2011-06-07 01:05:27 +02:00
|
|
|
# define: nginx::resource::location
|
|
|
|
#
|
|
|
|
# This definition creates a new location entry within a virtual host
|
|
|
|
#
|
|
|
|
# Parameters:
|
2013-08-22 21:23:16 +02:00
|
|
|
# [*ensure*] - Enables or disables the specified location
|
|
|
|
# (present|absent)
|
|
|
|
# [*vhost*] - Defines the default vHost for this location
|
|
|
|
# entry to include with
|
|
|
|
# [*location*] - Specifies the URI associated with this location
|
|
|
|
# entry
|
2013-09-05 10:01:00 +02:00
|
|
|
# [*location_allow*] - Array: Locations to allow connections from.
|
|
|
|
# [*location_deny*] - Array: Locations to deny connections from.
|
2013-08-22 21:23:16 +02:00
|
|
|
# [*www_root*] - Specifies the location on disk for files to be
|
|
|
|
# read from. Cannot be set in conjunction with $proxy
|
2013-12-16 17:36:24 +01:00
|
|
|
# [*autoindex*] - Set it on 'on' to activate autoindex directory
|
|
|
|
# listing. Undef by default.
|
2013-08-22 21:23:16 +02:00
|
|
|
# [*index_files*] - Default index files for NGINX to read when
|
|
|
|
# traversing a directory
|
|
|
|
# [*proxy*] - Proxy server(s) for a location to connect to.
|
|
|
|
# Accepts a single value, can be used in conjunction with
|
|
|
|
# nginx::resource::upstream
|
|
|
|
# [*proxy_read_timeout*] - Override the default the proxy read timeout
|
|
|
|
# value of 90 seconds
|
2013-03-20 18:44:45 +01:00
|
|
|
# [*fastcgi*] - location of fastcgi (host:port)
|
2013-08-22 21:23:16 +02:00
|
|
|
# [*fastcgi_params*] - optional alternative fastcgi_params file to use
|
|
|
|
# [*fastcgi_script*] - optional SCRIPT_FILE parameter
|
|
|
|
# [*fastcgi_split_path*] - Allows settings of fastcgi_split_path_info so
|
|
|
|
# that you can split the script_name and path_info via regex
|
|
|
|
# [*ssl*] - Indicates whether to setup SSL bindings for
|
|
|
|
# this location.
|
|
|
|
# [*ssl_only*] - Required if the SSL and normal vHost have the
|
|
|
|
# same port.
|
|
|
|
# [*location_alias*] - Path to be used as basis for serving requests
|
|
|
|
# for this location
|
|
|
|
# [*stub_status*] - If true it will point configure module
|
|
|
|
# stub_status to provide nginx stats on location
|
|
|
|
# [*location_custom_cfg*] - Expects a hash with custom directives, cannot
|
|
|
|
# be used with other location types (proxy, fastcgi, root, or stub_status)
|
|
|
|
# [*location_cfg_prepend*] - Expects a hash with extra directives to put
|
|
|
|
# before anything else inside location (used with all other types except
|
|
|
|
# custom_cfg)
|
2014-01-12 20:15:14 +01:00
|
|
|
# [*location_custom_cfg_prepend*] - Expects a array with extra directives
|
|
|
|
# to put before anything else inside location (used with all other types
|
|
|
|
# except custom_cfg). Used for logical structures such as if.
|
|
|
|
# [*location_custom_cfg_append*] - Expects a array with extra directives
|
|
|
|
# to put before anything else inside location (used with all other types
|
