opuppet/module-nginx
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Introducing Puppet Module Tool

Browse source
This commit is contained in:
James Fryman 2014-09-20 13:29:40 -05:00
parent d11d574e8c
commit 9bd63d348d
13 changed files with 452 additions and 372 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
data/common.yaml Normal file
View file

@ -0,0 +1,91 @@
---
nginx::config::temp_dir: /tmp
nginx::config::run_dir: /var/nginx
nginx::config::conf_template: nginx/conf.d/nginx.conf.erb
nginx::config::proxy_conf_template: nginx/conf.d/proxy.conf.erb
nginx::config::confd_purge: false
nginx::config::vhost_purge: false
nginx::config::worker_processes: 1
nginx::config::worker_connections: 1024
nginx::config::worker_rlimit_nofile: 1024
nginx::config::types_hash_max_size: 1024
nginx::config::types_hash_bucket_size: 512
nginx::config::names_hash_bucket_size: 64
nginx::config::names_hash_max_size: 512
nginx::config::multi_accept: off
nginx::config::events_use: false
nginx::config::sendfile: on
nginx::config::keepalive_timeout: 65
nginx::config::http_tcp_nodelay: on
nginx::config::http_tcp_nopush: off
nginx::config::gzip: on
nginx::config::server_tokens: on
nginx::config::spdy: off
nginx::config::ssl_stapling: off
nginx::config::proxy_redirect: off
nginx::config::proxy_set_header:
- 'Host $host'
- 'X-Real-IP $remote_addr'
- 'X-Forwarded-For $proxy_add_x_forwarded_for'
nginx::config::proxy_cache_path: false
nginx::config::proxy_cache_levels: 1
nginx::config::proxy_cache_keys_zone: 'd2:100m'
nginx::config::proxy_cache_max_size: 500m
nginx::config::proxy_cache_inactive: 20m
nginx::config::fastcgi_cache_path: false
nginx::config::fastcgi_cache_levels: 1
nginx::config::fastcgi_cache_keys_zone: 'd3:100m'
nginx::config::fastcgi_cache_max_size: 500m
nginx::config::fastcgi_cache_inactive: 20m
nginx::config::fastcgi_cache_key: false
nginx::config::fastcgi_cache_use_stale: false
nginx::config::client_body_temp_path: /var/nginx/client_body_temp
nginx::config::client_body_buffer_size: 128k
nginx::config::client_max_body_size: 10m
nginx::config::proxy_temp_path: /var/nginx/proxy_temp
nginx::config::proxy_connect_timeout: 90
nginx::config::proxy_send_timeout: 90
nginx::config::proxy_read_timeout: 90
nginx::config::proxy_buffers: '32 4k'
nginx::config::proxy_http_version: 1.0
nginx::config::proxy_buffer_size: 8k
nginx::config::proxy_headers_hash_bucket_size: 64
nginx::config::logdir: /var/log/nginx
# Service restart after Nginx 0.7.53 could also be just
# "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't.
# If configtest_enable it's true then service restart will take
# $nx_service_restart value, forcing configtest.
nginx::config::configtest_enable: false
nginx::config::service_restart: '/etc/init.d/nginx configtest && /etc/init.d/nginx restart'
nginx::config::service_ensure: running
nginx::config::mail: false
nginx::config::http_cfg_append: false
nginx::config::nginx_error_log: /var/log/nginx/error.log
nginx::config::http_access_log: /var/log/nginx/access.log
# package name depends on distribution, e.g. for Debian nginx-full | nginx-light
nginx::config::package_name: nginx
nginx::config::package_ensure: present
nginx::config::package_source: nginx
nginx::config::manage_repo: true
nginx::config::root_group: root
# Specific owner for sites-available directory
nginx::config::sites_available_owner: root
nginx::config::sites_available_group: root
nginx::config::sites_available_mode: '0644'
# Owner for all other files
nginx::config::global_owner: root
nginx::config::global_group: root
nginx::config::global_mode: '0644'
nginx::config::pid: /var/run/nginx.pid
nginx::config::conf_dir: /etc/nginx
nginx::config::super_user: true
nginx::config::daemon_user: nginx

