-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
zyegfryed
committed
Feb 23, 2012
0 parents
commit 020b465
Showing
67 changed files
with
5,731 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
class gunicorn( | ||
$ensure=present, | ||
$owner=undef, | ||
$group=undef) { | ||
|
||
$rundir = "/var/run/gunicorn" | ||
$logdir = "/var/log/gunicorn" | ||
$confdir = "/etc/gunicorn" | ||
|
||
if $ensure == "present" { | ||
file { | ||
[$rundir, $confdir]: | ||
ensure => directory, | ||
owner => 'root', | ||
group => 'root'; | ||
$logdir: | ||
ensure => directory, | ||
owner => $owner, | ||
group => $group; | ||
} | ||
|
||
} elsif $ensure == 'absent' { | ||
file { $rundir: | ||
ensure => $ensure, | ||
owner => 'root', | ||
group => 'root', | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
define gunicorn::instance( | ||
$venv, | ||
$src, | ||
$ensure=present, | ||
$wsgi_module="", | ||
$django=false, | ||
$django_settings="", | ||
$version=undef, | ||
$workers=1, | ||
$timeout_seconds=30) { | ||
|
||
File { | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0644', | ||
} | ||
|
||
$is_present = $ensure == "present" | ||
|
||
$rundir = $gunicorn::rundir | ||
$confdir = $gunicorn::confdir | ||
$logdir = $gunicorn::logdir | ||
$owner = $gunicorn::owner | ||
$group = $gunicorn::group | ||
|
||
$proc_name = "gunicorn-${name}" | ||
$conffile = "${confdir}/${name}.conf" | ||
$pidfile = "${rundir}/${name}.pid" | ||
$socket = "unix:${rundir}/${name}.sock" | ||
$logfile = "${logdir}/${name}.log" | ||
|
||
if $wsgi_module == "" and !$django { | ||
fail("If you're not using Django you have to define a WSGI module.") | ||
} | ||
|
||
if $django_settings != "" and !$django { | ||
fail("If you're not using Django you can't define a settings file.") | ||
} | ||
|
||
if $wsgi_module != "" and $django { | ||
fail("If you're using Django you can't define a WSGI module.") | ||
} | ||
|
||
$gunicorn_package = $version ? { | ||
undef => "gunicorn", | ||
default => "gunicorn==${version}", | ||
} | ||
|
||
if $is_present { | ||
python::pip::install { | ||
"$gunicorn_package in $venv": | ||
package => $gunicorn_package, | ||
ensure => $ensure, | ||
venv => $venv, | ||
owner => $python::venv::owner, | ||
group => $python::venv::group, | ||
require => Python::Venv::Isolate[$venv], | ||
before => File[$conffile]; | ||
|
||
# for --name support in gunicorn: | ||
"setproctitle in $venv": | ||
package => "setproctitle", | ||
ensure => $ensure, | ||
venv => $venv, | ||
owner => $python::venv::owner, | ||
group => $python::venv::group, | ||
require => Python::Venv::Isolate[$venv], | ||
before => File[$conffile]; | ||
} | ||
} | ||
|
||
file { $conffile: | ||
ensure => $ensure, | ||
content => template("gunicorn/gunicorn.conf.erb"), | ||
require => File["/etc/logrotate.d/gunicorn-${name}"], | ||
} | ||
|
||
file { "/etc/logrotate.d/gunicorn-${name}": | ||
ensure => $ensure, | ||
content => template("gunicorn/logrotate.erb"), | ||
} | ||
|
||
supervisor::service { $name: | ||
ensure => $ensure, | ||
command => inline_template("<%= venv %>/bin/gunicorn<% if django %>_django<% end %> -c <%= conffile %> <%= django ? django_settings : wsgi_module %> --log-file=<%= logfile %>"), | ||
directory => $src, | ||
stdout_logfile => $logfile, | ||
subscribe => File[$conffile], | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
proc_name = "<%= proc_name %>" | ||
backlog = 2048 | ||
bind = "<%= socket %>" | ||
pidfile = "<%= pidfile %>" | ||
daemon = False | ||
debug = False | ||
user= "<%= owner %>" | ||
group = "<%= group %>" | ||
workers = <%= workers %> | ||
# preload_app = False | ||
timeout = <%= timeout_seconds %> | ||
|
||
def on_starting(server): | ||
import os | ||
run_dir = os.path.dirname('<%= pidfile %>') | ||
if not os.path.isdir(run_dir): | ||
os.mkdir(run_dir) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<%= logfile %> { | ||
weekly | ||
missingok | ||
rotate 520 | ||
compress | ||
delaycompress | ||
notifempty | ||
create 640 <%= owner %> <%= group %> | ||
postrotate | ||
/usr/bin/supervisorctl restart <% name %> | ||
endscript | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
class memcached { | ||
package { | ||
'memcached': | ||
ensure => installed; | ||
'libmemcached-dev': | ||
ensure => installed; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
class mysql::client { | ||
package { | ||
'mysql-client': | ||
ensure => installed; | ||
'libmysqlclient-dev': | ||
ensure => installed; | ||
} | ||
|
||
define create_db($user, $password) { | ||
$options = "-h ${::mysql_host} -P ${::mysql_port} -u${::mysql_username} -p${::mysql_password}" | ||
|
||
exec { "create-db-${name}": | ||
