Removing nginx as submodule and really adding it

Sergio Oliveira
1 parent ccf68631
Showing 14 changed files with 551 additions and 1 deletions Show diff stats
puppet/modules/nginx
puppet/modules/nginx/LICENSE
puppet/modules/nginx/Modulefile
puppet/modules/nginx/README
puppet/modules/nginx/manifests/config.pp
puppet/modules/nginx/manifests/fcgi.pp
puppet/modules/nginx/manifests/fcgi/site.pp
puppet/modules/nginx/manifests/init.pp
puppet/modules/nginx/manifests/install_site.pp
puppet/modules/nginx/manifests/site.pp
puppet/modules/nginx/manifests/site_include.pp
puppet/modules/nginx/templates/fcgi_site.erb
puppet/modules/nginx/templates/includes/fastcgi_params.erb
puppet/modules/nginx/templates/nginx.conf.erb
@@ -1 +0,0 @@
-Subproject commit 154e8cb9f34495e10d107c77bce7b44187d8ce1a
@@ -0,0 +1,12 @@
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
@@ -0,0 +1,8 @@
+name    'BenoitCattie-nginx'
+version '0.0.2'
+source 'https://github.com/BenoitCattie/puppet-nginx.git'
+author 'BenoitCattie'
+license 'APACHE2'
+summary 'Basic module for configuring nginx via puppet'
+description 'Basic module for configuring nginx via puppet. You can easily create fcgi vhost with this module.'
+project_page 'http://github.com/BenoitCattie/puppet-nginx'
@@ -0,0 +1,116 @@
+# Nginx Recipe #
+Author	: Benoit CATTIE <puppet@benoit.cattie.net>
+Version	: 0.2
+Licence : Apache
+
+Basic module for configuring nginx via puppet.
+
+Based in part on apache2 module code by Sam Quigley <sq@wesabe.com>, Tim Stoop <tim.stoop@gmail.com> and David Schmitt <david@schmitt.edv-bus.at>
+
+## Class: nginx ##
+
+Parameters (used in nginx.conf.erb) :
+    * $user. Defaults to 'www-data'.
+    * $worker_processes. Defaults to '1'.
+    * $worker_connections. Defaults to '1024'.
+    * $error_log. Default to undef
+    * $pid_file. Default to undef
+    * $access_log. Default to undef
+
+Install nginx.
+Create config directories :
+	* /etc/nginx/conf.d for http config snippet
+	* /etc/nginx/includes for sites includes
+	* /etc/nginx/sites-enabled
+	* /etc/nginx/sites-available
+	* /etc/nginx/ssl
+
+Provide 4 definitions : 
+	* nginx::config (http config snippet)
+	* nginx::site (http site)
+	* nginx::site_include (site includes)
+	* nginx::fcgi::site (fcgi php site)
+
+Templates:
+	- nginx.conf.erb => /etc/nginx/nginx.conf
+
+
+### Define nginx::config ### 
+
+Installs a config snippet in /etc/nginx/conf.d. 
+
+Parameters :
+	* ensure: typically set to "present" or "absent". Defaults to "present"
+	* content: set the content of the config snipppet. Defaults to 'template("nginx/${name}.conf.erb")'
+	* order: specifies the load order for this config snippet. Defaults to "500"
+
+
+###  Define: nginx::site ###
+
+Install a nginx site in /etc/nginx/sites-available (and symlink in /etc/nginx/sites-enabled). 
+
+Parameters :
+	* ensure: typically set to "present" or "absent". Defaults to "present"
+	* content: site definition (should be a template).
+
+###  Define: nginx::site_include ###
+
+Define: site_include
+
+Define a site config include in /etc/nginx/includes
+
+Parameters :
+	* ensure: typically set to "present" or "absent". Defaults to "present"
+	* content: include definition (should be a template).
+
+
+## Class nginx::fcgi ##
+
+Manage nginx fcgi configuration.
+Provide nginx::fcgi::site 
+
+Templates :
+	* nginx/includes/fastcgi_params.erb
+
+###  Define: nginx::fcgi::site  ###
+
+Create a fcgi site config from template using parameters.
+You can use my php5-fpm class to manage fastcgi servers.
+
+Parameters :
+ 	* ensure: typically set to "present" or "absent". Defaults to "present"
+ 	* root: document root (Required)
+	* index: nginx index directive. Defaults to "index.php"
+	* fastcgi_pass : port or socket on which the FastCGI-server is listening (Required)
+	* server_name : server_name directive (could be an array)
+	* listen : address/port the server listen to. Defaults to 80. Auto enable ssl if 443
+	* access_log : custom acces logs. Defaults to /var/log/nginx/$name_access.log
+	* include : custom include for the site (could be an array). Include files must exists
+	   to avoid nginx reload errors. Use with nginx::site_include
+	* ssl_certificate : ssl_certificate path. If empty auto-generating ssl cert
+	* ssl_certificate_key : ssl_certificate_key path. If empty auto-generating ssl cert key 
+   See http://wiki.nginx.org for details.
