Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'master' of github.com:stephanpoetschner/deployment

  • Loading branch information...
commit 0a840ac7a141b292eb51332404b5a97365b758f4 2 parents 4e23164 + 2e16d89
@ashwoods ashwoods authored
Showing with 818 additions and 2 deletions.
  1. +1 −1  Vagrantfile
  2. +3 −0  puppet/nginx/.gitignore
  3. +53 −0 puppet/nginx/ChangeLog
  4. +11 −0 puppet/nginx/LICENSE
  5. +10 −0 puppet/nginx/Modulefile
  6. 0  puppet/nginx/README
  7. +48 −0 puppet/nginx/README.markdown
  8. +64 −0 puppet/nginx/manifests/config.pp
  9. +59 −0 puppet/nginx/manifests/init.pp
  10. +40 −0 puppet/nginx/manifests/package.pp
  11. +23 −0 puppet/nginx/manifests/package/debian.pp
  12. +21 −0 puppet/nginx/manifests/package/redhat.pp
  13. +29 −0 puppet/nginx/manifests/package/suse.pp
  14. +58 −0 puppet/nginx/manifests/params.pp
  15. +83 −0 puppet/nginx/manifests/resource/location.pp
  16. +40 −0 puppet/nginx/manifests/resource/upstream.pp
  17. +121 −0 puppet/nginx/manifests/resource/vhost.pp
  18. +29 −0 puppet/nginx/manifests/service.pp
  19. +33 −0 puppet/nginx/templates/conf.d/nginx.conf.erb
  20. +10 −0 puppet/nginx/templates/conf.d/proxy.conf.erb
  21. +5 −0 puppet/nginx/templates/conf.d/upstream.erb
  22. +1 −0  puppet/nginx/templates/vhost/vhost_footer.erb
  23. +6 −0 puppet/nginx/templates/vhost/vhost_header.erb
  24. 0  puppet/nginx/templates/vhost/vhost_location_alias.erb
  25. +4 −0 puppet/nginx/templates/vhost/vhost_location_directory.erb
  26. +5 −0 puppet/nginx/templates/vhost/vhost_location_proxy.erb
  27. +14 −0 puppet/nginx/templates/vhost/vhost_ssl_header.erb
  28. +9 −0 puppet/nginx/tests/init.pp
  29. +10 −0 puppet/nginx/tests/upstream.pp
  30. +8 −0 puppet/nginx/tests/vhost.pp
  31. +17 −0 puppet/nginx/tests/vhost_ssl.erb
  32. +3 −1 puppet/nodes.pp
View
2  Vagrantfile
@@ -22,7 +22,7 @@ Vagrant::Config.run do |config|
# Forward a port from the guest to the host, which allows for outside
# computers to access the VM, whereas host only networking does not.
config.vm.forward_port 8000, 8000 #dev server
- config.vm.forward_port 6379, 6379 #redis
+ #config.vm.forward_port 6379, 6379 #redis
config.vm.forward_port 80, 8080 #nginx
config.vm.forward_port 5432, 15432 #postgres
View
3  puppet/nginx/.gitignore
@@ -0,0 +1,3 @@
+files/server_test.crt
+files/server_test.pem
+pkg/
View
53 puppet/nginx/ChangeLog
@@ -0,0 +1,53 @@
+2011-06-06 James Fryman <james@frymanet.com>
+
+ * Modulefile, README, files/README.markdown, lib/facter/README.markdown,
+ lib/puppet/parser/functions/README.markdown,
+ lib/puppet/provider/README.markdown, lib/puppet/type/README.markdown,
+ manifests/README.markdown, templates/README.markdown, tests/upstream.pp,
+ tests/vhost.pp, tests/vhost_ssl.erb: Updated Documentation
+
+ * ChangeLog: Updated Changelog
+
+ * lib/facter/ipv6.rb, manifests/config.pp, manifests/init.pp,
