From 4c845bc08ec35bedd3f634296b8f2850a50dda4a Mon Sep 17 00:00:00 2001
From: Jonathan Quinn <1213631+jnq@users.noreply.github.com>
Date: Tue, 23 Jul 2024 10:40:27 +0100
Subject: [PATCH 1/2] set a fact for the resolver of the current VM

---
 ansible/roles/ndh-app/tasks/configure_proxy.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ansible/roles/ndh-app/tasks/configure_proxy.yml b/ansible/roles/ndh-app/tasks/configure_proxy.yml
index b38b103a5..57f3abf47 100644
--- a/ansible/roles/ndh-app/tasks/configure_proxy.yml
+++ b/ansible/roles/ndh-app/tasks/configure_proxy.yml
@@ -18,6 +18,14 @@
     enabled: yes
     state: stopped
 
+- name: Get the IP address of the local resolver
+  ansible.builtin.command: grep '^nameserver' /etc/resolv.conf | awk '{print $2}'
+  register: local_resolver
+
+- name: Set a fact to contain the IP address of the local resolver
+  ansible.builtin.set_fact:
+    ndh_dns_resolver: "{{ local_resolver.stdout }}"
+
 - name: Add nginx proxy config
   ansible.builtin.template:
     src: etc/nginx/nginx.conf.j2

From fdcc6a46a5ee5bcef3911654e7c2e13eb0260e9c Mon Sep 17 00:00:00 2001
From: Jonathan Quinn <1213631+jnq@users.noreply.github.com>
Date: Tue, 23 Jul 2024 10:40:40 +0100
Subject: [PATCH 2/2] use the resolver value in the nginx config template

---
 ansible/roles/ndh-app/templates/etc/nginx/nginx.conf.j2 | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ansible/roles/ndh-app/templates/etc/nginx/nginx.conf.j2 b/ansible/roles/ndh-app/templates/etc/nginx/nginx.conf.j2
index 2865b8e76..a67ed2b12 100644
--- a/ansible/roles/ndh-app/templates/etc/nginx/nginx.conf.j2
+++ b/ansible/roles/ndh-app/templates/etc/nginx/nginx.conf.j2
@@ -12,6 +12,7 @@ events {
 
 http {
     include       /etc/nginx/mime.types;
+    resolver ${{ ndh_dns_resolver }};
     default_type  application/octet-stream;
 
     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
@@ -39,7 +40,8 @@ http {
         location / {
                 proxy_set_header Host $host;
                 proxy_redirect https://{{ ndh_proxy_host }}:443/ https://{{ ndh_proxy_host }}/;
-                proxy_pass https://{{ ndelius_proxy_pass }}/;
+                set $ndelius "https://{{ ndelius_proxy_pass }}:443$request_uri";
+                proxy_pass $ndelius;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         }
 {% endif %}