The first issue was that Exec[apt_get_update_for_nginx] resource is only
needed if $manage_repo == true, so it was put inside the corresponding
if block.
But even inside the if-block, Exec[apt_get_update_for_nginx] could fail
when $package_source has an invalid value and no Apt::Source[nginx] is
defined, so the respective Apt::Source[nginx], if defined, will now notify
Exec[apt_get_update_for_nginx] and Exec[apt_get_update_for_nginx] will
no longer subscribe to Apt::Source[nginx].
It would probably make sense to add a call to fail() in the default case
of $package_source.
This is just the first step of fixing up the repo stuff and allowing
the module to take in a package_name, but this helps replace the
execs{} with puppetlabs-apt.
Tested on: Debian 7, Ubuntu 12.04.
trickle through to the package classes. I've avoided making them
into paramaterized classes and we just refer directly back to the main
nginx namespace to get the variable. Makes for a cleaner looking
module!
There were some bugs in the existing $::operatingsystem based approach.
* amazon was it's own package set when it's properly part of $::osfamily ==
'redhat' as of facter >= 1.7.2
* gentoo was improperly part of the amazon package set; this patch removes
support for gentoo but it was broken anyways
modifications to nginx:📦:redhat were made as well
* it no longer tries to setup the nginx.org yumrepo for fedora as no packages
for fedora are currently provided
* amazon release numbers are inconsistent with EL. Unknown
$::lsbmajdistrelease values are now mapped to 6 so it's no longer nessicary to
test for $::lsbmajdistrelease being undefined. This logic will need to be
reworked after RHEL7.x is released.
* the url to the nginx repo was including $::operatingsystem in it but
nginx.org only has package dirs for 'rhel' & 'centos' which are presently
identical; the usage of the 'rhel' dir has been hardcoded. This fixes broken
yum repo setup for all $::osfamily == 'redhat' platforms other than redhat and
centos.
It is bad practice to use 644 on a private key so we
have migrated the key mode to 0400. The cert is already
avaliable publicly through nginx so we have allowed it
0444.
Nothing should need to write either the cert of the key
after puppet has run, so we have denied any writing.
I get the above error message. It is easily fixed by removing the `ensure` inside `ensure_resource`, since `ensure_resource` should already be setting `$ensure` to `file`.
* Options location_cfg_append and location_cfg_prepend added to fastcgi template
* Option www_root is optional now
* Options logging fixed in http template
* Auth_basic fixed in SSL vhost header
If $ipv6_enable is true ypu sshould warn the user only if the machine _doesn't have_ an ip address.
At the moment the warning is raised when ipv6 is configured properly
Added ssl_ciphers and ssl_protocols as params which default to values as proposed on nginx.org.
If SSL vhost then ssl is added to listen directive as proposed on nginx.org.
more secure
Added SSL caching to speed up SSL requests
Add server_tokens to the global config so this can be turned on|off
between dev and prod
Add proxy_set_header to vhost as different vhosts may require different
headers and the global setting is not ideal
Minor space formatting so that the generated files are fractionally
more readable
This is the best way I found to tackle the problem of custom directives, trying to
avoid common usage of module involve hacking the module/template to be able place
custom directives.
Right now support was added only for location context (default and custom ones),
it expects a hash with key value and it's supported on all current location types.
Added an example inside location.pp, usage it's pretty easy.
Argument configtest_enable / params.pp $nx_configtest_enable
* Default false
* If true will set service[nginx] restart with contents of nx_service_restart.
Argument service_restart / params.pp $nx_service_restart
* Default '/etc/init.d/nginx configtest && /etc/init.d/nginx restart'
* Since nginx 0.7.53 nginx supports '-s HUP' which will reload testing configuration first, to be backwards compatible above default was choosen.
Many distributions of nginx already implement a configtest before restart, however many doesn't, and many
even don't provide restart but a stop/start combination. If configtest_enable is true then puppet will force
nginx to do a configtest no matter if it was going or not to do it itself.
Added confd_purge option to tell it to purge files non managed by pupet in conf.d, default is false.
Because vhost_autogen it's not actually managed by puppet but indirectly created by a puppet executed
command, it's added as ignore to avoid getting it removed.
Better formating for confd purge support
Better formating for confd purge support
Defaults are set inside params, nginx class will set default and send it from local var to nginx::config,
so even when there is no need for set default values on nginx::config, in case someone already using
this module it's for some reason calling directly nginx::config, to avoid breaking anything defaults are
set inside nginx::config too.
Description:
When running first time from scratch, if class was included without any setup at all
and with sane defaults, in debian squeeze generates an error when trying to collect
non existant vhosts, because cat complains that can not expand * because there are no
files.
Changed:
Added unless to check that at least there is a file in nginx.d by testing it can expand.
- Include the port in the listen directive
- Add an optional $server_name parameter to nginx::resource::vhost so
server_name doesn't have to match the resource's name. This allows
the creation of multiple vhosts with the same server_name that listen
on different ports.
Add a proxy_read_timeout parameter to set the read timeout setting
per-location. The parameter can also be passed when declaring a vhost,
in which case it will apply to the root location.
Try_files is how NGINX files the files to serve particularly in a
fallback mode. Using an array for try_files will interate through
these options in the generated configuration file.
This change uses the anchor relationship from the puppetlabs-stdlib
module to contain all of the module classes within the main "ntp" class.
Without this change, end users of the module may have difficulty
ordering things correctly since they will have to peek inside the module
and figure out it's internal workings to identify all classes that
require relationship edges.
This commit puts the majority of the code provided by this module into
compliance with the published style guide. Also updated Modulefile to
have more sane pre-release values.
Without this change, the end user of the module may run into issues
establishing relationships to the composite class (the main nginx class)
For example, the user may declare this relationship expecting
nginx to be managed after the yum repositories have been configured:
node default {
class { 'site::yumconfig': }
-> class { 'nginx': }
}
However, all of the resources exist in implementation classes, which
do not have a transitive relationship declared to the nginx class.
Without this change, Puppet may very well manage Class['nginx::config']
before Class['site::yumconfig'] even though the user clearly indicated
this should not be the case.
Updated nginx:📦:suse PuppetDoc header information to accurately
reflect the requirement for all packages as defined within the RPM spec for
SuSE and OpenSUSE
