Merge pull request #373 from alkivi-sas/owner
Added owner group and mode parameter. For all users, per sites-available...
This commit is contained in:
James Fryman
commit
61b569ca02
4 changed files with 52 additions and 10 deletions
|
|
@ -69,13 +69,19 @@ class nginx::config(
|
||||||
$vhost_purge = $nginx::params::nx_vhost_purge,
|
$vhost_purge = $nginx::params::nx_vhost_purge,
|
||||||
$worker_connections = $nginx::params::nx_worker_connections,
|
$worker_connections = $nginx::params::nx_worker_connections,
|
||||||
$worker_processes = $nginx::params::nx_worker_processes,
|
$worker_processes = $nginx::params::nx_worker_processes,
|
||||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile
|
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||||
|
$global_owner = $nginx::params::global_owner,
|
||||||
|
$global_group = $nginx::params::global_group,
|
||||||
|
$global_mode = $nginx::params::global_mode,
|
||||||
|
$sites_available_owner = $nginx::params::sites_available_owner,
|
||||||
|
$sites_available_group = $nginx::params::sites_available_group,
|
||||||
|
$sites_available_mode = $nginx::params::sites_available_mode,
|
||||||
) inherits nginx::params {
|
) inherits nginx::params {
|
||||||
|
|
||||||
File {
|
File {
|
||||||
owner => 'root',
|
owner => $global_owner,
|
||||||
group => 'root',
|
group => $global_group,
|
||||||
mode => '0644',
|
mode => $global_mode,
|
||||||
}
|
}
|
||||||
|
|
||||||
file { $conf_dir:
|
file { $conf_dir:
|
||||||
|
|
@ -125,6 +131,9 @@ class nginx::config(
|
||||||
}
|
}
|
||||||
|
|
||||||
file { "${conf_dir}/sites-available":
|
file { "${conf_dir}/sites-available":
|
||||||
|
owner => $sites_available_owner,
|
||||||
|
group => $sites_available_group,
|
||||||
|
mode => $sites_available_mode,
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -96,6 +96,12 @@ class nginx (
|
||||||
$worker_connections = $nginx::params::nx_worker_connections,
|
$worker_connections = $nginx::params::nx_worker_connections,
|
||||||
$worker_processes = $nginx::params::nx_worker_processes,
|
$worker_processes = $nginx::params::nx_worker_processes,
|
||||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||||
|
$global_owner = $nginx::params::nx_global_owner,
|
||||||
|
$global_group = $nginx::params::nx_global_group,
|
||||||
|
$global_mode = $nginx::params::nx_global_mode,
|
||||||
|
$sites_available_owner = $nginx::params::nx_sites_available_owner,
|
||||||
|
$sites_available_group = $nginx::params::nx_sites_available_group,
|
||||||
|
$sites_available_mode = $nginx::params::nx_sites_available_mode,
|
||||||
$geo_mappings = {},
|
$geo_mappings = {},
|
||||||
$string_mappings = {},
|
$string_mappings = {},
|
||||||
) inherits nginx::params {
|
) inherits nginx::params {
|
||||||
|
|
@ -245,6 +251,12 @@ class nginx (
|
||||||
worker_connections => $worker_connections,
|
worker_connections => $worker_connections,
|
||||||
worker_processes => $worker_processes,
|
worker_processes => $worker_processes,
|
||||||
worker_rlimit_nofile => $worker_rlimit_nofile,
|
worker_rlimit_nofile => $worker_rlimit_nofile,
|
||||||
|
global_owner => $global_owner,
|
||||||
|
global_group => $global_group,
|
||||||
|
global_mode => $global_mode,
|
||||||
|
sites_available_owner => $sites_available_owner,
|
||||||
|
sites_available_group => $sites_available_group,
|
||||||
|
sites_available_mode => $sites_available_mode,
|
||||||
require => Class['nginx::package'],
|
require => Class['nginx::package'],
|
||||||
notify => Class['nginx::service'],
|
notify => Class['nginx::service'],
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -140,4 +140,14 @@ class nginx::params {
|
||||||
$package_ensure = 'present'
|
$package_ensure = 'present'
|
||||||
$package_source = 'nginx'
|
$package_source = 'nginx'
|
||||||
$manage_repo = true
|
$manage_repo = true
|
||||||
|
|
||||||
|
# Specific owner for sites-available directory
|
||||||
|
$sites_available_owner = 'root'
|
||||||
|
$sites_available_group = 'root'
|
||||||
|
$sites_available_mode = '0644'
|
||||||
|
|
||||||
|
# Owner for all other files
|
||||||
|
$global_owner = 'root'
|
||||||
|
$global_group = 'root'
|
||||||
|
$global_mode = '0644'
