2013-11-22 04:10:53 +01:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe 'nginx::resource::vhost' do
|
|
|
|
let :title do
|
|
|
|
'www.rspec.example.com'
|
|
|
|
end
|
|
|
|
let :default_params do
|
|
|
|
{
|
|
|
|
:www_root => '/',
|
2014-01-06 19:47:33 +01:00
|
|
|
:ipv6_enable => true,
|
2015-10-30 20:14:47 +01:00
|
|
|
:listen_unix_socket_enable => true,
|
2013-11-22 04:10:53 +01:00
|
|
|
}
|
|
|
|
end
|
|
|
|
let :facts do
|
|
|
|
{
|
|
|
|
:ipaddress6 => '::',
|
|
|
|
}
|
|
|
|
end
|
|
|
|
let :pre_condition do
|
|
|
|
[
|
|
|
|
'include ::nginx::config',
|
|
|
|
]
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'os-independent items' do
|
|
|
|
|
|
|
|
describe 'basic assumptions' do
|
|
|
|
let :params do default_params end
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_class("nginx::config") }
|
|
|
|
it { is_expected.to contain_concat("/etc/nginx/sites-available/#{title}.conf").with({
|
2013-12-01 01:51:31 +01:00
|
|
|
'owner' => 'root',
|
|
|
|
'group' => 'root',
|
|
|
|
'mode' => '0644',
|
|
|
|
})}
|
2014-11-27 03:35:24 +01:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{access_log\s+/var/log/nginx/www\.rspec\.example\.com\.access\.log combined;}) }
|
2014-09-12 19:42:51 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{error_log\s+/var/log/nginx/www\.rspec\.example\.com\.error\.log}) }
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-footer") }
|
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default") }
|
|
|
|
it { is_expected.not_to contain_file("/etc/nginx/fastcgi_params") }
|
|
|
|
it { is_expected.to contain_file("#{title}.conf symlink").with({
|
2013-12-01 01:51:31 +01:00
|
|
|
'ensure' => 'link',
|
|
|
|
'path' => "/etc/nginx/sites-enabled/#{title}.conf",
|
|
|
|
'target' => "/etc/nginx/sites-available/#{title}.conf"
|
|
|
|
})}
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "vhost_header template content" do
|
|
|
|
[
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should not contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+http://rspec\.example\.com\$request_uri;
|
2014-06-26 05:40:22 +02:00
|
|
|
|x,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+http://rspec\.example\.com\$request_uri;
|
2014-09-12 19:42:51 +02:00
|
|
|
|x,
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 listen IP',
|
|
|
|
:attr => 'listen_ip',
|
|
|
|
:value => '127.0.0.1',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+127.0.0.1:80;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 listen port',
|
|
|
|
:attr => 'listen_port',
|
2014-01-06 19:47:33 +01:00
|
|
|
:value => 45,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:45;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 listen options',
|
|
|
|
:attr => 'listen_options',
|
|
|
|
:value => 'spdy default',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:80 spdy default;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2013-11-22 05:18:04 +01:00
|
|
|
{
|
|
|
|
:title => 'should enable IPv6',
|
|
|
|
:attr => 'ipv6_enable',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:80 default ipv6only=on;',
|
2013-11-22 05:18:04 +01:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should not enable IPv6',
|
|
|
|
:attr => 'ipv6_enable',
|
|
|
|
:value => false,
|
2014-09-12 19:42:51 +02:00
|
|
|
:notmatch => %r'\slisten \[::\]:80 default ipv6only=on;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen IP',
|
|
|
|
:attr => 'ipv6_listen_ip',
|
|
|
|
:value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[2001:0db8:85a3:0000:0000:8a2e:0370:7334\]:80 default ipv6only=on;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen port',
|
|
|
|
:attr => 'ipv6_listen_port',
|
2014-01-06 19:47:33 +01:00
|
|
|
:value => 45,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:45 default ipv6only=on;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen options',
|
|
|
|
:attr => 'ipv6_listen_options',
|
|
|
|
:value => 'spdy',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:80 spdy;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2015-10-30 20:14:47 +01:00
|
|
|
{
|
|
|
|
:title => 'should enable listening on unix socket',
|
|
|
|
:attr => 'listen_unix_socket_enable',
|
|
|
|
:value => true,
|
|
|
|
:match => %r'\s+listen\s+unix:/var/run/nginx\.sock;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not enable listening on unix socket',
|
|
|
|
:attr => 'listen_unix_socket_enable',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => %r'\s+listen\s+unix:/var/run/nginx\.sock;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the listen unix socket',
|
|
|
|
:attr => 'listen_unix_socket',
|
|
|
|
:value => '/var/run/puppet_nginx.sock',
|
|
|
|
:match => %r'\s+listen\s+unix:/var/run/puppet_nginx\.sock;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the listen unix socket options',
|
|
|
|
:attr => 'listen_unix_socket_options',
|
|
|
|
:value => 'spdy',
|
|
|
|
