opuppet/module-nginx
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
647 commits 2 branches 0 tags 1.4 MiB
Commit graph

54 commits

Author SHA1 Message Date
Steffen Zieger
7b80b1a3c6 make ssl listen option configurable 2014-06-02 00:23:07 +02:00
Tim Mower
9d1e2e8806 Add client_max_body_size to ssl vhost 2014-05-27 11:38:32 +01:00
Paul de Raaij
1fbfe531b7 Add configuring multiple resolvers via an array instead of a string 2014-04-03 11:59:47 +02:00
eSe
0ade406a89 Remove Arrays as keys in templates 2014-03-11 17:24:30 +01:00
eSe
3ef66c6f63 Fix formatting errors 2014-03-10 10:26:35 +01:00
Daniel Black
4f8096c52c Extend hash based host_cfg_{ssl_,}{prepend,append} to vhost_{ssl_,}{header,footer}. fix vhost_location_alias/vhost_location_directory. Add {location_custom_cfg_prepend,append} to vhost_location_fastcgi, vhost_location_proxy and vhost_location_stub_status. 2014-03-08 12:16:07 +11:00
Daniel Black
04e34dce39 Key value parameter maps to take array as value 
Allow arrays to be specified as values in location_cfg_{prepend,append} and
vhost_cfg_{ssl_,}{prepend,append} parameters.
 2014-03-07 23:53:32 +11:00
cdenneen
4f8c71a5b6 Update vhost_ssl_header.erb 
Add vhost_cfg_prepend to vhost_ssl_header
Add vhost_cfg_ssl_prepend to vhost_ssl_header
 2014-02-07 18:36:30 -05:00
Tristan Helmich
15a2695442 Move ipv6only=on option from template into puppet 
See jfryman#30
 2014-02-03 12:54:44 +01:00
James Fryman
64c055ce38 revert #218 /cc https://github.com/jfryman/puppet-nginx/pull/218#issuecomment-31458745 2014-01-02 09:49:58 -06:00
Andreyev Dias de Melo
44cf3d4b2b Separating the options to avoid invalid one like "ssldefault" 2014-01-02 11:10:52 -02:00
Harry Danes
1d90dacfb3 Merge commit '96475098ebd4fba7dd951efcee1c6ee38b2935a9' into ssl_dhparam 
Conflicts:
	manifests/resource/vhost.pp
 2013-12-30 18:33:53 +01:00
James Fryman
96475098eb Merge pull request #214 from hdanes/master 
Fix warning: Variable access via 'index_files' is deprecated.
 2013-12-30 09:14:35 -08:00
Harry Danes
334ebde9b6 Fix warning: Variable access via 'index_files' is deprecated. Use '@index_files' instead. 2013-12-29 16:13:17 +01:00
Harry Danes
d0c3168592 Implementation of the resolver parameter. 2013-12-29 15:48:32 +01:00
Harry Danes
1aff2eabcb Implementation for the ssl_stapling_* parameters. 2013-12-29 15:39:21 +01:00
Harry Danes
3db6a726cb Add support for Diffie-Hellman parameters in VHOST resource. 2013-12-27 09:10:11 +01:00
Lebedev Vadim
611c80f75e Fixed the ability to disable the index_files 2013-12-25 04:13:22 +04:00
James Fryman
7d1540b3bb Merge pull request #208 from hdanes/add_header 
Add the possibility to add a header to the HTTP response
 2013-12-24 10:50:29 -08:00
Harry Danes
fcf11a8b18 Add the possibility to add a header to the HTTP response when response code is equal to 200, 204, 301, 302 or 304. 2013-12-24 13:07:58 +01:00
James Fryman
ee70673935 Merge pull request #204 from openquery/index_files_to_serverlevel 
index_files to be defined at server level if specified in resource::vhost
 2013-12-19 06:59:43 -08:00
Daniel Black
f338f304c5 Force index_files to Array before iteration in templates 2013-12-19 15:51:59 +10:00
James Fryman
5fa314114d Merge pull request #202 from openquery/vhost_ssl_normalisation 
Add proxy_set_header to vhost_ssl_header to be the same as vhost_header
 2013-12-18 21:27:06 -08:00
Daniel Black
520eb23ffd index_files to be defined at server level if specified in resource::vhost 
This partially avoids pitfall #2 (http://wiki.nginx.org/Pitfalls)
 2013-12-19 09:07:56 +10:00
Daniel Black
b7132bc10a ipv6 port to ssl_port with ssl and spdy (if enabled) options. Closes gh-198 2013-12-19 08:54:03 +10:00
Daniel Black
f26943540a Add proxy_set_header to vhost_ssl_header to be the same as vhost_header 2013-12-19 08:47:49 +10:00
Matthew Haughton
99e9d82f12 accept boolean for ipv6_enable as documented 2013-11-21 23:18:04 -05:00
Matthew Haughton
4af2087867 fix spacing issues in various templates 
Before this change, vhost_ssl_header would merge
"ssl" with any listen options, e.g.:
    listen       *:443 ssldefault;
when listen_options => 'default'.