|
|
|
# except custom_cfg). Used for logical structures such as if.
|
2013-08-22 21:23:16 +02:00
|
|
|
# [*location_cfg_append*] - Expects a hash with extra directives to put
|
|
|
|
# after everything else inside location (used with all other types except
|
|
|
|
# custom_cfg)
|
2012-11-08 19:09:49 +01:00
|
|
|
# [*try_files*] - An array of file locations to try
|
2012-10-03 01:35:52 +02:00
|
|
|
# [*option*] - Reserved for future use
|
2013-07-08 21:06:02 +02:00
|
|
|
# [*proxy_cache*] - This directive sets name of zone for caching.
|
|
|
|
# The same zone can be used in multiple places.
|
|
|
|
# [*proxy_cache_valid*] - This directive sets the time for caching
|
|
|
|
# different replies.
|
2013-10-15 22:49:33 +02:00
|
|
|
# [*proxy_method*] - If defined, overrides the HTTP method of the
|
|
|
|
# request to be passed to the backend.
|
2013-10-16 00:01:50 +02:00
|
|
|
# [*proxy_set_body*] - If defined, sets the body passed to the backend.
|
2013-07-08 21:06:02 +02:00
|
|
|
# [*auth_basic*] - This directive includes testing name and password
|
|
|
|
# with HTTP Basic Authentication.
|
|
|
|
# [*auth_basic_user_file*] - This directive sets the htpasswd filename for
|
|
|
|
# the authentication realm.
|
|
|
|
# [*priority*] - Location priority. Default: 500. User priority
|
2014-01-03 19:03:55 +01:00
|
|
|
# 401-499, 501-599. If the priority is higher than the default priority,
|
2013-07-08 21:06:02 +02:00
|
|
|
# the location will be defined after root, or before root.
|
|
|
|
#
|
2011-06-07 01:05:27 +02:00
|
|
|
#
|
|
|
|
# Actions:
|
|
|
|
#
|
|
|
|
# Requires:
|
|
|
|
#
|
|
|
|
# Sample Usage:
|
|
|
|
# nginx::resource::location { 'test2.local-bob':
|
|
|
|
# ensure => present,
|
|
|
|
# www_root => '/var/www/bob',
|
|
|
|
# location => '/bob',
|
|
|
|
# vhost => 'test2.local',
|
|
|
|
# }
|
2013-03-16 10:34:07 +01:00
|
|
|
#
|
2012-10-03 01:35:52 +02:00
|
|
|
# Custom config example to limit location on localhost,
|
|
|
|
# create a hash with any extra custom config you want.
|
|
|
|
# $my_config = {
|
|
|
|
# 'access_log' => 'off',
|
|
|
|
# 'allow' => '127.0.0.1',
|
|
|
|
# 'deny' => 'all'
|
|
|
|
# }
|
|
|
|
# nginx::resource::location { 'test2.local-bob':
|
|
|
|
# ensure => present,
|
|
|
|
# www_root => '/var/www/bob',
|
|
|
|
# location => '/bob',
|
|
|
|
# vhost => 'test2.local',
|
|
|
|
# location_cfg_append => $my_config,
|
|
|
|
# }
|
2012-08-27 20:18:50 +02:00
|
|
|
|
2013-04-13 13:50:10 +02:00
|
|
|
define nginx::resource::location (
|
2012-10-03 01:35:52 +02:00
|
|
|
$ensure = present,
|
2013-10-19 22:55:52 +02:00
|
|
|
$location = $name,
|
2012-10-03 01:35:52 +02:00
|
|
|
$vhost = undef,
|
|
|
|
$www_root = undef,
|
2013-12-16 17:36:24 +01:00
|
|
|
$autoindex = undef,
|
2013-04-13 13:50:10 +02:00
|
|
|
$index_files = [
|
|
|
|
'index.html',
|
|
|
|
'index.htm',
|
|
|
|
'index.php'],
|
2012-10-03 01:35:52 +02:00
|
|
|
$proxy = undef,
|
|
|
|
$proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
|
2013-03-20 18:44:45 +01:00
|
|
|
$fastcgi = undef,
|
|
|
|
$fastcgi_params = '/etc/nginx/fastcgi_params',
|
|
|
|
$fastcgi_script = undef,
|
2013-07-19 17:56:03 +02:00
|
|
|
$fastcgi_split_path = undef,
|
2012-10-03 01:35:52 +02:00
|
|
|
$ssl = false,
|
2013-03-16 10:34:07 +01:00
|
|
|
$ssl_only = false,
|
2012-10-03 01:35:52 +02:00
|
|
|
$location_alias = undef,
|
2013-09-04 19:04:28 +02:00
|
|
|
$location_allow = undef,
|
|
|
|
$location_deny = undef,
|
2012-10-03 01:35:52 +02:00
|
|
|
$option = undef,
|
|
|
|
$stub_status = undef,
|
2013-07-03 22:54:33 +02:00
|
|
|
$location_custom_cfg = undef,
|
2012-10-03 01:35:52 +02:00
|
|
|
$location_cfg_prepend = undef,
|
|
|
|
$location_cfg_append = undef,
|
2014-01-12 20:15:14 +01:00
|
|
|
$location_custom_cfg_prepend = undef,
|
|
|
|
$location_custom_cfg_append = undef,
|
2012-11-08 19:09:49 +01:00
|
|
|
$try_files = undef,
|
2013-03-27 19:13:52 +01:00
|
|
|
$proxy_cache = false,
|
|
|
|
$proxy_cache_valid = false,
|
2013-10-15 22:49:33 +02:00
|
|
|
$proxy_method = undef,
|
2013-10-16 00:01:50 +02:00
|
|
|
$proxy_set_body = undef,
|
2013-05-20 16:30:32 +02:00
|
|
|
$auth_basic = undef,
|
2013-07-08 21:06:02 +02:00
|
|
|
$auth_basic_user_file = undef,
|
2014-01-13 19:20:02 +01:00
|
|
|
$rewrite_rules = [],
|
2013-07-08 21:06:02 +02:00
|
|
|
$priority = 500
|
2011-06-15 21:40:42 +02:00
|
|
|
) {
|
|
|
|
File {
|
|
|
|
owner => 'root',
|
|
|
|
group => 'root',
|
|
|
|
mode => '0644',
|
|
|
|
notify => Class['nginx::service'],
|
|
|
|
}
|
2013-12-16 17:36:24 +01:00
|
|
|
|
2014-01-06 18:41:47 +01:00
|
|
|
validate_re($ensure, '^(present|absent)$',
|
|
|
|
"${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.")
|
|
|
|
validate_string($location)
|
|
|
|
if ($vhost != undef) {
|
|
|
|
validate_string($vhost)
|
|
|
|
}
|
|
|
|
if ($www_root != undef) {
|
|
|
|
validate_string($www_root)
|
|
|
|
}
|
|
|
|
if ($autoindex != undef) {
|
|
|
|
validate_string($autoindex)
|
|
|
|
}
|
2013-10-20 23:58:25 +02:00
|
|
|
validate_array($index_files)
|
2014-01-06 18:41:47 +01:00
|
|
|
if ($proxy != undef) {
|
|
|
|
validate_string($proxy)
|
|
|
|
}
|
|
|
|
validate_string($proxy_read_timeout)
|
|
|
|
if ($fastcgi != undef) {
|
|
|
|
validate_string($fastcgi)
|
|
|
|
}
|
|
|
|
validate_string($fastcgi_params)
|
|
|
|
if ($fastcgi_script != undef) {
|
|
|
|
validate_string($fastcgi_script)
|
|
|
|
}
|
|
|
|
if ($fastcgi_split_path != undef) {
|
|
|
|
validate_string($fastcgi_split_path)
|
|
|
|
}
|
|
|
|
validate_bool($ssl)
|
|
|
|
validate_bool($ssl_only)
|
|
|
|
if ($location_alias != undef) {
|
|
|
|
validate_string($location_alias)
|
|
|
|
}
|
|
|
|
if ($location_allow != undef) {
|
|
|
|
validate_array($location_allow)
|
|
|
|
}
|
|
|
|
if ($location_deny != undef) {
|
|
|
|
validate_array($location_deny)
|
|
|
|
}
|
|
|
|
if ($option != undef) {
|
|
|
|
warning('The $option parameter has no effect and is deprecated.')