:match => %r'\s+listen\s+unix:/var/run/nginx\.sock spdy;',
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set servername(s)',
|
|
|
|
:attr => 'server_name',
|
2014-06-26 05:40:22 +02:00
|
|
|
:value => ['www.foo.com','foo.com'],
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+www.foo.com foo.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should rewrite www servername to non-www',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+rspec.example.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not rewrite www servername to non-www',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+www.rspec.example.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set auth_basic',
|
|
|
|
:attr => 'auth_basic',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+auth_basic\s+"value";',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set auth_basic_user_file',
|
|
|
|
:attr => 'auth_basic_user_file',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+auth_basic_user_file\s+value;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the client_body_timeout',
|
|
|
|
:attr => 'client_body_timeout',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+client_body_timeout\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the client_header_timeout',
|
|
|
|
:attr => 'client_header_timeout',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+client_header_timeout\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the gzip_types',
|
|
|
|
:attr => 'gzip_types',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+gzip_types\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should contain raw_prepend directives',
|
|
|
|
:attr => 'raw_prepend',
|
|
|
|
:value => [
|
|
|
|
'if (a) {',
|
|
|
|
' b;',
|
|
|
|
'}'
|
|
|
|
],
|
|
|
|
:match => /^\s+if \(a\) {\n\s++b;\n\s+\}/,
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain ordered prepended directives',
|
|
|
|
:attr => 'vhost_cfg_prepend',
|
2014-03-07 13:53:32 +01:00
|
|
|
:value => { 'test1' => ['test value 1a', 'test value 1b'], 'test2' => 'test value 2', 'allow' => 'test value 3' },
|
2013-11-22 04:10:53 +01:00
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
2014-03-07 13:53:32 +01:00
|
|
|
' test1 test value 1a;',
|
|
|
|
' test1 test value 1b;',
|
2013-11-22 04:10:53 +01:00
|
|
|
' test2 test value 2;',
|
|
|
|
],
|
|
|
|
},
|
2013-11-22 05:23:45 +01:00
|
|
|
{
|
|
|
|
:title => 'should set root',
|
|
|
|
:attr => 'use_default_location',
|
|
|
|
:value => false,
|
|
|
|
:match => ' root /;',
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should not set root',
|
|
|
|
:attr => 'use_default_location',
|
|
|
|
:value => true,
|
2013-12-06 17:36:28 +01:00
|
|
|
:notmatch => / root \/;/,
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should rewrite to HTTPS',
|
|
|
|
:attr => 'rewrite_to_https',
|
|
|
|
:value => true,
|
|
|
|
:match => [
|
|
|
|
' if ($ssl_protocol = "") {',
|
|
|
|
' return 301 https://$host$request_uri;',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not rewrite to HTTPS',
|
|
|
|
:attr => 'rewrite_to_https',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => [
|
2014-09-12 19:42:51 +02:00
|
|
|
%r'if \(\$ssl_protocol = ""\) \{',
|
|
|
|
%r'\s+return 301 https://\$host\$request_uri;',
|
2013-11-22 04:10:53 +01:00
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set access_log',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => '/path/to/access.log',
|
2014-11-26 05:38:05 +01:00
|
|
|
:match => ' access_log /path/to/access.log combined;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2014-11-27 03:35:24 +01:00
|
|
|
{
|
|
|
|
:title => 'should set access_log off',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => 'off',
|
|
|
|
:match => ' access_log off;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set access_log to syslog',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => 'syslog:server=localhost',
|
|
|
|
:match => ' access_log syslog:server=localhost combined;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set format_log custom_format',
|
|
|
|
:attr => 'format_log',
|
|
|
|
:value => 'custom',
|
|
|
|
:match => ' access_log /var/log/nginx/www.rspec.example.com.access.log custom;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set error_log',
|
|
|
|
:attr => 'error_log',
|
|
|
|
:value => '/path/to/error.log',
|
|
|
|
:match => ' error_log /path/to/error.log;',
|
|
|
|
},
|
|
|
|
].each do |param|
|
|
|
|
context "when #{param[:attr]} is #{param[:value]}" do
|
|
|
|
let :params do default_params.merge({ param[:attr].to_sym => param[:value] }) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header") }
|
2013-11-22 04:10:53 +01:00
|
|
|
it param[:title] do
|
2014-06-26 05:40:22 +02:00
|
|
|
matches = Array(param[:match])
|
|
|
|
|
|
|
|
if matches.all? { |m| m.is_a? Regexp }
|
2014-07-18 04:28:38 +02:00
|
|
|
matches.each { |item| is_expected.to contain_concat__fragment("#{title}-header").with_content(item) }
