|
|
@@ -101,46 +101,45 @@
|
|
|
# }
|
|
|
|
|
|
define nginx::resource::location (
|
|
|
- $ensure = present,
|
|
|
- $location = $name,
|
|
|
- $vhost = undef,
|
|
|
- $www_root = undef,
|
|
|
- $autoindex = undef,
|
|
|
- $index_files = [
|
|
|
+ $ensure = present,
|
|
|
+ $location = $name,
|
|
|
+ $vhost = undef,
|
|
|
+ $www_root = undef,
|
|
|
+ $autoindex = undef,
|
|
|
+ $index_files = [
|
|
|
'index.html',
|
|
|
'index.htm',
|
|
|
'index.php'],
|
|
|
- $proxy = undef,
|
|
|
- $proxy_redirect = $nginx::params::nx_proxy_redirect,
|
|
|
- $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
|
|
|
- $proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout,
|
|
|
- $proxy_set_header = $nginx::params::nx_proxy_set_header,
|
|
|
- $fastcgi = undef,
|
|
|
- $fastcgi_params = '/etc/nginx/fastcgi_params',
|
|
|
- $fastcgi_script = undef,
|
|
|
- $fastcgi_split_path = undef,
|
|
|
- $ssl = false,
|
|
|
- $ssl_only = false,
|
|
|
- $location_alias = undef,
|
|
|
- $location_allow = undef,
|
|
|
- $location_deny = undef,
|
|
|
- $option = undef,
|
|
|
- $stub_status = undef,
|
|
|
- $location_custom_cfg = undef,
|
|
|
- $location_cfg_prepend = undef,
|
|
|
- $location_cfg_append = undef,
|
|
|
- $location_custom_cfg_prepend = undef,
|
|
|
- $location_custom_cfg_append = undef,
|
|
|
- $try_files = undef,
|
|
|
- $proxy_cache = false,
|
|
|
- $proxy_cache_valid = false,
|
|
|
- $proxy_method = undef,
|
|
|
- $proxy_set_body = undef,
|
|
|
- $auth_basic = undef,
|
|
|
- $auth_basic_user_file = undef,
|
|
|
- $rewrite_rules = [],
|
|
|
- $priority = 500
|
|
|
-) {
|
|
|
+ $proxy = undef,
|
|
|
+ $proxy_redirect = $nginx::params::nx_proxy_redirect,
|
|
|
+ $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
|
|
|
+ $proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout,
|
|
|
+ $proxy_set_header = $nginx::params::nx_proxy_set_header,
|
|
|
+ $fastcgi = undef,
|
|
|
+ $fastcgi_params = '/etc/nginx/fastcgi_params',
|
|
|
+ $fastcgi_script = undef,
|
|
|
+ $fastcgi_split_path = undef,
|
|
|
+ $ssl = false,
|
|
|
+ $ssl_only = false,
|
|
|
+ $location_alias = undef,
|
|
|
+ $location_allow = undef,
|
|
|
+ $location_deny = undef,
|
|
|
+ $option = undef,
|
|
|
+ $stub_status = undef,
|
|
|
+ $location_custom_cfg = undef,
|
|
|
+ $location_cfg_prepend = undef,
|
|
|
+ $location_cfg_append = undef,
|
|
|
+ $location_custom_cfg_prepend = undef,
|
|
|
+ $location_custom_cfg_append = undef,
|
|
|
+ $try_files = undef,
|
|
|
+ $proxy_cache = false,
|
|
|
+ $proxy_cache_valid = false,
|
|
|
+ $proxy_method = undef,
|
|
|
+ $proxy_set_body = undef,
|
|
|
+ $auth_basic = undef,
|
|
|
+ $auth_basic_user_file = undef,
|
|
|
+ $rewrite_rules = [],
|
|
|
+ $priority = 500) {
|
|
|
File {
|
|
|
owner => 'root',
|
|
|
group => 'root',
|
|
|
@@ -148,19 +147,22 @@ define nginx::resource::location (
|
|
|
notify => Class['nginx::service'],
|
|
|
}
|
|
|
|
|
|
- validate_re($ensure, '^(present|absent)$',
|
|
|
- "${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.")
