cleanup resultant whitespace and key/value alignment in config files

- fix tests related to whitespace changes
This commit is contained in:
Carl P. Corliss 2014-09-12 13:42:51 -04:00
parent a5592d4303
commit fb880576a6
15 changed files with 254 additions and 198 deletions

View file

@ -195,13 +195,13 @@ describe 'nginx::config' do
:title => 'should set proxy_cache_path', :title => 'should set proxy_cache_path',
:attr => 'proxy_cache_path', :attr => 'proxy_cache_path',
:value => '/path/to/proxy.cache', :value => '/path/to/proxy.cache',
:match => ' proxy_cache_path /path/to/proxy.cache levels=1 keys_zone=d2:100m max_size=500m inactive=20m;', :match => %r'\s+proxy_cache_path\s+/path/to/proxy.cache levels=1 keys_zone=d2:100m max_size=500m inactive=20m;',
}, },
{ {
:title => 'should not set proxy_cache_path', :title => 'should not set proxy_cache_path',
:attr => 'proxy_cache_path', :attr => 'proxy_cache_path',
:value => false, :value => false,
:notmatch => / proxy_cache_path \/path\/to\/proxy\.cache levels=1 keys_zone=d2:100m max_size=500m inactive=20m;/, :notmatch => %r'\s+proxy_cache_path\s+/path/to/proxy\.cache levels=1 keys_zone=d2:100m max_size=500m inactive=20m;',
}, },
{ {
:title => 'should contain ordered appended directives from hash', :title => 'should contain ordered appended directives from hash',
@ -252,7 +252,15 @@ describe 'nginx::config' do
it { is_expected.to contain_file("/etc/nginx/nginx.conf").with_mode('0644') } it { is_expected.to contain_file("/etc/nginx/nginx.conf").with_mode('0644') }
it param[:title] do it param[:title] do
verify_contents(subject, "/etc/nginx/nginx.conf", Array(param[:match])) matches = Array(param[:match])
if matches.all? { |m| m.is_a? Regexp }
matches.each { |item| is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(item) }
else
lines = subject.resource('file', '/etc/nginx/nginx.conf').send(:parameters)[:content].split("\n")
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
end
Array(param[:notmatch]).each do |item| Array(param[:notmatch]).each do |item|
is_expected.to contain_file("/etc/nginx/nginx.conf").without_content(item) is_expected.to contain_file("/etc/nginx/nginx.conf").without_content(item)
end end
@ -308,7 +316,15 @@ describe 'nginx::config' do
it { is_expected.to contain_file("/etc/nginx/conf.d/proxy.conf").with_mode('0644') } it { is_expected.to contain_file("/etc/nginx/conf.d/proxy.conf").with_mode('0644') }
it param[:title] do it param[:title] do
verify_contents(subject, "/etc/nginx/conf.d/proxy.conf", Array(param[:match])) matches = Array(param[:match])
if matches.all? { |m| m.is_a? Regexp }
matches.each { |item| is_expected.to contain_file('/etc/nginx/conf.d/proxy.conf').with_content(item) }
else
lines = subject.resource('file', '/etc/nginx/conf.d/proxy.conf').send(:parameters)[:content].split("\n")
expect(lines & Array(param[:match])).to eq(Array(param[:match]))
end
Array(param[:notmatch]).each do |item| Array(param[:notmatch]).each do |item|
is_expected.to contain_file("/etc/nginx/conf.d/proxy.conf").without_content(item) is_expected.to contain_file("/etc/nginx/conf.d/proxy.conf").without_content(item)
end end

View file

@ -75,8 +75,8 @@ describe 'nginx::resource::geo' do
'10.0.0.0/8' => 'intra', '10.0.0.0/8' => 'intra',
}, },
:match => [ :match => [
' 10.0.0.0/8 intra;', ' 10.0.0.0/8 intra;',
' 172.16.0.0/12 intra;', ' 172.16.0.0/12 intra;',
' 192.168.0.0/16 intra;', ' 192.168.0.0/16 intra;',
], ],
}, },
@ -99,7 +99,7 @@ describe 'nginx::resource::geo' do
:title => 'should set delete', :title => 'should set delete',
:attr => 'delete', :attr => 'delete',
:value => '192.168.0.0/16', :value => '192.168.0.0/16',
:match => ' delete 192.168.0.0/16;' :match => ' delete 192.168.0.0/16;'
}, },
].each do |param| ].each do |param|
context "when #{param[:attr]} is #{param[:value]}" do context "when #{param[:attr]} is #{param[:value]}" do