+
+Templates :
+	* nginx/fcgi_site.erb
+
+Sample Usage :
+
+        include nginx
+        include nginx::fcgi
+
+        nginx::fcgi::site {"default":
+                root            => "/var/www/nginx-default",
+                fastcgi_pass    => "127.0.0.1:9000",
+                server_name     => ["localhost", "$hostname", "$fqdn"],
+         }
+
+        nginx::fcgi::site {"default-ssl":
+                listen          => "443",
+                root            => "/var/www/nginx-default",
+                fastcgi_pass    => "127.0.0.1:9000",
+                server_name     => "$fqdn",
+         }
+
+## CHANGELOG ##
+- v0.2 : * ssl support
@@ -0,0 +1,27 @@
+# Define: nginx::config
+#
+# Define a nginx config snippet. Places all config snippets into
+# /etc/nginx/conf.d, where they will be automatically loaded by http module
+#
+#
+# Parameters :
+# * ensure: typically set to "present" or "absent". Defaults to "present"
+# * content: set the content of the config snipppet. Defaults to 'template("nginx/${name}.conf.erb")'
+# * order: specifies the load order for this config snippet. Defaults to "500"
+#
+define nginx::config($ensure='present', $content=undef, $order='500') {
+  $real_content = $content ? {
+    undef   => template("nginx/${name}.conf.erb"),
+    default => $content,
+  }
+
+  file { "${nginx::nginx_conf}/${order}-${name}.conf":
+    ensure  => $ensure,
+    content => $real_content,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    notify  => Service['nginx'],
+  }
+}
+
@@ -0,0 +1,13 @@
+# Class: nginx::fcgi
+#
+# Manage nginx fcgi configuration.
+# Provide nginx::fcgi::site
+#
+# Templates :
+# * nginx/includes/fastcgi_params.erb
+#
+class nginx::fcgi inherits nginx {
+  nginx::site_include { 'fastcgi_params':
+    content => template('nginx/includes/fastcgi_params.erb'),
+  }
+}
@@ -0,0 +1,86 @@
+# Define: nginx::fcgi::site
+#
+# Create a fcgi site config from template using parameters.
+# You can use my php5-fpm class to manage fastcgi servers.
+#
+# Parameters :
+# * ensure: typically set to "present" or "absent". Defaults to "present"
+# * root: document root (Required)
+# * fastcgi_pass : port or socket on which the FastCGI-server is listening (Required)
+# * server_name : server_name directive (could be an array)
+# * listen : address/port the server listen to. Defaults to 80. Auto enable ssl if 443
+# * access_log : custom acces logs. Defaults to /var/log/nginx/$name_access.log
+# * include : custom include for the site (could be an array). Include files must exists
+#   to avoid nginx reload errors. Use with nginx::site_include
+# * ssl_certificate : ssl_certificate path. If empty auto-generating ssl cert
+# * ssl_certificate_key : ssl_certificate_key path. If empty auto-generating ssl cert key
+#   See http://wiki.nginx.org for details.
