#
# Cookbook Name:: kosmos_garage
# Recipe:: nginx_web
#

include_recipe "kosmos-nginx"

file "/etc/nginx/conf.d/garage.conf" do
  content <<-EOF
upstream garage_web {
  server localhost:3902;
}

proxy_cache_path /var/cache/nginx/garage levels=1:2 keys_zone=garage_cache:10m
                 max_size=1g inactive=60m use_temp_path=off;
EOF
end

domains = node['garage']['s3_web_domains']

domains.each do |server_name|
  nginx_certbot_site server_name

  template "#{node['nginx']['dir']}/sites-available/#{server_name}" do
    source 'nginx_conf_web.erb'
    owner 'www-data'
    mode 0640
    variables server_name:         server_name,
              ssl_cert:            "/etc/letsencrypt/live/#{server_name}/fullchain.pem",
              ssl_key:             "/etc/letsencrypt/live/#{server_name}/privkey.pem"
    notifies :reload, 'service[nginx]', :delayed
  end

  nginx_site server_name do
    action :enable
  end
end