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -130,6 +130,9 @@
|
||||||
# specified by <path-to-lua-script-file> contains the Lua code, or, as from
|
# specified by <path-to-lua-script-file> contains the Lua code, or, as from
|
||||||
# the v0.5.0rc32 release, the Lua/LuaJIT bytecode to be executed.
|
# the v0.5.0rc32 release, the Lua/LuaJIT bytecode to be executed.
|
||||||
# [*gzip_types*] - Defines gzip_types, nginx default is text/html
|
# [*gzip_types*] - Defines gzip_types, nginx default is text/html
|
||||||
|
# [*owner*] - Defines owner of the .conf file
|
||||||
|
# [*group*] - Defines group of the .conf file
|
||||||
|
# [*mode*] - Defines mode of the .conf file
|
||||||
# Actions:
|
# Actions:
|
||||||
#
|
#
|
||||||
# Requires:
|
# Requires:
|
||||||
|
|
@ -222,6 +225,9 @@ define nginx::resource::vhost (
|
||||||
$string_mappings = {},
|
$string_mappings = {},
|
||||||
$geo_mappings = {},
|
$geo_mappings = {},
|
||||||
$gzip_types = undef,
|
$gzip_types = undef,
|
||||||
|
$owner = $nginx::config::global_owner,
|
||||||
|
$group = $nginx::config::global_group,
|
||||||
|
$mode = $nginx::config::global_mode,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
validate_re($ensure, '^(present|absent)$',
|
validate_re($ensure, '^(present|absent)$',
|
||||||
|
|
@ -401,6 +407,11 @@ define nginx::resource::vhost (
|
||||||
validate_hash($string_mappings)
|
validate_hash($string_mappings)
|
||||||
validate_hash($geo_mappings)
|
validate_hash($geo_mappings)
|
||||||
|
|
||||||
|
validate_string($owner)
|
||||||
|
validate_string($group)
|
||||||
|
validate_re($mode, '^\d{4}$',
|
||||||
|
"${mode} is not valid. It should be 4 digits (0644 by default).")
|
||||||
|
|
||||||
# Variables
|
# Variables
|
||||||
$vhost_dir = "${nginx::config::conf_dir}/sites-available"
|
$vhost_dir = "${nginx::config::conf_dir}/sites-available"
|
||||||
$vhost_enable_dir = "${nginx::config::conf_dir}/sites-enabled"
|
$vhost_enable_dir = "${nginx::config::conf_dir}/sites-enabled"
|
||||||
|
|
@ -418,9 +429,9 @@ define nginx::resource::vhost (
|
||||||
default => 'file',
|
default => 'file',
|
||||||
},
|
},
|
||||||
notify => Class['nginx::service'],
|
notify => Class['nginx::service'],
|
||||||
owner => 'root',
|
owner => $owner,
|
||||||
group => 'root',
|
group => $group,
|
||||||
mode => '0644',
|
mode => $mode,
|
||||||
}
|
}
|
||||||
|
|
||||||
# Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
|
# Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
|
||||||
|
|
@ -456,9 +467,9 @@ define nginx::resource::vhost (
|
||||||
}
|
}
|
||||||
|
|
||||||
concat { $config_file:
|
concat { $config_file:
|
||||||
owner => 'root',
|
owner => $owner,
|
||||||
group => 'root',
|
group => $group,
|
||||||
mode => '0644',
|
mode => $mode,
|
||||||
notify => Class['nginx::service'],
|
notify => Class['nginx::service'],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue