#Ansible managed

{% if activate_https == 'y' %}
server {
    listen 80;
    server_name  {{ server_name }};
    # force https
    return 301 https://$host$request_uri;
}
{% endif %}

server {
    listen {{ '443 ssl' if activate_https == 'y' else '80' }};
    server_name {{ server_name }};

    # Specifies the maximum accepted body size of a client request,
    # as indicated by the request header Content-Length.
    client_max_body_size 200m;

    # log files
    access_log    /var/log/nginx/odoo-access-test.log;
    error_log    /var/log/nginx/odoo-error-test.log;

    # increase proxy buffer to handle some OpenERP web requests
    proxy_buffers 16 64k;
    proxy_buffer_size 128k;

	{% if activate_https == 'y' %}
    # SSL config
    ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;	
    
    ssl_certificate     /etc/nginx/ssl/odoo_test.crt;
    ssl_certificate_key /etc/nginx/ssl/odoo_test.key;
    {% endif %}

    location / {
        proxy_pass http://127.0.0.1:8070;
        # force timeouts if the backend dies
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_read_timeout 300s;
        
        # set headers
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

        # Let the Oddoo web service know that we're using HTTPS, otherwise
        # it will generate URL using http:// and not https://
        # proxy_set_header X-Forwarded-Proto https;

        # by default, do not forward anything
        proxy_redirect off;
    }

    # cache some static data in memory for 60mins.
    # under heavy load this should relieve stress on the OpenERP web interface a bit.
    location ~* /web/static/ {
        proxy_cache_valid 200 60m;
        proxy_buffering    on;
        expires 864000;
        proxy_pass http://127.0.0.1:8070;
    }

    location /longpolling/ {
        proxy_pass http://127.0.0.1:8073; 
   }
}