From 03d48a2d8213f1f64465bedbac1852a01689c227 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <yohann.danello@gmail.com>
Date: Wed, 4 Nov 2020 23:49:35 +0100
Subject: [PATCH] Add possibility to configure port forwarding, like SSH for
 Gitea

---
 host_vars/proxy-local.adm.auro.re.yml             |  5 +++++
 host_vars/proxy.adm.auro.re.yml                   |  2 ++
 roles/nginx_reverseproxy/tasks/main.yml           | 15 +++++++++++++++
 .../nginx/modules-available/60-forward.conf.j2    | 14 ++++++++++++++
 4 files changed, 36 insertions(+)
 create mode 100644 roles/nginx_reverseproxy/templates/nginx/modules-available/60-forward.conf.j2

diff --git a/host_vars/proxy-local.adm.auro.re.yml b/host_vars/proxy-local.adm.auro.re.yml
index c858c5a..b92c1ac 100644
--- a/host_vars/proxy-local.adm.auro.re.yml
+++ b/host_vars/proxy-local.adm.auro.re.yml
@@ -27,6 +27,11 @@ nginx:
     - aurores.net
     - fede-aurore.net
 
+  redirect_tcp:
+    - name: Gitea
+      port: 2222
+      destination: "10.128.0.60:2222"
+
   redirect_sites: {}
 
   reverseproxy_sites:
diff --git a/host_vars/proxy.adm.auro.re.yml b/host_vars/proxy.adm.auro.re.yml
index 8323cc0..f4b710e 100644
--- a/host_vars/proxy.adm.auro.re.yml
+++ b/host_vars/proxy.adm.auro.re.yml
@@ -30,6 +30,8 @@ nginx:
     - aurores.net
     - fede-aurore.net
 
+  redirect_tcp: {}
+
   redirect_sites:
     - from: auro.re
       to: www.auro.re
diff --git a/roles/nginx_reverseproxy/tasks/main.yml b/roles/nginx_reverseproxy/tasks/main.yml
index 4ccaa2a..497048d 100644
--- a/roles/nginx_reverseproxy/tasks/main.yml
+++ b/roles/nginx_reverseproxy/tasks/main.yml
@@ -45,6 +45,21 @@
     - redirect
   notify: Reload nginx
 
+- name: Copy forward modules
+  template:
+    src: "nginx/modules-available/60-forward.conf.j2"
+    dest: "/etc/nginx/modules-available/60-forward.conf"
+    mode: 0644
+  notify: Reload nginx
+
+- name: Activate modules
+  file:
+    src: "/etc/nginx/modules-available/60-forward.conf"
+    dest: "/etc/nginx/modules-enabled/60-forward.conf"
+    state: link
+    mode: 0644
+  notify: Reload nginx
+
 - name: Copy 50x error page
   template:
     src: www/html/50x.html.j2
diff --git a/roles/nginx_reverseproxy/templates/nginx/modules-available/60-forward.conf.j2 b/roles/nginx_reverseproxy/templates/nginx/modules-available/60-forward.conf.j2
new file mode 100644
index 0000000..9a86a5d
--- /dev/null
+++ b/roles/nginx_reverseproxy/templates/nginx/modules-available/60-forward.conf.j2
@@ -0,0 +1,14 @@
+# {{ ansible_managed }}
+
+{% for site in nginx.redirect_tcp %}
+# Forward port {{ site.port }} to {{ site.name }}
+stream {
+    server {
+        listen {{ site.port }};
+        listen [::]:{{ site.port }};
+
+        proxy_pass {{ site.destination }};
+    }
+}
+
+{% endfor %}