View file

@ -274,7 +274,7 @@ describe 'nginx::resource::location' do
{ {
:location => 'location', :location => 'location',
:www_root => '/var/www/root', :www_root => '/var/www/root',
:vhost => 'vhost1' :vhost => 'vhost1',
} }
end end
@ -283,7 +283,7 @@ describe 'nginx::resource::location' do
:title => 'should set www_root', :title => 'should set www_root',
:attr => 'www_root', :attr => 'www_root',
:value => '/', :value => '/',
:match => ' root /;' :match => ' root /;'
}, },
{ {
:title => 'should set try_file(s)', :title => 'should set try_file(s)',
@ -295,7 +295,7 @@ describe 'nginx::resource::location' do
:title => 'should set index_file(s)', :title => 'should set index_file(s)',
:attr => 'index_files', :attr => 'index_files',
:value => ['name1','name2'], :value => ['name1','name2'],
:match => ' index name1 name2;', :match => ' index name1 name2;',
}, },
{ {
:title => 'should contain rewrite rules', :title => 'should contain rewrite rules',
@ -428,31 +428,31 @@ describe 'nginx::resource::location' do
:title => 'should set www_root', :title => 'should set www_root',
:attr => 'www_root', :attr => 'www_root',
:value => '/', :value => '/',
:match => ' root /;' :match => %r'\s+root\s+/;'
}, },
{ {
:title => 'should set fastcgi_split_path', :title => 'should set fastcgi_split_path',
:attr => 'fastcgi_split_path', :attr => 'fastcgi_split_path',
:value => 'value', :value => 'value',
:match => ' fastcgi_split_path_info value;' :match => %r'\s+fastcgi_split_path_info\s+value;'
}, },
{ {
:title => 'should set try_file(s)', :title => 'should set try_file(s)',
:attr => 'try_files', :attr => 'try_files',
:value => ['name1','name2'], :value => ['name1','name2'],
:match => ' try_files name1 name2;', :match => %r'\s+try_files\s+name1 name2;',
}, },
{ {
:title => 'should set fastcgi_params', :title => 'should set fastcgi_params',
:attr => 'fastcgi_params', :attr => 'fastcgi_params',
:value => 'value', :value => 'value',
:match => /^[ ]+include\s+value;/ :match => %r'\s+include\s+value;'
}, },
{ {
:title => 'should set fastcgi_pass', :title => 'should set fastcgi_pass',
:attr => 'fastcgi', :attr => 'fastcgi',
:value => 'value', :value => 'value',
:match => ' fastcgi_pass value;' :match => %r'\s+fastcgi_pass\s+value;'
}, },
].each do |param| ].each do |param|
context "when #{param[:attr]} is #{param[:value]}" do context "when #{param[:attr]} is #{param[:value]}" do
@ -502,10 +502,6 @@ describe 'nginx::resource::location' do
with_content(%r|fastcgi_param\s+CUSTOM_PARAM\s+value;|). with_content(%r|fastcgi_param\s+CUSTOM_PARAM\s+value;|).
with_content(%r|fastcgi_param\s+CUSTOM_PARAM2\s+value2;|) with_content(%r|fastcgi_param\s+CUSTOM_PARAM2\s+value2;|)
end end
it "should add comment # Enable custom fastcgi_params" do
should contain_concat__fragment(Digest::MD5.hexdigest("vhost1-500-#{params[:location]}")).
with_content(%r|# Enable custom fastcgi_params\s+|)
end
end end
context "when fastcgi_param is not set" do context "when fastcgi_param is not set" do
@ -528,7 +524,7 @@ describe 'nginx::resource::location' do
:title => 'should set proxy_cache', :title => 'should set proxy_cache',
:attr => 'proxy_cache', :attr => 'proxy_cache',
:value => 'value', :value => 'value',
:match => /^[ ]+proxy_cache\s+value;/, :match => /^\s+proxy_cache\s+value;/,
}, },
{ {
:title => 'should not set proxy_cache_valid', :title => 'should not set proxy_cache_valid',
@ -540,7 +536,7 @@ describe 'nginx::resource::location' do
:title => 'should set proxy_cache_valid', :title => 'should set proxy_cache_valid',
:attr => 'proxy_cache_valid', :attr => 'proxy_cache_valid',
:value => 'value', :value => 'value',
:match => /^[ ]+proxy_cache_valid\s+value;/, :match => /^\s+proxy_cache_valid\s+value;/,
}, },
{ {
:title => 'should not set proxy_cache', :title => 'should not set proxy_cache',
@ -552,46 +548,46 @@ describe 'nginx::resource::location' do
:title => 'should set proxy_pass', :title => 'should set proxy_pass',
:attr => 'proxy', :attr => 'proxy',
:value => 'value', :value => 'value',
:match => /^[ ]+proxy_pass\s+value;/, :match => /^\s+proxy_pass\s+value;/,
}, },
{ {
:title => 'should set proxy_read_timeout', :title => 'should set proxy_read_timeout',
:attr => 'proxy_read_timeout', :attr => 'proxy_read_timeout',
:value => 'value', :value => 'value',
:match => ' proxy_read_timeout value;', :match => %r'\s+proxy_read_timeout\s+value;',
}, },
{ {
:title => 'should set proxy_connect_timeout', :title => 'should set proxy_connect_timeout',
:attr => 'proxy_connect_timeout', :attr => 'proxy_connect_timeout',
:value => 'value', :value => 'value',
:match => ' proxy_connect_timeout value;', :match => %r'\s+proxy_connect_timeout\s+value;',
}, },
{ {
:title => 'should set proxy_read_timeout', :title => 'should set proxy_read_timeout',
:attr => 'proxy_read_timeout', :attr => 'proxy_read_timeout',
:value => 'value', :value => 'value',
:match => ' proxy_read_timeout value;', :match => %r'\s+proxy_read_timeout\s+value;',
}, },
{ {
:title => 'should set proxy headers', :title => 'should set proxy headers',
:attr => 'proxy_set_header', :attr => 'proxy_set_header',
:value => [ 'X-TestHeader1 value1', 'X-TestHeader2 value2' ], :value => [ 'X-TestHeader1 value1', 'X-TestHeader2 value2' ],
:match => [ :match => [
/^[ ]+proxy_set_header\s+X-TestHeader1 value1;/, /^\s+proxy_set_header\s+X-TestHeader1 value1;/,
/^[ ]+proxy_set_header\s+X-TestHeader2 value2;/, /^\s+proxy_set_header\s+X-TestHeader2 value2;/,
] ]
}, },
{ {
:title => 'should set proxy_method', :title => 'should set proxy_method',
:attr => 'proxy_method', :attr => 'proxy_method',
:value => 'value', :value => 'value',
:match => ' proxy_method value;', :match => %r'\s+proxy_method\s+value;',
}, },
{ {
:title => 'should set proxy_set_body', :title => 'should set proxy_set_body',
:attr => 'proxy_set_body', :attr => 'proxy_set_body',
:value => 'value', :value => 'value',
:match => ' proxy_set_body value;', :match => %r'\s+proxy_set_body\s+value;',
}, },
{ {
:title => 'should contain rewrite rules', :title => 'should contain rewrite rules',
@ -646,7 +642,7 @@ describe 'nginx::resource::location' do
:proxy_cache_valid => '10m', :proxy_cache_valid => '10m',
} end } end
it { is_expected.to contain_concat__fragment(Digest::MD5.hexdigest("vhost1-500-location")).with_content(/proxy_cache_valid 10m;/) } it { is_expected.to contain_concat__fragment(Digest::MD5.hexdigest("vhost1-500-location")).with_content(/proxy_cache_valid\s+10m;/) }
end end
end end