+#
+# Templates :
+# * nginx/fcgi_site.erb
+#
+# Sample Usage :
+#   nginx::fcgi::site { 'default':
+#     root         => '/var/www/nginx-default',
+#     fastcgi_pass => '127.0.0.1:9000',
+#     server_name  => ['localhost', $hostname, $fqdn],
+#   }
+#
+#   nginx::fcgi::site { 'default-ssl':
+#     listen          => '443',
+#     root            => '/var/www/nginx-default',
+#     fastcgi_pass    => '127.0.0.1:9000',
+#     server_name     => $fqdn,
+#   }
+#
+define nginx::fcgi::site(
+  $root,
+  $fastcgi_pass,
+  $ensure              = 'present',
+  $index               = 'index.php',
+  $include             = '',
+  $listen              = '80',
+  $server_name         = undef,
+  $access_log          = undef,
+  $ssl_certificate     = undef,
+  $ssl_certificate_key = undef,
+  $ssl_session_timeout = '5m') {
+
+  $real_server_name = $server_name ? {
+    undef   => $name,
+    default => $server_name,
+  }
+
+  $real_access_log = $access_log ? {
+    undef   => "/var/log/nginx/${name}_access.log",
+    default => $access_log,
+  }
+
+  # Autogenerating ssl certs
+  if $listen == '443' and  $ensure == 'present' and ($ssl_certificate == undef or $ssl_certificate_key == undef) {
+    exec { "generate-${name}-certs":
+      command => "/usr/bin/openssl req -new -inform PEM -x509 -nodes -days 999 -subj \
+        '/C=ZZ/ST=AutoSign/O=AutoSign/localityName=AutoSign/commonName=${real_server_name}/organizationalUnitName=AutoSign/emailAddress=AutoSign/' \
+        -newkey rsa:2048 -out /etc/nginx/ssl/${name}.pem -keyout /etc/nginx/ssl/${name}.key",
+      unless  => "/usr/bin/test -f /etc/nginx/ssl/${name}.pem",
+      require => File['/etc/nginx/ssl'],
+      notify  => Service['nginx'],
+    }
+  }
+
+  $real_ssl_certificate = $ssl_certificate ? {
+    undef   => "/etc/nginx/ssl/${name}.pem",
+    default => $ssl_certificate,
+  }
+
+  $real_ssl_certificate_key = $ssl_certificate_key ? {
+    undef   => "/etc/nginx/ssl/${name}.key",
+    default => $ssl_certificate_key,
+  }
+
+  nginx::site { $name:
+    ensure  => $ensure,
+    content => template('nginx/fcgi_site.erb'),
+  }
+}
+
@@ -0,0 +1,102 @@
+# Class: nginx
+#
+# Install nginx.
+#
+# Parameters:
+# * $user. Defaults to 'www-data'.
+# * $worker_processes. Defaults to '1'.
+# * $worker_connections. Defaults to '1024'.
+# * $error_log. Default to undef
+# * $pid_file. Default to undef
+# * $access_log. Default to undef
+#
+# Create config directories :
+# * /etc/nginx/conf.d for http config snippet
+# * /etc/nginx/includes for sites includes
+#
+# Provide 3 definitions :
+# * nginx::config (http config snippet)
+# * nginx::site (http site)
+# * nginx::site_include (site includes)
+#
+# Templates:
+#   - nginx.conf.erb => /etc/nginx/nginx.conf
+#
+class nginx (
+  $user = 'www-data',
+  $worker_processes = '1',
+  $worker_connections = '1024',
+  $error_log = undef,
+  $pid_file = undef,
+  $access_log = undef
+){
+  $nginx_includes = '/etc/nginx/includes'
+  $nginx_conf = '/etc/nginx/conf.d'
+
+  case $::operatingsystem {
+    centos,fedora,rhel: {
+      $nginx_packages = ['nginx', 'GeoIP', 'gd', 'libXpm', 'libxslt']
+    }
+    debian,ubuntu: {
+      $nginx_packages = 'nginx-extras'
+    }
+  }
+  if ! defined(Package[$nginx_packages]) { 
+    package { $nginx_packages: 
+      ensure => installed 
+    }
+  }
+
+  #restart-command is a quick-fix here, until http://projects.puppetlabs.com/issues/1014 is solved
+  service { 'nginx':
+    ensure     => running,
+    enable     => true,
+    hasrestart => true,
+    require    => File['/etc/nginx/nginx.conf'],
+    restart    => '/etc/init.d/nginx reload'
+  }
+
+  file { '/etc/nginx/nginx.conf':
+    ensure  => present,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    content => template('nginx/nginx.conf.erb'),
+    notify  => Service['nginx'],
+    require => Package[$nginx_packages],
+  }
+
+  file { $nginx_conf:
+    ensure  => directory,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    require => Package[$nginx_packages],
+  }
+
+  file { '/etc/nginx/ssl':
+    ensure  => directory,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    require => Package[$nginx_packages],
+  }
+
+  file { $nginx_includes:
+    ensure  => directory,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    require => Package[$nginx_packages],
+  }
+
+  # Nuke default files
+  file { '/etc/nginx/fastcgi_params':
+    ensure  => absent,
+    require => Package[$nginx_packages],
+  }
+
+  file { '/etc/nginx/sites-enabled/default':
+    ensure => absent,
+  }
+}
@@ -0,0 +1,42 @@
+# Define: install_site
+#
+# Install nginx vhost
+# This definition is private, not intended to be called directly
+#
+define nginx::install_site($content=undef) {
+  # first, make sure the site config exists
+  case $content {
+    undef: {
+      file { "/etc/nginx/sites-available/${name}":
+        ensure  => present,
+        mode    => '0644',
+        owner   => 'root',
+        group   => 'root',
+        alias   => "sites-${name}",
+        notify  => Service['nginx'],
+        require => Package[$nginx::nginx_packages],
+      }
+    }
+    default: {
+      file { "/etc/nginx/sites-available/${name}":
+        ensure  => present,
+        mode    => '0644',
+        owner   => 'root',
+        group   => 'root',
+        alias   => "sites-$name",
+        content => $content,
+        require => Package[$nginx::nginx_packages],
+        notify  => Service['nginx'],
+      }
+    }
+  }
+
+  # now, enable it.
