From 4db262208261ef9f46ea6b924cce6cf2122dc387 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Wed, 13 Jul 2022 19:31:31 +0000
Subject: [PATCH] nginx/site: Fix upstream server hostnames

With current OpenBSD SNI negotation fails when hostname is not valid DNS name.
---
 roles/nginx/site/templates/site.conf.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/nginx/site/templates/site.conf.j2 b/roles/nginx/site/templates/site.conf.j2
index d8f06e6..a277ec5 100644
--- a/roles/nginx/site/templates/site.conf.j2
+++ b/roles/nginx/site/templates/site.conf.j2
@@ -1,5 +1,5 @@
 {% if proxy is defined and proxy is not string %}
-upstream upstream_{{ site }} {
+upstream upstream-{{ site }} {
 {% for item in proxy %}
 {%   set item = item | regex_replace("^(https://)?([^/]*).*$", "\\2") %}
 {%   if item | regex_search(".*:[0-9]+$") %}
@@ -39,7 +39,7 @@ server {
 {%    set path = proxy[0] | regex_replace("^(https://)?([^/]*)(.*)$", "\\3") %}
         # https://trac.nginx.org/nginx/ticket/1307
         proxy_ssl_verify off;
-        proxy_pass https://upstream_{{ site }}{{ path }};
+        proxy_pass https://upstream-{{ site }}{{ path }};
 {%  else %}
         proxy_pass {{ proxy }};
 {%  endif %}