It is bad practice to use 644 on a private key so we
have migrated the key mode to 0400. The cert is already
avaliable publicly through nginx so we have allowed it
0444.
Nothing should need to write either the cert of the key
after puppet has run, so we have denied any writing.
I get the above error message. It is easily fixed by removing the `ensure` inside `ensure_resource`, since `ensure_resource` should already be setting `$ensure` to `file`.
* Options location_cfg_append and location_cfg_prepend added to fastcgi template
* Option www_root is optional now
* Options logging fixed in http template
* Auth_basic fixed in SSL vhost header
If $ipv6_enable is true ypu sshould warn the user only if the machine _doesn't have_ an ip address.
At the moment the warning is raised when ipv6 is configured properly
Added ssl_ciphers and ssl_protocols as params which default to values as proposed on nginx.org.
If SSL vhost then ssl is added to listen directive as proposed on nginx.org.
more secure
Added SSL caching to speed up SSL requests
Add server_tokens to the global config so this can be turned on|off
between dev and prod
Add proxy_set_header to vhost as different vhosts may require different
headers and the global setting is not ideal
Minor space formatting so that the generated files are fractionally
more readable
This is the best way I found to tackle the problem of custom directives, trying to
avoid common usage of module involve hacking the module/template to be able place
custom directives.
Right now support was added only for location context (default and custom ones),
it expects a hash with key value and it's supported on all current location types.
Added an example inside location.pp, usage it's pretty easy.
- Include the port in the listen directive
- Add an optional $server_name parameter to nginx::resource::vhost so
server_name doesn't have to match the resource's name. This allows
the creation of multiple vhosts with the same server_name that listen
on different ports.
Add a proxy_read_timeout parameter to set the read timeout setting
per-location. The parameter can also be passed when declaring a vhost,
in which case it will apply to the root location.
Try_files is how NGINX files the files to serve particularly in a
fallback mode. Using an array for try_files will interate through
these options in the generated configuration file.
This commit puts the majority of the code provided by this module into
compliance with the published style guide. Also updated Modulefile to
have more sane pre-release values.
