add additional chef_serverp roxy configurable attributes

for api and webui specific server_name for api and webui specific proxy port for api and webui specific server_aliases
chef-boneyard · Feb 2, 2012 · fa9b442 · fa9b442
1 parent 76f116a
commit fa9b442
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 13 deletions.
diff --git a/chef-server/attributes/server_proxy.rb b/chef-server/attributes/server_proxy.rb
@@ -22,10 +22,19 @@
 
 default['chef_server']['doc_root'] = "#{node['languages']['ruby']['gems_dir']}/gems/chef-server-webui-#{node['chef_packages']['chef']['version']}/public"
 default['chef_server']['ssl_req']  = "/C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=chef-server-proxy/emailAddress=root@localhost"
-default['chef_server']['proxy']['css_expire_hours'] = "120"
-default['chef_server']['proxy']['js_expire_hours']  = "24"
-default['chef_server']['proxy']['server_name']      = "localhost"
-default['chef_server']['proxy']['aliases']          = [ 
+default['chef_server']['proxy']['css_expire_hours']  = "120"
+default['chef_server']['proxy']['js_expire_hours']   = "24"
+default['chef_server']['proxy']['api_server_name']   = "localhost"
+default['chef_server']['proxy']['api_port']          = 443
+default['chef_server']['proxy']['api_aliases']       = [ 
+  node['hostname'], 
+  node['fqdn'], 
+  'chef-server-proxy', 
+  "chef.#{node['domain']}" 
+]
+default['chef_server']['proxy']['webui_server_name'] = "localhost"
+default['chef_server']['proxy']['webui_port']        = 444
+default['chef_server']['proxy']['webui_aliases']     = [ 
   node['hostname'], 
   node['fqdn'], 
   'chef-server-proxy', 

diff --git a/chef-server/recipes/nginx-proxy.rb b/chef-server/recipes/nginx-proxy.rb
@@ -49,8 +49,12 @@
   mode "0644"
   notifies :restart, "service[nginx]"
   variables(
-    :server_name => node['chef_server']['proxy']['server_name'],
-    :aliases => node['chef_server']['proxy']['aliases']
+    :api_server_name => node['chef_server']['proxy']['api_server_name'],
+    :api_aliases => node['chef_server']['proxy']['api_aliases'],
+    :api_port => node['chef_server']['proxy']['api_port'],
+    :webui_server_name => node['chef_server']['proxy']['webui_server_name'],
+    :webui_aliases => node['chef_server']['proxy']['webui_aliases'],
+    :webui_port => node['chef_server']['proxy']['webui_port']
   )
 end
 

diff --git a/chef-server/templates/default/chef_server.nginx.conf.erb b/chef-server/templates/default/chef_server.nginx.conf.erb
@@ -7,10 +7,10 @@ upstream chef_server_webui {
 }
 
 server {
-  listen 443 ssl;
+  listen <%= @api_port %> ssl;
   ssl_certificate /etc/chef/certificates/chef-server-proxy.pem;
   ssl_certificate_key /etc/chef/certificates/chef-server-proxy.pem;
-  server_name <%= @server_name %>;
+  server_name <%= @api_server_name %>;
   access_log <%= node[:nginx][:log_dir] %>/chef-server.access.log;
   error_log <%= node[:nginx][:log_dir] %>/chef-server.error.log warn;
 
@@ -28,22 +28,22 @@ server {
   }
 }
 
-<% if @aliases && @aliases.length > 0 %>
+<% if @api_aliases && @api_aliases.length > 0 %>
 server {
-  server_name <%= @aliases.join(' ') %>;
+  server_name <%= @api_aliases.join(' ') %>;
   access_log <%= node[:nginx][:log_dir] %>/chef-server.access.log;
   error_log <%= node[:nginx][:log_dir] %>/chef-server.error.log warn;
 
-  rewrite ^(.+)$ https://<%= @server_name %>$1 permanent;
+  rewrite ^(.+)$ https://<%= @api_server_name %>$1 permanent;
 }
 
 <% end %>
 <% if node['chef_server']['webui_enabled'] -%>
 server {
-  listen 444 ssl;
+  listen <%= @webui_port %> ssl;
   ssl_certificate /etc/chef/certificates/chef-server-proxy.pem;
   ssl_certificate_key /etc/chef/certificates/chef-server-proxy.pem;
-  server_name <%= @server_name %>;
+  server_name <%= @webui_server_name %>;
   access_log <%= node[:nginx][:log_dir] %>/chef-server.access.log;
   error_log <%= node[:nginx][:log_dir] %>/chef-server.error.log warn;