+ manifests/package.pp, manifests/package/suse.pp, manifests/params.pp,
+ manifests/resource/location.pp, manifests/resource/upstream.pp,
+ manifests/resource/vhost.pp, manifests/service.pp, manifests/vhost.pp,
+ templates/conf.d/nginx.conf.erb, templates/conf.d/proxy.conf.erb,
+ templates/conf.d/upstream.erb, templates/nginx.conf.erb, templates/vhost.erb,
+ templates/vhost/vhost_footer.erb, templates/vhost/vhost_header.erb,
+ templates/vhost/vhost_location_directory.erb,
+ templates/vhost/vhost_location_proxy.erb,
+ templates/vhost/vhost_ssl_header.erb: Added SuSE Support
+
+ * README, manifests/init.pp, manifests/package.pp,
+ manifests/package/debian.pp, manifests/package/redhat.pp, manifests/vhost.pp,
+ templates/vhost.erb: Updated Package Layout
+
+ * lib/facter/ipv6.rb: Added IPV6 Fact Check for Linux distros
+
+2011-06-02 James Fryman <james@frymanet.com>
+
+ * .gitignore, ChangeLog, Modulefile,
+ files/centos/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL, manifests/config.pp,
+ manifests/init.pp, manifests/install.pp, manifests/package.pp,
+ manifests/params.pp, manifests/service.pp, manifests/vhost.pp, metadata.json,
+ templates/nginx.conf.erb, templates/vhost.erb, templates/vhost.pp: Added
+ vhost support
+
+2011-05-24 James Fryman <james@frymanet.com>
+
+ * LICENSE, Modulefile, README, files/README.markdown,
+ files/centos/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL, lib/facter/README.markdown,
+ lib/puppet/parser/functions/README.markdown,
+ lib/puppet/provider/README.markdown, lib/puppet/type/README.markdown,
+ manifests/README.markdown, manifests/config.pp, manifests/init.pp,
+ manifests/install.pp, manifests/params.pp, manifests/service.pp,
+ manifests/vhost.pp, metadata.json, spec/README.markdown, spec/spec.opts,
+ spec/spec_helper.rb, spec/unit/puppet/provider/README.markdown,
+ spec/unit/puppet/type/README.markdown, templates/README.markdown,
+ templates/nginx.conf.erb, templates/vhost.pp, tests/init.pp, tests/vhost.pp:
+ 20110524 Work Snapshot
+
+2011-05-23 James Fryman <james@frymanet.com>
+
+ * : Initial Repository Initilization
View
11 puppet/nginx/LICENSE
@@ -0,0 +1,11 @@
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
View
10 puppet/nginx/Modulefile
@@ -0,0 +1,10 @@
+name 'puppetlabs-nginx'
+version '0.0.1'
+source 'http://github.com/puppetlabs/puppetlabs-nginx'
+author 'puppetlabs'
+license 'Apache License Version 2.0'
+summary 'Puppet NGINX management module'
+description 'This module can be used for basic NGINX Management'
+project_page 'http://github.com/puppetlabs/puppetlabs-nginx'
+
+dependency 'puppetlabs/stdlib', '>= 0.1.6'
View
0  puppet/nginx/README
No changes.
View
48 puppet/nginx/README.markdown
@@ -0,0 +1,48 @@
+# NGINX Module
+
+James Fryman <jamison@puppetlabs.com>
+
+This module manages NGINX from within Puppet.