|
|
|
|
}
|
|
|
|
if ($stub_status != undef) {
|
|
|
|
validate_bool($stub_status)
|
|
|
|
}
|
|
|
|
if ($location_custom_cfg != undef) {
|
|
|
|
validate_hash($location_custom_cfg)
|
|
|
|
}
|
|
|
|
if ($location_cfg_prepend != undef) {
|
|
|
|
validate_hash($location_cfg_prepend)
|
|
|
|
}
|
|
|
|
if ($location_cfg_append != undef) {
|
|
|
|
validate_hash($location_cfg_append)
|
|
|
|
}
|
|
|
|
if ($try_files != undef) {
|
|
|
|
validate_array($try_files)
|
|
|
|
}
|
|
|
|
if ($proxy_cache != false) {
|
|
|
|
validate_string($proxy_cache)
|
|
|
|
}
|
|
|
|
if ($proxy_cache_valid != false) {
|
|
|
|
validate_string($proxy_cache_valid)
|
|
|
|
}
|
|
|
|
if ($proxy_method != undef) {
|
|
|
|
validate_string($proxy_method)
|
|
|
|
}
|
|
|
|
if ($proxy_set_body != undef) {
|
|
|
|
validate_string($proxy_set_body)
|
|
|
|
}
|
|
|
|
if ($auth_basic != undef) {
|
|
|
|
validate_string($auth_basic)
|
|
|
|
}
|
|
|
|
if ($auth_basic_user_file != undef) {
|
|
|
|
validate_string($auth_basic_user_file)
|
|
|
|
}
|
2014-01-03 19:03:55 +01:00
|
|
|
if !is_integer($priority) {
|
2014-01-08 03:09:23 +01:00
|
|
|
fail('$priority must be an integer.')
|
2014-01-03 19:03:55 +01:00
|
|
|
}
|
2014-01-13 19:20:02 +01:00
|
|
|
validate_array($rewrite_rules)
|
2014-01-03 19:03:55 +01:00
|
|
|
if ($priority < 401) or ($priority > 599) {
|
2014-01-08 03:09:23 +01:00
|
|
|
fail('$priority must be in the range 401-599.')
|
2014-01-03 19:03:55 +01:00
|
|
|
}
|
2011-06-15 21:40:42 +02:00
|
|
|
|
2013-04-13 13:50:10 +02:00
|
|
|
# # Shared Variables
|
2011-06-15 21:40:42 +02:00
|
|
|
$ensure_real = $ensure ? {
|
|
|
|
'absent' => absent,
|
|
|
|
default => file,
|
|
|
|
}
|
2014-01-12 20:15:14 +01:00
|
|
|
|
|
|
|
$vhost_sanitized = regsubst($vhost, ' ', '_', 'G')
|
|
|
|
$config_file = "${nginx::config::nx_conf_dir}/sites-available/${vhost_sanitized}.conf"
|
2011-06-15 21:40:42 +02:00
|
|
|
|
2013-12-24 23:36:01 +01:00
|
|
|
$location_sanitized_tmp = regsubst($location, '\/', '_', 'G')
|
|
|
|
$location_sanitized = regsubst($location_sanitized_tmp, '\\', '_', 'G')
|
2013-10-19 22:55:52 +02:00
|
|
|
|
2013-07-03 02:18:14 +02:00
|
|
|
## Check for various error conditions
|
|
|
|
if ($vhost == undef) {
|
|
|
|
fail('Cannot create a location reference without attaching to a virtual host')
|
|
|
|
}
|
2013-07-03 22:54:33 +02:00
|
|
|
if (($www_root == undef) and ($proxy == undef) and ($location_alias == undef) and ($stub_status == undef) and ($fastcgi == undef) and ($location_custom_cfg == undef)) {
|
|
|
|
fail('Cannot create a location reference without a www_root, proxy, location_alias, fastcgi, stub_status, or location_custom_cfg defined')
|
2013-07-03 02:18:14 +02:00
|
|
|
}
|
|
|
|
if (($www_root != undef) and ($proxy != undef)) {
|
|
|
|
fail('Cannot define both directory and proxy in a virtual host')
