Allow basic_auth for proxy locations and introducing parameter proxy_headers_hash_bucket_size with default of 64
This commit is contained in:
Daniel Kerwin
parent
35a71ad2d3
commit
d11c6be681
5 changed files with 136 additions and 126 deletions
|
|
@ -14,40 +14,41 @@
|
|||
#
|
||||
# This class file is not called directly
|
||||
class nginx::config(
|
||||
$worker_processes = $nginx::params::nx_worker_processes,
|
||||
$worker_connections = $nginx::params::nx_worker_connections,
|
||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||
$confd_purge = $nginx::params::nx_confd_purge,
|
||||
$vhost_purge = $nginx::params::nx_vhost_purge,
|
||||
$server_tokens = $nginx::params::nx_server_tokens,
|
||||
$proxy_set_header = $nginx::params::nx_proxy_set_header,
|
||||
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
|
||||
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
|
||||
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
|
||||
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
|
||||
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
|
||||
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
|
||||
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
|
||||
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
|
||||
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
|
||||
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
|
||||
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
|
||||
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
|
||||
$proxy_http_version = $nginx::params::nx_proxy_http_version,
|
||||
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
|
||||
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
|
||||
$types_hash_max_size = $nginx::params::nx_types_hash_max_size,
|
||||
$types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size,
|
||||
$client_max_body_size = $nginx::params::nx_client_max_body_size,
|
||||
$proxy_buffers = $nginx::params::nx_proxy_buffers,
|
||||
$http_cfg_append = $nginx::params::nx_http_cfg_append,
|
||||
$nginx_error_log = $nginx::params::nx_nginx_error_log,
|
||||
$http_access_log = $nginx::params::nx_http_access_log,
|
||||
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
|
||||
$gzip = $nginx::params::nx_gzip,
|
||||
$conf_template = $nginx::params::nx_conf_template,
|
||||
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
|
||||
$proxy_redirect = $nginx::params::nx_proxy_redirect,
|
||||
$worker_processes = $nginx::params::nx_worker_processes,
|
||||
$worker_connections = $nginx::params::nx_worker_connections,
|
||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||
$confd_purge = $nginx::params::nx_confd_purge,
|
||||
$vhost_purge = $nginx::params::nx_vhost_purge,
|
||||
$server_tokens = $nginx::params::nx_server_tokens,
|
||||
$proxy_set_header = $nginx::params::nx_proxy_set_header,
|
||||
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
|
||||
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
|
||||
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
|
||||
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
|
||||
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
|
||||
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
|
||||
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
|
||||
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
|
||||
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
|
||||
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
|
||||
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
|
||||
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
|
||||
$proxy_http_version = $nginx::params::nx_proxy_http_version,
|
||||
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
|
||||
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
|
||||