View file

@ -35,8 +35,8 @@ describe 'nginx::resource::vhost' do
'group' => 'root', 'group' => 'root',
'mode' => '0644', 'mode' => '0644',
})} })}
it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{access_log[ ]+/var/log/nginx/www\.rspec\.example\.com\.access\.log}) } it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{access_log\s+/var/log/nginx/www\.rspec\.example\.com\.access\.log}) }
it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{error_log[ ]+/var/log/nginx/www\.rspec\.example\.com\.error\.log}) } it { is_expected.to contain_concat__fragment("#{title}-header").with_content(%r{error_log\s+/var/log/nginx/www\.rspec\.example\.com\.error\.log}) }
it { is_expected.to contain_concat__fragment("#{title}-footer") } it { is_expected.to contain_concat__fragment("#{title}-footer") }
it { is_expected.to contain_nginx__resource__location("#{title}-default") } it { is_expected.to contain_nginx__resource__location("#{title}-default") }
it { is_expected.not_to contain_file("/etc/nginx/fastcgi_params") } it { is_expected.not_to contain_file("/etc/nginx/fastcgi_params") }
@ -55,116 +55,117 @@ describe 'nginx::resource::vhost' do
:value => false, :value => false,
:notmatch => %r| :notmatch => %r|
^ ^
\s+listen\s+\*:443\s+ssl;\n \s+listen\s+\*:80;\n
\s+server_name\s+www\.rspec\.example\.com;\n \s+server_name\s+www\.rspec\.example\.com;\n
\s+return\s+301\s+https://rspec\.example\.com\$uri; \s+return\s+301\s+http://rspec\.example\.com\$uri;
|x, |x,
}, },
{ {
:title => 'should contain www to non-www rewrite', :title => 'should contain www to non-www rewrite',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => true, :value => true,
:match => [ :match => %r|
' listen *:80;', ^
' server_name www.rspec.example.com;', \s+listen\s+\*:80;\n
' return 301 http://rspec.example.com$uri;', \s+server_name\s+www\.rspec\.example\.com;\n
], \s+return\s+301\s+http://rspec\.example\.com\$uri;
|x,
}, },
{ {
:title => 'should set the IPv4 listen IP', :title => 'should set the IPv4 listen IP',
:attr => 'listen_ip', :attr => 'listen_ip',
:value => '127.0.0.1', :value => '127.0.0.1',
:match => ' listen 127.0.0.1:80;', :match => %r'\s+listen\s+127.0.0.1:80;',
}, },
{ {
:title => 'should set the IPv4 listen port', :title => 'should set the IPv4 listen port',
:attr => 'listen_port', :attr => 'listen_port',
:value => 45, :value => 45,
:match => ' listen *:45;', :match => %r'\s+listen\s+\*:45;',
}, },
{ {
:title => 'should set the IPv4 listen options', :title => 'should set the IPv4 listen options',
:attr => 'listen_options', :attr => 'listen_options',
:value => 'spdy default', :value => 'spdy default',
:match => ' listen *:80 spdy default;', :match => %r'\s+listen\s+\*:80 spdy default;',
}, },
{ {
:title => 'should enable IPv6', :title => 'should enable IPv6',
:attr => 'ipv6_enable', :attr => 'ipv6_enable',
:value => true, :value => true,
:match => ' listen [::]:80 default ipv6only=on;', :match => %r'\s+listen\s+\[::\]:80 default ipv6only=on;',
}, },
{ {
:title => 'should not enable IPv6', :title => 'should not enable IPv6',
:attr => 'ipv6_enable', :attr => 'ipv6_enable',
:value => false, :value => false,
:notmatch => / listen \[::\]:80 default ipv6only=on;/, :notmatch => %r'\slisten \[::\]:80 default ipv6only=on;',
}, },
{ {
:title => 'should set the IPv6 listen IP', :title => 'should set the IPv6 listen IP',
:attr => 'ipv6_listen_ip', :attr => 'ipv6_listen_ip',
:value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334', :value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334',
:match => ' listen [2001:0db8:85a3:0000:0000:8a2e:0370:7334]:80 default ipv6only=on;', :match => %r'\s+listen\s+\[2001:0db8:85a3:0000:0000:8a2e:0370:7334\]:80 default ipv6only=on;',
}, },
{ {
:title => 'should set the IPv6 listen port', :title => 'should set the IPv6 listen port',
:attr => 'ipv6_listen_port', :attr => 'ipv6_listen_port',
:value => 45, :value => 45,
:match => ' listen [::]:45 default ipv6only=on;', :match => %r'\s+listen\s+\[::\]:45 default ipv6only=on;',
}, },
{ {
:title => 'should set the IPv6 listen options', :title => 'should set the IPv6 listen options',
:attr => 'ipv6_listen_options', :attr => 'ipv6_listen_options',
:value => 'spdy', :value => 'spdy',
:match => ' listen [::]:80 spdy;', :match => %r'\s+listen\s+\[::\]:80 spdy;',
}, },
{ {
:title => 'should set servername(s)', :title => 'should set servername(s)',
:attr => 'server_name', :attr => 'server_name',
:value => ['www.foo.com','foo.com'], :value => ['www.foo.com','foo.com'],
:match => ' server_name www.foo.com foo.com;', :match => %r'\s+server_name\s+www.foo.com foo.com;',
}, },
{ {
:title => 'should rewrite www servername to non-www', :title => 'should rewrite www servername to non-www',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => true, :value => true,
:match => ' server_name rspec.example.com;', :match => %r'\s+server_name\s+rspec.example.com;',
}, },
{ {
:title => 'should not rewrite www servername to non-www', :title => 'should not rewrite www servername to non-www',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => false, :value => false,
:match => ' server_name www.rspec.example.com;', :match => %r'\s+server_name\s+www.rspec.example.com;',
}, },
{ {
:title => 'should set auth_basic', :title => 'should set auth_basic',
:attr => 'auth_basic', :attr => 'auth_basic',
:value => 'value', :value => 'value',
:match => ' auth_basic "value";', :match => %r'\s+auth_basic\s+"value";',
}, },
{ {
:title => 'should set auth_basic_user_file', :title => 'should set auth_basic_user_file',
:attr => 'auth_basic_user_file', :attr => 'auth_basic_user_file',
:value => 'value', :value => 'value',
:match => ' auth_basic_user_file value;', :match => %r'\s+auth_basic_user_file\s+value;',
}, },
{ {
:title => 'should set the client_body_timeout', :title => 'should set the client_body_timeout',
:attr => 'client_body_timeout', :attr => 'client_body_timeout',
:value => 'value', :value => 'value',
:match => /^[ ]+client_body_timeout\s+value;/ :match => /^\s+client_body_timeout\s+value;/
}, },
{ {
:title => 'should set the client_header_timeout', :title => 'should set the client_header_timeout',
:attr => 'client_header_timeout', :attr => 'client_header_timeout',
:value => 'value', :value => 'value',
:match => /^[ ]+client_header_timeout\s+value;/ :match => /^\s+client_header_timeout\s+value;/
}, },
{ {
:title => 'should set the gzip_types', :title => 'should set the gzip_types',
:attr => 'gzip_types', :attr => 'gzip_types',
:value => 'value', :value => 'value',
:match => /^[ ]+gzip_types\s+value;/ :match => /^\s+gzip_types\s+value;/
}, },
{ {
:title => 'should contain raw_prepend directives', :title => 'should contain raw_prepend directives',
@ -222,8 +223,8 @@ describe 'nginx::resource::vhost' do
:attr => 'rewrite_to_https', :attr => 'rewrite_to_https',
:value => false, :value => false,
:notmatch => [ :notmatch => [
/if \(\$ssl_protocol = ""\) \{/, %r'if \(\$ssl_protocol = ""\) \{',
/ return 301 https:\/\/\$host\$request_uri;/, %r'\s+return 301 https://\$host\$request_uri;',
], ],
}, },
{ {
@ -278,8 +279,8 @@ describe 'nginx::resource::vhost' do
:attr => 'include_files', :attr => 'include_files',
:value => [ '/file1', '/file2' ], :value => [ '/file1', '/file2' ],
:match => [ :match => [
%r'^[ ]+include\s+/file1;', %r'^\s+include\s+/file1;',
%r'^[ ]+include\s+/file2;', %r'^\s+include\s+/file2;',
], ],
}, },
{ {
@ -342,47 +343,48 @@ describe 'nginx::resource::vhost' do
:title => 'should contain www to non-www rewrite', :title => 'should contain www to non-www rewrite',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => true, :value => true,
:match => [ :match => %r|
' listen *:443 ssl;', ^
' server_name www.rspec.example.com;', \s+listen\s+\*:443\s+ssl;\n
' return 301 https://rspec.example.com$uri;', \s+server_name\s+www\.rspec\.example\.com;\n
], \s+return\s+301\s+https://rspec\.example\.com\$uri;
|x,
}, },
{ {
:title => 'should set the IPv4 listen IP', :title => 'should set the IPv4 listen IP',
:attr => 'listen_ip', :attr => 'listen_ip',
:value => '127.0.0.1', :value => '127.0.0.1',
:match => ' listen 127.0.0.1:443 ssl;', :match => %r'\s+listen\s+127.0.0.1:443 ssl;',