|
2014-06-26 05:40:22 +02:00
|
|
|
else
|
2014-12-03 05:07:20 +01:00
|
|
|
lines = catalogue.resource('concat::fragment', "#{title}-header").send(:parameters)[:content].split("\n")
|
2014-07-18 04:28:38 +02:00
|
|
|
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
2013-12-06 17:36:28 +01:00
|
|
|
Array(param[:notmatch]).each do |item|
|
2014-07-18 04:28:38 +02:00
|
|
|
is_expected.to contain_concat__fragment("#{title}-header").without_content(item)
|
2013-12-06 17:36:28 +01:00
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "vhost_footer template content" do
|
|
|
|
[
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should not contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+https://rspec\.example\.com\$request_uri;
|
2014-06-26 05:40:22 +02:00
|
|
|
|x,
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain include directives',
|
|
|
|
:attr => 'include_files',
|
|
|
|
:value => [ '/file1', '/file2' ],
|
|
|
|
:match => [
|
2014-09-12 19:42:51 +02:00
|
|
|
%r'^\s+include\s+/file1;',
|
|
|
|
%r'^\s+include\s+/file2;',
|
2013-11-22 04:10:53 +01:00
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should contain ordered appended directives',
|
|
|
|
:attr => 'vhost_cfg_append',
|
2014-03-07 13:53:32 +01:00
|
|
|
:value => { 'test1' => 'test value 1', 'test2' => ['test value 2a', 'test value 2b'], 'allow' => 'test value 3' },
|
2013-11-22 04:10:53 +01:00
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
|
|
|
' test1 test value 1;',
|
2014-03-07 13:53:32 +01:00
|
|
|
' test2 test value 2a;',
|
|
|
|
' test2 test value 2b;',
|
2013-11-22 04:10:53 +01:00
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
2014-06-26 05:40:22 +02:00
|
|
|
:title => 'should contain raw_append directives',
|
|
|
|
:attr => 'raw_append',
|
|
|
|
:value => [
|
|
|
|
'if (a) {',
|
|
|
|
' b;',
|
|
|
|
'}'
|
2013-11-22 04:10:53 +01:00
|
|
|
],
|
2014-06-26 05:40:22 +02:00
|
|
|
:match => /^\s+if \(a\) {\n\s++b;\n\s+\}/,
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
].each do |param|
|
|
|
|
context "when #{param[:attr]} is #{param[:value]}" do
|
|
|
|
let :params do default_params.merge({ param[:attr].to_sym => param[:value] }) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-footer") }
|
2013-11-22 04:10:53 +01:00
|
|
|
it param[:title] do
|
2014-06-26 05:40:22 +02:00
|
|
|
matches = Array(param[:match])
|
|
|
|
|
|
|
|
if matches.all? { |m| m.is_a? Regexp }
|
2014-07-18 04:28:38 +02:00
|
|
|
matches.each { |item| is_expected.to contain_concat__fragment("#{title}-footer").with_content(item) }
|
2014-06-26 05:40:22 +02:00
|
|
|
else
|
2014-12-03 05:07:20 +01:00
|
|
|
lines = catalogue.resource('concat::fragment', "#{title}-footer").send(:parameters)[:content].split("\n")
|
2014-07-18 04:28:38 +02:00
|
|
|
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
2013-12-06 17:36:28 +01:00
|
|
|
Array(param[:notmatch]).each do |item|
|
2014-07-18 04:28:38 +02:00
|
|
|
is_expected.to contain_concat__fragment("#{title}-footer").without_content(item)
|
2013-12-06 17:36:28 +01:00
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "vhost_ssl_header template content" do
|
|
|
|
[
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should not contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+https://rspec\.example\.com\$request_uri;
|
2014-06-26 05:40:22 +02:00
|
|
|
|x,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+https://rspec\.example\.com\$request_uri;
|
2014-09-12 19:42:51 +02:00
|
|
|
|x,
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 listen IP',
|
|
|
|
:attr => 'listen_ip',
|
|
|
|
:value => '127.0.0.1',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+127.0.0.1:443 ssl;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 SSL listen port',
|
|
|
|
:attr => 'ssl_port',
|
2014-01-06 19:47:33 +01:00
|
|
|
:value => 45,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:45 ssl;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set SPDY',
|
|
|
|
:attr => 'spdy',
|
|
|
|
:value => 'on',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:443 ssl spdy;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not set SPDY',
|
|
|
|
:attr => 'spdy',
|
|
|
|
:value => 'off',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:443 ssl;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2015-10-23 22:16:11 +02:00
|
|
|
{
|
|
|
|
:title => 'should set HTTP2',
|
|
|
|
:attr => 'http2',
|
|
|
|
:value => 'on',
|
|
|
|
:match => %r'\s+listen\s+\*:443 ssl http2;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not set HTTP2',
|
|
|
|
:attr => 'http2',
|
|
|
|
:value => 'off',
|
|
|
|
:match => %r'\s+listen\s+\*:443 ssl;',
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set the IPv4 listen options',
|
|
|
|
:attr => 'listen_options',
|
|
|
|
:value => 'default',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\*:443 ssl default;',
|
2013-11-22 05:04:39 +01:00
|
|
|
},
|
2013-11-22 05:18:04 +01:00
|
|
|
{
|
|
|
|
:title => 'should enable IPv6',
|
|
|
|
:attr => 'ipv6_enable',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:443 ssl default ipv6only=on;',
|
2013-11-22 05:18:04 +01:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should disable IPv6',
|
|
|
|
:attr => 'ipv6_enable',
|
2013-11-22 05:18:04 +01:00
|
|
|
:value => false,
|
2013-12-30 18:44:19 +01:00
|
|
|
:notmatch => / listen \[::\]:443 ssl default ipv6only=on;/,
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2013-11-22 04:32:23 +01:00
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen IP',
|
|
|
|
:attr => 'ipv6_listen_ip',
|
|
|
|
:value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[2001:0db8:85a3:0000:0000:8a2e:0370:7334\]:443 ssl default ipv6only=on;',
|
2013-11-22 04:32:23 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen port',
|
2013-12-30 18:44:19 +01:00
|
|
|
:attr => 'ssl_port',
|
2014-01-06 19:47:33 +01:00
|
|
|
:value => 45,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:45 ssl default ipv6only=on;',
|
2013-11-22 04:32:23 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the IPv6 listen options',
|
|
|
|
:attr => 'ipv6_listen_options',
|
|
|
|
:value => 'spdy default',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+listen\s+\[::\]:443 ssl spdy default;',
|
2013-11-22 04:32:23 +01:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set servername(s)',
|
|
|
|
:attr => 'server_name',
|
2014-06-26 05:40:22 +02:00
|
|
|
:value => ['www.foo.com','foo.com'],
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+www.foo.com foo.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should rewrite www servername to non-www',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => true,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+rspec.example.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not rewrite www servername to non-www',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+server_name\s+www.rspec.example.com;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2015-07-12 01:53:30 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL buffer size',
|
|
|
|
:attr => 'ssl_buffer_size',
|
|
|
|
:value => '4k',
|
|
|
|
:match => ' ssl_buffer_size 4k;',
|
|
|
|
},
|
2015-04-14 18:35:50 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL client certificate file',
|
|
|
|
:attr => 'ssl_client_cert',
|
|
|
|
:value => '/tmp/client_certificate',
|
|
|
|
:match => %r'\s+ssl_client_certificate\s+/tmp/client_certificate;',
|
|
|
|
},
|
2015-04-14 20:28:19 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL CRL file',
|
|
|
|
:attr => 'ssl_crl',
|
|
|
|
:value => '/tmp/crl',
|
|
|
|
:match => %r'\s+ssl_crl\s+/tmp/crl;',
|
|
|
|
},
|
2015-04-14 18:35:50 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL DH parameters file',
|
|
|
|
:attr => 'ssl_dhparam',
|
|
|
|
:value => '/tmp/dhparam',
|
|
|
|
:match => %r'\s+ssl_dhparam\s+/tmp/dhparam;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the SSL stapling file',
|
|
|
|
:attr => 'ssl_stapling_file',
|
|
|
|
:value => '/tmp/stapling_file',
|
|
|
|
:match => %r'\s+ssl_stapling_file\s+/tmp/stapling_file;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the SSL trusted certificate file',
|
|
|
|
:attr => 'ssl_trusted_cert',
|
|
|
|
:value => '/tmp/trusted_certificate',
|
|
|
|
:match => %r'\s+ssl_trusted_certificate\s+/tmp/trusted_certificate;',
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL cache',
|
|
|
|
:attr => 'ssl_cache',
|
|
|
|
:value => 'shared:SSL:1m',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+ssl_session_cache\s+shared:SSL:1m;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2014-08-20 13:56:44 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the SSL timeout',
|
|
|
|
:attr => 'ssl_session_timeout',
|
|
|
|
:value => '30m',
|
|
|
|
:match => ' ssl_session_timeout 30m;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the SSL protocols',
|
|
|
|
:attr => 'ssl_protocols',
|
2014-10-15 19:52:31 +02:00
|
|
|
:value => 'TLSv1',
|
|
|
|
:match => %r'\s+ssl_protocols\s+TLSv1;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the SSL ciphers',
|
|
|
|
:attr => 'ssl_ciphers',
|
|
|
|
:value => 'HIGH',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+ssl_ciphers\s+HIGH;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set auth_basic',
|
|
|
|
:attr => 'auth_basic',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+auth_basic\s+"value";',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set auth_basic_user_file',
|
|
|
|
:attr => 'auth_basic_user_file',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => %r'\s+auth_basic_user_file\s+"value";',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should set the client_body_timeout',
|
|
|
|
:attr => 'client_body_timeout',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+client_body_timeout\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the client_header_timeout',