6
data/hiera.yaml Normal file
View file

@ -0,0 +1,6 @@
--
:hierarchy:
- osfamily/%{::osfamily}
- kernelversion/%{::kernelversion}
- kernel/%{::kernel}
- common

3
data/kernelversion/Joyent.yaml Normal file
View file

@ -0,0 +1,3 @@
---
nginx::config::conf_dir: /opt/local/etc/nginx
nginx::config::daemon_user: www

3
data/osfamily/Archlinux.yaml Normal file
View file

@ -0,0 +1,3 @@
---
nginx::config::pid: false
nginx::config::daemon_user: http

2
data/osfamily/Debian.yaml Normal file
View file

@ -0,0 +1,2 @@
---
nginx::config::daemon_user: www-data

4
data/osfamily/FreeBSD.yaml Normal file
View file

@ -0,0 +1,4 @@
---
nginx::config::conf_dir: /usr/local/etc/nginx
nginx::config::daemon_user: www
nginx::config::root_group: wheel

2
data/osfamily/Solaris.yaml Normal file
View file

@ -0,0 +1,2 @@
---
nginx::config::daemon_user: webservd

33
docs/hiera.md Normal file
View file

@ -0,0 +1,33 @@
# Usage of Hiera
This module takes advantage of the `puppet-module-data` pattern as introduced
by R.I. Pinnear to allow for a significant amount of flexibility with base
configuration of the module. This is to reduce the amount of clutter starting
to gather in `params.pp`, and provide a foundation for future enhancements.
## Upgrading
If you happen to be here because of some silly deprecation notice, it is
probably because a manifest is declaring attributes for the Nginx Class.
Upgrading should be easy!
* Step 1: Make sure you have Hiera configured. https://docs.puppetlabs.com/hiera/1/puppet.html#puppet-3-and-newer
* Step 2: Move any declared parameters to hiera.
* Step 3: Profit!
For example:
```
class { 'nginx':
logdir => '/data/nginx/logs',
}
```
should become in your hiera configs:
```
nginx::config::logdir: /data/nginx/logs
```
Please note: This module takes advantage of Puppet 3 data module bindings.
Be aware of any gotchas that accompany this. Take a look at https://docs.puppetlabs.com/hiera/1/puppet.html#limitations