}, },
{ {
:title => 'should set the IPv4 SSL listen port', :title => 'should set the IPv4 SSL listen port',
:attr => 'ssl_port', :attr => 'ssl_port',
:value => 45, :value => 45,
:match => ' listen *:45 ssl;', :match => %r'\s+listen\s+\*:45 ssl;',
}, },
{ {
:title => 'should set SPDY', :title => 'should set SPDY',
:attr => 'spdy', :attr => 'spdy',
:value => 'on', :value => 'on',
:match => ' listen *:443 ssl spdy;', :match => %r'\s+listen\s+\*:443 ssl spdy;',
}, },
{ {
:title => 'should not set SPDY', :title => 'should not set SPDY',
:attr => 'spdy', :attr => 'spdy',
:value => 'off', :value => 'off',
:match => ' listen *:443 ssl;', :match => %r'\s+listen\s+\*:443 ssl;',
}, },
{ {
:title => 'should set the IPv4 listen options', :title => 'should set the IPv4 listen options',
:attr => 'listen_options', :attr => 'listen_options',
:value => 'default', :value => 'default',
:match => ' listen *:443 ssl default;', :match => %r'\s+listen\s+\*:443 ssl default;',
}, },
{ {
:title => 'should enable IPv6', :title => 'should enable IPv6',
:attr => 'ipv6_enable', :attr => 'ipv6_enable',
:value => true, :value => true,
:match => ' listen [::]:443 ssl default ipv6only=on;', :match => %r'\s+listen\s+\[::\]:443 ssl default ipv6only=on;',
}, },
{ {
:title => 'should disable IPv6', :title => 'should disable IPv6',
@ -394,85 +396,85 @@ describe 'nginx::resource::vhost' do
:title => 'should set the IPv6 listen IP', :title => 'should set the IPv6 listen IP',
:attr => 'ipv6_listen_ip', :attr => 'ipv6_listen_ip',
:value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334', :value => '2001:0db8:85a3:0000:0000:8a2e:0370:7334',
:match => ' listen [2001:0db8:85a3:0000:0000:8a2e:0370:7334]:443 ssl default ipv6only=on;', :match => %r'\s+listen\s+\[2001:0db8:85a3:0000:0000:8a2e:0370:7334\]:443 ssl default ipv6only=on;',
}, },
{ {
:title => 'should set the IPv6 listen port', :title => 'should set the IPv6 listen port',
:attr => 'ssl_port', :attr => 'ssl_port',
:value => 45, :value => 45,
:match => ' listen [::]:45 ssl default ipv6only=on;', :match => %r'\s+listen\s+\[::\]:45 ssl default ipv6only=on;',
}, },
{ {
:title => 'should set the IPv6 listen options', :title => 'should set the IPv6 listen options',
:attr => 'ipv6_listen_options', :attr => 'ipv6_listen_options',
:value => 'spdy default', :value => 'spdy default',
:match => ' listen [::]:443 ssl spdy default;', :match => %r'\s+listen\s+\[::\]:443 ssl spdy default;',
}, },
{ {
:title => 'should set servername(s)', :title => 'should set servername(s)',
:attr => 'server_name', :attr => 'server_name',
:value => ['www.foo.com','foo.com'], :value => ['www.foo.com','foo.com'],
:match => ' server_name www.foo.com foo.com;', :match => %r'\s+server_name\s+www.foo.com foo.com;',
}, },
{ {
:title => 'should rewrite www servername to non-www', :title => 'should rewrite www servername to non-www',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => true, :value => true,
:match => ' server_name rspec.example.com;', :match => %r'\s+server_name\s+rspec.example.com;',
}, },
{ {
:title => 'should not rewrite www servername to non-www', :title => 'should not rewrite www servername to non-www',
:attr => 'rewrite_www_to_non_www', :attr => 'rewrite_www_to_non_www',
:value => false, :value => false,
:match => ' server_name www.rspec.example.com;', :match => %r'\s+server_name\s+www.rspec.example.com;',
}, },
{ {
:title => 'should set the SSL cache', :title => 'should set the SSL cache',
:attr => 'ssl_cache', :attr => 'ssl_cache',
:value => 'shared:SSL:1m', :value => 'shared:SSL:1m',
:match => ' ssl_session_cache shared:SSL:1m;', :match => %r'\s+ssl_session_cache\s+shared:SSL:1m;',
}, },
{ {
:title => 'should set the SSL protocols', :title => 'should set the SSL protocols',
:attr => 'ssl_protocols', :attr => 'ssl_protocols',
:value => 'SSLv3', :value => 'SSLv3',
:match => ' ssl_protocols SSLv3;', :match => %r'\s+ssl_protocols\s+SSLv3;',
}, },
{ {
:title => 'should set the SSL ciphers', :title => 'should set the SSL ciphers',
:attr => 'ssl_ciphers', :attr => 'ssl_ciphers',
:value => 'HIGH', :value => 'HIGH',
:match => ' ssl_ciphers HIGH;', :match => %r'\s+ssl_ciphers\s+HIGH;',
}, },
{ {
:title => 'should set auth_basic', :title => 'should set auth_basic',
:attr => 'auth_basic', :attr => 'auth_basic',
:value => 'value', :value => 'value',
:match => ' auth_basic "value";', :match => %r'\s+auth_basic\s+"value";',
}, },
{ {
:title => 'should set auth_basic_user_file', :title => 'should set auth_basic_user_file',
:attr => 'auth_basic_user_file', :attr => 'auth_basic_user_file',
:value => 'value', :value => 'value',
:match => ' auth_basic_user_file "value";', :match => %r'\s+auth_basic_user_file\s+"value";',
}, },
{ {
:title => 'should set the client_body_timeout', :title => 'should set the client_body_timeout',
:attr => 'client_body_timeout', :attr => 'client_body_timeout',
:value => 'value', :value => 'value',
:match => /^[ ]+client_body_timeout\s+value;/ :match => /^\s+client_body_timeout\s+value;/
}, },
{ {
:title => 'should set the client_header_timeout', :title => 'should set the client_header_timeout',
:attr => 'client_header_timeout', :attr => 'client_header_timeout',
:value => 'value', :value => 'value',
:match => /^[ ]+client_header_timeout\s+value;/ :match => /^\s+client_header_timeout\s+value;/
}, },
{ {
:title => 'should set the gzip_types', :title => 'should set the gzip_types',
:attr => 'gzip_types', :attr => 'gzip_types',
:value => 'value', :value => 'value',
:match => /^[ ]+gzip_types\s+value;/ :match => /^\s+gzip_types\s+value;/
}, },
{ {
:title => 'should set access_log', :title => 'should set access_log',
@ -574,8 +576,8 @@ describe 'nginx::resource::vhost' do
:attr => 'include_files', :attr => 'include_files',
:value => [ '/file1', '/file2' ], :value => [ '/file1', '/file2' ],
:match => [ :match => [
%r'^[ ]+include\s+/file1;', %r'^\s+include\s+/file1;',
%r'^[ ]+include\s+/file2;', %r'^\s+include\s+/file2;',
], ],
}, },
{ {
@ -651,7 +653,7 @@ describe 'nginx::resource::vhost' do
end end
it "should set the server_name of the rewrite server stanza to the first server_name with 'www.' stripped" do it "should set the server_name of the rewrite server stanza to the first server_name with 'www.' stripped" do
is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(/^[ ]+server_name\s+foo.com;/) is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(/^\s+server_name\s+foo.com;/)
end end
end end
@ -666,7 +668,7 @@ describe 'nginx::resource::vhost' do
end end
it "should set the server_name of the rewrite server stanza to the first server_name with 'www.' stripped" do it "should set the server_name of the rewrite server stanza to the first server_name with 'www.' stripped" do
is_expected.to contain_concat__fragment("#{title}-header").with_content(/^[ ]+server_name\s+foo.com;/) is_expected.to contain_concat__fragment("#{title}-header").with_content(/^\s+server_name\s+foo.com;/)
end end
end end
@ -780,8 +782,8 @@ describe 'nginx::resource::vhost' do
}) end }) end
it { is_expected.to contain_nginx__resource__location("#{title}-default").with_ssl_only(true) } it { is_expected.to contain_nginx__resource__location("#{title}-default").with_ssl_only(true) }
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{access_log[ ]+/var/log/nginx/ssl-www\.rspec\.example\.com\.access\.log}) } it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{access_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.access\.log}) }
it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{error_log[ ]+/var/log/nginx/ssl-www\.rspec\.example\.com\.error\.log}) } it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{error_log\s+/var/log/nginx/ssl-www\.rspec\.example\.com\.error\.log}) }
it { is_expected.to contain_concat__fragment("#{title}-ssl-footer") } it { is_expected.to contain_concat__fragment("#{title}-ssl-footer") }
it { is_expected.to contain_file("/etc/nginx/#{title}.crt") } it { is_expected.to contain_file("/etc/nginx/#{title}.crt") }
it { is_expected.to contain_file("/etc/nginx/#{title}.key") } it { is_expected.to contain_file("/etc/nginx/#{title}.key") }

