Renamed native-nginx-docker-proxy to native-docker-reverse-proxy

roles/native-docker-reverse-proxy/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+- native-docker
+- native-https-server

roles/native-docker-reverse-proxy/readme.md

@@ -0,0 +1,13 @@
+# role native-docker-reverse-proxy
+
+Uses nginx as an [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) for local docker applications.
+
+## debug
+```bash
+curl -I {{address}}
+```
+- https://serverfault.com/questions/434915/nginx-proxy-caching-how-to-check-if-it-is-working
+
+## performance
+- https://stackoverflow.com/questions/33703230/caching-images-on-all-folder-levels-of-nginx-reverse-proxy
+- https://www.tweaked.io/guide/nginx-proxying/

roles/native-docker-reverse-proxy/templates/domain.conf.j2

@@ -0,0 +1,13 @@
+server
+{
+  server_name {{domain}};
+
+  {% if client_max_body_size is defined %}
+    client_max_body_size {{ client_max_body_size }};
+  {% endif %}
+
+  {% include 'roles/native-letsencrypt/templates/ssl_header.j2' %}
+
+  {% include 'proxy_pass.conf.j2' %}
+
+}

roles/native-docker-reverse-proxy/templates/proxy_pass.conf.j2

@@ -0,0 +1,54 @@
+location /
+{
+  {% if https_port is defined %}
+    proxy_pass https://127.0.0.1:{{https_port}}/;
+  {% else %}
+    proxy_pass http://127.0.0.1:{{http_port}}/;
+  {% endif %}
+
+  proxy_set_header Host $host;
+  proxy_set_header X-Real-IP $remote_addr;
+  proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+
+  # timeouts
+  proxy_connect_timeout       1s;
+  proxy_send_timeout          300s;
+  proxy_read_timeout          300s;
+  send_timeout                300s;
+
+  # cache media files
+  location ~* \.(gif|ico|jpg|jpeg|png|svg|mp4|mp3|pdf)$ {
+    proxy_cache                   cache;
+    proxy_cache_key               $host$uri$is_args$args;
+    proxy_cache_revalidate        on;
+    proxy_cache_min_uses          1;
+    proxy_cache_use_stale         error timeout updating http_500 http_502 http_503 http_504;
+    proxy_cache_lock              on;
+    proxy_cache_background_update on;
+    proxy_cache_valid             200 301 302 365d;
+    expires 365d;
+    {% if https_port is defined %}
+      proxy_pass https://127.0.0.1:{{https_port}};
+    {% else %}
+      proxy_pass http://127.0.0.1:{{http_port}};
+    {% endif %}
+  }
+
+  # cache content
+  location ~* \.(html|css|js)$ {
+    proxy_cache                   cache;
+    proxy_cache_key               $host$uri$is_args$args;
+    proxy_cache_revalidate        on;
+    proxy_cache_min_uses          1;
+    proxy_cache_use_stale         error timeout updating http_500 http_502 http_503 http_504;
+    proxy_cache_lock              on;
+    proxy_cache_background_update on;
+    proxy_cache_valid             200 301 302 30m;
+    expires                       30m;
+    {% if https_port is defined %}
+      proxy_pass https://127.0.0.1:{{https_port}};
+    {% else %}
+      proxy_pass http://127.0.0.1:{{http_port}};
+    {% endif %}
+  }
+}