diff --git a/Gemfile b/Gemfile index 1afd720..eb78ebd 100644 --- a/Gemfile +++ b/Gemfile @@ -1,5 +1,10 @@ source "https://rubygems.org" +is_ruby18 = RUBY_VERSION.start_with? '1.8' + +if is_ruby18 + gem 'rspec', "~> 3.1.0", :require => false +end gem "rake" gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.6.0' gem "puppet-lint" diff --git a/README.md b/README.md index 8090e4c..3742b30 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,31 @@ For detailed info about the logic and usage patterns of Example42 modules read R my_class => 'nginx::example42', } +## USAGE - Hiera Support +* Manage nginx configuration using Hiera + +```yaml +nginx::template: 'modules/nginx/nginx.conf.erb' +nginx::options: + client_header_timeout: '60s' + client_body_timeout: '60s' + send_timeout: '60s' + fastcgi_read_timeout: '60s' +``` + +* Defining Nginx resources using Hiera + +```yaml +nginx::vhost_hash: + 'mysite.com': + docroot: '/var/www/mysite.com' + create_docroot: true +nginx::resource_upstream_hash: + 'proxypass': + members: + - localhost:3000 + - localhost:3001 +``` ## USAGE - Example42 extensions management * Activate puppi (recommended, but disabled by default) diff --git a/manifests/init.pp b/manifests/init.pp index 95f3c8e..f19c8cb 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -242,58 +242,62 @@ # Alessandro Franceschi # class nginx ( - $gzip = params_lookup( 'gzip' ), - $worker_connections = params_lookup( 'worker_connections' ), - $multi_accept = params_lookup( 'multi_accept' ), - $keepalive_timeout = params_lookup( 'keepalive_timeout' ), - $server_names_hash_max_size = params_lookup( 'server_names_hash_max_size' ), - $server_names_hash_bucket_size = params_lookup( 'server_names_hash_bucket_size' ), - $client_max_body_size = params_lookup( 'client_max_body_size' ), - $types_hash_max_size = params_lookup( 'types_hash_max_size' ), - $sendfile = params_lookup( 'sendfile' ), - $my_class = params_lookup( 'my_class' ), - $source = params_lookup( 'source' ), - $source_dir = params_lookup( 'source_dir' ), - $source_dir_purge = params_lookup( 'source_dir_purge' ), - $template = params_lookup( 'template' ), - $service_autorestart = params_lookup( 'service_autorestart' , 'global' ), - $options = params_lookup( 'options' ), - $version = params_lookup( 'version' ), - $absent = params_lookup( 'absent' ), - $disable = params_lookup( 'disable' ), - $disableboot = params_lookup( 'disableboot' ), - $monitor = params_lookup( 'monitor' , 'global' ), - $monitor_tool = params_lookup( 'monitor_tool' , 'global' ), - $monitor_target = params_lookup( 'monitor_target' , 'global' ), - $monitor_config_hash = params_lookup( 'monitor_config_hash' ), - $puppi = params_lookup( 'puppi' , 'global' ), - $puppi_helper = params_lookup( 'puppi_helper' , 'global' ), - $firewall = params_lookup( 'firewall' , 'global' ), - $firewall_tool = params_lookup( 'firewall_tool' , 'global' ), - $firewall_src = params_lookup( 'firewall_src' , 'global' ), - $firewall_dst = params_lookup( 'firewall_dst' , 'global' ), - $debug = params_lookup( 'debug' , 'global' ), - $audit_only = params_lookup( 'audit_only' , 'global' ), - $package = params_lookup( 'package' ), - $service = params_lookup( 'service' ), - $service_status = params_lookup( 'service_status' ), - $service_restart = params_lookup( 'service_restart' ), - $process = params_lookup( 'process' ), - $process_args = params_lookup( 'process_args' ), - $process_user = params_lookup( 'process_user' ), - $config_dir = params_lookup( 'config_dir' ), - $config_file = params_lookup( 'config_file' ), - $config_file_mode = params_lookup( 'config_file_mode' ), - $config_file_owner = params_lookup( 'config_file_owner' ), - $config_file_group = params_lookup( 'config_file_group' ), - $config_file_init = params_lookup( 'config_file_init' ), - $config_file_default_purge = params_lookup( 'config_file_default_purge'), - $pid_file = params_lookup( 'pid_file' ), - $data_dir = params_lookup( 'data_dir' ), - $log_dir = params_lookup( 'log_dir' ), - $log_file = params_lookup( 'log_file' ), - $port = params_lookup( 'port' ), - $protocol = params_lookup( 'protocol' ), + $gzip = params_lookup( 'gzip' ), + $worker_connections = params_lookup( 'worker_connections' ), + $multi_accept = params_lookup( 'multi_accept' ), + $keepalive_timeout = params_lookup( 'keepalive_timeout' ), + $server_names_hash_max_size = params_lookup( 'server_names_hash_max_size' ), + $server_names_hash_bucket_size = params_lookup( 'server_names_hash_bucket_size' ), + $client_max_body_size = params_lookup( 'client_max_body_size' ), + $types_hash_max_size = params_lookup( 'types_hash_max_size' ), + $sendfile = params_lookup( 'sendfile' ), + $my_class = params_lookup( 'my_class' ), + $source = params_lookup( 'source' ), + $source_dir = params_lookup( 'source_dir' ), + $source_dir_purge = params_lookup( 'source_dir_purge' ), + $template = params_lookup( 'template' ), + $service_autorestart = params_lookup( 'service_autorestart' , 'global' ), + $options = params_lookup( 'options' ), + $version = params_lookup( 'version' ), + $absent = params_lookup( 'absent' ), + $disable = params_lookup( 'disable' ), + $disableboot = params_lookup( 'disableboot' ), + $monitor = params_lookup( 'monitor' , 'global' ), + $monitor_tool = params_lookup( 'monitor_tool' , 'global' ), + $monitor_target = params_lookup( 'monitor_target' , 'global' ), + $monitor_config_hash = params_lookup( 'monitor_config_hash' ), + $puppi = params_lookup( 'puppi' , 'global' ), + $puppi_helper = params_lookup( 'puppi_helper' , 'global' ), + $firewall = params_lookup( 'firewall' , 'global' ), + $firewall_tool = params_lookup( 'firewall_tool' , 'global' ), + $firewall_src = params_lookup( 'firewall_src' , 'global' ), + $firewall_dst = params_lookup( 'firewall_dst' , 'global' ), + $debug = params_lookup( 'debug' , 'global' ), + $audit_only = params_lookup( 'audit_only' , 'global' ), + $package = params_lookup( 'package' ), + $service = params_lookup( 'service' ), + $service_status = params_lookup( 'service_status' ), + $service_restart = params_lookup( 'service_restart' ), + $process = params_lookup( 'process' ), + $process_args = params_lookup( 'process_args' ), + $process_user = params_lookup( 'process_user' ), + $config_dir = params_lookup( 'config_dir' ), + $config_file = params_lookup( 'config_file' ), + $config_file_mode = params_lookup( 'config_file_mode' ), + $config_file_owner = params_lookup( 'config_file_owner' ), + $config_file_group = params_lookup( 'config_file_group' ), + $config_file_init = params_lookup( 'config_file_init' ), + $config_file_default_purge = params_lookup( 'config_file_default_purge'), + $pid_file = params_lookup( 'pid_file' ), + $data_dir = params_lookup( 'data_dir' ), + $log_dir = params_lookup( 'log_dir' ), + $log_file = params_lookup( 'log_file' ), + $port = params_lookup( 'port' ), + $protocol = params_lookup( 'protocol' ), + $vhost_hash = params_lookup( 'vhost_hash' ), + $resource_location_hash = params_lookup( 'resource_location_hash' ), + $resource_upstream_hash = params_lookup( 'resource_upstream_hash' ), + $resource_vhost_hash = params_lookup( 'resource_vhost_hash' ), ) inherits nginx::params { $bool_source_dir_purge=any2bool($source_dir_purge) @@ -307,6 +311,24 @@ $bool_debug=any2bool($debug) $bool_audit_only=any2bool($audit_only) + ## Integration with Hiera + if $vhost_hash != {} { + validate_hash($vhost_hash) + create_resources('nginx::vhost', $vhost_hash) + } + if $resource_location_hash != {} { + validate_hash($resource_location_hash) + create_resources('nginx::resource::location', $resource_location_hash) + } + if $resource_upstream_hash != {} { + validate_hash($resource_upstream_hash) + create_resources('nginx::resource::upstream', $resource_upstream_hash) + } + if $resource_vhost_hash != {} { + validate_hash($resource_vhost_hash) + create_resources('nginx::resource::vhost', $resource_vhost_hash) + } + $real_gzip = $gzip ? { 'off' => 'off', 'OFF' => 'off', diff --git a/manifests/params.pp b/manifests/params.pp index 17739f1..b68eaa2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -125,5 +125,9 @@ $puppi_helper = 'standard' $debug = false $audit_only = false - + $vhost_hash = {} + $resource_location_hash = {} + $resource_upstream_hash = {} + $resource_vhost_hash = {} + } diff --git a/manifests/resource/location.pp b/manifests/resource/location.pp index c8b0701..9146b48 100644 --- a/manifests/resource/location.pp +++ b/manifests/resource/location.pp @@ -32,30 +32,30 @@ # vhost => 'test2.local', # } define nginx::resource::location( - $ensure = present, - $vhost = undef, - $limit_except = undef, + $ensure = present, + $vhost = undef, + $limit_except = undef, $auth_basic_user_file = undef, - $auth_basic = undef, - $www_root = undef, - $create_www_root = false, - $owner = '', - $groupowner = '', - $redirect = undef, - $index_files = ['index.html', 'index.htm', 'index.php'], - $proxy = undef, - $proxy_read_timeout = '90', - $proxy_set_header = ['Host $host', 'X-Real-IP $remote_addr', 'X-Forwarded-For $proxy_add_x_forwarded_for', 'X-Forwarded-Proto $scheme' ], - $proxy_redirect = undef, - $ssl = false, - $ssl_only = false, - $option = undef, - $mixin_ssl = undef, - $template_ssl_proxy = 'nginx/vhost/vhost_location_proxy.erb', - $template_proxy = 'nginx/vhost/vhost_location_proxy.erb', - $template_directory = 'nginx/vhost/vhost_location_directory.erb', - $template_redirect = 'nginx/vhost/vhost_location_redirect.erb', - $location = $title + $auth_basic = undef, + $www_root = undef, + $create_www_root = false, + $owner = '', + $groupowner = '', + $redirect = undef, + $index_files = ['index.html', 'index.htm', 'index.php'], + $proxy = undef, + $proxy_read_timeout = '90', + $proxy_set_header = ['Host $host', 'X-Real-IP $remote_addr', 'X-Forwarded-For $proxy_add_x_forwarded_for', 'X-Forwarded-Proto $scheme' ], + $proxy_redirect = undef, + $ssl = false, + $ssl_only = false, + $option = undef, + $mixin_ssl = undef, + $template_ssl_proxy = 'nginx/vhost/vhost_location_proxy.erb', + $template_proxy = 'nginx/vhost/vhost_location_proxy.erb', + $template_directory = 'nginx/vhost/vhost_location_directory.erb', + $template_redirect = 'nginx/vhost/vhost_location_redirect.erb', + $location = $title ) { File { owner => 'root', diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp index e3cb1db..44b1d16 100644 --- a/manifests/resource/upstream.pp +++ b/manifests/resource/upstream.pp @@ -36,9 +36,9 @@ } file { "${nginx::cdir}/${name}-upstream.conf": - ensure => $real_file, - content => template($template_upstream), - notify => $nginx::manage_service_autorestart, - require => Package['nginx'], + ensure => $real_file, + content => template($template_upstream), + notify => $nginx::manage_service_autorestart, + require => Package['nginx'], } } diff --git a/manifests/resource/vhost.pp b/manifests/resource/vhost.pp index 5916bb1..40caf83 100644 --- a/manifests/resource/vhost.pp +++ b/manifests/resource/vhost.pp @@ -127,7 +127,7 @@ # Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled # and support does not exist for it in the kernel. - if ($bool_ipv6_enable) and ($ipaddress6) { + if ($bool_ipv6_enable) and ($::ipaddress6) { warning('nginx: IPv6 support is not enabled or configured properly') }