View file

@ -11,19 +11,22 @@ geo <%= @address ? "#{@address} " : '' %>$<%= @name %> {
default <%= @default %>; default <%= @default %>;
<% end -%> <% end -%>
<% if @delete -%> <% if @delete -%>
delete <%= @delete %>; delete <%= @delete %>;
<% end -%> <% end -%>
<% if @proxies -%> <% if @proxies -%>
<%- if @proxy_recursive -%>
proxy_recursive;
<%- end -%>
<%- [@proxies].flatten.each do |proxy| -%> <%- [@proxies].flatten.each do |proxy| -%>
proxy <%= proxy %>; proxy <%= proxy %>;
<%- end -%> <%- end -%>
<% end -%> <% end -%>
<% if @proxy_recursive && @proxies -%>
proxy_recursive;
<% end -%>
<% if @networks -%> <% if @networks -%>
<%- field_width = @networks.inject(0) { |l,(k,v)| k.size > l ? k.size : l } -%>
<%- @networks.sort_by{|k,v| IPAddr.new(k.split('-').first).to_i }.each do |key,value| -%> <%- @networks.sort_by{|k,v| IPAddr.new(k.split('-').first).to_i }.each do |key,value| -%>
<%= key %> <%= value %>; <%= sprintf("%-*s", field_width, key) %> <%= value %>;
<%- end -%> <%- end -%>
<% end -%> <% end -%>
} }

