opuppet/module-nginx
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #338 from janorn/config_dir

Browse source 
Add nginx config dir as a parameter
This commit is contained in:
James Fryman 2014-06-16 09:43:10 -05:00
commit 144b653c0f
9 changed files with 57 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
manifests/config.pp
View file

@ -17,6 +17,7 @@ class nginx::config(
$client_body_buffer_size = $nginx::params::nx_client_body_buffer_size,
$client_max_body_size = $nginx::params::nx_client_max_body_size,
$confd_purge = $nginx::params::nx_confd_purge,
$conf_dir = $nginx::params::nx_conf_dir,
$conf_template = $nginx::params::nx_conf_template,
$daemon_user = $nginx::params::nx_daemon_user,
$events_use = $nginx::params::nx_events_use,
@ -65,35 +66,35 @@ class nginx::config(
mode => '0644',
}
file { $nginx::params::nx_conf_dir:
file { $conf_dir:
ensure => directory,
}
file { "${nginx::params::nx_conf_dir}/conf.d":
file { "${conf_dir}/conf.d":
ensure => directory,
}
if $confd_purge == true {
File["${nginx::params::nx_conf_dir}/conf.d"] {
File["${conf_dir}/conf.d"] {
purge => true,
recurse => true,
}
}
file { "${nginx::params::nx_conf_dir}/conf.mail.d":
file { "${conf_dir}/conf.mail.d":
ensure => directory,
}
if $confd_purge == true {
File["${nginx::params::nx_conf_dir}/conf.mail.d"] {
File["${conf_dir}/conf.mail.d"] {
purge => true,
recurse => true,
}
}
file { "${nginx::params::nx_conf_dir}/conf.d/vhost_autogen.conf":
file { "${conf_dir}/conf.d/vhost_autogen.conf":
ensure => absent,
}
file { "${nginx::params::nx_conf_dir}/conf.mail.d/vhost_autogen.conf":
file { "${conf_dir}/conf.mail.d/vhost_autogen.conf":
ensure => absent,
}
@ -111,47 +112,47 @@ class nginx::config(
owner => $daemon_user,
}
file { "${nginx::params::nx_conf_dir}/sites-available":
file { "${conf_dir}/sites-available":
ensure => directory,
}
if $vhost_purge == true {
File["${nginx::params::nx_conf_dir}/sites-available"] {
File["${conf_dir}/sites-available"] {
purge => true,
recurse => true,
}
}
file { "${nginx::params::nx_conf_dir}/sites-enabled":
file { "${conf_dir}/sites-enabled":
ensure => directory,
}
if $vhost_purge == true {
File["${nginx::params::nx_conf_dir}/sites-enabled"] {
File["${conf_dir}/sites-enabled"] {
purge => true,
recurse => true,
}
}
file { '/etc/nginx/sites-enabled/default':
file { "${conf_dir}/sites-enabled/default":
ensure => absent,
}
file { "${nginx::params::nx_conf_dir}/nginx.conf":
file { "${conf_dir}/nginx.conf":
ensure => file,
content => template($conf_template),
}
file { "${nginx::params::nx_conf_dir}/conf.d/proxy.conf":
file { "${conf_dir}/conf.d/proxy.conf":
ensure => file,
content => template($proxy_conf_template),
}
file { "${nginx::params::nx_conf_dir}/conf.d/default.conf":
file { "${conf_dir}/conf.d/default.conf":
ensure => absent,
}
file { "${nginx::params::nx_conf_dir}/conf.d/example_ssl.conf":
file { "${conf_dir}/conf.d/example_ssl.conf":
ensure => absent,
}

2
manifests/init.pp
View file

@ -33,6 +33,7 @@ class nginx (
$client_max_body_size = $nginx::params::nx_client_max_body_size,
$confd_purge = $nginx::params::nx_confd_purge,
$configtest_enable = $nginx::params::nx_configtest_enable,
$conf_dir = $nginx::params::nx_conf_dir,
$conf_template = $nginx::params::nx_conf_template,
$daemon_user = $nginx::params::nx_daemon_user,
$events_use = $nginx::params::nx_events_use,
@ -170,6 +171,7 @@ class nginx (
client_body_buffer_size => $client_body_buffer_size,
client_max_body_size => $client_max_body_size,
confd_purge => $confd_purge,
conf_dir => $conf_dir,
conf_template => $conf_template,
daemon_user => $daemon_user,
events_use => $events_use,