+
+# Quick Start
+
+Install and bootstrap an NGINX instance
+
+<pre>
+ node default {
+ class { 'nginx': }
+ }
+</pre>
+
+Setup a new virtual host
+
+<pre>
+ node default {
+ class { 'mcollective': }
+ nginx::resource::vhost { 'www.puppetlabs.com':
+ ensure => present,
+ www_root => '/var/www/www.puppetlabs.com',
+ }
+ }
+</pre>
+
+Add a Proxy Server(s)
+
+<pre>
+ node default {
+ class { 'mcollective': }
+ nginx::resource::upstream { 'puppet_rack_app':
+ ensure => present,
+ members => [
+ 'localhost:3000',
+ 'localhost:3001',
+ 'localhost:3002',
+ ],
+ }
+
+ nginx::resource::vhost { 'rack.puppetlabs.com':
+ ensure => present,
+ proxy => 'http://puppet_rack_app',
+ }
+ }
+</pre>
View
64 puppet/nginx/manifests/config.pp
@@ -0,0 +1,64 @@
+# Class: nginx::config
+#
+# This module manages NGINX bootstrap and configuration
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::config inherits nginx::params {
+ File {
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ }
+
+ file { "${nginx::params::nx_conf_dir}":
+ ensure => directory,
+ }
+
+ file { "${nginx::params::nx_conf_dir}/conf.d":
+ ensure => directory,
+ }
+
+ file { "${nginx::config::nx_run_dir}":
+ ensure => directory,
+ }
+
+ file { "${nginx::config::nx_client_body_temp_path}":
+ ensure => directory,
+ owner => $nginx::params::nx_daemon_user,
+ }
+
+ file {"${nginx::config::nx_proxy_temp_path}":
+ ensure => directory,
+ owner => $nginx::params::nx_daemon_user,
+ }
+
+ file { '/etc/nginx/sites-enabled/default':
+ ensure => absent,
+ }
+
+ file { "${nginx::params::nx_conf_dir}/nginx.conf":
+ ensure => file,
+ content => template('nginx/conf.d/nginx.conf.erb'),
+ }
+
+ file { "${nginx::params::nx_conf_dir}/conf.d/proxy.conf":
+ ensure => file,
+ content => template('nginx/conf.d/proxy.conf.erb'),
+ }
+
+ file { "${nginx::config::nx_temp_dir}/nginx.d":
+ ensure => directory,
+ purge => true,
+ recurse => true,
+ }
+}
View
59 puppet/nginx/manifests/init.pp
@@ -0,0 +1,59 @@
+# Class: nginx
+#
+# This module manages NGINX.
+#
+# Parameters:
+#
+# There are no default parameters for this class. All module parameters are managed
+# via the nginx::params class
+#
+# Actions:
+#
+# Requires:
+# puppetlabs-stdlib - https://github.com/puppetlabs/puppetlabs-stdlib
+#
+# Packaged NGINX
+# - RHEL: EPEL or custom package
+# - Debian/Ubuntu: Default Install or custom package
+# - SuSE: Default Install or custom package
+#
+# stdlib
+# - puppetlabs-stdlib module >= 0.1.6
+# - plugin sync enabled to obtain the anchor type
+#
+# Sample Usage:
+#
+# The module works with sensible defaults:
+#
+# node default {
+# include nginx
+# }
+class nginx {
+
+
+ if !defined(Class['stdlib']) {
+ class { 'stdlib': }
+ }
+
+ class { 'nginx::package':
+ notify => Class['nginx::service'],
+ }
+
+ class { 'nginx::config':
+ require => Class['nginx::package'],
+ notify => Class['nginx::service'],
+ }
+
+ class { 'nginx::service': }
+
+ # Allow the end user to establish relationships to the "main" class
+ # and preserve the relationship to the implementation classes through
+ # a transitive relationship to the composite class.