View file

@ -5,9 +5,11 @@ map <%= @string %> $<%= @name %> {
<% if @default -%> <% if @default -%>
default <%= @default %>; default <%= @default %>;
<% end -%> <% end -%>
<% if @mappings -%> <% if @mappings -%>
<%- field_width = @mappings.inject(0) { |l,(k,v)| k.size > l ? k.size : l } -%>
<%- @mappings.sort_by{|k,v| k}.each do |key,value| -%> <%- @mappings.sort_by{|k,v| k}.each do |key,value| -%>
<%= key %> <%= value %>; <%= sprintf("%-*s", field_width, key) %> <%= value %>;
<%- end -%> <%- end -%>
<% end -%> <% end -%>
} }

View file

@ -2,21 +2,23 @@
user <%= @daemon_user %>; user <%= @daemon_user %>;
<% end -%> <% end -%>
worker_processes <%= @worker_processes %>; worker_processes <%= @worker_processes %>;
<% if @worker_rlimit_nofile %>worker_rlimit_nofile <%= @worker_rlimit_nofile %>;<% end -%> <% if @worker_rlimit_nofile -%>
worker_rlimit_nofile <%= @worker_rlimit_nofile %>;
<% end -%>
error_log <%= @nginx_error_log %>;
<% if @pid -%> <% if @pid -%>
pid <%= @pid %>; pid <%= @pid %>;
<% end -%> <% end -%>
error_log <%= @nginx_error_log %>;
events { events {
worker_connections <%= @worker_connections -%>; worker_connections <%= @worker_connections -%>;
<% if @multi_accept == 'on' -%> <%- if @multi_accept == 'on' -%>
multi_accept on; multi_accept on;
<% end -%> <%- end -%>
<% if @events_use -%> <%- if @events_use -%>
use <%= @events_use %>; use <%= @events_use %>;
<% end -%> <%- end -%>
} }
http { http {
@ -27,9 +29,9 @@ http {
<% if @sendfile == 'on' -%> <% if @sendfile == 'on' -%>
sendfile on; sendfile on;
<% if @http_tcp_nopush == 'on' -%> <%- if @http_tcp_nopush == 'on' -%>
tcp_nopush on; tcp_nopush on;
<% end -%> <%- end -%>
<% end -%> <% end -%>
server_tokens <%= @server_tokens %>; server_tokens <%= @server_tokens %>;
@ -46,30 +48,31 @@ http {
<% if @gzip == 'on' -%> <% if @gzip == 'on' -%>
gzip on; gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_disable "MSIE [1-6]\.(?!.*SV1)";
<% end -%>
<% end -%>
<% if @proxy_cache_path -%> <% if @proxy_cache_path -%>
proxy_cache_path <%= @proxy_cache_path %> levels=<%= @proxy_cache_levels %> keys_zone=<%= @proxy_cache_keys_zone %> max_size=<%= @proxy_cache_max_size %> inactive=<%= @proxy_cache_inactive %>; proxy_cache_path <%= @proxy_cache_path %> levels=<%= @proxy_cache_levels %> keys_zone=<%= @proxy_cache_keys_zone %> max_size=<%= @proxy_cache_max_size %> inactive=<%= @proxy_cache_inactive %>;
<% end -%>
<% end -%>
<% if @fastcgi_cache_path -%> <% if @fastcgi_cache_path -%>
fastcgi_cache_path <%= @fastcgi_cache_path %> levels=<%= @fastcgi_cache_levels %> keys_zone=<%= @fastcgi_cache_keys_zone %> max_size=<%= @fastcgi_cache_max_size %> inactive=<%= @fastcgi_cache_inactive %>; fastcgi_cache_path <%= @fastcgi_cache_path %> levels=<%= @fastcgi_cache_levels %> keys_zone=<%= @fastcgi_cache_keys_zone %> max_size=<%= @fastcgi_cache_max_size %> inactive=<%= @fastcgi_cache_inactive %>;
<% end -%> <% end -%>
<% if @fastcgi_cache_key -%> <% if @fastcgi_cache_key -%>
fastcgi_cache_key <%= @fastcgi_cache_key %>; fastcgi_cache_key <%= @fastcgi_cache_key %>;
<% end -%> <% end -%>
<% if @fastcgi_cache_use_stale -%> <% if @fastcgi_cache_use_stale -%>
fastcgi_cache_use_stale <%= @fastcgi_cache_use_stale %>; fastcgi_cache_use_stale <%= @fastcgi_cache_use_stale %>;
<% end -%> <% end -%>
<% if @http_cfg_append -%>
<% if @http_cfg_append -%><% @http_cfg_append.sort_by{|k,v| k}.each do |key,value| -%> <%- field_width = @http_cfg_append.inject(0) { |l,(k,v)| k.size > l ? k.size : l } -%>
<%= key %> <%= value %>; <%- @http_cfg_append.sort_by{|k,v| k}.each do |key,value| -%>
<% end -%> <%= sprintf("%-*s", field_width, key) %> <%= value %>;
<%- end -%>
<% end -%> <% end -%>
include <%= @conf_dir %>/conf.d/*.conf; include <%= @conf_dir %>/conf.d/*.conf;
include <%= @conf_dir %>/sites-enabled/*; include <%= @conf_dir %>/sites-enabled/*;
} }
<% if @mail -%> <% if @mail -%>
mail { mail {

View file

@ -34,3 +34,4 @@
<%- end -%> <%- end -%>
<% end -%> <% end -%>
} }

View file

@ -48,8 +48,8 @@
<%- end -%> <%- end -%>
<%- end -%> <%- end -%>
<% end -%> <% end -%>
<% if @raw_prepend && Array(@raw_prepend).size > 0 %> <% if @raw_prepend && Array(@raw_prepend).size > 0 -%>
<%- Array(@raw_prepend).each do |line| -%> <%- Array(@raw_prepend).each do |line| -%>
<%= line %> <%= line %>
<%- end -%> <%- end -%>
<% end %> <% end -%>

View file

@ -1,4 +1,4 @@
alias <%= @location_alias %>; alias <%= @location_alias %>;
<% if defined? @autoindex -%> <% if defined? @autoindex -%>
autoindex <%= @autoindex %>; autoindex <%= @autoindex %>;
<% end -%> <% end -%>