205
manifests/config.pp
View file

@ -14,70 +14,149 @@
#
# This class file is not called directly
class nginx::config(
$client_body_buffer_size = $nginx::params::nx_client_body_buffer_size,
$client_body_temp_path = $nginx::params::nx_client_body_temp_path,
$client_max_body_size = $nginx::params::nx_client_max_body_size,
$confd_purge = $nginx::params::nx_confd_purge,
$conf_dir = $nginx::params::nx_conf_dir,
$conf_template = $nginx::params::nx_conf_template,
$daemon_user = $nginx::params::nx_daemon_user,
$events_use = $nginx::params::nx_events_use,
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
$gzip = $nginx::params::nx_gzip,
$http_access_log = $nginx::params::nx_http_access_log,
$http_cfg_append = $nginx::params::nx_http_cfg_append,
$http_tcp_nodelay = $nginx::params::nx_http_tcp_nodelay,
$http_tcp_nopush = $nginx::params::nx_http_tcp_nopush,
$keepalive_timeout = $nginx::params::nx_keepalive_timeout,
$logdir = $nginx::params::nx_logdir,
$mail = $nginx::params::nx_mail,
$multi_accept = $nginx::params::nx_multi_accept,
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
$nginx_error_log = $nginx::params::nx_nginx_error_log,
$pid = $nginx::params::nx_pid,
$proxy_buffers = $nginx::params::nx_proxy_buffers,
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
$proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout,
$proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size,
$proxy_http_version = $nginx::params::nx_proxy_http_version,
$proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
$proxy_redirect = $nginx::params::nx_proxy_redirect,
$proxy_send_timeout = $nginx::params::nx_proxy_send_timeout,
$proxy_set_header = $nginx::params::nx_proxy_set_header,
$proxy_temp_path = $nginx::params::nx_proxy_temp_path,
$run_dir = $nginx::params::nx_run_dir,
$sendfile = $nginx::params::nx_sendfile,
$server_tokens = $nginx::params::nx_server_tokens,
$spdy = $nginx::params::nx_spdy,
$super_user = $nginx::params::nx_super_user,
$temp_dir = $nginx::params::nx_temp_dir,
$types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size,
$types_hash_max_size = $nginx::params::nx_types_hash_max_size,
$vhost_purge = $nginx::params::nx_vhost_purge,
$worker_connections = $nginx::params::nx_worker_connections,
$worker_processes = $nginx::params::nx_worker_processes,
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
$global_owner = $nginx::params::global_owner,
$global_group = $nginx::params::global_group,
$global_mode = $nginx::params::global_mode,
$sites_available_owner = $nginx::params::sites_available_owner,
$sites_available_group = $nginx::params::sites_available_group,
$sites_available_mode = $nginx::params::sites_available_mode,
) inherits nginx::params {
$client_body_buffer_size = undef,
$client_body_temp_path = undef,
$client_max_body_size = undef,
$confd_purge = undef,
$conf_dir = undef,
$conf_template = undef,
$daemon_user = undef,
$events_use = undef,
$fastcgi_cache_inactive = undef,
$fastcgi_cache_key = undef,
$fastcgi_cache_keys_zone = undef,
$fastcgi_cache_levels = undef,
$fastcgi_cache_max_size = undef,
$fastcgi_cache_path = undef,
$fastcgi_cache_use_stale = undef,
$gzip = undef,
$http_access_log = undef,
$http_cfg_append = undef,
$http_tcp_nodelay = undef,
$http_tcp_nopush = undef,
$keepalive_timeout = undef,
$logdir = undef,
$mail = undef,
$multi_accept = undef,
$names_hash_bucket_size = undef,
$names_hash_max_size = undef,
