{{ ansible_managed | comment }}

include "/etc/nginx/snippets/connection_upgrade.conf";

server {
	listen 80;
	listen [::]:80;

	server_name {{ item.from }};
	# Redirect to https
	location / {
		return 302 https://$host$request_uri;
	}

    # "A man is not dead while his name is still spoken." -- Going Postal
    add_header X-Clacks-Overhead "GNU {{ ', '.join(in_memoriam) }}";
}

server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/nginx/certs/{{ item.from }}.crt;
	ssl_certificate_key /etc/nginx/certs/{{ item.from }}.key;


	server_name {{ item.from }};

	# Logs
	access_log /var/log/nginx/{{ item.from }}.log;
	error_log /var/log/nginx/{{ item.from }}_error.log;

	location / {
		proxy_pass {{ item.to }};
		include "/etc/nginx/snippets/options-proxypass.conf";
	}

    # "A man is not dead while his name is still spoken." -- Going Postal
    add_header X-Clacks-Overhead "GNU {{ ', '.join(in_memoriam) }}";
}