Saltstack Official Nginx Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

pkg.sls 6.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
  1. # nginx.pkg
  2. #
  3. # Manages installation of nginx from pkg.
  4. {#- Get the `tplroot` from `tpldir` #}
  5. {%- set tplroot = tpldir.split('/')[0] %}
  6. {%- from tplroot ~ "/map.jinja" import nginx, sls_block with context %}
  7. {%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
  8. {%- if nginx.install_from_repo %}
  9. {% set from_official = true %}
  10. {% set from_ppa = false %}
  11. {% set from_phusionpassenger = false %}
  12. {% elif nginx.install_from_ppa %}
  13. {% set from_official = false %}
  14. {% set from_ppa = true %}
  15. {% set from_phusionpassenger = false %}
  16. {% elif nginx.install_from_phusionpassenger %}
  17. {% set from_official = false %}
  18. {% set from_ppa = false %}
  19. {% set from_phusionpassenger = true %}
  20. {% else %}
  21. {% set from_official = false %}
  22. {% set from_ppa = false %}
  23. {% set from_phusionpassenger = false %}
  24. {%- endif %}
  25. nginx_install:
  26. pkg.installed:
  27. {{ sls_block(nginx.package.opts) }}
  28. {% if nginx.lookup.package is iterable and nginx.lookup.package is not string %}
  29. - pkgs:
  30. {% for pkg in nginx.lookup.package %}
  31. - {{ pkg }}
  32. {% endfor %}
  33. {% else %}
  34. - name: {{ nginx.lookup.package }}
  35. {% endif %}
  36. {% if grains.os_family == 'Debian' %}
  37. {%- if from_official %}
  38. nginx_official_repo_keyring:
  39. file.managed:
  40. - name: {{ nginx.lookup.package_repo_keyring }}
  41. - source: {{ files_switch(['nginx-archive-keyring.gpg'],
  42. lookup='nginx_official_repo_keyring'
  43. )
  44. }}
  45. - require_in:
  46. - pkgrepo: nginx_official_repo
  47. {%- endif %}
  48. nginx_official_repo:
  49. pkgrepo:
  50. {%- if from_official %}
  51. - managed
  52. {%- else %}
  53. - absent
  54. {%- endif %}
  55. - humanname: nginx apt repo
  56. - name: >-
  57. deb [signed-by={{ nginx.lookup.package_repo_keyring }}]
  58. http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx
  59. - file: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list
  60. - require_in:
  61. - pkg: nginx_install
  62. - watch_in:
  63. - pkg: nginx_install
  64. {%- if grains.os not in ('Debian',) %}
  65. ## applies to Ubuntu and derivatives only #}
  66. nginx_ppa_repo:
  67. pkgrepo:
  68. {%- if from_ppa %}
  69. - managed
  70. {%- else %}
  71. - absent
  72. {%- endif %}
  73. {% if grains.os == 'Ubuntu' %}
  74. - ppa: nginx/{{ nginx.ppa_version }}
  75. {% else %}
  76. - name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main
  77. - keyid: C300EE8C
  78. - keyserver: keyserver.ubuntu.com
  79. {% endif %}
  80. - require_in:
  81. - pkg: nginx_install
  82. - watch_in:
  83. - pkg: nginx_install
  84. {%- endif %}
  85. {%- if from_phusionpassenger %}
  86. nginx_phusionpassenger_repo_keyring:
  87. file.managed:
  88. - name: /usr/share/keyrings/phusionpassenger-archive-keyring.gpg
  89. - source: {{ files_switch(['phusionpassenger-archive-keyring.gpg'],
  90. lookup='nginx_phusionpassenger_repo_keyring'
  91. )
  92. }}
  93. - require_in:
  94. - pkgrepo: nginx_phusionpassenger_repo
  95. # Remove the old repo file
  96. nginx_phusionpassenger_repo_remove:
  97. pkgrepo.absent:
  98. - name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx
  99. - keyid: 561F9B9CAC40B2F7
  100. - require_in:
  101. - pkgrepo: nginx_phusionpassenger_repo
  102. file.absent:
  103. - name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list
  104. - require_in:
  105. - pkgrepo: nginx_phusionpassenger_repo
  106. {%- endif %}
  107. nginx_phusionpassenger_repo:
  108. pkgrepo:
  109. {%- if from_phusionpassenger %}
  110. - managed
  111. {%- else %}
  112. - absent
  113. {%- endif %}
  114. - humanname: nginx phusionpassenger repo
  115. - name: >-
  116. deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}]
  117. https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main
  118. - file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list
  119. - require_in:
  120. - pkg: nginx_install
  121. - watch_in:
  122. - pkg: nginx_install
  123. {% endif %}
  124. {% if grains.os_family == 'Suse' or grains.os == 'SUSE' %}
  125. nginx_zypp_repo:
  126. pkgrepo:
  127. {%- if from_official %}
  128. - managed
  129. {%- else %}
  130. - absent
  131. {%- endif %}
  132. - name: server_http
  133. - humanname: server_http
  134. - baseurl: 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/'
  135. - enabled: True
  136. - autorefresh: True
  137. - gpgcheck: {{ nginx.lookup.gpg_check }}
  138. - gpgkey: {{ nginx.lookup.gpg_key }}
  139. - require_in:
  140. - pkg: nginx_install
  141. - watch_in:
  142. - pkg: nginx_install
  143. {% endif %}
  144. {% if grains.os_family == 'RedHat' %}
  145. {% if grains.get('osfinger', '') == 'Amazon Linux-2' %}
  146. nginx_epel_repo:
  147. pkgrepo.managed:
  148. - name: epel
  149. - humanname: Extra Packages for Enterprise Linux 7 - $basearch
  150. - mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
  151. - enabled: 1
  152. - gpgcheck: 1
  153. - gpgkey: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
  154. - failovermethod: priority
  155. - require_in:
  156. - pkg: nginx_install
  157. - watch_in:
  158. - pkg: nginx_install
  159. {% endif %}
  160. nginx_yum_repo:
  161. pkgrepo:
  162. {%- if from_official %}
  163. - managed
  164. {%- else %}
  165. - absent
  166. {%- endif %}
  167. - name: nginx
  168. - humanname: nginx repo
  169. {%- if grains.os == 'CentOS' %}
  170. - baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/'
  171. {%- else %}
  172. - baseurl: 'http://nginx.org/packages/rhel/{{ nginx.lookup.rh_os_releasever }}/$basearch/'
  173. {%- endif %}
  174. - gpgcheck: {{ nginx.lookup.gpg_check }}
  175. - gpgkey: {{ nginx.lookup.gpg_key }}
  176. - enabled: True
  177. - require_in:
  178. - pkg: nginx_install
  179. - watch_in:
  180. - pkg: nginx_install
  181. nginx_phusionpassenger_yum_repo:
  182. pkgrepo:
  183. {%- if from_phusionpassenger %}
  184. - managed
  185. {%- else %}
  186. - absent
  187. {%- endif %}
  188. - name: passenger
  189. - humanname: nginx phusionpassenger repo
  190. - baseurl: 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
  191. - repo_gpgcheck: 1
  192. - gpgcheck: 0
  193. - gpgkey: 'https://oss-binaries.phusionpassenger.com/yum/definitions/RPM-GPG-KEY.asc'
  194. - enabled: True
  195. - sslverify: 1
  196. - sslcacert: /etc/pki/tls/certs/ca-bundle.crt
  197. - require_in:
  198. - pkg: nginx_install
  199. - watch_in:
  200. - pkg: nginx_install
  201. {% endif %}