|
|
|
+ validate_re($ensure, '^(present|absent)$', "${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.")
|
|
|
validate_string($location)
|
|
|
+
|
|
|
if ($vhost != undef) {
|
|
|
validate_string($vhost)
|
|
|
}
|
|
|
+
|
|
|
if ($www_root != undef) {
|
|
|
validate_string($www_root)
|
|
|
}
|
|
|
+
|
|
|
if ($autoindex != undef) {
|
|
|
validate_string($autoindex)
|
|
|
}
|
|
|
validate_array($index_files)
|
|
|
+
|
|
|
if ($proxy != undef) {
|
|
|
validate_string($proxy)
|
|
|
}
|
|
|
@@ -168,90 +170,114 @@ define nginx::resource::location (
|
|
|
validate_string($proxy_read_timeout)
|
|
|
validate_string($proxy_connect_timeout)
|
|
|
validate_array($proxy_set_header)
|
|
|
+
|
|
|
if ($fastcgi != undef) {
|
|
|
validate_string($fastcgi)
|
|
|
}
|
|
|
validate_string($fastcgi_params)
|
|
|
+
|
|
|
if ($fastcgi_script != undef) {
|
|
|
validate_string($fastcgi_script)
|
|
|
}
|
|
|
+
|
|
|
if ($fastcgi_split_path != undef) {
|
|
|
validate_string($fastcgi_split_path)
|
|
|
}
|
|
|
validate_bool($ssl)
|
|
|
validate_bool($ssl_only)
|
|
|
+
|
|
|
if ($location_alias != undef) {
|
|
|
validate_string($location_alias)
|
|
|
}
|
|
|
+
|
|
|
if ($location_allow != undef) {
|
|
|
validate_array($location_allow)
|
|
|
}
|
|
|
+
|
|
|
if ($location_deny != undef) {
|
|
|
validate_array($location_deny)
|
|
|
}
|
|
|
+
|
|
|
if ($option != undef) {
|
|
|
warning('The $option parameter has no effect and is deprecated.')
|
|
|
}
|
|
|
+
|
|
|
if ($stub_status != undef) {
|
|
|
validate_bool($stub_status)
|
|
|
}
|
|
|
+
|
|
|
if ($location_custom_cfg != undef) {
|
|
|
validate_hash($location_custom_cfg)
|
|
|
}
|
|
|
+
|
|
|
if ($location_cfg_prepend != undef) {
|
|
|
validate_hash($location_cfg_prepend)
|
|
|
}
|
|
|
+
|
|
|
if ($location_cfg_append != undef) {
|
|
|
validate_hash($location_cfg_append)
|
|
|
}
|
|
|
+
|
|
|
if ($try_files != undef) {
|
|
|
validate_array($try_files)
|
|
|
}
|
|
|
+
|
|
|
if ($proxy_cache != false) {
|
|
|
validate_string($proxy_cache)
|
|
|
}
|
|
|
+
|
|
|
if ($proxy_cache_valid != false) {
|
|
|
validate_string($proxy_cache_valid)
|
|
|
}
|
|
|
+
|
|
|
if ($proxy_method != undef) {
|
|
|
validate_string($proxy_method)
|
|
|
}
|
|
|
+
|
|
|
if ($proxy_set_body != undef) {
|
|
|
validate_string($proxy_set_body)
|
|
|
}
|
|
|
+
|
|
|
if ($auth_basic != undef) {
|
|
|
validate_string($auth_basic)
|
|
|
}
|
|
|
+
|
|
|
if ($auth_basic_user_file != undef) {
|
|
|
validate_string($auth_basic_user_file)
|
|
|
}
|
|
|
+
|
|
|
if !is_integer($priority) {
|
|
|
fail('$priority must be an integer.')
|
|
|
}
|
|
|
validate_array($rewrite_rules)
|
|
|
+
|
|
|
if ($priority < 401) or ($priority > 899) {
|
|
|
fail('$priority must be in the range 401-899.')
