feat(wg-admin): add nginx config

roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml

@@ -61,6 +61,19 @@
     state: absent
   when: "not matrix_nginx_proxy_proxy_synapse_enabled | bool"
 
+- name: Ensure Matrix nginx-admin-wireguard configuration for matrix-admin-wireguard exists
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/nginx/conf.d/matrix-admin-wireguard.conf.j2"
+    dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-admin-wireguard.conf"
+    mode: 0644
+  when: matrix_admin_wireguard_enabled | bool
+
+- name: Ensure Matrix nginx-admin-wireguard configuration for matrix-admin-wireguard deleted
+  ansible.builtin.file:
+    path: "{{ matrix_nginx_proxy_confd_path }}/matrix-admin-wireguard.conf"
+    state: absent
+  when: "not matrix_admin_wireguard_enabled | bool"
+
 - name: Ensure Matrix nginx-proxy configuration for matrix-dendrite exists
   ansible.builtin.template:
     src: "{{ role_path }}/templates/nginx/conf.d/matrix-dendrite.conf.j2"

roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-admin-wireguard.conf.j2

@@ -0,0 +1,23 @@
+{% if matrix_admin_wireguard_enabled %}
+server {
+
+	listen 8090;
+        root /dev/null;
+        gzip on;
+        gzip_types text/plain application/json;
+
+        location ~ ^/(.*) {
+	        resolver 127.0.0.11 valid=5s;
+	        set $backend "matrix-nginx-proxy:12080";
+	        proxy_pass http://$backend;
+
+	        proxy_set_header Host $host;
+	        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+
+	        client_body_buffer_size 25M;
+	        client_max_body_size 50M;
+	        proxy_max_temp_file_size 0;
+        }
+}
+{% endif %}

roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2

@@ -29,6 +29,9 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% if matrix_nginx_proxy_container_http_host_bind_port %}
 			-p {{ matrix_nginx_proxy_container_http_host_bind_port }}:8080 \
 			{% endif %}
+			{% if matrix_admin_wireguard_enabled %}
+			-p {{ matrix_admin_wireguard_ip }}:{{ matrix_admin_wireguard_port }}:8090 \
+			{% endif %}
 			{% if matrix_nginx_proxy_https_enabled and matrix_nginx_proxy_container_https_host_bind_port %}
 			-p {{ matrix_nginx_proxy_container_https_host_bind_port }}:8443 \
 			{% endif %}