$types_hash_max_size = $nginx::params::nx_types_hash_max_size,
|
||||
$types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size,
|
||||
$client_max_body_size = $nginx::params::nx_client_max_body_size,
|
||||
$proxy_buffers = $nginx::params::nx_proxy_buffers,
|
||||
$http_cfg_append = $nginx::params::nx_http_cfg_append,
|
||||
$nginx_error_log = $nginx::params::nx_nginx_error_log,
|
||||
$http_access_log = $nginx::params::nx_http_access_log,
|
||||
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
|
||||
$gzip = $nginx::params::nx_gzip,
|
||||
$conf_template = $nginx::params::nx_conf_template,
|
||||
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
|
||||
$proxy_redirect = $nginx::params::nx_proxy_redirect,
|
||||
$proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size,
|
||||
) inherits nginx::params {
|
||||
|
||||
File {
|
||||
|
|
|
|||
|
|
@ -29,50 +29,51 @@
|
|||
# include nginx
|
||||
# }
|
||||
class nginx (
|
||||
$worker_processes = $nginx::params::nx_worker_processes,
|
||||
$worker_connections = $nginx::params::nx_worker_connections,
|
||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||
$package_name = $nginx::params::package_name,
|
||||
$package_ensure = $nginx::params::package_ensure,
|
||||
$package_source = $nginx::params::package_source,
|
||||
$proxy_set_header = $nginx::params::nx_proxy_set_header,
|
||||
$proxy_http_version = $nginx::params::nx_proxy_http_version,
|
||||
$confd_purge = $nginx::params::nx_confd_purge,
|
||||
$vhost_purge = $nginx::params::nx_vhost_purge,
|
||||
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
|
||||
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
|
||||
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
|
||||
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
|
||||
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
|
||||
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
|
||||
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
|
||||
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
|
||||
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
|
||||
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
|
||||
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
|
||||
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
|
||||
$configtest_enable = $nginx::params::nx_configtest_enable,
|
||||
$service_restart = $nginx::params::nx_service_restart,
|
||||
$service_ensure = $nginx::params::nx_service_ensure,
|
||||
$mail = $nginx::params::nx_mail,
|
||||
$server_tokens = $nginx::params::nx_server_tokens,
|
||||
$client_max_body_size = $nginx::params::nx_client_max_body_size,
|
||||
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
|
||||
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
|
||||
$proxy_buffers = $nginx::params::nx_proxy_buffers,
|
||||
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
|
||||
$http_cfg_append = $nginx::params::nx_http_cfg_append,
|
||||
$nginx_error_log = $nginx::params::nx_nginx_error_log,
|
||||
$http_access_log = $nginx::params::nx_http_access_log,
|
||||
$gzip = $nginx::params::nx_gzip,
|
||||
$conf_template = $nginx::params::nx_conf_template,
|
||||
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
|
||||
$proxy_redirect = $nginx::params::nx_proxy_redirect,
|
||||
$nginx_vhosts = {},
|
||||
$nginx_upstreams = {},
|
||||
$nginx_locations = {},
|
||||
$nginx_mailhosts = {},
|
||||
$manage_repo = $nginx::params::manage_repo,
|
||||
$worker_processes = $nginx::params::nx_worker_processes,
|
||||
$worker_connections = $nginx::params::nx_worker_connections,
|
||||
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
|
||||
$package_name = $nginx::params::package_name,
|
||||
$package_ensure = $nginx::params::package_ensure,
|
||||
$package_source = $nginx::params::package_source,
|
||||