$nginx_error_log = undef,
$pid = undef,
$proxy_buffers = undef,
$proxy_buffer_size = undef,
$proxy_cache_inactive = undef,
$proxy_cache_keys_zone = undef,
$proxy_cache_levels = undef,
$proxy_cache_max_size = undef,
$proxy_cache_path = undef,
$proxy_conf_template = undef,
$proxy_connect_timeout = undef,
$proxy_headers_hash_bucket_size = undef,
$proxy_http_version = undef,
$proxy_read_timeout = undef,
$proxy_redirect = undef,
$proxy_send_timeout = undef,
$proxy_set_header = undef,
$proxy_temp_path = undef,
$run_dir = undef,
$sendfile = undef,
$server_tokens = undef,
$spdy = undef,
$super_user = undef,
$temp_dir = undef,
$types_hash_bucket_size = undef,
$types_hash_max_size = undef,
$vhost_purge = undef,
$worker_connections = undef,
$worker_processes = undef,
$worker_rlimit_nofile = undef,
$global_owner = undef,
$global_group = undef,
$global_mode = undef,
$sites_available_owner = undef,
$sites_available_group = undef,
$sites_available_mode = undef,
) {
### Validations ###
if (!is_string($worker_processes)) and (!is_integer($worker_processes)) {
fail('$worker_processes must be an integer or have value "auto".')
}
if (!is_integer($worker_connections)) {
fail('$worker_connections must be an integer.')
}
if (!is_integer($worker_rlimit_nofile)) {
fail('$worker_rlimit_nofile must be an integer.')
}
if (!is_string($events_use)) and ($events_use != false) {
fail('$events_use must be a string or false.')
}
validate_string($multi_accept)
validate_string($package_name)
validate_string($package_ensure)
validate_string($package_source)
validate_array($proxy_set_header)
validate_string($proxy_http_version)
validate_bool($confd_purge)
validate_bool($vhost_purge)
if ($proxy_cache_path != false) {
validate_string($proxy_cache_path)
}
validate_re($proxy_cache_levels, '^[12](:[12])*$')
validate_string($proxy_cache_keys_zone)
validate_string($proxy_cache_max_size)
validate_string($proxy_cache_inactive)
if ($fastcgi_cache_path != false) {
validate_string($fastcgi_cache_path)
}
validate_re($fastcgi_cache_levels, '^[12](:[12])*$')
validate_string($fastcgi_cache_keys_zone)
validate_string($fastcgi_cache_max_size)
validate_string($fastcgi_cache_inactive)
if ($fastcgi_cache_key != false) {
validate_string($fastcgi_cache_key)
}
if ($fastcgi_cache_use_stale != false) {
validate_string($fastcgi_cache_use_stale)
}
validate_bool($configtest_enable)
validate_string($service_restart)
validate_bool($mail)
validate_string($server_tokens)
validate_string($client_max_body_size)
if (!is_integer($names_hash_bucket_size)) {
fail('$names_hash_bucket_size must be an integer.')
}
if (!is_integer($names_hash_max_size)) {
fail('$names_hash_max_size must be an integer.')
}
validate_string($proxy_buffers)
validate_string($proxy_buffer_size)
if ($http_cfg_append != false) {
if !(is_hash($http_cfg_append) or is_array($http_cfg_append)) {
fail('$http_cfg_append must be either a hash or array')
}
}
validate_string($nginx_error_log)
validate_string($http_access_log)
validate_hash($nginx_upstreams)
validate_hash($nginx_vhosts)
validate_hash($nginx_vhosts_defaults)
validate_hash($nginx_locations)
validate_hash($nginx_mailhosts)
validate_bool($manage_repo)
validate_string($proxy_headers_hash_bucket_size)
validate_bool($super_user)
validate_hash($string_mappings)
validate_hash($geo_mappings)
### END VALIDATIONS ###
### CONFIGURATION ###
File {
owner => $global_owner,
group => $global_group,