10
manifests/resource/location.pp
View file

@ -116,7 +116,7 @@ define nginx::resource::location (
$proxy_connect_timeout = $nginx::config::proxy_connect_timeout,
$proxy_set_header = $nginx::config::proxy_set_header,
$fastcgi = undef,
$fastcgi_params = '/etc/nginx/fastcgi_params',
$fastcgi_params = "${nginx::config::conf_dir}/fastcgi_params",
$fastcgi_script = undef,
$fastcgi_split_path = undef,
$ssl = false,
@ -240,7 +240,7 @@ define nginx::resource::location (
}
$vhost_sanitized = regsubst($vhost, ' ', '_', 'G')
$config_file = "${nginx::config::nx_conf_dir}/sites-available/${vhost_sanitized}.conf"
$config_file = "${nginx::config::conf_dir}/sites-available/${vhost_sanitized}.conf"
$location_sanitized_tmp = regsubst($location, '\/', '_', 'G')
$location_sanitized = regsubst($location_sanitized_tmp, "\\\\", '_', 'G')
@ -271,8 +271,8 @@ define nginx::resource::location (
$content_real = template('nginx/vhost/vhost_location_empty.erb')
}
if $fastcgi != undef and !defined(File['/etc/nginx/fastcgi_params']) {
file { '/etc/nginx/fastcgi_params':
if $fastcgi != undef and !defined(File[$fastcgi_params]) {
file { $fastcgi_params:
ensure => present,
mode => '0770',
content => template('nginx/vhost/fastcgi_params.erb'),
@ -306,7 +306,7 @@ define nginx::resource::location (
if ($auth_basic_user_file != undef) {
#Generate htpasswd with provided file-locations
file { "${nginx::params::nx_conf_dir}/${location_sanitized}_htpasswd":
file { "${nginx::config::conf_dir}/${location_sanitized}_htpasswd":
ensure => $ensure,
mode => '0644',
source => $auth_basic_user_file,

2
manifests/resource/mailhost.pp
View file

@ -101,7 +101,7 @@ define nginx::resource::mailhost (
validate_string($xclient)
validate_array($server_name)
$config_file = "${nginx::config::nx_conf_dir}/conf.mail.d/${name}.conf"
$config_file = "${nginx::config::conf_dir}/conf.mail.d/${name}.conf"
# Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
# and support does not exist for it in the kernel.

2
manifests/resource/upstream.pp
View file

@ -57,7 +57,7 @@ define nginx::resource::upstream (
mode => '0644',
}
file { "/etc/nginx/conf.d/${name}-upstream.conf":
file { "${nginx::config::conf_dir}/conf.d/${name}-upstream.conf":
ensure => $ensure ? {
'absent' => absent,
default => 'file',