$proxy_set_header = $nginx::params::nx_proxy_set_header,
|
||||
$proxy_http_version = $nginx::params::nx_proxy_http_version,
|
||||
$confd_purge = $nginx::params::nx_confd_purge,
|
||||
$vhost_purge = $nginx::params::nx_vhost_purge,
|
||||
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
|
||||
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
|
||||
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
|
||||
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
|
||||
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
|
||||
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
|
||||
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
|
||||
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
|
||||
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
|
||||
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
|
||||
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
|
||||
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
|
||||
$configtest_enable = $nginx::params::nx_configtest_enable,
|
||||
$service_restart = $nginx::params::nx_service_restart,
|
||||
$service_ensure = $nginx::params::nx_service_ensure,
|
||||
$mail = $nginx::params::nx_mail,
|
||||
$server_tokens = $nginx::params::nx_server_tokens,
|
||||
$client_max_body_size = $nginx::params::nx_client_max_body_size,
|
||||
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
|
||||
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
|
||||
$proxy_buffers = $nginx::params::nx_proxy_buffers,
|
||||
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
|
||||
$http_cfg_append = $nginx::params::nx_http_cfg_append,
|
||||
$nginx_error_log = $nginx::params::nx_nginx_error_log,
|
||||
$http_access_log = $nginx::params::nx_http_access_log,
|
||||
$gzip = $nginx::params::nx_gzip,
|
||||
$conf_template = $nginx::params::nx_conf_template,
|
||||
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
|
||||
$proxy_redirect = $nginx::params::nx_proxy_redirect,
|
||||
$proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size,
|
||||
$nginx_vhosts = {},
|
||||
$nginx_upstreams = {},
|
||||
$nginx_locations = {},
|
||||
$nginx_mailhosts = {},
|
||||
$manage_repo = $nginx::params::manage_repo,
|
||||
) inherits nginx::params {
|
||||
|
||||
include stdlib
|
||||
|
|
@ -102,8 +103,8 @@ class nginx (
|
|||
validate_string($proxy_cache_keys_zone)
|
||||
validate_string($proxy_cache_max_size)
|
||||
validate_string($proxy_cache_inactive)
|
||||
|
||||
if ($fastcgi_cache_path != false) {
|
||||
|
||||
if ($fastcgi_cache_path != false) {
|
||||
validate_string($fastcgi_cache_path)
|
||||
}
|
||||
if (!is_integer($fastcgi_cache_levels)) {
|
||||
|
|
|
|||
|
|
@ -15,62 +15,63 @@
|
|||
# This class file is not called directly
|
||||
class nginx::params {
|
||||
|
||||
$nx_temp_dir = '/tmp'
|
||||
$nx_run_dir = '/var/nginx'
|
||||
$nx_temp_dir = '/tmp'
|
||||
$nx_run_dir = '/var/nginx'
|
||||
|
||||
$nx_conf_template = 'nginx/conf.d/nginx.conf.erb'
|
||||
$nx_proxy_conf_template = 'nginx/conf.d/proxy.conf.erb'
|
||||
$nx_confd_purge = false
|
||||
$nx_vhost_purge = false
|
||||
$nx_worker_processes = 1
|
||||
$nx_worker_connections = 1024
|
||||
$nx_worker_rlimit_nofile = 1024
|
||||
$nx_types_hash_max_size = 1024
|
||||
$nx_types_hash_bucket_size = 512
|
||||
$nx_names_hash_bucket_size = 64
|
||||
$nx_names_hash_max_size = 512
|
||||
$nx_multi_accept = off
|
||||
$nx_conf_template = 'nginx/conf.d/nginx.conf.erb'
|
||||
$nx_proxy_conf_template = 'nginx/conf.d/proxy.conf.erb'
|
||||
$nx_confd_purge = false
|
||||
$nx_vhost_purge = false
|
||||
$nx_worker_processes = 1
|
||||
$nx_worker_connections = 1024
|
||||
$nx_worker_rlimit_nofile = 1024
|
||||
$nx_types_hash_max_size = 1024
|
||||
$nx_types_hash_bucket_size = 512
|
||||
$nx_names_hash_bucket_size = 64
|
||||