304
manifests/init.pp
View file

@ -5,7 +5,7 @@
# Parameters:
#
# There are no default parameters for this class. All module parameters
# are managed via the nginx::params class
# are managed via puppet-module-data (see data/ dir)
#
# Actions:
#
@ -29,160 +29,173 @@
# include nginx
# }
class nginx (
$client_body_buffer_size = $nginx::params::nx_client_body_buffer_size,
$client_body_temp_path = $nginx::params::nx_client_body_temp_path,
$client_max_body_size = $nginx::params::nx_client_max_body_size,
$confd_purge = $nginx::params::nx_confd_purge,
$configtest_enable = $nginx::params::nx_configtest_enable,
$conf_dir = $nginx::params::nx_conf_dir,
$conf_template = $nginx::params::nx_conf_template,
$daemon_user = $nginx::params::nx_daemon_user,
$events_use = $nginx::params::nx_events_use,
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
$gzip = $nginx::params::nx_gzip,
$http_access_log = $nginx::params::nx_http_access_log,
$http_cfg_append = $nginx::params::nx_http_cfg_append,
$http_tcp_nodelay = $nginx::params::nx_http_tcp_nodelay,
$http_tcp_nopush = $nginx::params::nx_http_tcp_nopush,
$keepalive_timeout = $nginx::params::nx_keepalive_timeout,
$logdir = $nginx::params::nx_logdir,
$mail = $nginx::params::nx_mail,
$manage_repo = $nginx::params::manage_repo,
$multi_accept = $nginx::params::nx_multi_accept,
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
$nginx_error_log = $nginx::params::nx_nginx_error_log,
$client_body_buffer_size = undef,
$client_body_temp_path = undef,
$client_max_body_size = undef,
$confd_purge = undef,
$configtest_enable = undef,
$conf_dir = undef,
$conf_template = undef,
$daemon_user = undef,
$events_use = undef,
$fastcgi_cache_inactive = undef,
$fastcgi_cache_key = undef,
$fastcgi_cache_keys_zone = undef,
$fastcgi_cache_levels = undef,
$fastcgi_cache_max_size = undef,
$fastcgi_cache_path = undef,
$fastcgi_cache_use_stale = undef,
$gzip = undef,
$http_access_log = undef,
$http_cfg_append = undef,
$http_tcp_nodelay = undef,
$http_tcp_nopush = undef,
$keepalive_timeout = undef,
$logdir = undef,
$mail = undef,
$manage_repo = undef,
$multi_accept = undef,
$names_hash_bucket_size = undef,
$names_hash_max_size = undef,
$nginx_error_log = undef,
$nginx_locations = {},
$nginx_mailhosts = {},
$nginx_upstreams = {},
$nginx_vhosts = {},
$nginx_vhosts_defaults = {},
$package_ensure = $nginx::params::package_ensure,
$package_name = $nginx::params::package_name,
$package_source = $nginx::params::package_source,
$pid = $nginx::params::nx_pid,
$proxy_buffers = $nginx::params::nx_proxy_buffers,
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
$proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout,
$proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size,
$proxy_http_version = $nginx::params::nx_proxy_http_version,
$proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
$proxy_redirect = $nginx::params::nx_proxy_redirect,
$proxy_send_timeout = $nginx::params::nx_proxy_send_timeout,
$proxy_set_header = $nginx::params::nx_proxy_set_header,
$proxy_temp_path = $nginx::params::nx_proxy_temp_path,
$run_dir = $nginx::params::nx_run_dir,
$sendfile = $nginx::params::nx_sendfile,
$server_tokens = $nginx::params::nx_server_tokens,
$service_ensure = $nginx::params::nx_service_ensure,
$service_restart = $nginx::params::nx_service_restart,