+  exec { "ln -s /etc/nginx/sites-available/${name} /etc/nginx/sites-enabled/${name}":
+    unless  => "/bin/sh -c '[ -L /etc/nginx/sites-enabled/${name} ] && \
+      [ /etc/nginx/sites-enabled/${name} -ef /etc/nginx/sites-available/${name} ]'",
+    path    => ['/usr/bin/', '/bin/'],
+    notify  => Service['nginx'],
+    require => File["sites-${name}"],
+  }
+}
@@ -0,0 +1,27 @@
+# Define: nginx::site
+#
+# Install a nginx site in /etc/nginx/sites-available (and symlink in /etc/nginx/sites-enabled).
+#
+#
+# Parameters :
+# * ensure: typically set to "present" or "absent". Defaults to "present"
+# * content: site definition (should be a template).
+#
+define nginx::site($ensure='present', $content='') {
+  case $ensure {
+    'present' : {
+      nginx::install_site { $name:
+        content => $content
+      }
+    }
+    'absent' : {
+      exec { "/bin/rm -f /etc/nginx/sites-enabled/${name}":
+        onlyif  => "/bin/sh -c '[ -L /etc/nginx/sites-enabled/${name} ] && \
+          [ /etc/nginx/sites-enabled/$name -ef /etc/nginx/sites-available/${name} ]'",
+        notify  => Service['nginx'],
+        require => Package[$nginx::nginx_packages],
+      }
+    }
+    default: { err ("Unknown ensure value: '$ensure'") }
+  }
+}
@@ -0,0 +1,20 @@
+# Define: site_include
+#
+# Define a site config include in /etc/nginx/includes
+#
+# Parameters :
+# * ensure: typically set to "present" or "absent". Defaults to "present"
+# * content: include definition (should be a template).
+#
+define nginx::site_include($ensure='present', $content='') {
+  file { "${nginx::nginx_includes}/${name}.inc":
+    ensure  => $ensure,
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'root',
+    content => $content,
+    require => File[$nginx::nginx_includes],
+    notify  => Service['nginx'],
+  }
+}
+
@@ -0,0 +1,39 @@
+server {
+        listen   <%= listen %> ;
+
+	server_name  <% real_server_name.each do |s_n| -%><%= s_n %> <% end -%>;
+
+        access_log  <%= real_access_log %>;
+
+	root <%= root %>;
+
+<% if listen == '443' %>
+        ssl  on;
+        ssl_certificate  <%= real_ssl_certificate %>;
+        ssl_certificate_key  <%= real_ssl_certificate_key %>;
+
+        ssl_session_timeout  <%= ssl_session_timeout %>;
+
+        ssl_protocols  SSLv2 SSLv3 TLSv1;
+        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
+        ssl_prefer_server_ciphers   on;
+<% end -%>
+        location / {
+		index   <%= index %>;
+        }
+
+	location ~ \.php$ {
+		fastcgi_pass <%= fastcgi_pass %>;
+		fastcgi_index index.php;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		include /etc/nginx/includes/fastcgi_params.inc;
+	}
+
+	location ~ /\.ht {
+                deny  all;
+        }
+
+<% if include  != '' %>	<%include.each do |inc| %>include <%= inc %>;
+	<% end -%><% end -%>
+}
+
@@ -0,0 +1,23 @@
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;
+
@@ -0,0 +1,36 @@
+user <%= @user %>;
+worker_processes  <%= @worker_processes  %>;
+
+<% if @error_log %>
+error_log  <%= @error_log %>;
+<% end %>
+<% if @pid_file %>
+pid        <%= @pid_file %>;
+<% end %>
+
+events {
+    worker_connections  <%= @worker_connections  %>;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+
+    <% if @access_log %>
+    access_log	<%= @access_log %>;
+    <% end %>
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+    tcp_nodelay        on;
+
+    gzip  on;
+    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+
+    server_tokens off;
+}
...	...	@@ -1 +0,0 @@
1		-Subproject commit 154e8cb9f34495e10d107c77bce7b44187d8ce1a
...	...	@@ -0,0 +1,12 @@
	1	+
	2	+ Licensed under the Apache License, Version 2.0 (the "License");
	3	+ you may not use this file except in compliance with the License.