|
|
|
|
:attr => 'client_header_timeout',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+client_header_timeout\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set the gzip_types',
|
|
|
|
:attr => 'gzip_types',
|
|
|
|
:value => 'value',
|
2014-09-12 19:42:51 +02:00
|
|
|
:match => /^\s+gzip_types\s+value;/
|
2014-06-26 05:40:22 +02:00
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set access_log',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => '/path/to/access.log',
|
2014-11-26 05:38:05 +01:00
|
|
|
:match => ' access_log /path/to/access.log combined;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
2014-11-27 03:35:24 +01:00
|
|
|
{
|
|
|
|
:title => 'should set access_log off',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => 'off',
|
|
|
|
:match => ' access_log off;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set access_log to syslog',
|
|
|
|
:attr => 'access_log',
|
|
|
|
:value => 'syslog:server=localhost',
|
|
|
|
:match => ' access_log syslog:server=localhost combined;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set format_log custom_format',
|
|
|
|
:attr => 'format_log',
|
|
|
|
:value => 'custom',
|
|
|
|
:match => ' access_log /var/log/nginx/ssl-www.rspec.example.com.access.log custom;',
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should set error_log',
|
|
|
|
:attr => 'error_log',
|
|
|
|
:value => '/path/to/error.log',
|
|
|
|
:match => ' error_log /path/to/error.log;',
|
|
|
|
},
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should contain raw_prepend directives',
|
|
|
|
:attr => 'raw_prepend',
|
|
|
|
:value => [
|
|
|
|
'if (a) {',
|
|
|
|
' b;',
|
|
|
|
'}'
|
|
|
|
],
|
|
|
|
:match => /^\s+if \(a\) {\n\s++b;\n\s+\}/,
|
|
|
|
},
|
2014-03-07 13:53:32 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain ordered prepend directives',
|
|
|
|
:attr => 'vhost_cfg_prepend',
|
|
|
|
:value => { 'test1' => 'test value 1', 'test2' => ['test value 2a', 'test value 2b'], 'allow' => 'test value 3' },
|
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
|
|
|
' test1 test value 1;',
|
|
|
|
' test2 test value 2a;',
|
|
|
|
' test2 test value 2b;',
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should contain ordered ssl prepend directives',
|
|
|
|
:attr => 'vhost_cfg_ssl_prepend',
|
|
|
|
:value => { 'test1' => 'test value 1', 'test2' => ['test value 2a', 'test value 2b'], 'allow' => 'test value 3' },
|
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
|
|
|
' test1 test value 1;',
|
|
|
|
' test2 test value 2a;',
|
|
|
|
' test2 test value 2b;',
|
|
|
|
]
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should set root',
|
|
|
|
:attr => 'use_default_location',
|
|
|
|
:value => false,
|
|
|
|
:match => ' root /;',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
:title => 'should not set root',
|
|
|
|
:attr => 'use_default_location',
|
|
|
|
:value => true,
|
2013-12-06 17:36:28 +01:00
|
|
|
:notmatch => / root \/;/,
|
2013-11-22 04:10:53 +01:00
|
|
|
},
|
|
|
|
].each do |param|
|
|
|
|
context "when #{param[:attr]} is #{param[:value]}" do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
param[:attr].to_sym => param[:value],
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.crt',
|
|
|
|
}) end
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header") }
|
2013-11-22 04:10:53 +01:00
|
|
|
it param[:title] do
|
2014-06-26 05:40:22 +02:00
|
|
|
matches = Array(param[:match])
|
|
|
|
|
|
|
|
if matches.all? { |m| m.is_a? Regexp }
|
2014-07-18 04:28:38 +02:00
|
|
|
matches.each { |item| is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(item) }
|
2014-06-26 05:40:22 +02:00
|
|
|
else
|
2014-12-03 05:07:20 +01:00
|
|
|
lines = catalogue.resource('concat::fragment', "#{title}-ssl-header").send(:parameters)[:content].split("\n")
|
2014-07-18 04:28:38 +02:00
|
|
|
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
2013-12-06 17:36:28 +01:00
|
|
|
Array(param[:notmatch]).each do |item|
|
2014-07-18 04:28:38 +02:00
|
|
|
is_expected.to contain_concat__fragment("#{title}-ssl-header").without_content(item)
|
2013-12-06 17:36:28 +01:00
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "vhost_ssl_footer template content" do
|
|
|
|
[
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should not contain www to non-www rewrite',
|
|
|
|
:attr => 'rewrite_www_to_non_www',
|
|
|
|
:value => false,
|
|
|
|
:notmatch => %r|
|
|
|
|
^
|
|
|
|
\s+server_name\s+www\.rspec\.example\.com;\n
|
2015-01-19 17:14:46 +01:00
|
|
|
\s+return\s+301\s+https://rspec\.example\.com\$request_uri;
|
2014-06-26 05:40:22 +02:00
|
|
|
|x,
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain include directives',
|
|
|
|
:attr => 'include_files',
|
|
|
|
:value => [ '/file1', '/file2' ],
|
|
|
|
:match => [
|
2014-09-12 19:42:51 +02:00
|
|
|
%r'^\s+include\s+/file1;',
|
|
|
|
%r'^\s+include\s+/file2;',
|
2013-11-22 04:10:53 +01:00
|
|