unless => "/usr/bin/mysql $options ${name}", | ||
command => "/usr/bin/mysql $options -e \"CREATE DATABASE IF NOT EXISTS ${name} CHARSET utf8 COLLATE utf8_unicode_ci;\"", | ||
} | ||
|
||
exec { "grant-db-${name}": | ||
unless => "/usr/bin/mysql -h ${::mysql_host} -P ${::mysql_port} -u${user} -p${password} ${name}", | ||
command => "/usr/bin/mysql $options -e \"GRANT ALL ON ${name}.* TO '${user}'@'%' IDENTIFIED BY '$password';UPDATE mysql.user SET Password=PASSWORD('$password') where USER='$user';FLUSH PRIVILEGES;\"", | ||
} | ||
|
||
Package['mysql-client'] -> Exec["create-db-${name}"] -> Exec["grant-db-${name}"] | ||
} | ||
} |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
Copyright (C) 2011 by Eivind Uggedal <eivind@uggedal.com> | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be included in | ||
all copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
THE SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
Puppet Nginx Module | ||
=================== | ||
|
||
Module for configuring Nginx and virtual hosts. | ||
|
||
Tested on Debian GNU/Linux 6.0 Squeeze and Ubuntu 10.4 LTS with | ||
Puppet 2.6. Patches for other operating systems welcome. | ||
|
||
This module can be used to serve both static sites and | ||
proxy to backend application servers while serving static | ||
media through Nginx. | ||
|
||
|
||
Installation | ||
------------ | ||
|
||
Clone this repo to a nginx directory under your Puppet | ||
modules directory: | ||
|
||
git clone git://github.com/uggedal/puppet-module-nginx.git nginx | ||
|
||
If you don't have a Puppet Master you can create a manifest file | ||
based on the notes below and run Puppet in stand-alone mode | ||
providing the module directory you cloned this repo to: | ||
|
||
puppet apply --modulepath=modules test_nginx.pp | ||
|
||
|
||
Usage | ||
----- | ||
|
||
To install and configure Nginx, include the module: | ||
|
||
include nginx | ||
|
||
You can override defaults in the Nginx config by including | ||
the module with this special syntax: | ||
|
||
class { nginx: workers => 4 } | ||
|
||
Setting up virtual hosts is done with the nginx::site resource: | ||
|
||
nginx::site { "home": | ||
domain => "uggedal.com", | ||
aliases => ["www.uggedal.com", "ugg.is"], | ||
default_vhost => true, | ||
root => "/var/www/home", | ||
} | ||
|
||
If you use a static site generator which needs requests to /some-slug | ||
rewritten to the actual /some-slug.html file: | ||
|
||
nginx::site { "journal": | ||
domain => "journal.uggedal.com", | ||
rewrite_missing_html_extension => true, | ||
root => "/var/www/journal", | ||
} | ||
|
||
You can provide IP addresses or unix sockets to backend application | ||
servers which should be proxied to: | ||
|
||
nginx::site { "mediaqueri.es": | ||
domain => "mediaqueri.es", | ||
aliases => ["www.mediaqueri.es"], | ||
root => "/var/www/mediaqueri.es/static", | ||
upstreams => ["unix:/var/run/mediaqueri.es.sock"], | ||
} | ||
|
||
Provide a URL media prefix and media root directory if you have a | ||
media directory of static files which should be served directly by | ||
Nginx and not by your application servers. These files will be | ||
cached indefinitely: | ||
|
||
nginx::site { "mediaqueri.es": | ||
domain => "mediaqueri.es", | ||
aliases => ["www.mediaqueri.es"], | ||
root => "/var/www/mediaqueri.es/static", | ||
mediaroot => "/var/www/mediaqueri.es/mediaqueries/static", | ||
mediaprefix => "/static", | ||
upstreams => ["unix:/var/run/mediaqueri.es.sock"], | ||
} | ||
|
||
If you provide a relative `mediaroot` it will be relative to the | ||
`root` directory: | ||
|
||
nginx::site { "journal": | ||
domain => "journal.uggedal.com", | ||
root => "/var/www/journal", | ||
mediaroot => "files/media", | ||
mediaprefix => "/media", | ||
} | ||
|
||
You can also provide a owner and group which will be the owner of the | ||
virtual host's root directory: | ||
|
||
nginx::site { "journal": | ||
domain => "journal.uggedal.com", | ||
rewrite_missing_html_extension => true, | ||
root => "/var/www/journal", | ||
owner => "www-mgr", | ||
group => "www-mgr", | ||
} | ||
|
||
Enable SSL by using the `ssl` argument and providing the location of a | ||
certificate and key. This will also redirect all HTTP requests to HTTPS: | ||
|
||
nginx::site { "home": | ||
domain => "uggedal.com", | ||
root => "/var/www/home", | ||
ssl => true, | ||
ssl_certificate => "/etc/nginx/cert/uggedal.com.pem", | ||
ssl_certificate_key => "/etc/nginx/cert/uggedal.com.key", | ||
} | ||
|
||
file { | ||
"/etc/nginx/cert/uggedal.com.pem": | ||
content => "..."; | ||
"/etc/nginx/cert/uggedal.com.key": | ||
content => "...", | ||
mode => 600; | ||
} |
Oops, something went wrong.