Saltstack Official Nginx Formula
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

227 lines
6.7KB

  1. # nginx.pkg
  2. #
  3. # Manages installation of nginx from pkg.
  4. {#- Get the `tplroot` from `tpldir` #}
  5. {%- set tplroot = tpldir.split('/')[0] %}
  6. {%- from tplroot ~ "/map.jinja" import nginx, sls_block with context %}
  7. {%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
  8. {%- if nginx.install_from_repo %}
  9. {% set from_official = true %}
  10. {% set from_ppa = false %}
  11. {% set from_phusionpassenger = false %}
  12. {% set from_opensuse_devel = false %}
  13. {% elif nginx.install_from_ppa %}
  14. {% set from_official = false %}
  15. {% set from_ppa = true %}
  16. {% set from_phusionpassenger = false %}
  17. {% set from_opensuse_devel = false %}
  18. {% elif nginx.install_from_phusionpassenger %}
  19. {% set from_official = false %}
  20. {% set from_ppa = false %}
  21. {% set from_phusionpassenger = true %}
  22. {% set from_opensuse_devel = false %}
  23. {% elif nginx.install_from_opensuse_devel %}
  24. {% set from_official = false %}
  25. {% set from_ppa = false %}
  26. {% set from_phusionpassenger = false %}
  27. {% set from_opensuse_devel = true %}
  28. {% else %}
  29. {% set from_official = false %}
  30. {% set from_ppa = false %}
  31. {% set from_phusionpassenger = false %}
  32. {% set from_opensuse_devel = false %}
  33. {%- endif %}
  34. {%- set resource_repo_managed = 'file' if grains.os_family == 'Debian' else 'pkgrepo' %}
  35. nginx_install:
  36. pkg.installed:
  37. {{ sls_block(nginx.package.opts) }}
  38. {% if nginx.lookup.package is iterable and nginx.lookup.package is not string %}
  39. - pkgs:
  40. {% for pkg in nginx.lookup.package %}
  41. - {{ pkg }}
  42. {% endfor %}
  43. {% else %}
  44. - name: {{ nginx.lookup.package }}
  45. {% endif %}
  46. {% if grains.os_family == 'Debian' %}
  47. {%- if from_official %}
  48. nginx_official_repo_keyring:
  49. file.managed:
  50. - name: {{ nginx.lookup.package_repo_keyring }}
  51. - source: {{ files_switch(['nginx-archive-keyring.gpg'],
  52. lookup='nginx_official_repo_keyring'
  53. )
  54. }}
  55. - require_in:
  56. - {{ resource_repo_managed }}: nginx_official_repo
  57. {%- endif %}
  58. nginx_official_repo:
  59. file:
  60. {%- if from_official %}
  61. - managed
  62. {%- else %}
  63. - absent
  64. {%- endif %}
  65. - name: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list
  66. - contents: >
  67. deb [signed-by={{ nginx.lookup.package_repo_keyring }}]
  68. http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx
  69. - require_in:
  70. - pkg: nginx_install
  71. - watch_in:
  72. - pkg: nginx_install
  73. {%- if grains.os not in ('Debian',) %}
  74. ## applies to Ubuntu and derivatives only #}
  75. nginx_ppa_repo:
  76. pkgrepo:
  77. {%- if from_ppa %}
  78. - managed
  79. {%- else %}
  80. - absent
  81. {%- endif %}
  82. {% if grains.os == 'Ubuntu' %}
  83. - ppa: nginx/{{ nginx.ppa_version }}
  84. {% else %}
  85. - name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main
  86. - keyid: C300EE8C
  87. - keyserver: keyserver.ubuntu.com
  88. {% endif %}
  89. - require_in:
  90. - pkg: nginx_install
  91. - watch_in:
  92. - pkg: nginx_install
  93. {%- endif %}
  94. {%- if from_phusionpassenger %}
  95. nginx_phusionpassenger_repo_keyring:
  96. file.managed:
  97. - name: /usr/share/keyrings/phusionpassenger-archive-keyring.gpg
  98. - source: {{ files_switch(['phusionpassenger-archive-keyring.gpg'],
  99. lookup='nginx_phusionpassenger_repo_keyring'
  100. )
  101. }}
  102. - require_in:
  103. - {{ resource_repo_managed }}: nginx_phusionpassenger_repo
  104. # Remove the old repo file
  105. nginx_phusionpassenger_repo_remove:
  106. pkgrepo.absent:
  107. - name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx
  108. - keyid: 561F9B9CAC40B2F7
  109. - require_in:
  110. - {{ resource_repo_managed }}: nginx_phusionpassenger_repo
  111. file.absent:
  112. - name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list
  113. - require_in:
  114. - {{ resource_repo_managed }}: nginx_phusionpassenger_repo
  115. {%- endif %}
  116. nginx_phusionpassenger_repo:
  117. file:
  118. {%- if from_phusionpassenger %}
  119. - managed
  120. {%- else %}
  121. - absent
  122. {%- endif %}
  123. - name: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list
  124. - contents: >
  125. deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}]
  126. https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main
  127. - require_in:
  128. - pkg: nginx_install
  129. - watch_in:
  130. - pkg: nginx_install
  131. {% endif %}
  132. {% if grains.os_family == 'Suse' or grains.os == 'SUSE' %}
  133. nginx_zypp_repo:
  134. pkgrepo:
  135. - name: server_http
  136. {%- if from_opensuse_devel %}
  137. - managed
  138. - humanname: server_http
  139. - baseurl: 'http://download.opensuse.org/repositories/server:/http/{{ grains.osrelease }}/'
  140. - enabled: True
  141. - autorefresh: True
  142. - gpgcheck: {{ nginx.lookup.gpg_check }}
  143. - gpgkey: {{ nginx.lookup.gpg_key }}
  144. - gpgautoimport: {{ nginx.lookup.gpg_autoimport }}
  145. {%- else %}
  146. - absent
  147. {%- endif %}
  148. - require_in:
  149. - pkg: nginx_install
  150. - watch_in:
  151. - pkg: nginx_install
  152. {% endif %}
  153. {% if grains.os_family == 'RedHat' %}
  154. {% if grains.get('osfinger', '') == 'Amazon Linux-2' %}
  155. nginx_epel_repo:
  156. pkgrepo.managed:
  157. - name: epel
  158. - humanname: Extra Packages for Enterprise Linux 7 - $basearch
  159. - mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
  160. - enabled: 1
  161. - gpgcheck: 1
  162. - gpgkey: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
  163. - failovermethod: priority
  164. - require_in:
  165. - pkg: nginx_install
  166. - watch_in:
  167. - pkg: nginx_install
  168. {% endif %}
  169. nginx_yum_repo:
  170. pkgrepo:
  171. {%- if from_official %}
  172. - managed
  173. {%- else %}
  174. - absent
  175. {%- endif %}
  176. - name: nginx
  177. - humanname: nginx repo
  178. {%- if grains.os == 'CentOS' %}
  179. - baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/'
  180. {%- else %}
  181. - baseurl: 'http://nginx.org/packages/rhel/{{ nginx.lookup.rh_os_releasever }}/$basearch/'
  182. {%- endif %}
  183. - gpgcheck: {{ nginx.lookup.gpg_check }}
  184. - gpgkey: {{ nginx.lookup.gpg_key }}
  185. - enabled: True
  186. - require_in:
  187. - pkg: nginx_install
  188. - watch_in:
  189. - pkg: nginx_install
  190. nginx_phusionpassenger_yum_repo:
  191. pkgrepo:
  192. {%- if from_phusionpassenger %}
  193. - managed
  194. {%- else %}
  195. - absent
  196. {%- endif %}
  197. - name: passenger
  198. - humanname: nginx phusionpassenger repo
  199. - baseurl: 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
  200. - repo_gpgcheck: 1
  201. - gpgcheck: 0
  202. - gpgkey: 'https://oss-binaries.phusionpassenger.com/yum/definitions/RPM-GPG-KEY.asc'
  203. - enabled: True
  204. - sslverify: 1
  205. - sslcacert: /etc/pki/tls/certs/ca-bundle.crt
  206. - require_in:
  207. - pkg: nginx_install
  208. - watch_in:
  209. - pkg: nginx_install
  210. {% endif %}