+ anchor{ 'nginx::begin':
+ before => Class['nginx::package'],
+ notify => Class['nginx::service'],
+ }
+ anchor { 'nginx::end':
+ require => Class['nginx::service'],
+ }
+}
View
40 puppet/nginx/manifests/package.pp
@@ -0,0 +1,40 @@
+# Class: nginx::package
+#
+# This module manages NGINX package installation
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::package {
+ anchor { 'nginx::package::begin': }
+ anchor { 'nginx::package::end': }
+
+ case $::operatingsystem {
+ centos,fedora,rhel: {
+ class { 'nginx::package::redhat':
+ require => Anchor['nginx::package::begin'],
+ before => Anchor['nginx::package::end'],
+ }
+ }
+ debian,ubuntu: {
+ class { 'nginx::package::debian':
+ require => Anchor['nginx::package::begin'],
+ before => Anchor['nginx::package::end'],
+ }
+ }
+ opensuse,suse: {
+ class { 'nginx::package::suse':
+ require => Anchor['nginx::package::begin'],
+ before => Anchor['nginx::package::end'],
+ }
+ }
+ }
+}
View
23 puppet/nginx/manifests/package/debian.pp
@@ -0,0 +1,23 @@
+# Class: nginx::package::debian
+#
+# This module manages NGINX package installation on debian based systems
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::package::debian {
+
+ if !defined(Package['nginx']) {
+ package { 'nginx':
+ ensure => present,
+ }
+ }
+}
View
21 puppet/nginx/manifests/package/redhat.pp
@@ -0,0 +1,21 @@
+# Class: nginx::package::redhat
+#
+# This module manages NGINX package installation on RedHat based systems
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::package::redhat {
+ $redhat_packages = ['nginx', 'GeoIP', 'gd', 'libXpm', 'libxslt']
+ package { $redhat_packages:
+ ensure => present,
+ }
+}
View
29 puppet/nginx/manifests/package/suse.pp
@@ -0,0 +1,29 @@
+# Class: nginx::package::suse
+#
+# This module manages NGINX package installation for SuSE based systems
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+# This module contains all of the required package for SuSE. Apache and all
+# other packages listed below are built into the packaged RPM spec for
+# SuSE and OpenSuSE.
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::package::suse {
+ $suse_packages = [
+ 'nginx-0.8', 'apache2', 'apache2-itk', 'apache2-utils', 'gd', 'libapr1',
+ 'libapr-util1', 'libjpeg62', 'libpng14-14', 'libxslt', 'rubygem-daemon_controller',
+ 'rubygem-fastthread', 'rubygem-file-tail', 'rubygem-passenger',
+ 'rubygem-passenger-nginx', 'rubygem-rack', 'rubygem-rake', 'rubygem-spruz',
+ ]
+
+ package { $suse_packages:
+ ensure => present,
+ }
+}
View
58 puppet/nginx/manifests/params.pp
@@ -0,0 +1,58 @@
+# Class: nginx::params
+#
+# This module manages NGINX paramaters
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::params (
+ $nx_temp_dir = '/tmp',
+ $nx_run_dir = '/var/nginx',
+
+ $nx_conf_dir = '/etc/nginx',
+ $nx_worker_processes = 1,
+ $nx_worker_connections = 1024,
+ $nx_multi_accept = off,
+ $nx_sendfile = on,
+ $nx_keepalive_timeout = 65,
+ $nx_tcp_nodelay = on,
+ $nx_gzip = on,
+
+ $nx_proxy_redirect = off,
+ $nx_proxy_set_header = [
+ 'Host $host', 'X-Real-IP $remote_addr',
+ 'X-Forwarded-For $proxy_add_x_forwarded_for',
+ ],
+
+ $nx_client_body_temp_path = "${nx_run_dir}/client_body_temp",
+ $nx_client_body_buffer_size = '128k',
+ $nx_client_max_body_size = '10m',
+ $nx_proxy_temp_path = "${nx_run_dir}/proxy_temp",
+ $nx_proxy_connect_timeout = '90',
+ $nx_proxy_send_timeout = '90',
+ $nx_proxy_read_timeout = '90',
+ $nx_proxy_buffers = '32 4k'
+
+ ) {
+
+ $nx_logdir = $::kernel ? {
+ /(?i-mx:linux)/ => '/var/log/nginx',
+ }
+
+ $nx_pid = $::kernel ? {
+ /(?i-mx:linux)/ => '/var/run/nginx.pid',
+ }
+
+ $nx_daemon_user = $::operatingsystem ? {
+ /(?i-mx:debian|ubuntu)/ => 'www-data',
+ /(?i-mx:fedora|rhel|centos|suse|opensuse)/ => 'nginx',
+ }
+}
View
83 puppet/nginx/manifests/resource/location.pp
@@ -0,0 +1,83 @@
+# define: nginx::resource::location
+#
+# This definition creates a new location entry within a virtual host
+#
+# Parameters:
+# [*ensure*] - Enables or disables the specified location (present|absent)
+# [*vhost*] - Defines the default vHost for this location entry to include with
+# [*location*] - Specifies the URI associated with this location entry
+# [*www_root*] - Specifies the location on disk for files to be read from. Cannot be set in conjunction with $proxy
+# [*index_files*] - Default index files for NGINX to read when traversing a directory
+# [*proxy*] - Proxy server(s) for a location to connect to. Accepts a single value, can be used in conjunction
+# with nginx::resource::upstream
+# [*proxy_read_timeout*] - Override the default the proxy read timeout value of 90 seconds
+# [*ssl*] - Indicates whether to setup SSL bindings for this location.