$nx_names_hash_max_size = 512
|
||||
$nx_multi_accept = off
|
||||
# One of [kqueue|rtsig|epoll|/dev/poll|select|poll|eventport]
|
||||
# or false to use OS default
|
||||
$nx_events_use = false
|
||||
$nx_sendfile = on
|
||||
$nx_keepalive_timeout = 65
|
||||
$nx_tcp_nodelay = on
|
||||
$nx_gzip = on
|
||||
$nx_server_tokens = on
|
||||
$nx_spdy = off
|
||||
$nx_ssl_stapling = off
|
||||
$nx_events_use = false
|
||||
$nx_sendfile = on
|
||||
$nx_keepalive_timeout = 65
|
||||
$nx_tcp_nodelay = on
|
||||
$nx_gzip = on
|
||||
$nx_server_tokens = on
|
||||
$nx_spdy = off
|
||||
$nx_ssl_stapling = off
|
||||
|
||||
$nx_proxy_redirect = off
|
||||
$nx_proxy_set_header = [
|
||||
$nx_proxy_redirect = off
|
||||
$nx_proxy_set_header = [
|
||||
'Host $host',
|
||||
'X-Real-IP $remote_addr',
|
||||
'X-Forwarded-For $proxy_add_x_forwarded_for',
|
||||
]
|
||||
$nx_proxy_cache_path = false
|
||||
$nx_proxy_cache_levels = 1
|
||||
$nx_proxy_cache_keys_zone = 'd2:100m'
|
||||
$nx_proxy_cache_max_size = '500m'
|
||||
$nx_proxy_cache_inactive = '20m'
|
||||
$nx_proxy_cache_path = false
|
||||
$nx_proxy_cache_levels = 1
|
||||
$nx_proxy_cache_keys_zone = 'd2:100m'
|
||||
$nx_proxy_cache_max_size = '500m'
|
||||
$nx_proxy_cache_inactive = '20m'
|
||||
|
||||
$nx_fastcgi_cache_path = false
|
||||
$nx_fastcgi_cache_levels = 1
|
||||
$nx_fastcgi_cache_keys_zone = 'd3:100m'
|
||||
$nx_fastcgi_cache_max_size = '500m'
|
||||
$nx_fastcgi_cache_inactive = '20m'
|
||||
$nx_fastcgi_cache_key = false
|
||||
$nx_fastcgi_cache_use_stale = false
|
||||
$nx_fastcgi_cache_path = false
|
||||
$nx_fastcgi_cache_levels = 1
|
||||
$nx_fastcgi_cache_keys_zone = 'd3:100m'
|
||||
$nx_fastcgi_cache_max_size = '500m'
|
||||
$nx_fastcgi_cache_inactive = '20m'
|
||||
$nx_fastcgi_cache_key = false
|
||||
$nx_fastcgi_cache_use_stale = false
|
||||
|
||||
$nx_client_body_temp_path = "${nx_run_dir}/client_body_temp"
|
||||
$nx_client_body_buffer_size = '128k'
|
||||
$nx_client_max_body_size = '10m'
|
||||
$nx_proxy_temp_path = "${nx_run_dir}/proxy_temp"
|
||||
$nx_proxy_connect_timeout = '90'
|
||||
$nx_proxy_send_timeout = '90'
|
||||
$nx_proxy_read_timeout = '90'
|
||||
$nx_proxy_buffers = '32 4k'
|
||||
$nx_proxy_http_version = '1.0'
|
||||
$nx_proxy_buffer_size = '8k'
|
||||
$nx_client_body_temp_path = "${nx_run_dir}/client_body_temp"
|
||||
$nx_client_body_buffer_size = '128k'
|
||||
$nx_client_max_body_size = '10m'
|
||||
$nx_proxy_temp_path = "${nx_run_dir}/proxy_temp"
|
||||
$nx_proxy_connect_timeout = '90'
|
||||
$nx_proxy_send_timeout = '90'
|
||||
$nx_proxy_read_timeout = '90'
|
||||
$nx_proxy_buffers = '32 4k'
|
||||
$nx_proxy_http_version = '1.0'
|
||||
$nx_proxy_buffer_size = '8k'
|
||||
$nx_proxy_headers_hash_bucket_size = '64'
|
||||
|
||||
$nx_logdir = $::kernel ? {
|
||||
/(?i-mx:linux)/ => '/var/log/nginx',
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ proxy_buffer_size <%= @proxy_buffer_size %>;
|
|||
proxy_http_version <%= @proxy_http_version %>;
|
||||
<% @proxy_set_header.each do |header| %>
|
||||
proxy_set_header <%= header %>;<% end %>
|
||||
proxy_headers_hash_bucket_size <%= @proxy_headers_hash_bucket_size %>;
|
||||
|
|
|
|||
|
|
@ -47,6 +47,12 @@
|
|||
<% @rewrite_rules.each do |rewrite_rule| -%>
|
||||
rewrite <%= rewrite_rule %>;
|
||||
<% end -%>
|
||||
<% if defined? @auth_basic -%>
|
||||
auth_basic "<%= @auth_basic %>";
|
||||
<% end -%>
|
||||
<% if defined? @auth_basic_user_file -%>
|
||||
auth_basic_user_file <%= @auth_basic_user_file %>;
|
||||
<% end -%>
|
||||
<% if @location_cfg_append -%><% @location_cfg_append.sort_by {|k,v| k}.each do |key,value| -%>
|
||||
<% if value.is_a?(Hash) -%><% value.each do |subkey,subvalue| -%>
|
||||
<% Array(subvalue).each do |asubvalue| -%>
|
||||
|
|
|
|||
Loading…
Reference in a new issue