 2013-11-21 23:04:39 -05:00
Matthew Haughton
3024f2927d fix IPv6 address fact detection 2013-11-21 22:32:23 -05:00
Tomas Barton
82ce9223a9 possibility to disable default location 2013-09-29 20:53:25 +02:00
Tomas Barton
2cc0a2fcf0 support ssl_cache and for passenger cgi params 2013-09-29 20:36:19 +02:00
Lebedev Vadim
15519e7eef Merge branch 'master' of https://github.com/jfryman/puppet-nginx into dev 
Conflicts:
	manifests/package/redhat.pp
	templates/vhost/vhost_footer.erb
	templates/vhost/vhost_header.erb
 2013-08-23 01:07:53 +04:00
James Fryman
e1aa65d20c Manual merge of https://github.com/jfryman/puppet-nginx/pull/100 2013-08-22 15:44:25 -05:00
Todd Eddy
c6cd476c82 Add custom logs to ssl vhosts as well. 2013-08-07 09:59:44 -04:00
Lebedev Vadim
49b5b79b76 * Option fastcgi_script fixed 
* Options location_cfg_append and location_cfg_prepend added to fastcgi template
* Option www_root is optional now
* Options logging fixed in http template
* Auth_basic fixed in SSL vhost header
 2013-08-01 01:07:59 +04:00
Arthur Leonard Andersen
0191a2fe28 Fix deprecated variable names 2013-07-17 20:42:57 +02:00
Lebedev Vadim
413271f84d * Fixed log name in template vhost_ssl_header 
* Better formatting for vhost_autogen.conf
 2013-07-08 18:58:05 +04:00
Igor Ajdisek
8f49ffa775 vhosts_ssl_header.erb was missing access_log and error_log directives 2013-06-28 10:12:01 +02:00
Igor Ajdisek
e0e5757b55 Made SPDY a toggle param. 
Added ssl_ciphers and ssl_protocols as params which default to values as proposed on nginx.org.
If SSL vhost then ssl is added to listen directive as proposed on nginx.org.
 2013-06-27 15:42:38 +02:00
Lebedev Vadim
d7cdd68c63 Merge branch 'master' of https://github.com/jfryman/puppet-nginx 2013-05-21 17:15:59 +04:00
Lebedev Vadim
8d33fd63f1 Merge branch 'master' of https://github.com/jfryman/puppet-nginx 
Conflicts:
	manifests/config.pp
	manifests/init.pp
	manifests/params.pp
	manifests/resource/location.pp
	manifests/resource/vhost.pp
	manifests/service.pp
	templates/vhost/vhost_footer.erb
	templates/vhost/vhost_header.erb
	templates/vhost/vhost_location_directory.erb
	templates/vhost/vhost_location_proxy.erb
	templates/vhost/vhost_ssl_header.erb
	tests/vhost.pp
 2013-05-21 16:30:21 +04:00
Lebedev Vadim
4f0c311901 * Fixed listen parameter in template vhost_ssl_header 
* Added auth basic support
* Added vhost_cfg_append parameter to `nginx::resource::vhost`
 2013-05-20 18:30:32 +04:00
David Kitchen
6391c08543 Fixed ssl_stapling instruction 2013-04-25 10:54:18 +01:00
David Kitchen
9c93234c27 Added OCSP SSL stapling to reduce SSL handshake by 30% by sparing the revocation list if the certificate includes the intermediate layer to identify the trusted source 2013-04-25 10:48:04 +01:00
David Kitchen
5af32bc82a Added back RC4 to mitigate BEAST attacks 2013-04-25 10:43:21 +01:00
David Kitchen
9cb898f40d Added support for SPDY now that nginx 1.4 has arrived 2013-04-24 22:45:56 +01:00
David Kitchen
7e33272f84 Changed SSL ciphers to the recent default for Nginx which is much 
more secure
Added SSL caching to speed up SSL requests
Add server_tokens to the global config so this can be turned on|off
    between dev and prod
Add proxy_set_header to vhost as different vhosts may require different
    headers and the global setting is not ideal
Minor space formatting so that the generated files are fractionally
    more readable
 2013-04-24 09:42:06 +01:00
Lebedev Vadim
9672b7d345 * Get ssl key/cert with provided file-locations 
* Parameter index has now become optional
* Fix typos
 2013-04-16 20:12:32 +04:00
Hunter Haugen
e419006b74 Add try_files option 
Nginx supports a  option via http://wiki.nginx.org/HttpCoreModule#try_files and this adds this as a parameter
 2012-11-08 14:15:28 -08:00
Hunter Haugen
b65114d327 Fixup incorrect changes from merge 2012-11-08 14:07:16 -08:00