	4	+ You may obtain a copy of the License at
	5	+
	6	+ http://www.apache.org/licenses/LICENSE-2.0
	7	+
	8	+ Unless required by applicable law or agreed to in writing, software
	9	+ distributed under the License is distributed on an "AS IS" BASIS,
	10	+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	11	+ See the License for the specific language governing permissions and
	12	+ limitations under the License.
...	...
...	...	@@ -0,0 +1,8 @@
	1	+name 'BenoitCattie-nginx'
	2	+version '0.0.2'
	3	+source 'https://github.com/BenoitCattie/puppet-nginx.git'
	4	+author 'BenoitCattie'
	5	+license 'APACHE2'
	6	+summary 'Basic module for configuring nginx via puppet'
	7	+description 'Basic module for configuring nginx via puppet. You can easily create fcgi vhost with this module.'
	8	+project_page 'http://github.com/BenoitCattie/puppet-nginx'
...	...
...	...	@@ -0,0 +1,116 @@
	1	+# Nginx Recipe #
	2	+Author : Benoit CATTIE <puppet@benoit.cattie.net>
	3	+Version : 0.2
	4	+Licence : Apache
	5	+
	6	+Basic module for configuring nginx via puppet.
	7	+
	8	+Based in part on apache2 module code by Sam Quigley <sq@wesabe.com>, Tim Stoop <tim.stoop@gmail.com> and David Schmitt <david@schmitt.edv-bus.at>
	9	+
	10	+## Class: nginx ##
	11	+
	12	+Parameters (used in nginx.conf.erb) :
	13	+ * $user. Defaults to 'www-data'.
	14	+ * $worker_processes. Defaults to '1'.
	15	+ * $worker_connections. Defaults to '1024'.
	16	+ * $error_log. Default to undef
	17	+ * $pid_file. Default to undef
	18	+ * $access_log. Default to undef
	19	+
	20	+Install nginx.
	21	+Create config directories :
	22	+ * /etc/nginx/conf.d for http config snippet
	23	+ * /etc/nginx/includes for sites includes
	24	+ * /etc/nginx/sites-enabled
	25	+ * /etc/nginx/sites-available
	26	+ * /etc/nginx/ssl
	27	+
	28	+Provide 4 definitions :
	29	+ * nginx::config (http config snippet)
	30	+ * nginx::site (http site)
	31	+ * nginx::site_include (site includes)
	32	+ * nginx::fcgi::site (fcgi php site)
	33	+
	34	+Templates:
	35	+ - nginx.conf.erb => /etc/nginx/nginx.conf
	36	+
	37	+
	38	+### Define nginx::config ###
	39	+
	40	+Installs a config snippet in /etc/nginx/conf.d.
	41	+
	42	+Parameters :
	43	+ * ensure: typically set to "present" or "absent". Defaults to "present"
	44	+ * content: set the content of the config snipppet. Defaults to 'template("nginx/${name}.conf.erb")'
	45	+ * order: specifies the load order for this config snippet. Defaults to "500"
	46	+
	47	+
	48	+### Define: nginx::site ###
	49	+
	50	+Install a nginx site in /etc/nginx/sites-available (and symlink in /etc/nginx/sites-enabled).
	51	+
	52	+Parameters :
	53	+ * ensure: typically set to "present" or "absent". Defaults to "present"
	54	+ * content: site definition (should be a template).
	55	+
	56	+### Define: nginx::site_include ###
	57	+
	58	+Define: site_include
	59	+
	60	+Define a site config include in /etc/nginx/includes
	61	+
	62	+Parameters :
	63	+ * ensure: typically set to "present" or "absent". Defaults to "present"
	64	+ * content: include definition (should be a template).
	65	+
	66	+
	67	+## Class nginx::fcgi ##
	68	+
	69	+Manage nginx fcgi configuration.
	70	+Provide nginx::fcgi::site
	71	+
	72	+Templates :
	73	+ * nginx/includes/fastcgi_params.erb
	74	+
	75	+### Define: nginx::fcgi::site ###
	76	+
	77	+Create a fcgi site config from template using parameters.
	78	+You can use my php5-fpm class to manage fastcgi servers.
	79	+
	80	+Parameters :
	81	+ * ensure: typically set to "present" or "absent". Defaults to "present"
	82	+ * root: document root (Required)
	83	+ * index: nginx index directive. Defaults to "index.php"
	84	+ * fastcgi_pass : port or socket on which the FastCGI-server is listening (Required)
	85	+ * server_name : server_name directive (could be an array)
	86	+ * listen : address/port the server listen to. Defaults to 80. Auto enable ssl if 443
	87	+ * access_log : custom acces logs. Defaults to /var/log/nginx/$name_access.log
	88	+ * include : custom include for the site (could be an array). Include files must exists
	89	+ to avoid nginx reload errors. Use with nginx::site_include
	90	+ * ssl_certificate : ssl_certificate path. If empty auto-generating ssl cert
	91	+ * ssl_certificate_key : ssl_certificate_key path. If empty auto-generating ssl cert key
	92	+ See http://wiki.nginx.org for details.
