---

- name: Configure nginx for maubot
  block:
    - name: Generate Maubot proxying configuration for matrix-nginx-proxy
      ansible.builtin.set_fact:
        matrix_bot_maubot_matrix_nginx_proxy_configuration: |
          location ~ ^/(_matrix/maubot/.*) {
          {% if matrix_nginx_proxy_enabled | default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
             resolver 127.0.0.11 valid=5s;
             set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}";
             proxy_pass http://$backend$request_uri;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
          {% else %}
            {# Generic configuration for use outside of our container setup #}
            proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
          {% endif %}
          }
      when: matrix_bot_maubot_proxy_management_interface | bool

    - name: Register Maubot's proxying configuration with matrix-nginx-proxy
      ansible.builtin.set_fact:
        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
          {{
            matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
            +
            [matrix_bot_maubot_matrix_nginx_proxy_configuration]
          }}
      when: matrix_bot_maubot_proxy_management_interface | bool

    - name: Warn about reverse-proxying if matrix-nginx-proxy not used
      ansible.builtin.debug:
        msg: >-
          NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy
          reverse proxy.
          Please make sure that you're proxying the `/_matrix/maubot`
          URL endpoint to the matrix-maubot container.
      when: "matrix_bot_maubot_enabled | bool and matrix_bot_maubot_proxy_management_interface | bool and matrix_nginx_proxy_enabled is not defined"