20
manifests/resource/vhost.pp
View file

@ -161,7 +161,7 @@ define nginx::resource::vhost (
$proxy_set_body = undef,
$resolver = [],
$fastcgi = undef,
$fastcgi_params = '/etc/nginx/fastcgi_params',
$fastcgi_params = "${nginx::config::conf_dir}/fastcgi_params",
$fastcgi_script = undef,
$index_files = [
'index.html',
@ -334,8 +334,8 @@ define nginx::resource::vhost (
validate_array($rewrite_rules)
# Variables
$vhost_dir = "${nginx::config::nx_conf_dir}/sites-available"
$vhost_enable_dir = "${nginx::config::nx_conf_dir}/sites-enabled"
$vhost_dir = "${nginx::config::conf_dir}/sites-available"
$vhost_enable_dir = "${nginx::config::conf_dir}/sites-enabled"
$vhost_symlink_ensure = $ensure ? {
'absent' => absent,
default => 'link',
@ -450,8 +450,8 @@ define nginx::resource::vhost (
location_custom_cfg_append => $location_custom_cfg_append }
}
if $fastcgi != undef and !defined(File['/etc/nginx/fastcgi_params']) {
file { '/etc/nginx/fastcgi_params':
if $fastcgi != undef and !defined(File[$fastcgi_params]) {
file { $fastcgi_params:
ensure => present,
mode => '0770',
content => template('nginx/vhost/fastcgi_params.erb'),
@ -515,32 +515,32 @@ define nginx::resource::vhost (
# Check if the file has been defined before creating the file to
# avoid the error when using wildcard cert on the multiple vhosts
ensure_resource('file', "${nginx::params::nx_conf_dir}/${cert}.crt", {
ensure_resource('file', "${nginx::config::conf_dir}/${cert}.crt", {
owner => $nginx::config::daemon_user,
mode => '0444',
source => $ssl_cert,
})
ensure_resource('file', "${nginx::params::nx_conf_dir}/${cert}.key", {
ensure_resource('file', "${nginx::config::conf_dir}/${cert}.key", {
owner => $nginx::config::daemon_user,
mode => '0440',
source => $ssl_key,
})
if ($ssl_dhparam != undef) {
ensure_resource('file', "${nginx::params::nx_conf_dir}/${cert}.dh.pem", {
ensure_resource('file', "${nginx::config::conf_dir}/${cert}.dh.pem", {
owner => $nginx::config::daemon_user,
mode => '0440',
source => $ssl_dhparam,
})
}
if ($ssl_stapling_file != undef) {
ensure_resource('file', "${nginx::params::nx_conf_dir}/${cert}.ocsp.resp", {
ensure_resource('file', "${nginx::config::conf_dir}/${cert}.ocsp.resp", {
owner => $nginx::config::daemon_user,
mode => '0440',
source => $ssl_stapling_file,
})
}
if ($ssl_trusted_cert != undef) {
ensure_resource('file', "${nginx::params::nx_conf_dir}/${cert}.trusted.crt", {
ensure_resource('file', "${nginx::config::conf_dir}/${cert}.trusted.crt", {
owner => $nginx::config::daemon_user,
mode => '0440',
source => $ssl_trusted_cert,

12
spec/defines/resource_upstream_spec.rb
View file

@ -10,6 +10,18 @@ describe 'nginx::resource::upstream' do
:members => ['test'],
}
end
let :facts do
{
:osfamily => 'Debian',
:operatingsystem => 'debian',
}
end
let :pre_condition do
[
'include ::nginx::params',
'include ::nginx::config',
]
end
describe 'os-independent items' do

8
templates/conf.d/nginx.conf.erb
View file

@ -18,7 +18,7 @@ events {
}
http {
include <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/mime.types;
include <%= @conf_dir %>/mime.types;
default_type application/octet-stream;
access_log <%= @http_access_log %>;
@ -60,12 +60,12 @@ http {
<% end -%>
<% end -%>
include <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/conf.d/*.conf;
include <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/sites-enabled/*;
include <%= @conf_dir %>/conf.d/*.conf;
include <%= @conf_dir %>/sites-enabled/*;
}
<% if scope.lookupvar('nginx::mail') %>
mail {
include <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/conf.mail.d/*.conf;
include <%= @conf_dir %>/conf.mail.d/*.conf;
}
<% end -%>

10
templates/vhost/vhost_ssl_header.erb
View file

@ -7,10 +7,10 @@ server {
ssl on;
ssl_certificate <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.crt;
ssl_certificate_key <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.key;
ssl_certificate <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.crt;
ssl_certificate_key <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.key;
<% if defined? @ssl_dhparam -%>
ssl_dhparam <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.dh.pem;
ssl_dhparam <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.dh.pem;
<% end -%>
ssl_session_cache <%= @ssl_cache %>;
ssl_session_timeout 5m;
@ -21,7 +21,7 @@ server {
ssl_stapling on;
<% end -%>
<% if defined? @ssl_stapling_file -%>
ssl_stapling_file <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.ocsp.resp;
ssl_stapling_file <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.ocsp.resp;
<% end -%>
<% if defined? @ssl_stapling_responder -%>
ssl_stapling_responder <%= @ssl_stapling_responder %>;
@ -30,7 +30,7 @@ server {
ssl_stapling_verify on;
<% end -%>
<% if defined? @ssl_trusted_cert -%>
ssl_trusted_certificate <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.trusted.crt;
ssl_trusted_certificate <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.trusted.crt;
<% end -%>
<% if @resolver.count > 0 -%>
resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>;