy_pass http://app_server;
-            break;
-        }
-    }
-
-}
-
diff --git a/ansible/roles/nginx/tasks/main.yml b/ansible/roles/nginx/tasks/main.yml
index 6dc1a1a34..3455a54f6 100644
--- a/ansible/roles/nginx/tasks/main.yml
+++ b/ansible/roles/nginx/tasks/main.yml
@@ -14,7 +14,7 @@
     expose:
       - "80"
     volumes:
-      - /srv/newsblur/docker/nginx:/etc/nginx/conf.d
+      - /srv/newsblur/docker/nginx/nginx.consul.conf:/etc/nginx/conf.d/nginx.consul.conf
       - /srv/newsblur/:/srv/newsblur
 
 - name: Register nginx in consul
diff --git a/docker/nginx/nginx.consul.conf b/docker/nginx/nginx.consul.conf
new file mode 100644
index 000000000..5325e697e
--- /dev/null
+++ b/docker/nginx/nginx.consul.conf
@@ -0,0 +1,138 @@
+upstream app_server {
+    server app-django.service.nyc1.consul:8000 fail_timeout=10 max_fails=3 ;
+}
+
+upstream icon_server {
+    # this is node favicons
+    server node-favicons.service.nyc1.consul:3030 fail_timeout=2 max_fails=3;
+    server app-django.service.nyc1.consul:8000 backup;
+}
+
+
+server {
+    listen   81;
+
+    client_max_body_size 4M;
+    server_name *.newsblur.com newsblur.com;
+    add_header X-nginx-server nginx_none;
+
+    set_real_ip_from  0.0.0.0/0;
+    real_ip_header    X-Forwarded-For;
+    real_ip_recursive on;
+
+#    if ($host = 'newsblur.com') {
+#        rewrite  ^/(.*)$  https://www.newsblur.com/$1  permanent;
+#    }
+
+    if (-f /srv/newsblur/templates/maintenance_on.html) {
+        return 503;
+    }
+    
+    location = /_nginxchk {
+        return 200;
+    }
+    
+    location /nginx_status {
+        stub_status on;    # activate stub_status module
+        access_log off;    
+        allow 127.0.0.1;   # restrict access to local only
+        deny all;
+    }
+    
+    error_page 502 @down;
+    location @down {
+        root /srv/newsblur/;
+        rewrite ^(.*)$ /templates/502.html break;
+    }
+    
+    error_page 503 @maintenance;
+    location @maintenance {
+        if ($uri !~ ^/media/) {
+            root /srv/newsblur/;
+            rewrite ^(.*)$ /templates/maintenance_on.html break;
+        }
+        root /srv/newsblur;
+    }
+    
+    error_page 504 @timeout;
+    location @timeout {
+        root /srv/newsblur/;
+        rewrite ^(.*)$ /templates/502.html break;
+    }
+
+    location /media/  {
+        expires max;
+        keepalive_timeout 1;
+        root /srv/newsblur;
+    }
+
+    location /static/  {
+        expires max;
+        keepalive_timeout 1;
+        root /srv/newsblur;
+    }
+
+    location /favicon.ico {
+        alias      /srv/newsblur/media/img/favicon_32.png;
+        expires max;
+    }
+
+    location /maintenance {
+        alias      /srv/newsblur/templates/maintenance_on.html;
+        expires max;
+        access_log on;
+    }
+
+    location ^~ /crossdomain.xml {
+        expires max;
+        alias /srv/newsblur/media/crossdomain.xml;
+        types {
+            text/x-cross-domain-policy  xml;
+        }
+    }
+
+    location ^~ /robots.txt {
+        expires max;
+        alias /srv/newsblur/media/robots.txt;
+    }
+
+    location /munin/static/ {
+        alias /etc/munin/static/;
+    }
+
+    location /munin/ {
+        alias  /var/cache/munin/www/;
+        # fastcgi_split_path_info ^(/munin)(.*);
+        # fastcgi_param PATH_INFO $fastcgi_path_info;
+        # fastcgi_pass unix:/var/run/munin/fcgi-html.sock;
+        # include fastcgi_params;
+    }
+    
+    location ^~ /cgi-bin/munin-cgi-graph/ {
+        fastcgi_split_path_info ^(/cgi-bin/munin-cgi-graph)(.*);
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_pass unix:/var/run/munin/fcgi-graph.sock;
+        include fastcgi_params;
+    }
+
+    location ^~ /rss_feeds/icon/ {
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_redirect off;
+        
+        proxy_pass http://icon_server;
+    }
+    
+    location / {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_redirect off;
+
+        if (!-f $request_filename) {
+            proxy_pass http://app_server;
+            break;
+        }
+    }
+
+}