7e33272f84
more secure Added SSL caching to speed up SSL requests Add server_tokens to the global config so this can be turned on|off between dev and prod Add proxy_set_header to vhost as different vhosts may require different headers and the global setting is not ideal Minor space formatting so that the generated files are fractionally more readable
95 rivejä
2,1 KiB
Puppet
95 rivejä
2,1 KiB
Puppet
# Class: nginx::config
|
|
#
|
|
# This module manages NGINX bootstrap and configuration
|
|
#
|
|
# Parameters:
|
|
#
|
|
# There are no default parameters for this class.
|
|
#
|
|
# Actions:
|
|
#
|
|
# Requires:
|
|
#
|
|
# Sample Usage:
|
|
#
|
|
# This class file is not called directly
|
|
class nginx::config(
|
|
$worker_processes = $nginx::params::nx_worker_processes,
|
|
$worker_connections = $nginx::params::nx_worker_connections,
|
|
$proxy_set_header = $nginx::params::nx_proxy_set_header,
|
|
$confd_purge = $nginx::params::nx_confd_purge,
|
|
$server_tokens = $nginx::params::nx_server_tokens
|
|
) inherits nginx::params {
|
|
File {
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0644',
|
|
}
|
|
|
|
file { "${nginx::params::nx_conf_dir}":
|
|
ensure => directory,
|
|
}
|
|
|
|
file { "${nginx::params::nx_conf_dir}/conf.d":
|
|
ensure => directory,
|
|
}
|
|
if $confd_purge == true {
|
|
File["${nginx::params::nx_conf_dir}/conf.d"] {
|
|
ignore => "vhost_autogen.conf",
|
|
purge => true,
|
|
recurse => true,
|
|
}
|
|
}
|
|
|
|
file { "${nginx::params::nx_conf_dir}/conf.mail.d":
|
|
ensure => directory,
|
|
}
|
|
if $confd_purge == true {
|
|
File["${nginx::params::nx_conf_dir}/conf.mail.d"] {
|
|
ignore => "vhost_autogen.conf",
|
|
purge => true,
|
|
recurse => true,
|
|
}
|
|
}
|
|
|
|
|
|
file { "${nginx::config::nx_run_dir}":
|
|
ensure => directory,
|
|
}
|
|
|
|
file { "${nginx::config::nx_client_body_temp_path}":
|
|
ensure => directory,
|
|
owner => $nginx::params::nx_daemon_user,
|
|
}
|
|
|
|
file {"${nginx::config::nx_proxy_temp_path}":
|
|
ensure => directory,
|
|
owner => $nginx::params::nx_daemon_user,
|
|
}
|
|
|
|
file { '/etc/nginx/sites-enabled/default':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { "${nginx::params::nx_conf_dir}/nginx.conf":
|
|
ensure => file,
|
|
content => template('nginx/conf.d/nginx.conf.erb'),
|
|
}
|
|
|
|
file { "${nginx::params::nx_conf_dir}/conf.d/proxy.conf":
|
|
ensure => file,
|
|
content => template('nginx/conf.d/proxy.conf.erb'),
|
|
}
|
|
|
|
file { "${nginx::config::nx_temp_dir}/nginx.d":
|
|
ensure => directory,
|
|
purge => true,
|
|
recurse => true,
|
|
}
|
|
|
|
file { "${nginx::config::nx_temp_dir}/nginx.mail.d":
|
|
ensure => directory,
|
|
purge => true,
|
|
recurse => true,
|
|
}
|
|
}
|