$spdy = $nginx::params::nx_spdy,
$super_user = $nginx::params::nx_super_user,
$temp_dir = $nginx::params::nx_temp_dir,
$types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size,
$types_hash_max_size = $nginx::params::nx_types_hash_max_size,
$vhost_purge = $nginx::params::nx_vhost_purge,
$worker_connections = $nginx::params::nx_worker_connections,
$worker_processes = $nginx::params::nx_worker_processes,
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
$global_owner = $nginx::params::global_owner,
$global_group = $nginx::params::global_group,
$global_mode = $nginx::params::global_mode,
$sites_available_owner = $nginx::params::sites_available_owner,
$sites_available_group = $nginx::params::sites_available_group,
$sites_available_mode = $nginx::params::sites_available_mode,
$package_ensure = undef,
$package_name = undef,
$package_source = undef,
$pid = undef,
$proxy_buffers = undef,
$proxy_buffer_size = undef,
$proxy_cache_inactive = undef,
$proxy_cache_keys_zone = undef,
$proxy_cache_levels = undef,
$proxy_cache_max_size = undef,
$proxy_cache_path = undef,
$proxy_conf_template = undef,
$proxy_connect_timeout = undef,
$proxy_headers_hash_bucket_size = undef,
$proxy_http_version = undef,
$proxy_read_timeout = undef,
$proxy_redirect = undef,
$proxy_send_timeout = undef,
$proxy_set_header = undef,
$proxy_temp_path = undef,
$run_dir = undef,
$sendfile = undef,
$server_tokens = undef,
$service_ensure = undef,
$service_restart = undef,
$spdy = undef,
$super_user = undef,
$temp_dir = undef,
$types_hash_bucket_size = undef,
$types_hash_max_size = undef,
$vhost_purge = undef,
$worker_connections = undef,
$worker_processes = undef,
$worker_rlimit_nofile = undef,
$global_owner = undef,
$global_group = undef,
$global_mode = undef,
$sites_available_owner = undef,
$sites_available_group = undef,
$sites_available_mode = undef,
$geo_mappings = {},
$string_mappings = {},
) inherits nginx::params {
) {
include stdlib
### DEPRECATION WARNING ###
###
### During the transition from the params pattern -> puppet-module-data,
### we need a graceful way to notify the consumer that the pattern is
### changing, and point them toward docs on how to transition.
###
### Once we hit 1.0, this whole block goes away.
###
### Please note: as a contributor to this module, no Pulls will be accepted
### that do add additional parameters to this class. Get on this puppet-module-data
### level!
if (!is_string($worker_processes)) and (!is_integer($worker_processes)) {
fail('$worker_processes must be an integer or have value "auto".')
}
if (!is_integer($worker_connections)) {
fail('$worker_connections must be an integer.')
}
if (!is_integer($worker_rlimit_nofile)) {
fail('$worker_rlimit_nofile must be an integer.')
}
if (!is_string($events_use)) and ($events_use != false) {
fail('$events_use must be a string or false.')
}
validate_string($multi_accept)
validate_string($package_name)
validate_string($package_ensure)
validate_string($package_source)
validate_array($proxy_set_header)
validate_string($proxy_http_version)
validate_bool($confd_purge)
validate_bool($vhost_purge)
if ($proxy_cache_path != false) {
validate_string($proxy_cache_path)
}
validate_re($proxy_cache_levels, '^[12](:[12])*$')
validate_string($proxy_cache_keys_zone)
validate_string($proxy_cache_max_size)
validate_string($proxy_cache_inactive)
### This block makes me sad, but what can you do.... we need to do this
### migration the Right Way(tm) -- JDF
if ($fastcgi_cache_path != false) {
validate_string($fastcgi_cache_path)
}
validate_re($fastcgi_cache_levels, '^[12](:[12])*$')
validate_string($fastcgi_cache_keys_zone)
validate_string($fastcgi_cache_max_size)
validate_string($fastcgi_cache_inactive)
if ($fastcgi_cache_key != false) {
validate_string($fastcgi_cache_key)
}
if ($fastcgi_cache_use_stale != false) {
validate_string($fastcgi_cache_use_stale)
}
if $client_body_buffer_size or
$client_body_temp_path or
$client_max_body_size or
$confd_purge or
$configtest_enable or
$conf_dir or
$conf_template or
$daemon_user or
$events_use or
$fastcgi_cache_inactive or
$fastcgi_cache_key or
$fastcgi_cache_keys_zone or
$fastcgi_cache_levels or
$fastcgi_cache_max_size or
$fastcgi_cache_path or
$fastcgi_cache_use_stale or
$gzip or
$http_access_log or
$http_cfg_append or
$http_tcp_nodelay or
$http_tcp_nopush or
$keepalive_timeout or
$logdir or
$mail or
$manage_repo or
$multi_accept or
$names_hash_bucket_size or
$names_hash_max_size or
$nginx_error_log or
$package_ensure or
$package_name or
$package_source or
$pid or
$proxy_buffers or
$proxy_buffer_size or
$proxy_cache_inactive or
$proxy_cache_keys_zone or
$proxy_cache_levels or
$proxy_cache_max_size or
$proxy_cache_path or
$proxy_conf_template or
$proxy_connect_timeout or
$proxy_headers_hash_bucket_size or
$proxy_http_version or
$proxy_read_timeout or
$proxy_redirect or
$proxy_send_timeout or
$proxy_set_header or
$proxy_temp_path or
$run_dir or
$sendfile or
$server_tokens or
$service_ensure or
$service_restart or
$spdy or
$super_user or
$temp_dir or
$types_hash_bucket_size or
$types_hash_max_size or
$vhost_purge or
$worker_connections or
$worker_processes or
$worker_rlimit_nofile or
$global_owner or
$global_group or
$global_mode or
$sites_available_owner or
$sites_available_group or
$sites_available_mode {
include nginx::notice::puppet_module_data
}
validate_bool($configtest_enable)
validate_string($service_restart)
validate_bool($mail)
validate_string($server_tokens)
validate_string($client_max_body_size)
if (!is_integer($names_hash_bucket_size)) {
fail('$names_hash_bucket_size must be an integer.')
}
if (!is_integer($names_hash_max_size)) {
fail('$names_hash_max_size must be an integer.')
}
validate_string($proxy_buffers)
validate_string($proxy_buffer_size)
if ($http_cfg_append != false) {
if !(is_hash($http_cfg_append) or is_array($http_cfg_append)) {
fail('$http_cfg_append must be either a hash or array')
}
}
validate_string($nginx_error_log)
validate_string($http_access_log)
validate_hash($nginx_upstreams)
validate_hash($nginx_vhosts)
validate_hash($nginx_vhosts_defaults)
validate_hash($nginx_locations)
validate_hash($nginx_mailhosts)
validate_bool($manage_repo)
validate_string($proxy_headers_hash_bucket_size)
validate_bool($super_user)
validate_hash($string_mappings)
validate_hash($geo_mappings)
### END DEPRECATION WARNING ###
class { 'nginx::package':
package_name => $package_name,
@ -259,8 +272,7 @@ class nginx (
notify => Class['nginx::service'],
}
class { 'nginx::service':
}
class { 'nginx::service': }
create_resources('nginx::resource::upstream', $nginx_upstreams)
create_resources('nginx::resource::vhost', $nginx_vhosts, $nginx_vhosts_defaults)