|
|
|
|
}
|
|
|
|
|
2012-12-06 08:11:29 +01:00
|
|
|
# Use proxy or fastcgi template if $proxy is defined, otherwise use directory template.
|
2011-06-15 21:40:42 +02:00
|
|
|
if ($proxy != undef) {
|
|
|
|
$content_real = template('nginx/vhost/vhost_location_proxy.erb')
|
2012-09-24 17:21:35 +02:00
|
|
|
} elsif ($location_alias != undef) {
|
|
|
|
$content_real = template('nginx/vhost/vhost_location_alias.erb')
|
2012-10-03 00:44:47 +02:00
|
|
|
} elsif ($stub_status != undef) {
|
|
|
|
$content_real = template('nginx/vhost/vhost_location_stub_status.erb')
|
2012-12-06 08:11:29 +01:00
|
|
|
} elsif ($fastcgi != undef) {
|
2013-03-27 19:13:52 +01:00
|
|
|
$content_real = template('nginx/vhost/vhost_location_fastcgi.erb')
|
2013-07-03 08:47:49 +02:00
|
|
|
} elsif ($www_root != undef) {
|
2011-06-15 21:40:42 +02:00
|
|
|
$content_real = template('nginx/vhost/vhost_location_directory.erb')
|
2013-07-03 08:47:49 +02:00
|
|
|
} else {
|
|
|
|
$content_real = template('nginx/vhost/vhost_location_empty.erb')
|
2011-06-15 21:40:42 +02:00
|
|
|
}
|
|
|
|
|
2013-08-22 21:23:16 +02:00
|
|
|
if $fastcgi != undef and !defined(File['/etc/nginx/fastcgi_params']) {
|
2013-07-31 23:07:59 +02:00
|
|
|
file { '/etc/nginx/fastcgi_params':
|
|
|
|
ensure => present,
|
|
|
|
mode => '0770',
|
|
|
|
content => template('nginx/vhost/fastcgi_params.erb'),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-06-15 21:40:42 +02:00
|
|
|
## Create stubs for vHost File Fragment Pattern
|
2013-05-26 14:24:40 +02:00
|
|
|
if ($ssl_only != true) {
|
2014-01-12 20:15:14 +01:00
|
|
|
concat::fragment { "${vhost_sanitized}-${priority}-${location_sanitized}":
|
2013-12-01 01:52:12 +01:00
|
|
|
target => $config_file,
|
2012-10-18 15:33:07 +02:00
|
|
|
content => $content_real,
|
2014-01-14 16:57:13 +01:00
|
|
|
order => "${priority}",
|
2012-10-18 15:33:07 +02:00
|
|
|
}
|
2011-06-15 21:40:42 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
## Only create SSL Specific locations if $ssl is true.
|
2013-05-26 14:24:40 +02:00
|
|
|
if ($ssl == true) {
|
2013-07-08 21:06:02 +02:00
|
|
|
$ssl_priority = $priority + 300
|
2014-01-12 20:15:14 +01:00
|
|
|
concat::fragment {"${vhost_sanitized}-${ssl_priority}-${location_sanitized}-ssl":
|
2013-12-01 01:52:12 +01:00
|
|
|
target => $config_file,
|
2011-06-15 21:40:42 +02:00
|
|
|
content => $content_real,
|
2014-01-14 16:57:13 +01:00
|
|
|
order => "${ssl_priority}",
|
2011-06-07 00:25:04 +02:00
|
|
|
}
|
2011-06-15 21:40:42 +02:00
|
|
|
}
|
2013-05-20 16:30:32 +02:00
|
|
|
|
|
|
|
if ($auth_basic_user_file != undef) {
|
|
|
|
#Generate htpasswd with provided file-locations
|
2013-10-19 22:55:52 +02:00
|
|
|
file { "${nginx::params::nx_conf_dir}/${location_sanitized}_htpasswd":
|
2013-05-20 16:30:32 +02:00
|
|
|
ensure => $ensure,
|
|
|
|
mode => '0644',
|
|
|
|
source => $auth_basic_user_file,
|
|
|
|
}
|
|
|
|
}
|
2011-06-15 21:40:42 +02:00
|
|
|
}
|