{{ ansible_managed | comment }}

{% if item.value.upstreams is defined %}
{% for upstream in item.value.upstreams %}
upstream {{ item.value.upstreams[upstream].name }} {
{% if item.value.upstreams[upstream].lb_method is defined %}
    {{ item.value.upstreams[upstream].lb_method }};
{% endif %}
    zone {{ item.value.upstreams[upstream].zone_name }} {{ item.value.upstreams[upstream].zone_size }};
{% for server in item.value.upstreams[upstream].servers %}
    server {{ item.value.upstreams[upstream].servers[server].address }}{{(":" + item.value.upstreams[upstream].servers[server].port | string) if item.value.upstreams[upstream].servers[server].port is defined}} {% if item.value.upstreams[upstream].servers[server].down is defined and item.value.upstreams[upstream].servers[server].down %}down{% else %}weight={{ item.value.upstreams[upstream].servers[server].weight | default("1") }} {{ item.value.upstreams[upstream].servers[server].health_check | default("") }}{% endif %};
{% endfor %}
{% if item.value.upstreams[upstream].sticky_cookie is defined %}
{% if item.value.upstreams[upstream].sticky_cookie %}
    sticky cookie srv_id expires=1h  path=/;
{% endif %}
{% endif %}
{% if item.value.upstreams[upstream].custom_options is defined and item.value.upstreams[upstream].custom_options | length %}
{% for inline_option in item.value.upstreams[upstream].custom_options %}
    {{ inline_option }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}

{% if item.value.custom_options is defined and item.value.custom_options | length %}
{% for inline_option in item.value.custom_options %}
{{ inline_option }}
{% endfor %}
{% endif %}

{% if item.value.network_streams is defined %}
{% for stream in item.value.network_streams %}
server {
{% for listen in item.value.network_streams[stream].listen %}
    listen {% if item.value.network_streams[stream].listen[listen].ip is defined and item.value.network_streams[stream].listen[listen].ip | length %}{{ item.value.network_streams[stream].listen[listen].ip }}:{% endif %}{{ item.value.network_streams[stream].listen[listen].port }}{% if item.value.network_streams[stream].listen[listen].ssl is defined and item.value.network_streams[stream].listen[listen].ssl %} ssl{% endif %}{% if item.value.network_streams[stream].listen[listen].opts is defined and item.value.network_streams[stream].listen[listen].opts | length %} {{ item.value.network_streams[stream].listen[listen].opts | join(" ") }}{% endif %};
{% endfor %}
{% if item.value.network_streams[stream].ssl is defined and item.value.network_streams[stream].ssl %}
    ssl_certificate {{ item.value.network_streams[stream].ssl.cert }};
    ssl_certificate_key {{ item.value.network_streams[stream].ssl.key }};
{% if item.value.network_streams[stream].ssl.trusted_cert is defined %}
    ssl_trusted_certificate {{ item.value.network_streams[stream].ssl.trusted_cert }};
{% endif %}
{% if item.value.network_streams[stream].ssl.dhparam is defined %}
    ssl_dhparam {{ item.value.network_streams[stream].ssl.dhparam }};
{% endif %}
{% if item.value.network_streams[stream].ssl.protocols is defined and item.value.network_streams[stream].ssl.protocols %}
    ssl_protocols {{ item.value.network_streams[stream].ssl.protocols }};
{% endif %}
{% if item.value.network_streams[stream].ssl.ciphers is defined and item.value.network_streams[stream].ssl.ciphers %}
    ssl_ciphers {{ item.value.network_streams[stream].ssl.ciphers }};
{% endif %}
{% if item.value.network_streams[stream].ssl.prefer_server_ciphers is defined and item.value.network_streams[stream].ssl.prefer_server_ciphers %}
    ssl_prefer_server_ciphers on;
{% endif %}
{% if item.value.network_streams[stream].ssl.session_cache is defined and item.value.network_streams[stream].ssl.session_cache %}
    ssl_session_cache {{ item.value.network_streams[stream].ssl.session_cache }};
{% endif %}
{% if item.value.network_streams[stream].ssl.session_timeout is defined and item.value.network_streams[stream].ssl.session_timeout %}
    ssl_session_timeout {{ item.value.network_streams[stream].ssl.session_timeout }};
{% endif %}
{% if item.value.network_streams[stream].ssl.disable_session_tickets is defined and item.value.network_streams[stream].ssl.disable_session_tickets %}
    ssl_session_tickets off;
{% endif %}
{% if item.value.network_streams[stream].ssl.ecdh_curve is defined and item.value.network_streams[stream].ssl.ecdh_curve %}
    ssl_ecdh_curve {{ item.value.network_streams[stream].ssl.ecdh_curve }};
{% endif %}
{% endif %}
{% if item.value.network_streams[stream].include_files is defined and item.value.network_streams[stream].include_files | length %}
{% for file in item.value.network_streams[stream].include_files %}
    include "{{ file }}";
{% endfor %}
{% endif %}
    proxy_pass {{ item.value.network_streams[stream].proxy_pass }};
    proxy_timeout {{ item.value.network_streams[stream].proxy_timeout }};
    proxy_connect_timeout {{ item.value.network_streams[stream].proxy_connect_timeout }};
{% if item.value.network_streams[stream].proxy_protocol %}
    proxy_protocol on;
{% else %}
    proxy_protocol off;
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl is defined %}
    proxy_ssl on;
{% if item.value.network_streams[stream].proxy_ssl.cert is defined %}
    proxy_ssl_certificate {{ item.value.network_streams[stream].proxy_ssl.cert }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.key is defined %}
    proxy_ssl_certificate_key {{ item.value.network_streams[stream].proxy_ssl.key }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.server_name is defined %}
    proxy_ssl_server_name {{ item.value.network_streams[stream].proxy_ssl.server_name | ternary("on", "off") }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.name is defined %}
    proxy_ssl_name {{ item.value.network_streams[stream].proxy_ssl.name }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.protocols is defined %}
    proxy_ssl_protocols {{ item.value.network_streams[stream].proxy_ssl.protocols }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.ciphers is defined %}
    proxy_ssl_ciphers {{ item.value.network_streams[stream].proxy_ssl.ciphers }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.trusted_cert is defined %}
    proxy_ssl_trusted_certificate {{ item.value.network_streams[stream].proxy_ssl.trusted_cert }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.verify is defined %}
    proxy_ssl_verify {{ item.value.network_streams[stream].proxy_ssl.verify | ternary("on", "off") }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.verify_depth is defined %}
    proxy_ssl_verify_depth {{ item.value.network_streams[stream].proxy_ssl.verify_depth }};
{% endif %}
{% if item.value.network_streams[stream].proxy_ssl.session_reuse is defined %}
    proxy_ssl_session_reuse {{ item.value.network_streams[stream].proxy_ssl.session_reuse | ternary("on", "off") }};
{% endif %}
{% endif %}
{% if item.value.network_streams[stream].health_check_plus %}
    health_check;
{% endif %}
{% if item.value.network_streams[stream].custom_options is defined and item.value.network_streams[stream].custom_options | length %}
{% for inline_option in item.value.network_streams[stream].custom_options %}
    {{ inline_option }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}