Browse Source

refactor(pkgs): readbility

tags/v2.8.0
Javier Bértoli 2 years ago
parent
commit
b76e8cc664
4 changed files with 27 additions and 18 deletions
  1. +2
    -2
      docs/README.apt.keyrings.rst
  2. +3
    -0
      nginx/map.jinja
  3. +17
    -13
      nginx/pkg.sls
  4. +5
    -3
      test/integration/passenger/controls/repository.rb

+ 2
- 2
docs/README.apt.keyrings.rst View File

As nginx and passenger don't provide such key files, we created them following the As nginx and passenger don't provide such key files, we created them following the
official recomendations in their sites and install the resulting files. official recomendations in their sites and install the resulting files.


Ngninx
------
Nginx
-----


See https://nginx.org/en/linux_packages.html#Debian for details See https://nginx.org/en/linux_packages.html#Debian for details



+ 3
- 0
nginx/map.jinja View File

'server_use_symlink': True, 'server_use_symlink': True,
'pid_file': '/run/nginx.pid', 'pid_file': '/run/nginx.pid',
'openssl_package': 'openssl', 'openssl_package': 'openssl',
'package_repo_keyring': '/usr/share/keyrings/nginx-archive-keyring.gpg',
'passenger_package_repo_keyring': '/usr/share/keyrings/phusionpassenger-archive-keyring.gpg',

}, },
'CentOS': { 'CentOS': {
'package': 'nginx', 'package': 'nginx',

+ 17
- 13
nginx/pkg.sls View File

- name: {{ nginx.lookup.package }} - name: {{ nginx.lookup.package }}
{% endif %} {% endif %}


{% if salt['grains.get']('os_family') == 'Debian' %}
{% if grains.os_family == 'Debian' %}
{%- if from_official %} {%- if from_official %}
nginx_official_repo_keyring: nginx_official_repo_keyring:
file.managed: file.managed:
- name: /usr/share/keyrings/nginx-archive-keyring.gpg
- name: {{ nginx.lookup.package_repo_keyring }}
- source: {{ files_switch(['nginx-archive-keyring.gpg'], - source: {{ files_switch(['nginx-archive-keyring.gpg'],
lookup='nginx_official_repo_keyring' lookup='nginx_official_repo_keyring'
) )
- absent - absent
{%- endif %} {%- endif %}
- humanname: nginx apt repo - humanname: nginx apt repo
- name: deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/{{ grains['os'].lower() }}/ {{ grains['oscodename'] }} nginx
- file: /etc/apt/sources.list.d/nginx-official-{{ grains['oscodename'] }}.list
- name: >-
deb [signed-by={{ nginx.lookup.package_repo_keyring }}]
http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx
- file: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list
- require_in: - require_in:
- pkg: nginx_install - pkg: nginx_install
- watch_in: - watch_in:
{%- else %} {%- else %}
- absent - absent
{%- endif %} {%- endif %}
{% if salt['grains.get']('os') == 'Ubuntu' %}
{% if grains.os == 'Ubuntu' %}
- ppa: nginx/{{ nginx.ppa_version }} - ppa: nginx/{{ nginx.ppa_version }}
{% else %} {% else %}
- name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains['oscodename'] }} main
- name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main
- keyid: C300EE8C - keyid: C300EE8C
- keyserver: keyserver.ubuntu.com - keyserver: keyserver.ubuntu.com
{% endif %} {% endif %}
# Remove the old repo file # Remove the old repo file
nginx_phusionpassenger_repo_remove: nginx_phusionpassenger_repo_remove:
pkgrepo.absent: pkgrepo.absent:
- name: deb http://nginx.org/packages/{{ grains['os'].lower() }}/ {{ grains['oscodename'] }} nginx
- name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx
- keyid: 561F9B9CAC40B2F7 - keyid: 561F9B9CAC40B2F7
- require_in: - require_in:
- pkgrepo: nginx_phusionpassenger_repo - pkgrepo: nginx_phusionpassenger_repo
file.absent: file.absent:
- name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains['oscodename'] }}.list
- name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list
- require_in: - require_in:
- pkgrepo: nginx_phusionpassenger_repo - pkgrepo: nginx_phusionpassenger_repo
{%- endif %} {%- endif %}
- absent - absent
{%- endif %} {%- endif %}
- humanname: nginx phusionpassenger repo - humanname: nginx phusionpassenger repo
- name: deb [signed-by=/usr/share/keyrings/phusionpassenger-archive-keyring.gpg] https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains['oscodename'] }} main
- file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains['oscodename'] }}.list
- name: >-
deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}]
https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main
- file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list
- require_in: - require_in:
- pkg: nginx_install - pkg: nginx_install
- watch_in: - watch_in:
- pkg: nginx_install - pkg: nginx_install
{% endif %} {% endif %}


{% if salt['grains.get']('os_family') == 'Suse' or salt['grains.get']('os') == 'SUSE' %}
{% if grains.os_family == 'Suse' or grains.os == 'SUSE' %}
nginx_zypp_repo: nginx_zypp_repo:
pkgrepo: pkgrepo:
{%- if from_official %} {%- if from_official %}
- pkg: nginx_install - pkg: nginx_install
{% endif %} {% endif %}


{% if salt['grains.get']('os_family') == 'RedHat' %}
{% if salt['grains.get']('osfinger', '') in ['Amazon Linux-2'] %}
{% if grains.os_family == 'RedHat' %}
{% if grains.osfinger in ['Amazon Linux-2'] %}
nginx_epel_repo: nginx_epel_repo:
pkgrepo.managed: pkgrepo.managed:
- name: epel - name: epel

+ 5
- 3
test/integration/passenger/controls/repository.rb View File

# frozen_string_literal: true # frozen_string_literal: true


case os[:name]
when 'centos'
case os.family
when 'redhat'
repo_file = '/etc/yum.repos.d/passenger.repo' repo_file = '/etc/yum.repos.d/passenger.repo'
repo_url = 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch' repo_url = 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
when 'debian', 'ubuntu'
when 'debian'
# Inspec does not provide a `codename` matcher, so we add ours # Inspec does not provide a `codename` matcher, so we add ours
case platform[:release].to_f.truncate case platform[:release].to_f.truncate
# ubuntu # ubuntu
when 20 when 20
codename = 'focal' codename = 'focal'
# debian # debian
when 9
codename = 'stretch'
when 10 when 10
codename = 'buster' codename = 'buster'
when 11 when 11

Loading…
Cancel
Save