	93	+
	94	+Templates :
	95	+ * nginx/fcgi_site.erb
	96	+
	97	+Sample Usage :
	98	+
	99	+ include nginx
	100	+ include nginx::fcgi
	101	+
	102	+ nginx::fcgi::site {"default":
	103	+ root => "/var/www/nginx-default",
	104	+ fastcgi_pass => "127.0.0.1:9000",
	105	+ server_name => ["localhost", "$hostname", "$fqdn"],
	106	+ }
	107	+
	108	+ nginx::fcgi::site {"default-ssl":
	109	+ listen => "443",
	110	+ root => "/var/www/nginx-default",
	111	+ fastcgi_pass => "127.0.0.1:9000",
	112	+ server_name => "$fqdn",
	113	+ }
	114	+
	115	+## CHANGELOG ##
	116	+- v0.2 : * ssl support
...	...
...	...	@@ -0,0 +1,27 @@
	1	+# Define: nginx::config
	2	+#
	3	+# Define a nginx config snippet. Places all config snippets into
	4	+# /etc/nginx/conf.d, where they will be automatically loaded by http module
	5	+#
	6	+#
	7	+# Parameters :
	8	+# * ensure: typically set to "present" or "absent". Defaults to "present"
	9	+# * content: set the content of the config snipppet. Defaults to 'template("nginx/${name}.conf.erb")'
	10	+# * order: specifies the load order for this config snippet. Defaults to "500"
	11	+#
	12	+define nginx::config($ensure='present', $content=undef, $order='500') {
	13	+ $real_content = $content ? {
	14	+ undef => template("nginx/${name}.conf.erb"),
	15	+ default => $content,
	16	+ }
	17	+
	18	+ file { "${nginx::nginx_conf}/${order}-${name}.conf":
	19	+ ensure => $ensure,
	20	+ content => $real_content,
	21	+ mode => '0644',
	22	+ owner => 'root',
	23	+ group => 'root',
	24	+ notify => Service['nginx'],
	25	+ }
	26	+}
	27	+
...	...
...	...	@@ -0,0 +1,13 @@
	1	+# Class: nginx::fcgi
	2	+#
	3	+# Manage nginx fcgi configuration.
	4	+# Provide nginx::fcgi::site
	5	+#
	6	+# Templates :
	7	+# * nginx/includes/fastcgi_params.erb
	8	+#
	9	+class nginx::fcgi inherits nginx {
	10	+ nginx::site_include { 'fastcgi_params':
	11	+ content => template('nginx/includes/fastcgi_params.erb'),
	12	+ }
	13	+}
...	...
...	...	@@ -0,0 +1,86 @@
	1	+# Define: nginx::fcgi::site
	2	+#
	3	+# Create a fcgi site config from template using parameters.
	4	+# You can use my php5-fpm class to manage fastcgi servers.
	5	+#
	6	+# Parameters :
	7	+# * ensure: typically set to "present" or "absent". Defaults to "present"
	8	+# * root: document root (Required)
	9	+# * fastcgi_pass : port or socket on which the FastCGI-server is listening (Required)
	10	+# * server_name : server_name directive (could be an array)
	11	+# * listen : address/port the server listen to. Defaults to 80. Auto enable ssl if 443
	12	+# * access_log : custom acces logs. Defaults to /var/log/nginx/$name_access.log
	13	+# * include : custom include for the site (could be an array). Include files must exists
	14	+# to avoid nginx reload errors. Use with nginx::site_include
	15	+# * ssl_certificate : ssl_certificate path. If empty auto-generating ssl cert
	16	+# * ssl_certificate_key : ssl_certificate_key path. If empty auto-generating ssl cert key
	17	+# See http://wiki.nginx.org for details.