+# [*option*] - Reserved for future use
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+# nginx::resource::location { 'test2.local-bob':
+# ensure => present,
+# www_root => '/var/www/bob',
+# location => '/bob',
+# vhost => 'test2.local',
+# }
+define nginx::resource::location(
+ $ensure = present,
+ $vhost = undef,
+ $www_root = undef,
+ $index_files = ['index.html', 'index.htm', 'index.php'],
+ $proxy = undef,
+ $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
+ $ssl = false,
+ $option = undef,
+ $location
+) {
+ File {
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ notify => Class['nginx::service'],
+ }
+
+ ## Shared Variables
+ $ensure_real = $ensure ? {
+ 'absent' => absent,
+ default => file,
+ }
+
+ # Use proxy template if $proxy is defined, otherwise use directory template.
+ if ($proxy != undef) {
+ $content_real = template('nginx/vhost/vhost_location_proxy.erb')
+ } else {
+ $content_real = template('nginx/vhost/vhost_location_directory.erb')
+ }
+
+ ## Check for various error condtiions
+ if ($vhost == undef) {
+ fail('Cannot create a location reference without attaching to a virtual host')
+ }
+ if (($www_root == undef) and ($proxy == undef)) {
+ fail('Cannot create a location reference without a www_root or proxy defined')
+ }
+ if (($www_root != undef) and ($proxy != undef)) {
+ fail('Cannot define both directory and proxy in a virtual host')
+ }
+
+ ## Create stubs for vHost File Fragment Pattern
+ file {"${nginx::config::nx_temp_dir}/nginx.d/${vhost}-500-${name}":
+ ensure => $ensure_real,
+ content => $content_real,
+ }
+
+ ## Only create SSL Specific locations if $ssl is true.
+ if ($ssl == 'true') {
+ file {"${nginx::config::nx_temp_dir}/nginx.d/${vhost}-800-${name}-ssl":
+ ensure => $ensure_real,
+ content => $content_real,
+ }
+ }
+}
View
40 puppet/nginx/manifests/resource/upstream.pp
@@ -0,0 +1,40 @@
+# define: nginx::resource::upstream
+#
+# This definition creates a new upstream proxy entry for NGINX
+#
+# Parameters:
+# [*ensure*] - Enables or disables the specified location (present|absent)
+# [*members*] - Array of member URIs for NGINX to connect to. Must follow valid NGINX syntax.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+# nginx::resource::upstream { 'proxypass':
+# ensure => present,
+# members => [
+# 'localhost:3000',
+# 'localhost:3001',
+# 'localhost:3002',
+# ],
+# }
+define nginx::resource::upstream (
+ $ensure = 'present',
+ $members
+) {
+ File {
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ }
+
+ file { "/etc/nginx/conf.d/${name}-upstream.conf":
+ ensure => $ensure ? {
+ 'absent' => absent,
+ default => 'file',
+ },
+ content => template('nginx/conf.d/upstream.erb'),
+ notify => Class['nginx::service'],
+ }
+}
View
121 puppet/nginx/manifests/resource/vhost.pp
@@ -0,0 +1,121 @@
+# define: nginx::resource::vhost
+#
+# This definition creates a virtual host
+#
+# Parameters:
+# [*ensure*] - Enables or disables the specified vhost (present|absent)
+# [*listen_ip*] - Default IP Address for NGINX to listen with this vHost on. Defaults to all interfaces (*)
+# [*listen_port*] - Default IP Port for NGINX to listen with this vHost on. Defaults to TCP 80
+# [*ipv6_enable*] - BOOL value to enable/disable IPv6 support (false|true). Module will check to see if IPv6
+# support exists on your system before enabling.