View file

@ -1,21 +1,28 @@
<% if defined? @www_root -%> <% if defined? @www_root -%>
root <%= @www_root %>; root <%= @www_root %>;
<% end -%>
<% if defined? @autoindex -%>
autoindex <%= @autoindex %>;
<% end -%>
<% if @index_files.count > 0 -%>
index <% Array(@index_files).each do |i| %> <%= i %><% end %>;
<% end -%> <% end -%>
<% if @try_files -%> <% if @try_files -%>
try_files<% @try_files.each do |try| -%> <%= try %><% end -%>; try_files<% @try_files.each do |try| -%> <%= try %><% end -%>;
<% end -%> <% end -%>
<% if defined? @autoindex -%> <%- unless @rewrite_rules.nil? || @rewrite_rules.empty? -%>
autoindex <%= @autoindex %>;
<% end -%> <%- @rewrite_rules.each do |rewrite_rule| -%>
<% if @index_files.count > 0 -%>
index <% Array(@index_files).each do |i| %> <%= i %><% end %>;
<% end -%>
<% @rewrite_rules.each do |rewrite_rule| -%>
rewrite <%= rewrite_rule %>; rewrite <%= rewrite_rule %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @auth_basic -%> <% if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%>
<%- if @auth_basic -%>
auth_basic "<%= @auth_basic %>"; auth_basic "<%= @auth_basic %>";
<% end -%> <%- end -%>
<% if defined? @auth_basic_user_file -%> <%- if defined? @auth_basic_user_file -%>
auth_basic_user_file <%= @auth_basic_user_file %>; auth_basic_user_file <%= @auth_basic_user_file %>;
<% end -%> <%- end -%>
<% end -%>

View file

@ -1,20 +1,22 @@
<% if defined? @www_root -%> <% if defined? @www_root -%>
root <%= @www_root %>; root <%= @www_root %>;
<% end -%> <% end -%>
include <%= @fastcgi_params %>;
<% if @try_files -%>
try_files <% @try_files.each do |try| -%> <%= try %><% end -%>;
<% end -%>
fastcgi_pass <%= @fastcgi %>;
<% if @fastcgi_split_path -%> <% if @fastcgi_split_path -%>
fastcgi_split_path_info <%= @fastcgi_split_path %>; fastcgi_split_path_info <%= @fastcgi_split_path %>;
<% end -%> <% end -%>
<% if @try_files -%> <% if defined? @fastcgi_script -%>
try_files<% @try_files.each do |try| -%> <%= try %><% end -%>; <%-# this setting can be overridden by setting it in the fastcgi_param hash too %>
<%- @fastcgi_param = { 'SCRIPT_FILENAME' => @fastcgi_script }.merge(@fastcgi_param || {}) -%>
<% end -%> <% end -%>
include <%= @fastcgi_params %>; <% if defined? @fastcgi_param -%>
fastcgi_pass <%= @fastcgi %>; <%- field_width = @fastcgi_param.inject(0) { |l,(k,v)| k.size > l ? k.size : l } -%>
<% if defined? @fastcgi_script %> <%- @fastcgi_param.each do |key, val| -%>
fastcgi_param SCRIPT_FILENAME <%= @fastcgi_script %>; fastcgi_param <%= sprintf("%-*s", field_width, key) %> <%= val %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @fastcgi_param %>
# Enable custom fastcgi_params
<% @fastcgi_param.each_pair do |key, val| -%>
fastcgi_param <%= key %> <%= val %>;
<% end -%>
<% end %>

View file

@ -1,28 +1,38 @@
<% if @proxy_cache -%> proxy_pass <%= @proxy %>;
proxy_cache <%= @proxy_cache %>; proxy_read_timeout <%= @proxy_read_timeout %>;
<% end -%> proxy_connect_timeout <%= @proxy_connect_timeout %>;
<% if @proxy_cache_valid -%> proxy_redirect <%= @proxy_redirect %>;
proxy_cache_valid <%= @proxy_cache_valid %>;
<% end -%>
proxy_pass <%= @proxy %>;
proxy_read_timeout <%= @proxy_read_timeout %>;
proxy_connect_timeout <%= @proxy_connect_timeout %>;
proxy_redirect <%= @proxy_redirect %>;
<% @proxy_set_header.each do |header| -%>
proxy_set_header <%= header %>;
<% end -%>
<% if @proxy_method -%> <% if @proxy_method -%>
proxy_method <%= @proxy_method %>; proxy_method <%= @proxy_method %>;
<% end -%> <% end -%>
<% if @proxy_set_body -%> <% if @proxy_set_body -%>
proxy_set_body <%= @proxy_set_body %>; proxy_set_body <%= @proxy_set_body %>;
<% end -%> <% end -%>
<% @rewrite_rules.each do |rewrite_rule| -%> <% unless @proxy_set_header.nil? -%>
<%- @proxy_set_header.each do |header| -%>
proxy_set_header <%= header %>;
<%- end -%>
<% end -%>
<% if @proxy_cache -%>
proxy_cache <%= @proxy_cache %>;
<% end -%>
<% if @proxy_cache_valid -%>
proxy_cache_valid <%= @proxy_cache_valid %>;
<% end -%>
<%- unless @rewrite_rules.nil? || @rewrite_rules.empty? -%>
<%- @rewrite_rules.each do |rewrite_rule| -%>
rewrite <%= rewrite_rule %>; rewrite <%= rewrite_rule %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @auth_basic -%> <% if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%>
<%- if @auth_basic -%>
auth_basic "<%= @auth_basic %>"; auth_basic "<%= @auth_basic %>";
<% end -%> <%- end -%>
<% if defined? @auth_basic_user_file -%> <%- if defined? @auth_basic_user_file -%>
auth_basic_user_file <%= @auth_basic_user_file %>; auth_basic_user_file <%= @auth_basic_user_file %>;
<%- end -%>
<% end -%> <% end -%>