	18	+#
	19	+# Templates :
	20	+# * nginx/fcgi_site.erb
	21	+#
	22	+# Sample Usage :
	23	+# nginx::fcgi::site { 'default':
	24	+# root => '/var/www/nginx-default',
	25	+# fastcgi_pass => '127.0.0.1:9000',
	26	+# server_name => ['localhost', $hostname, $fqdn],
	27	+# }
	28	+#
	29	+# nginx::fcgi::site { 'default-ssl':
	30	+# listen => '443',
	31	+# root => '/var/www/nginx-default',
	32	+# fastcgi_pass => '127.0.0.1:9000',
	33	+# server_name => $fqdn,
	34	+# }
	35	+#
	36	+define nginx::fcgi::site(
	37	+ $root,
	38	+ $fastcgi_pass,
	39	+ $ensure = 'present',
	40	+ $index = 'index.php',
	41	+ $include = '',
	42	+ $listen = '80',
	43	+ $server_name = undef,
	44	+ $access_log = undef,
	45	+ $ssl_certificate = undef,
	46	+ $ssl_certificate_key = undef,
	47	+ $ssl_session_timeout = '5m') {
	48	+
	49	+ $real_server_name = $server_name ? {
	50	+ undef => $name,
	51	+ default => $server_name,
	52	+ }
	53	+
	54	+ $real_access_log = $access_log ? {
	55	+ undef => "/var/log/nginx/${name}_access.log",
	56	+ default => $access_log,
	57	+ }
	58	+
	59	+ # Autogenerating ssl certs
	60	+ if $listen == '443' and $ensure == 'present' and ($ssl_certificate == undef or $ssl_certificate_key == undef) {
	61	+ exec { "generate-${name}-certs":
	62	+ command => "/usr/bin/openssl req -new -inform PEM -x509 -nodes -days 999 -subj \
	63	+ '/C=ZZ/ST=AutoSign/O=AutoSign/localityName=AutoSign/commonName=${real_server_name}/organizationalUnitName=AutoSign/emailAddress=AutoSign/' \
	64	+ -newkey rsa:2048 -out /etc/nginx/ssl/${name}.pem -keyout /etc/nginx/ssl/${name}.key",
	65	+ unless => "/usr/bin/test -f /etc/nginx/ssl/${name}.pem",
	66	+ require => File['/etc/nginx/ssl'],
	67	+ notify => Service['nginx'],
	68	+ }
	69	+ }
	70	+
	71	+ $real_ssl_certificate = $ssl_certificate ? {
	72	+ undef => "/etc/nginx/ssl/${name}.pem",
	73	+ default => $ssl_certificate,
	74	+ }
	75	+
	76	+ $real_ssl_certificate_key = $ssl_certificate_key ? {
	77	+ undef => "/etc/nginx/ssl/${name}.key",
	78	+ default => $ssl_certificate_key,
	79	+ }
	80	+
	81	+ nginx::site { $name:
	82	+ ensure => $ensure,
	83	+ content => template('nginx/fcgi_site.erb'),
	84	+ }
	85	+}
	86	+
...	...
...	...	@@ -0,0 +1,102 @@
	1	+# Class: nginx
	2	+#
	3	+# Install nginx.
	4	+#
	5	+# Parameters:
	6	+# * $user. Defaults to 'www-data'.
	7	+# * $worker_processes. Defaults to '1'.
	8	+# * $worker_connections. Defaults to '1024'.
	9	+# * $error_log. Default to undef
	10	+# * $pid_file. Default to undef
	11	+# * $access_log. Default to undef
	12	+#
	13	+# Create config directories :
	14	+# * /etc/nginx/conf.d for http config snippet
	15	+# * /etc/nginx/includes for sites includes
	16	+#
	17	+# Provide 3 definitions :
	18	+# * nginx::config (http config snippet)
	19	+# * nginx::site (http site)
	20	+# * nginx::site_include (site includes)
	21	+#
	22	+# Templates:
	23	+# - nginx.conf.erb => /etc/nginx/nginx.conf
	24	+#
	25	+class nginx (
	26	+ $user = 'www-data',
	27	+ $worker_processes = '1',
	28	+ $worker_connections = '1024',
	29	+ $error_log = undef,
	30	+ $pid_file = undef,
	31	+ $access_log = undef
	32	+){
	33	+ $nginx_includes = '/etc/nginx/includes'
	34	+ $nginx_conf = '/etc/nginx/conf.d'
	35	+
	36	+ case $::operatingsystem {
	37	+ centos,fedora,rhel: {
	38	+ $nginx_packages = ['nginx', 'GeoIP', 'gd', 'libXpm', 'libxslt']
	39	+ }
	40	+ debian,ubuntu: {
	41	+ $nginx_packages = 'nginx-extras'
	42	+ }
	43	+ }
	44	+ if ! defined(Package[$nginx_packages]) {
	45	+ package { $nginx_packages:
	46	+ ensure => installed
	47	+ }
	48	+ }
	49	+
