Add nginx as service

netmaker_server/files/opt/netmaker_server/nginx/conf/conf.d/proxy.conf

@@ -0,0 +1,26 @@
+map $host    $proxy_name {
+    hostnames;
+    
+    netmaker-ui.*   netmaker-ui:80;
+    netmaker-api.*  netmaker:80;
+    netmaker-rqlite-http.*  rqlite:4001;
+
+    default         444;
+}
+
+server {
+    resolver 127.0.0.11; # Explicitly set docker-resolver
+
+    listen 8443 ssl;
+
+    ssl_certificate /certs/node.crt;
+    ssl_certificate_key /certs/node.key;
+
+    if ($proxy_name = 444){
+        return 444;
+    }
+
+    location / {
+        proxy_pass http://$proxy_name;
+    }
+}

netmaker_server/files/opt/netmaker_server/nginx/conf/stream.d/passthrough.conf

@@ -0,0 +1,24 @@
+stream{
+    map $ssl_preread_server_name $name {
+        hostnames;  # Use hostnames as map?
+
+        netmaker-ui.*   127.0.0.1:8443;
+        netmaker-api.*  127.0.0.1:8443;
+
+        netmaker-broker.*   mosquitto:8883; # todo: tls-terminate?
+
+        netmaker-rqlite-http.*    127.0.0.1:8443;
+        netmaker-rqlite-cluster.*   rqlite:4002;
+
+        default         127.0.0.1:1;
+    }
+
+    server {
+        resolver 127.0.0.11; # Explicitly set docker-resolver
+        
+        listen      443;
+        ssl_preread on;
+
+        proxy_pass  $name;
+    }
+}

netmaker_server/files/opt/netmaker_server/nginx/nginx.conf

@@ -0,0 +1,33 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
+include /etc/nginx/stream.d/*.conf;

netmaker_server/tasks/main.yml

@@ -11,6 +11,10 @@
     src: docker-compose.yml.template
     dest: /opt/netmaker_server/docker-compose.yml
 
+- import_tasks: ./certs.yml
+
+- import_tasks: ./nginx.yml
+
 - import_tasks: ./rqlite.yml
 
 - import_tasks: ./netmaker.yml

netmaker_server/templates/docker-compose.yml.template

@@ -1,6 +1,17 @@
 version: "3.4"
 
 services:
+  nginx:
+    image: nginx
+    restart: unless-stopped
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro # Override nginx-config to add stream-import
+      - ./nginx/conf/conf.d/:/etc/nginx/conf.d:ro  # conf.d
+      - ./nginx/conf/stream.d/:/etc/nginx/stream.d:ro  # conf.d
+      - ./certs:/certs:ro # SSL-certificates
+    ports:
+      - 51820:443
+
   rqlite: # Distributed sqlite-db
     image: rqlite/rqlite
     restart: unless-stopped
@@ -8,7 +19,7 @@ services:
     volumes:
       - "./rqlite/data:/rqlite/file"
       - "./rqlite/config.json:/config.json:ro"
-      - "./rqlite/certs:/certs:ro"
+      - "./certs:/certs:ro"
     ports:
       - 4001:4001
       - 4002:4002