+# [*ipv6_listen_ip*] - Default IPv6 Address for NGINX to listen with this vHost on. Defaults to all interfaces (::)
+# [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this vHost on. Defaults to TCP 80
+# [*index_files*] - Default index files for NGINX to read when traversing a directory
+# [*proxy*] - Proxy server(s) for the root location to connect to. Accepts a single value, can be used in
+# conjunction with nginx::resource::upstream
+# [*proxy_read_timeout*] - Override the default the proxy read timeout value of 90 seconds
+# [*ssl*] - Indicates whether to setup SSL bindings for this vhost.
+# [*ssl_cert*] - Pre-generated SSL Certificate file to reference for SSL Support. This is not generated by this module.
+# [*ssl_key*] - Pre-generated SSL Key file to reference for SSL Support. This is not generated by this module.
+# [*www_root*] - Specifies the location on disk for files to be read from. Cannot be set in conjunction with $proxy
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+# nginx::resource::vhost { 'test2.local':
+# ensure => present,
+# www_root => '/var/www/nginx-default',
+# ssl => 'true',
+# ssl_cert => '/tmp/server.crt',
+# ssl_key => '/tmp/server.pem',
+# }
+define nginx::resource::vhost(
+ $ensure = 'enable',
+ $listen_ip = '*',
+ $listen_port = '80',
+ $ipv6_enable = false,
+ $ipv6_listen_ip = '::',
+ $ipv6_listen_port = '80',
+ $ssl = false,
+ $ssl_cert = undef,
+ $ssl_key = undef,
+ $proxy = undef,
+ $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
+ $index_files = ['index.html', 'index.htm', 'index.php'],
+ $www_root = undef
+) {
+
+ File {
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ }
+
+ # Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
+ # and support does not exist for it in the kernel.
+ if ($ipv6_enable == 'true') and ($ipaddress6) {
+ warning('nginx: IPv6 support is not enabled or configured properly')
+ }
+
+ # Check to see if SSL Certificates are properly defined.
+ if ($ssl == 'true') {
+ if ($ssl_cert == undef) or ($ssl_key == undef) {
+ fail('nginx: SSL certificate/key (ssl_cert/ssl_cert) and/or SSL Private must be defined and exist on the target system(s)')
+ }
+ }
+
+ # Use the File Fragment Pattern to construct the configuration files.
+ # Create the base configuration file reference.
+ file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-001":
+ ensure => $ensure ? {
+ 'absent' => absent,
+ default => 'file',
+ },
+ content => template('nginx/vhost/vhost_header.erb'),
+ notify => Class['nginx::service'],
+ }
+
+ # Create the default location reference for the vHost
+ nginx::resource::location {"${name}-default":
+ ensure => $ensure,
+ vhost => $name,
+ ssl => $ssl,
+ location => '/',
+ proxy => $proxy,
+ proxy_read_timeout => $proxy_read_timeout,
+ www_root => $www_root,
+ notify => Class['nginx::service'],
+ }
+
+ # Create a proper file close stub.