5
manifests/notice/puppet_module_data.pp Normal file
View file

@ -0,0 +1,5 @@
class nginx::notice::puppet_module_data {
$message = "[nginx] *** DEPRECATION WARNING***: HI! I notice that you're declaring some attributes in Class[nginx]. We are in the process of moving all of these attributes to Hiera with puppet-module-tool. Please check out https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md for more information."
notify { $message: }
}

161
manifests/params.pp
View file

@ -1,161 +0,0 @@
# Class: nginx::param
#
# This module manages NGINX paramaters
#
# Parameters:
#
# There are no default parameters for this class.
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# This class file is not called directly
class nginx::params {
$nx_temp_dir = '/tmp'
$nx_run_dir = '/var/nginx'
$nx_conf_template = 'nginx/conf.d/nginx.conf.erb'
$nx_proxy_conf_template = 'nginx/conf.d/proxy.conf.erb'
$nx_confd_purge = false
$nx_vhost_purge = false
$nx_worker_processes = 1
$nx_worker_connections = 1024
$nx_worker_rlimit_nofile = 1024
$nx_types_hash_max_size = 1024
$nx_types_hash_bucket_size = 512
$nx_names_hash_bucket_size = 64
$nx_names_hash_max_size = 512
$nx_multi_accept = off
# One of [kqueue|rtsig|epoll|/dev/poll|select|poll|eventport]
# or false to use OS default
$nx_events_use = false
$nx_sendfile = on
$nx_keepalive_timeout = 65
$nx_http_tcp_nodelay = on
$nx_http_tcp_nopush = off
$nx_gzip = on
$nx_server_tokens = on
$nx_spdy = off
$nx_ssl_stapling = off
$nx_proxy_redirect = off
$nx_proxy_set_header = [
'Host $host',
'X-Real-IP $remote_addr',
'X-Forwarded-For $proxy_add_x_forwarded_for',
]
$nx_proxy_cache_path = false
$nx_proxy_cache_levels = '1'
$nx_proxy_cache_keys_zone = 'd2:100m'
$nx_proxy_cache_max_size = '500m'
$nx_proxy_cache_inactive = '20m'
$nx_fastcgi_cache_path = false
$nx_fastcgi_cache_levels = '1'
$nx_fastcgi_cache_keys_zone = 'd3:100m'
$nx_fastcgi_cache_max_size = '500m'
$nx_fastcgi_cache_inactive = '20m'
$nx_fastcgi_cache_key = false
$nx_fastcgi_cache_use_stale = false
$nx_client_body_temp_path = "${nx_run_dir}/client_body_temp"
$nx_client_body_buffer_size = '128k'
$nx_client_max_body_size = '10m'
$nx_proxy_temp_path = "${nx_run_dir}/proxy_temp"
$nx_proxy_connect_timeout = '90'
$nx_proxy_send_timeout = '90'
$nx_proxy_read_timeout = '90'
$nx_proxy_buffers = '32 4k'
$nx_proxy_http_version = '1.0'
$nx_proxy_buffer_size = '8k'
$nx_proxy_headers_hash_bucket_size = '64'
$nx_logdir = '/var/log/nginx'
$nx_pid = $::kernel ? {
/(?i-mx:linux)/ => $::osfamily ? {
# archlinux has hardcoded pid in service file to /run/nginx.pid, setting
# it will prevent nginx from starting
/(?i-mx:archlinux)/ => false,
default => '/var/run/nginx.pid',
},
/(?i-mx:sunos)/ => '/var/run/nginx.pid',
/(?i-mx:freebsd)/ => '/var/run/nginx.pid',
}
$nx_conf_dir = $::kernelversion ? {
/(?i-mx:joyent)/ => '/opt/local/etc/nginx',
default => $::kernel ? {
/(?i-mx:freebsd)/ => '/usr/local/etc/nginx',
default => '/etc/nginx',
}
}
if $::osfamily {
$solaris_nx_daemon_user = $::kernelversion ? {
/(?i-mx:joyent)/ => 'www',
default => 'webservd',
}
$nx_daemon_user = $::osfamily ? {
/(?i-mx:archlinux)/ => 'http',
/(?i-mx:redhat|suse|gentoo|linux)/ => 'nginx',
/(?i-mx:debian)/ => 'www-data',
/(?i-mx:solaris)/ => $solaris_nx_daemon_user,
/(?i-mx:freebsd)/ => 'www',
}
} else {
warning('$::osfamily not defined. Support for $::operatingsystem is deprecated')
warning("Please upgrade from facter ${::facterversion} to >= 1.7.2")
$nx_daemon_user = $::operatingsystem ? {
/(?i-mx:archlinux)/ => 'http',
/(?i-mx:debian|ubuntu)/ => 'www-data',
/(?i-mx:fedora|rhel|redhat|centos|scientific|suse|opensuse|amazon|gentoo|oraclelinux)/ => 'nginx',
/(?i-mx:solaris)/ => 'webservd',
/(?i-mx:freebsd)/ => 'www',
}
}
$root_group = $::operatingsystem ? {
'FreeBSD' => 'wheel',
default => 'root',
}
# Nginx is default launched as root if not change this parameter
$nx_super_user = true
# Service restart after Nginx 0.7.53 could also be just
# "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't.
# If configtest_enable it's true then service restart will take
# $nx_service_restart value, forcing configtest.
$nx_configtest_enable = false
$nx_service_restart = '/etc/init.d/nginx configtest && /etc/init.d/nginx restart'
$nx_service_ensure = running
$nx_mail = false
$nx_http_cfg_append = false
$nx_nginx_error_log = "${nx_logdir}/error.log"
$nx_http_access_log = "${nx_logdir}/access.log"
# package name depends on distribution, e.g. for Debian nginx-full | nginx-light
$package_name = 'nginx'
$package_ensure = 'present'
$package_source = 'nginx'
$manage_repo = true
# Specific owner for sites-available directory
$sites_available_owner = 'root'
$sites_available_group = $root_group
$sites_available_mode = '0644'
# Owner for all other files
$global_owner = 'root'
$global_group = $root_group
$global_mode = '0644'
}

5
metadata.json
View file

@ -1,6 +1,6 @@
{
"name": "jfryman-nginx",
"version": "0.0.10",
"version": "0.1.0",
"author": "James Fryman",
"summary": "Puppet NGINX management module",
"license": "Apache License Version 2.0",
@ -11,6 +11,7 @@
"dependencies": [
{"name":"puppetlabs/stdlib","version_requirement":">= 3.0.0"},
{"name":"puppetlabs/apt","version_requirement":">= 1.0.0"},
{"name":"puppetlabs/concat","version_requirement":">= 1.1.0"}
{"name":"puppetlabs/concat","version_requirement":">= 1.1.0"},
{"name":"ripienaar/module_data","version_requirement":">= 0.0.3"}
]
}