	50	+ #restart-command is a quick-fix here, until http://projects.puppetlabs.com/issues/1014 is solved
	51	+ service { 'nginx':
	52	+ ensure => running,
	53	+ enable => true,
	54	+ hasrestart => true,
	55	+ require => File['/etc/nginx/nginx.conf'],
	56	+ restart => '/etc/init.d/nginx reload'
	57	+ }
	58	+
	59	+ file { '/etc/nginx/nginx.conf':
	60	+ ensure => present,
	61	+ mode => '0644',
	62	+ owner => 'root',
	63	+ group => 'root',
	64	+ content => template('nginx/nginx.conf.erb'),
	65	+ notify => Service['nginx'],
	66	+ require => Package[$nginx_packages],
	67	+ }
	68	+
	69	+ file { $nginx_conf:
	70	+ ensure => directory,
	71	+ mode => '0644',
	72	+ owner => 'root',
	73	+ group => 'root',
	74	+ require => Package[$nginx_packages],
	75	+ }
	76	+
	77	+ file { '/etc/nginx/ssl':
	78	+ ensure => directory,
	79	+ mode => '0644',
	80	+ owner => 'root',
	81	+ group => 'root',
	82	+ require => Package[$nginx_packages],
	83	+ }
	84	+
	85	+ file { $nginx_includes:
	86	+ ensure => directory,
	87	+ mode => '0644',
	88	+ owner => 'root',
	89	+ group => 'root',
	90	+ require => Package[$nginx_packages],
	91	+ }
	92	+
	93	+ # Nuke default files
	94	+ file { '/etc/nginx/fastcgi_params':
	95	+ ensure => absent,
	96	+ require => Package[$nginx_packages],
	97	+ }
	98	+
	99	+ file { '/etc/nginx/sites-enabled/default':
	100	+ ensure => absent,
	101	+ }
	102	+}
...	...
...	...	@@ -0,0 +1,42 @@
	1	+# Define: install_site
	2	+#
	3	+# Install nginx vhost
	4	+# This definition is private, not intended to be called directly
	5	+#
	6	+define nginx::install_site($content=undef) {
	7	+ # first, make sure the site config exists
	8	+ case $content {
	9	+ undef: {
	10	+ file { "/etc/nginx/sites-available/${name}":
	11	+ ensure => present,
	12	+ mode => '0644',
	13	+ owner => 'root',
	14	+ group => 'root',
	15	+ alias => "sites-${name}",
	16	+ notify => Service['nginx'],
	17	+ require => Package[$nginx::nginx_packages],
	18	+ }
	19	+ }
	20	+ default: {
	21	+ file { "/etc/nginx/sites-available/${name}":
	22	+ ensure => present,
	23	+ mode => '0644',
	24	+ owner => 'root',
	25	+ group => 'root',
	26	+ alias => "sites-$name",
	27	+ content => $content,
	28	+ require => Package[$nginx::nginx_packages],
	29	+ notify => Service['nginx'],
	30	+ }
	31	+ }
	32	+ }
	33	+
	34	+ # now, enable it.
	35	+ exec { "ln -s /etc/nginx/sites-available/${name} /etc/nginx/sites-enabled/${name}":
	36	+ unless => "/bin/sh -c '[ -L /etc/nginx/sites-enabled/${name} ] && \
	37	+ [ /etc/nginx/sites-enabled/${name} -ef /etc/nginx/sites-available/${name} ]'",
	38	+ path => ['/usr/bin/', '/bin/'],
	39	+ notify => Service['nginx'],
	40	+ require => File["sites-${name}"],
	41	+ }
	42	+}
...	...
...	...	@@ -0,0 +1,27 @@
	1	+# Define: nginx::site
	2	+#
	3	+# Install a nginx site in /etc/nginx/sites-available (and symlink in /etc/nginx/sites-enabled).
	4	+#
	5	+#
	6	+# Parameters :
	7	+# * ensure: typically set to "present" or "absent". Defaults to "present"
	8	+# * content: site definition (should be a template).
	9	+#
	10	+define nginx::site($ensure='present', $content='') {
	11	+ case $ensure {
	12	+ 'present' : {
	13	+ nginx::install_site { $name:
	14	+ content => $content
	15	+ }
	16	+ }
	17	+ 'absent' : {
	18	+ exec { "/bin/rm -f /etc/nginx/sites-enabled/${name}":
	19	+ onlyif => "/bin/sh -c '[ -L /etc/nginx/sites-enabled/${name} ] && \
	20	+ [ /etc/nginx/sites-enabled/$name -ef /etc/nginx/sites-available/${name} ]'",
	21	+ notify => Service['nginx'],
	22	+ require => Package[$nginx::nginx_packages],
	23	+ }
	24	+ }
	25	+ default: { err ("Unknown ensure value: '$ensure'") }
	26	+ }
	27	+}
...	...