+ file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-699":
+ ensure => $ensure ? {
+ 'absent' => absent,
+ default => 'file',
+ },
+ content => template('nginx/vhost/vhost_footer.erb'),
+ notify => Class['nginx::service'],
+ }
+
+ # Create SSL File Stubs if SSL is enabled
+ if ($ssl == 'true') {
+ file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-700-ssl":
+ ensure => $ensure ? {
+ 'absent' => absent,
+ default => 'file',
+ },
+ content => template('nginx/vhost/vhost_ssl_header.erb'),
+ notify => Class['nginx::service'],
+ }
+ file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-999-ssl":
+ ensure => $ensure ? {
+ 'absent' => absent,
+ default => 'file',
+ },
+ content => template('nginx/vhost/vhost_footer.erb'),
+ notify => Class['nginx::service'],
+ }
+ }
+}
View
29 puppet/nginx/manifests/service.pp
@@ -0,0 +1,29 @@
+# Class: nginx::service
+#
+# This module manages NGINX service management and vhost rebuild
+#
+# Parameters:
+#
+# There are no default parameters for this class.
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+# This class file is not called directly
+class nginx::service {
+ exec { 'rebuild-nginx-vhosts':
+ command => "/bin/cat ${nginx::params::nx_temp_dir}/nginx.d/* > ${nginx::params::nx_conf_dir}/conf.d/vhost_autogen.conf",
+ refreshonly => true,
+ subscribe => File["${nginx::params::nx_temp_dir}/nginx.d"],
+ }
+ service { "nginx":
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ hasrestart => true,
+ subscribe => Exec['rebuild-nginx-vhosts'],
+ }
+}
View
33 puppet/nginx/templates/conf.d/nginx.conf.erb
@@ -0,0 +1,33 @@
+user <%= scope.lookupvar('nginx::config::nx_daemon_user') %>;
+worker_processes <%= scope.lookupvar('nginx::params::nx_worker_processes')%>;
+
+error_log <%= scope.lookupvar('nginx::params::nx_logdir')%>/error.log;
+pid <%= scope.lookupvar('nginx::params::nx_pid')%>;
+
+events {
+ worker_connections <%= scope.lookupvar('nginx::params::nx_worker_connections') %>;
+ <% if scope.lookupvar('nginx::params::nx_multi_accept' == 'on') %>multi_accept on;<% end %>
+}
+
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ access_log <%= scope.lookupvar('nginx::params::nx_logdir')%>/access.log;
+
+ sendfile <%= scope.lookupvar('nginx::params::nx_sendfile')%>;
+
+ <% if scope.lookupvar('nginx::params::nx_tcp_nopush' == 'on') %>
+ tcp_nopush on;
+ <% end %>
+
+ keepalive_timeout <%= scope.lookupvar('nginx::params::nx_keepalive_timeout')%>;
+ tcp_nodelay <%= scope.lookupvar('nginx::params::nx_tcp_nodelay')%>;
+
+ <% if scope.lookupvar('nginx::params::nx_gzip' == 'on') %>
+ gzip on;
+ gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+ <% end %>
+
+ include /etc/nginx/conf.d/*.conf;
+}
View
10 puppet/nginx/templates/conf.d/proxy.conf.erb
@@ -0,0 +1,10 @@
+proxy_redirect <%= scope.lookupvar('nginx::params::nx_proxy_redirect') %>;
+client_max_body_size <%= scope.lookupvar('nginx::params::nx_client_max_body_size') %>;
+client_body_buffer_size <%= scope.lookupvar('nginx::params::nx_client_body_buffer_size') %>;
+proxy_connect_timeout <%= scope.lookupvar('nginx::params::nx_proxy_connect_timeout') %>;
+proxy_send_timeout <%= scope.lookupvar('nginx::params::nx_proxy_send_timeout') %>;
+proxy_read_timeout <%= scope.lookupvar('nginx::params::nx_proxy_read_timeout') %>;
+proxy_buffers <%= scope.lookupvar('nginx::params::nx_proxy_buffers') %>;
+<% scope.lookupvar('nginx::params::nx_proxy_set_header').each do |header| %>
+proxy_set_header <%= header %>;
+<% end %>
View
5 puppet/nginx/templates/conf.d/upstream.erb
@@ -0,0 +1,5 @@
+upstream <%= name %> {
+ <% members.each do |i| %>
+ server <%= i %>;
+ <% end %>
+}
View
1  puppet/nginx/templates/vhost/vhost_footer.erb
@@ -0,0 +1 @@
+}
View
6 puppet/nginx/templates/vhost/vhost_header.erb
@@ -0,0 +1,6 @@
+server {
+ listen <%= listen_ip %>;
+ <% # check to see if ipv6 support exists in the kernel before applying %>
+ <% if ipv6_enable == 'true' && (defined? ipaddress6) %>listen [<%= ipv6_listen_ip %>]:<%= ipv6_listen_port %> default ipv6only=on;<% end %>
+ server_name <%= name %>;
+ access_log <%= scope.lookupvar('nginx::params::nx_logdir')%>/<%= name %>.access.log;
View
0  puppet/nginx/templates/vhost/vhost_location_alias.erb
No changes.
