From 913b5a57dd873ca2e791bbabda5d38fc61fc1872 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Wed, 9 Jan 2019 15:48:25 +0100
Subject: [PATCH] Fixes to the smartgears new nginx virtualhost so that we can
 configure virtualhosts without smartgears.

---
 .../smartgears-nginx-frontend/tasks/main.yml  | 13 ++++++++++--
 .../templates/nginx-smartgears-virtualhost.j2 | 21 +++++++++++++------
 2 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/smartgears/smartgears-nginx-frontend/tasks/main.yml b/smartgears/smartgears-nginx-frontend/tasks/main.yml
index a5166a81..c3acabc5 100644
--- a/smartgears/smartgears-nginx-frontend/tasks/main.yml
+++ b/smartgears/smartgears-nginx-frontend/tasks/main.yml
@@ -7,15 +7,24 @@
     with_items: '{{ smartgears_nginx_virtualhosts }}'
     notify: Reload nginx
 
-  - name: Enable the nginx virtualhosts
+  - name: Enable the smartgears nginx virtualhosts
     file: src=/etc/nginx/sites-available/{{ item.virthost_name }} dest=/etc/nginx/sites-enabled/smartgears_{{ item.smartgears_id }}.conf state=link
     with_items: '{{ smartgears_nginx_virtualhosts }}'
+    when: item.smartgears_id is defined
+    notify: Reload nginx
+
+  - name: Enable the non smartgears nginx virtualhosts
+    file: src=/etc/nginx/sites-available/{{ item.virthost_name }} dest=/etc/nginx/sites-enabled/smartgears_{{ item.virthost_name }}.conf state=link
+    with_items: '{{ smartgears_nginx_virtualhosts }}'
+    when: item.smartgears_id is not defined
     notify: Reload nginx
 
   - name: Give the smartgears user access to the document root, and create it if needed
     file: dest={{ item.root}} state=directory owner={{ item.user }} group={{ item.user }} mode=0755
     with_items: '{{ smartgears_nginx_virtualhosts }}'
-    when: smartgears_nginx_rw_html_root
+    when:
+      - smartgears_nginx_rw_html_root
+      - item.user is defined
     notify: Reload nginx
     tags: [ 'nginx', 'virtualhost', 'web_root' ]
 
diff --git a/smartgears/smartgears-nginx-frontend/templates/nginx-smartgears-virtualhost.j2 b/smartgears/smartgears-nginx-frontend/templates/nginx-smartgears-virtualhost.j2
index 90d2dd12..4778f6e7 100644
--- a/smartgears/smartgears-nginx-frontend/templates/nginx-smartgears-virtualhost.j2
+++ b/smartgears/smartgears-nginx-frontend/templates/nginx-smartgears-virtualhost.j2
@@ -28,23 +28,24 @@ server {
     {% if item.access_log is defined %}
     access_log {{ item.access_log }};
     {% else %}
-    access_log /var/log/nginx/{{ item.server_name }}_access.log;
+    access_log /var/log/nginx/{{ item.virthost_name }}_access.log;
     {% endif %}
 
     {% if item.error_log is defined %}
     error_log {{ item.error_log }};
     {% else %}
-    error_log /var/log/nginx/{{ item.server_name }}_error.log;
+    error_log /var/log/nginx/{{ item.virthost_name }}_error.log;
     {% endif %}
 
     server_tokens {{ item.server_tokens | default('off') }};
 
 {% if item.ssl_enabled and item.ssl_only %}
-{% if item.smartgears_over_ssl %}
+{% if item.smartgears_over_ssl is defined and item.smartgears_over_ssl %}
     location / {
         return 301 https://{{ item.server_name }}$request_uri;
     }
 {% else %}
+    {% if item.smartgears_id is defined %}
     # Smartgears answers over http
     include /etc/nginx/snippets/nginx-proxy-params.conf;
     {% if r_connector_install is defined and r_connector_install %}
@@ -66,6 +67,7 @@ server {
         proxy_pass http://127.0.0.1:{{ item.smartgears_http_port }}/data-transfer-service;
     }
     {% endif %}
+    {% endif %}
 
     location / {
         return 301 https://{{ item.server_name }}$request_uri;
@@ -147,6 +149,7 @@ server {
     {% endfor %}
     {% endif %}
 
+    {% if item.smartgears_id is defined %}
     # Smartgears special urls - start
     {% if r_connector_install is defined and r_connector_install %}
         location /auth-sign-in {
@@ -274,6 +277,7 @@ server {
     }
     {% endif %}
     # Smartgears targets - end
+    {% endif %}
 
     {% if item.locations is defined %}
     {% for location in item.locations -%}
@@ -346,13 +350,13 @@ server {
     {% if item.access_log is defined %}
     access_log {{ item.access_log }};
     {% else %}
-    access_log /var/log/nginx/{{ item.server_name }}_ssl_access.log;
+    access_log /var/log/nginx/{{ item.virthost_name }}_ssl_access.log;
     {% endif %}
 
     {% if item.error_log is defined %}
     error_log {{ item.error_log }};
     {% else %}
-    error_log /var/log/nginx/{{ item.server_name }}_ssl_error.log;
+    error_log /var/log/nginx/{{ item.virthost_name }}_ssl_error.log;
     {% endif %}
 
     root {{ item.root | default('/usr/share/nginx/html/') }};
@@ -370,8 +374,11 @@ server {
         log_not_found off;
         access_log off;
     }
-    location ~ /\. {
+    location ~ /\.(?!well-known).* {
         deny all;
+        access_log off;
+        log_not_found off;
+        return 404;
     }
 
     {% if haproxy_ips is defined %}
@@ -431,6 +438,7 @@ server {
     {% endfor %}
     {% endif %}
 
+    {% if item.smartgears_id is defined %}
     # Smartgears special urls - start
     {% if r_connector_install is defined and r_connector_install %}
     location /auth-sign-in {
@@ -558,6 +566,7 @@ server {
     }
     {% endif %}
     # Smartgears targets - end
+    {% endif %}
 
     {% if item.locations is defined %}
     {% for location in item.locations -%}