|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214 |
- # nginx.pkg
- #
- # Manages installation of nginx from pkg.
-
- {#- Get the `tplroot` from `tpldir` #}
- {%- set tplroot = tpldir.split('/')[0] %}
- {%- from tplroot ~ "/map.jinja" import nginx, sls_block with context %}
- {%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
-
- {%- if nginx.install_from_repo %}
- {% set from_official = true %}
- {% set from_ppa = false %}
- {% set from_phusionpassenger = false %}
- {% elif nginx.install_from_ppa %}
- {% set from_official = false %}
- {% set from_ppa = true %}
- {% set from_phusionpassenger = false %}
- {% elif nginx.install_from_phusionpassenger %}
- {% set from_official = false %}
- {% set from_ppa = false %}
- {% set from_phusionpassenger = true %}
- {% else %}
- {% set from_official = false %}
- {% set from_ppa = false %}
- {% set from_phusionpassenger = false %}
- {%- endif %}
-
- nginx_install:
- pkg.installed:
- {{ sls_block(nginx.package.opts) }}
- {% if nginx.lookup.package is iterable and nginx.lookup.package is not string %}
- - pkgs:
- {% for pkg in nginx.lookup.package %}
- - {{ pkg }}
- {% endfor %}
- {% else %}
- - name: {{ nginx.lookup.package }}
- {% endif %}
-
- {% if grains.os_family == 'Debian' %}
- {%- if from_official %}
- nginx_official_repo_keyring:
- file.managed:
- - name: {{ nginx.lookup.package_repo_keyring }}
- - source: {{ files_switch(['nginx-archive-keyring.gpg'],
- lookup='nginx_official_repo_keyring'
- )
- }}
- - require_in:
- - pkgrepo: nginx_official_repo
- {%- endif %}
-
- nginx_official_repo:
- pkgrepo:
- {%- if from_official %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- - humanname: nginx apt repo
- - name: >-
- deb [signed-by={{ nginx.lookup.package_repo_keyring }}]
- http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx
- - file: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
-
- {%- if grains.os not in ('Debian',) %}
- ## applies to Ubuntu and derivatives only #}
- nginx_ppa_repo:
- pkgrepo:
- {%- if from_ppa %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- {% if grains.os == 'Ubuntu' %}
- - ppa: nginx/{{ nginx.ppa_version }}
- {% else %}
- - name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main
- - keyid: C300EE8C
- - keyserver: keyserver.ubuntu.com
- {% endif %}
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
- {%- endif %}
-
- {%- if from_phusionpassenger %}
- nginx_phusionpassenger_repo_keyring:
- file.managed:
- - name: /usr/share/keyrings/phusionpassenger-archive-keyring.gpg
- - source: {{ files_switch(['phusionpassenger-archive-keyring.gpg'],
- lookup='nginx_phusionpassenger_repo_keyring'
- )
- }}
- - require_in:
- - pkgrepo: nginx_phusionpassenger_repo
-
- # Remove the old repo file
- nginx_phusionpassenger_repo_remove:
- pkgrepo.absent:
- - name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx
- - keyid: 561F9B9CAC40B2F7
- - require_in:
- - pkgrepo: nginx_phusionpassenger_repo
- file.absent:
- - name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list
- - require_in:
- - pkgrepo: nginx_phusionpassenger_repo
- {%- endif %}
-
- nginx_phusionpassenger_repo:
- pkgrepo:
- {%- if from_phusionpassenger %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- - humanname: nginx phusionpassenger repo
- - name: >-
- deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}]
- https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main
- - file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
- {% endif %}
-
- {% if grains.os_family == 'Suse' or grains.os == 'SUSE' %}
- nginx_zypp_repo:
- pkgrepo:
- {%- if from_official %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- - name: server_http
- - humanname: server_http
- - baseurl: 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/'
- - enabled: True
- - autorefresh: True
- - gpgcheck: {{ nginx.lookup.gpg_check }}
- - gpgkey: {{ nginx.lookup.gpg_key }}
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
- {% endif %}
-
- {% if grains.os_family == 'RedHat' %}
- {% if grains.get('osfinger', '') == 'Amazon Linux-2' %}
- nginx_epel_repo:
- pkgrepo.managed:
- - name: epel
- - humanname: Extra Packages for Enterprise Linux 7 - $basearch
- - mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
- - enabled: 1
- - gpgcheck: 1
- - gpgkey: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
- - failovermethod: priority
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
- {% endif %}
-
- nginx_yum_repo:
- pkgrepo:
- {%- if from_official %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- - name: nginx
- - humanname: nginx repo
- {%- if grains.os == 'CentOS' %}
- - baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/'
- {%- else %}
- - baseurl: 'http://nginx.org/packages/rhel/{{ nginx.lookup.rh_os_releasever }}/$basearch/'
- {%- endif %}
- - gpgcheck: {{ nginx.lookup.gpg_check }}
- - gpgkey: {{ nginx.lookup.gpg_key }}
- - enabled: True
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
-
- nginx_phusionpassenger_yum_repo:
- pkgrepo:
- {%- if from_phusionpassenger %}
- - managed
- {%- else %}
- - absent
- {%- endif %}
- - name: passenger
- - humanname: nginx phusionpassenger repo
- - baseurl: 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
- - repo_gpgcheck: 1
- - gpgcheck: 0
- - gpgkey: 'https://oss-binaries.phusionpassenger.com/yum/definitions/RPM-GPG-KEY.asc'
- - enabled: True
- - sslverify: 1
- - sslcacert: /etc/pki/tls/certs/ca-bundle.crt
- - require_in:
- - pkg: nginx_install
- - watch_in:
- - pkg: nginx_install
- {% endif %}
|