|
|
|
}
|
|
|
|
|
|
# # Shared Variables
|
|
|
- $ensure_real = $ensure ? {
|
|
|
+ $ensure_real = $ensure ? {
|
|
|
'absent' => absent,
|
|
|
default => file,
|
|
|
}
|
|
|
|
|
|
- $vhost_sanitized = regsubst($vhost, ' ', '_', 'G')
|
|
|
- $config_file = "${nginx::config::nx_conf_dir}/sites-available/${vhost_sanitized}.conf"
|
|
|
+ $vhost_sanitized = regsubst($vhost, ' ', '_', 'G')
|
|
|
+ $config_file = "${nginx::config::nx_conf_dir}/sites-available/${vhost_sanitized}.conf"
|
|
|
|
|
|
$location_sanitized_tmp = regsubst($location, '\/', '_', 'G')
|
|
|
- $location_sanitized = regsubst($location_sanitized_tmp, '\\', '_', 'G')
|
|
|
+ $location_sanitized = regsubst($location_sanitized_tmp, '\\', '_', 'G')
|
|
|
|
|
|
- ## Check for various error conditions
|
|
|
+ # # Check for various error conditions
|
|
|
if ($vhost == undef) {
|
|
|
fail('Cannot create a location reference without attaching to a virtual host')
|
|
|
}
|
|
|
- if (($www_root == undef) and ($proxy == undef) and ($location_alias == undef) and ($stub_status == undef) and ($fastcgi == undef) and ($location_custom_cfg == undef)) {
|
|
|
- fail('Cannot create a location reference without a www_root, proxy, location_alias, fastcgi, stub_status, or location_custom_cfg defined')
|
|
|
+
|
|
|
+ if (($www_root == undef) and ($proxy == undef) and ($location_alias == undef) and ($stub_status == undef) and ($fastcgi == undef)
|
|
|
+ and ($location_custom_cfg == undef)) {
|
|
|
+ fail('Cannot create a location reference without a www_root, proxy, location_alias, fastcgi, stub_status, or location_custom_cfg defined'
|
|
|
+ )
|
|
|
}
|
|
|
+
|
|
|
if (($www_root != undef) and ($proxy != undef)) {
|
|
|
fail('Cannot define both directory and proxy in a virtual host')
|
|
|
}
|
|
|
@@ -279,9 +305,12 @@ define nginx::resource::location (
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- ## Create stubs for vHost File Fragment Pattern
|
|
|
+ # # Create stubs for vHost File Fragment Pattern
|
|
|
if ($ssl_only != true) {
|
|
|
- concat::fragment { "${vhost_sanitized}-${priority}-${location_sanitized}":
|
|
|
+
|
|
|
+ $tmpFile=md5("${vhost_sanitized}-${priority}-${location_sanitized}")
|
|
|
+
|
|
|
+ concat::fragment {"${tmpFile}" :
|
|
|
ensure => present,
|
|
|
target => $config_file,
|
|
|
content => $content_real,
|
|
|
@@ -289,10 +318,13 @@ define nginx::resource::location (
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- ## Only create SSL Specific locations if $ssl is true.
|
|
|
+ # # Only create SSL Specific locations if $ssl is true.
|
|
|
if ($ssl == true) {
|
|
|
$ssl_priority = $priority + 300
|
|
|
- concat::fragment {"${vhost_sanitized}-${ssl_priority}-${location_sanitized}-ssl":
|
|
|
+
|
|
|
+ $sslTmpFile = md5("${vhost_sanitized}-${ssl_priority}-${location_sanitized}-ssl")
|
|
|
+
|
|
|
+ concat::fragment { "${sslTmpFile}":
|
|
|
ensure => present,
|
|
|
target => $config_file,
|
|
|
content => $content_real,
|
|
|
@@ -301,11 +333,9 @@ define nginx::resource::location (
|
|
|
}
|
|
|
|
|
|
if ($auth_basic_user_file != undef) {
|
|
|
- #Generate htpasswd with provided file-locations
|
|
|
+ # Generate htpasswd with provided file-locations
|
|
|
file { "${nginx::params::nx_conf_dir}/${location_sanitized}_htpasswd":
|
|
|
ensure => $ensure,
|
|
|
mode => '0644',
|
|
|
source => $auth_basic_user_file,
|
|
|
- }
|
|
|
- }
|
|
|
-}
|
|
|
+ }
|
Alex Pica