View file

@ -8,25 +8,31 @@ server {
<% end -%> <% end -%>
server { server {
listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
<% # check to see if ipv6 support exists in the kernel before applying %> <%# check to see if ipv6 support exists in the kernel before applying -%>
<% if @ipv6_enable && (defined? @ipaddress6) %> <% if @ipv6_enable && (defined? @ipaddress6) -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<% end %> <% end -%>
server_name <%= @rewrite_www_to_non_www ? @server_name[0].gsub(/^www\./, '') : @server_name.join(" ") %>; server_name <%= @rewrite_www_to_non_www ? @server_name[0].gsub(/^www\./, '') : @server_name.join(" ") %>;
<% if defined? @auth_basic -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%>
<% if defined? @auth_basic -%>
auth_basic "<%= @auth_basic %>"; auth_basic "<%= @auth_basic %>";
<% end -%> <%- end -%>
<% if defined? @auth_basic_user_file -%> <%- if defined? @auth_basic_user_file -%>
auth_basic_user_file <%= @auth_basic_user_file %>; auth_basic_user_file <%= @auth_basic_user_file %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @client_body_timeout -%> <% if instance_variables.any? { |iv| iv.to_s.include? 'client_' } -%>
<%- if defined? @client_body_timeout -%>
client_body_timeout <%= @client_body_timeout %>; client_body_timeout <%= @client_body_timeout %>;
<% end -%> <%- end -%>
<% if defined? @client_header_timeout -%> <%- if defined? @client_header_timeout -%>
client_header_timeout <%= @client_header_timeout %>; client_header_timeout <%= @client_header_timeout %>;
<% end -%> <%- end -%>
<% if defined? @client_max_body_size -%> <%- if defined? @client_max_body_size -%>
client_max_body_size <%= @client_max_body_size %>; client_max_body_size <%= @client_max_body_size %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @gzip_types -%> <% if defined? @gzip_types -%>
gzip_types <%= @gzip_types %>; gzip_types <%= @gzip_types %>;
@ -60,7 +66,7 @@ server {
passenger_set_cgi_param <%= key %> <%= @passenger_cgi_param[key] %>; passenger_set_cgi_param <%= key %> <%= @passenger_cgi_param[key] %>;
<%- end -%> <%- end -%>
<% end -%> <% end -%>
<% if @resolver.count > 0 -%> <% if Array(@resolver).count > 0 -%>
resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>; resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>;
<% end -%> <% end -%>
<% @proxy_set_header.each do |header| -%> <% @proxy_set_header.each do |header| -%>
@ -87,5 +93,4 @@ server {
<% end -%> <% end -%>
access_log <%= @access_log_real %>; access_log <%= @access_log_real %>;
error_log <%= @error_log_real %>; error_log <%= @error_log_real %>;

View file

@ -5,12 +5,12 @@ server {
return 301 https://<%= @server_name[0].gsub(/^www\./, '') %>$uri; return 301 https://<%= @server_name[0].gsub(/^www\./, '') %>$uri;
} }
<% end %> <% end -%>
server { server {
listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>; listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- if @ipv6_enable && (defined? @ipaddress6) %> <%- if @ipv6_enable && (defined? @ipaddress6) -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>; listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end %> <%- end -%>
server_name <%= @rewrite_www_to_non_www ? @server_name[0].gsub(/^www\./, '') : @server_name.join(" ") %>; server_name <%= @rewrite_www_to_non_www ? @server_name[0].gsub(/^www\./, '') : @server_name.join(" ") %>;
ssl on; ssl on;
@ -25,44 +25,53 @@ server {
ssl_protocols <%= @ssl_protocols %>; ssl_protocols <%= @ssl_protocols %>;
ssl_ciphers <%= @ssl_ciphers %>; ssl_ciphers <%= @ssl_ciphers %>;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
<% if @ssl_stapling -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'ssl_' } -%>
<%- if @ssl_stapling -%>
ssl_stapling on; ssl_stapling on;
<% end -%> <%- end -%>
<% if defined? @ssl_stapling_file -%> <%- if defined? @ssl_stapling_file -%>
ssl_stapling_file <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.ocsp.resp; ssl_stapling_file <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.ocsp.resp;
<% end -%> <%- end -%>
<% if defined? @ssl_stapling_responder -%> <%- if defined? @ssl_stapling_responder -%>
ssl_stapling_responder <%= @ssl_stapling_responder %>; ssl_stapling_responder <%= @ssl_stapling_responder %>;
<% end -%> <%- end -%>
<% if @ssl_stapling_verify -%> <%- if @ssl_stapling_verify -%>
ssl_stapling_verify on; ssl_stapling_verify on;
<% end -%> <%- end -%>
<% if defined? @ssl_trusted_cert -%> <%- if defined? @ssl_trusted_cert -%>
ssl_trusted_certificate <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.trusted.crt; ssl_trusted_certificate <%= scope.lookupvar('nginx::config::conf_dir') %>/<%= @name.gsub(' ', '_') %>.trusted.crt;
<%- end -%>
<% end -%> <% end -%>
<% if @resolver.count > 0 -%> <% if Array(@resolver).count > 0 -%>
resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>; resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>;
<% end -%> <% end -%>
<% if defined? @auth_basic -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%>
<% if defined? @auth_basic -%>
auth_basic "<%= @auth_basic %>"; auth_basic "<%= @auth_basic %>";
<% end -%> <% end -%>
<% if defined? @auth_basic_user_file -%> <% if defined? @auth_basic_user_file -%>
auth_basic_user_file "<%= @auth_basic_user_file %>"; auth_basic_user_file "<%= @auth_basic_user_file %>";
<% end -%> <% end -%>
<% if defined? @client_body_timeout -%> <%- end -%>
<%- if instance_variables.any? { |iv| iv.to_s.include? 'client_' } -%>
<%- if defined? @client_body_timeout -%>
client_body_timeout <%= @client_body_timeout %>; client_body_timeout <%= @client_body_timeout %>;
<% end -%> <%- end -%>
<% if defined? @client_header_timeout -%> <%- if defined? @client_header_timeout -%>
client_header_timeout <%= @client_header_timeout %>; client_header_timeout <%= @client_header_timeout %>;
<% end -%> <%- end -%>
<% if defined? @client_max_body_size -%> <%- if defined? @client_max_body_size -%>
client_max_body_size <%= @client_max_body_size %>; client_max_body_size <%= @client_max_body_size %>;
<%- end -%>
<% end -%> <% end -%>
<% if defined? @gzip_types -%> <% if defined? @gzip_types -%>
gzip_types <%= @gzip_types %>; gzip_types <%= @gzip_types %>;
<% end -%> <% end -%>
<% if @index_files.count > 0 -%> <% if @index_files.count > 0 -%>
index <% Array(@index_files).each do |i| %> <%= i %><% end %>; index <% Array(@index_files).each do |i| %> <%= i %><% end %>;
<% end -%> <% end -%>
access_log <%= @ssl_access_log_real %>; access_log <%= @ssl_access_log_real %>;
@ -100,7 +109,7 @@ server {
<% end -%> <% end -%>
<% Array(@raw_prepend).each do |line| -%> <% Array(@raw_prepend).each do |line| -%>
<%= line %> <%= line %>
<% end %> <% end -%>
<% if @root -%> <% if @root -%>
root <%= @root %>; root <%= @root %>;
<% end -%> <% end -%>