|
],
|
|
|
|
},
|
2013-11-22 05:08:36 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain ordered appended directives',
|
|
|
|
:attr => 'vhost_cfg_append',
|
|
|
|
:value => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'allow' => 'test value 3' },
|
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
|
|
|
' test1 test value 1;',
|
|
|
|
' test2 test value 2;',
|
|
|
|
]
|
|
|
|
},
|
2014-06-26 05:40:22 +02:00
|
|
|
{
|
|
|
|
:title => 'should contain raw_append directives',
|
|
|
|
:attr => 'raw_append',
|
|
|
|
:value => [
|
|
|
|
'if (a) {',
|
|
|
|
' b;',
|
|
|
|
'}'
|
|
|
|
],
|
|
|
|
:match => /^\s+if \(a\) {\n\s++b;\n\s+\}/,
|
|
|
|
},
|
2014-03-07 13:53:32 +01:00
|
|
|
{
|
|
|
|
:title => 'should contain ordered ssl appended directives',
|
|
|
|
:attr => 'vhost_cfg_ssl_append',
|
|
|
|
:value => { 'test1' => 'test value 1', 'test2' => ['test value 2a', 'test value 2b'], 'allow' => 'test value 3' },
|
|
|
|
:match => [
|
|
|
|
' allow test value 3;',
|
|
|
|
' test1 test value 1;',
|
|
|
|
' test2 test value 2a;',
|
|
|
|
' test2 test value 2b;',
|
|
|
|
]
|
|
|
|
},
|
2013-11-22 04:10:53 +01:00
|
|
|
].each do |param|
|
|
|
|
context "when #{param[:attr]} is #{param[:value]}" do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
param[:attr].to_sym => param[:value],
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.crt',
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-footer") }
|
2013-11-22 04:10:53 +01:00
|
|
|
it param[:title] do
|
2014-06-26 05:40:22 +02:00
|
|
|
matches = Array(param[:match])
|
|
|
|
|
|
|
|
if matches.all? { |m| m.is_a? Regexp }
|
2014-07-18 04:28:38 +02:00
|
|
|
matches.each { |item| is_expected.to contain_concat__fragment("#{title}-ssl-footer").with_content(item) }
|
2014-06-26 05:40:22 +02:00
|
|
|
else
|
2014-12-03 05:07:20 +01:00
|
|
|
lines = catalogue.resource('concat::fragment', "#{title}-ssl-footer").send(:parameters)[:content].split("\n")
|
2014-07-18 04:28:38 +02:00
|
|
|
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
2013-12-06 17:36:28 +01:00
|
|
|
Array(param[:notmatch]).each do |item|
|
2014-07-18 04:28:38 +02:00
|
|
|
is_expected.to contain_concat__fragment("#{title}-ssl-footer").without_content(item)
|
2013-12-06 17:36:28 +01:00
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-06-26 05:40:22 +02:00
|
|
|
|
2013-11-22 04:10:53 +01:00
|
|
|
context 'attribute resources' do
|
2014-06-26 05:40:22 +02:00
|
|
|
context "with SSL enabled, www rewrite to naked domain with multiple server_names" do
|
|
|
|
let :title do 'foo.com' end
|
|
|
|
let(:params) do
|
|
|
|
{
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_cert => 'cert',
|
|
|
|
:ssl_key => 'key',
|
|
|
|
:server_name => %w(www.foo.com bar.foo.com foo.com),
|
|
|
|
:use_default_location => false,
|
|
|
|
:rewrite_www_to_non_www => true,
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2015-09-15 21:08:40 +02:00
|
|
|
it "should set the server_name of the rewrite server stanza to every server_name with 'www.' stripped" do
|
|
|
|
is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(/^\s+server_name\s+foo.com\s+bar.foo.com\s+foo.com;/)
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "with SSL disabled, www rewrite to naked domain with multiple server_names" do
|
|
|
|
let :title do 'foo.com' end
|
|
|
|
let(:params) do
|
|
|
|
{
|
|
|
|
:server_name => %w(www.foo.com bar.foo.com foo.com),
|
|
|
|
:use_default_location => false,
|
|
|
|
:rewrite_www_to_non_www => true,
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2015-09-15 21:08:40 +02:00
|
|
|
it "should set the server_name of the rewrite server stanza to every server_name with 'www.' stripped" do
|
|
|
|
is_expected.to contain_concat__fragment("#{title}-header").with_content(/^\s+server_name\s+foo.com\s+bar.foo.com\s+foo.com;/)
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-11-22 04:10:53 +01:00
|
|
|
context "SSL cert missing" do
|
|
|
|
let(:params) {{ :ssl => true, :ssl_key => 'key' }}
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { expect { is_expected.to contain_class('nginx::resource::vhost') }.to raise_error(Puppet::Error) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context "SSL key missing" do
|
|
|
|
let(:params) {{ :ssl => true, :ssl_cert => 'cert' }}
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { expect { is_expected.to contain_class('nginx::resource::vhost') }.to raise_error(Puppet::Error) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when use_default_location => true' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:use_default_location => true,
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default") }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when use_default_location => false' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:use_default_location => false,