View
4 puppet/nginx/templates/vhost/vhost_location_directory.erb
@@ -0,0 +1,4 @@
+ location <%= location %> {
+ root <%= www_root %>;
+ index <% index_files.each do |i| %> <%= i %> <% end %>;
+ }
View
5 puppet/nginx/templates/vhost/vhost_location_proxy.erb
@@ -0,0 +1,5 @@
+ location <%= location %> {
+ proxy_pass <%= proxy %>;
+ proxy_read_timeout <%= proxy_read_timeout %>;
+ }
+
View
14 puppet/nginx/templates/vhost/vhost_ssl_header.erb
@@ -0,0 +1,14 @@
+server {
+ listen 443;
+ <% if ipv6_enable == 'true' && (defined? ipaddress6) %>listen [<%= ipv6_listen_ip %>]:<%= ipv6_listen_port %> default ipv6only=on;<% end %>
+ server_name <%= name %>;
+
+ ssl on;
+ ssl_certificate <%= ssl_cert %>;
+ ssl_certificate_key <%= ssl_key %>;
+
+ ssl_session_timeout 5m;
+
+ ssl_protocols SSLv3 TLSv1;
+ ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
+ ssl_prefer_server_ciphers on;
View
9 puppet/nginx/tests/init.pp
@@ -0,0 +1,9 @@
+# The notify before should always come BEFORE all resources
+# managed by the nginx class
+# and the notify last should always come AFTER all resources
+# managed by the nginx class.
+node default {
+ notify { 'before': }
+ -> class { 'nginx': }
+ -> notify { 'last': }
+}
View
10 puppet/nginx/tests/upstream.pp
@@ -0,0 +1,10 @@
+include nginx
+
+nginx::resource::upstream { 'proxypass':
+ ensure => present,
+ members => [
+ 'localhost:3000',
+ 'localhost:3001',
+ 'localhost:3002',
+ ],
+}
View
8 puppet/nginx/tests/vhost.pp
@@ -0,0 +1,8 @@
+include nginix
+
+nginx::resource::vhost { 'test.local':
+ ensure => present,
+ ipv6_enable => 'true',
+ proxy => 'http://proxypass',
+}
+
View
17 puppet/nginx/tests/vhost_ssl.erb
@@ -0,0 +1,17 @@
+include nginx
+
+nginx::resource::vhost { 'test2.local':
+ ensure => present,
+ www_root => '/var/www/nginx-default',
+ ssl => 'true',
+ ssl_cert => '/tmp/server.crt',
+ ssl_key => '/tmp/server.pem',
+}
+
+nginx::resource::location { 'test2.local-bob':
+ ensure => present,
+ www_root => '/var/www/bob',
+ location => '/bob',
+ vhost => 'test2.local',
+}
+
View
4 puppet/nodes.pp
@@ -4,7 +4,9 @@
Exec { path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin" }
Package { require => Exec['apt-get update'] }
+ group { 'puppet': ensure => "present", }
-
+ class { 'nginx': }
}
+
Please sign in to comment.
Something went wrong with that request. Please try again.