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.not_to contain_nginx__resource__location("#{title}-default") }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when location_cfg_prepend => { key => value }' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:location_cfg_prepend => { 'key' => 'value' },
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_location_cfg_prepend({ 'key' => 'value' }) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
2014-06-26 05:40:22 +02:00
|
|
|
context "when location_raw_prepend => [ 'foo;' ]" do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:location_raw_prepend => [ 'foo;' ],
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_raw_prepend([ 'foo;' ]) }
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
context "when location_raw_append => [ 'foo;' ]" do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:location_raw_append => [ 'foo;' ],
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_raw_append([ 'foo;' ]) }
|
2014-06-26 05:40:22 +02:00
|
|
|
end
|
|
|
|
|
2013-11-22 04:10:53 +01:00
|
|
|
context 'when location_cfg_append => { key => value }' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:location_cfg_append => { 'key' => 'value' },
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_location_cfg_append({ 'key' => 'value' }) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
2014-01-06 19:47:33 +01:00
|
|
|
context 'when fastcgi => "localhost:9000"' do
|
2013-11-22 04:10:53 +01:00
|
|
|
let :params do default_params.merge({
|
2014-01-06 19:47:33 +01:00
|
|
|
:fastcgi => 'localhost:9000',
|
2013-11-22 04:10:53 +01:00
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_file('/etc/nginx/fastcgi_params').with_mode('0770') }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
2014-08-13 16:18:56 +02:00
|
|
|
context 'when uwsgi => "uwsgi_upstream"' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:uwsgi => 'uwsgi_upstream',
|
|
|
|
}) end
|
|
|
|
|
|
|
|
it { should contain_file('/etc/nginx/uwsgi_params').with_mode('0770') }
|
|
|
|
end
|
|
|
|
|
|
|
|
|
2013-11-22 04:10:53 +01:00
|
|
|
context 'when listen_port == ssl_port' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:listen_port => 80,
|
|
|
|
:ssl_port => 80,
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.not_to contain_concat__fragment("#{title}-header") }
|
|
|
|
it { is_expected.not_to contain_concat__fragment("#{title}-footer") }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when listen_port != ssl_port' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:listen_port => 80,
|
|
|
|
:ssl_port => 443,
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header") }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-footer") }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when ensure => absent' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:ensure => 'absent',
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_ensure('absent') }
|
|
|
|
it { is_expected.to contain_file("#{title}.conf symlink").with_ensure('absent') }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when ssl => true and ssl_port == listen_port' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:ssl => true,
|
|
|
|
:listen_port => 80,
|
|
|
|
:ssl_port => 80,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_ssl_only(true) }
|
2014-11-27 03:35:24 +01:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{access_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.access\.log combined;}) }
|
2014-09-12 19:42:51 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{error_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.error\.log}) }
|
2015-04-14 18:35:50 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{ssl_certificate\s+dummy.cert;}) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{ssl_certificate_key\s+dummy.key;}) }
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-footer") }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
2015-03-23 20:40:13 +01:00
|
|
|
context 'when ssl_client_cert is set' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:ssl => true,
|
|
|
|
:listen_port => 80,
|
|
|
|
:ssl_port => 80,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
:ssl_client_cert => 'client.cert',
|
|
|
|
}) end
|
|
|
|
|
|
|
|
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_ssl_only(true) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{access_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.access\.log combined;}) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{error_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.error\.log}) }
|
2015-03-23 20:50:28 +01:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{ssl_verify_client on;}) }
|
2015-03-23 20:40:13 +01:00
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
context 'when passenger_cgi_param is set' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:passenger_cgi_param => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' }
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_cgi_param test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_cgi_param test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_cgi_param test3 test value 3;/ ) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when passenger_cgi_param is set and ssl => true' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:passenger_cgi_param => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' },
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
}) end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_cgi_param test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_cgi_param test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_cgi_param test3 test value 3;/ ) }
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
2014-01-18 19:31:05 +01:00
|
|
|
|
2015-04-29 23:37:58 +02:00
|
|
|
context 'when passenger_set_header is set' do
|
2015-04-29 18:24:38 +02:00
|
|
|
let :params do default_params.merge({
|
2015-04-29 23:37:58 +02:00
|
|
|
:passenger_set_header => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' }
|
2015-04-29 18:24:38 +02:00
|
|
|
}) end
|
|
|
|
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_header test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_header test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_set_header test3 test value 3;/ ) }
|
|
|
|
end
|
|
|
|
|
2015-04-29 23:37:58 +02:00
|
|
|
context 'when passenger_set_header is set and ssl => true' do
|
2015-04-29 18:24:38 +02:00
|
|
|
let :params do default_params.merge({
|
2015-04-29 23:37:58 +02:00
|
|
|
:passenger_set_header => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' },
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
2015-04-29 18:24:38 +02:00
|
|
|
}) end
|
|
|
|
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_header test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_header test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_set_header test3 test value 3;/ ) }
|
|
|
|
end
|
|
|
|
|
2015-04-29 18:33:42 +02:00
|
|
|
context 'when passenger_env_var is set' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:passenger_env_var => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' }
|
|
|
|
}) end
|
|
|
|
|
2015-04-29 23:37:58 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_env_var test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_env_var test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-header").with_content( /passenger_env_var test3 test value 3;/ ) }
|
2015-04-29 18:33:42 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when passenger_env_var is set and ssl => true' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:passenger_env_var => { 'test1' => 'test value 1', 'test2' => 'test value 2', 'test3' => 'test value 3' },
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
}) end
|
|
|
|
|
2015-04-29 23:37:58 +02:00
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_env_var test1 test value 1;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_env_var test2 test value 2;/ ) }
|
|
|
|
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content( /passenger_env_var test3 test value 3;/ ) }
|
2015-04-29 18:33:42 +02:00
|
|
|
end
|
|
|
|
|
2014-01-18 19:31:05 +01:00
|
|
|
context 'when vhost name is sanitized' do
|
|
|
|
let :title do 'www rspec-vhost com' end
|
|
|
|
let :params do default_params end
|
|
|
|
|
2014-07-18 04:28:38 +02:00
|
|
|
it { is_expected.to contain_concat('/etc/nginx/sites-available/www_rspec-vhost_com.conf') }
|
2014-01-18 19:31:05 +01:00
|
|
|
end
|
2015-01-23 14:33:49 +01:00
|
|
|
|
2015-01-26 09:36:31 +01:00
|
|
|
context 'when add_header is set' do
|
2015-01-23 14:33:49 +01:00
|
|
|
let :params do default_params.merge({
|
|
|
|
:add_header => { 'header3' => 'test value 3', 'header2' => 'test value 2', 'header1' => 'test value 1' }
|
|
|
|
}) end
|
|
|
|
|
|
|
|
it 'should have correctly ordered entries in the config' do
|
|
|
|
is_expected.to contain_concat__fragment("#{title}-header").with_content(/
|
|
|
|
%r|
|
|
|
|
\s+add_header\s+header1 test value 1;\n
|
|
|
|
\s+add_header\s+header2 test value 2;\n
|
|
|
|
\s+add_header\s+header3 test value 3;\n
|
|
|
|
|/)
|
|
|
|
end
|
|
|
|
end
|
2015-07-06 13:50:50 +02:00
|
|
|
|
|
|
|
context 'when add_header is set and ssl => true' do
|
|
|
|
let :params do default_params.merge({
|
|
|
|
:add_header => { 'header3' => 'test value 3', 'header2' => 'test value 2', 'header1' => 'test value 1' },
|
|
|
|
:ssl => true,
|
|
|
|
:ssl_key => 'dummy.key',
|
|
|
|
:ssl_cert => 'dummy.cert',
|
|
|
|
}) end
|
|
|
|
|
|
|
|
it 'should have correctly ordered entries in the config' do
|
|
|
|
is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(/
|
|
|
|
%r|
|
|
|
|
\s+add_header\s+header1 test value 1;\n
|
|
|
|
\s+add_header\s+header2 test value 2;\n
|
|
|
|
\s+add_header\s+header3 test value 3;\n
|
|
|
|
|/)
|
|
|
|
end
|
|
|
|
end
|
2013-11-22 04:10:53 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|