Saltstack Official Nginx Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

252 lines
7.9KB

  1. {% from "nginx/map.jinja" import nginx as nginx_map with context %}
  2. # Source currently requires package 'build-essential' which is Debian based.
  3. # Will not work with os_family RedHat!
  4. # TODO- Someone with a RedHat system please update this to work on RedHat
  5. {% set nginx = pillar.get('nginx', {}) -%}
  6. {% set use_sysvinit = nginx.get('use_sysvinit', nginx_map['use_sysvinit']) %}
  7. {% set version = nginx.get('version', '1.6.2') -%}
  8. {% set tarball_url = nginx.get('tarball_url', 'http://nginx.org/download/nginx-' + version + '.tar.gz') -%}
  9. {% set checksum = nginx.get('checksum', 'sha256=b5608c2959d3e7ad09b20fc8f9e5bd4bc87b3bc8ba5936a513c04ed8f1391a18') -%}
  10. {% set home = nginx.get('home', nginx_map['home']) -%}
  11. {% set base_temp_dir = nginx.get('base_temp_dir', '/tmp') -%}
  12. {% set source = nginx.get('source_root', '/usr/local/src') -%}
  13. {% set conf_dir = nginx.get('conf_dir', nginx_map['conf_dir']) -%}
  14. {% set conf_only = nginx.get('conf_only', false) -%}
  15. {% set log_dir = nginx.get('log_dir', nginx_map['log_dir']) -%}
  16. {% set pid_path = nginx.get('pid_path', '/var/run/nginx.pid') -%}
  17. {% set lock_path = nginx.get('lock_path', '/var/lock/nginx.lock') -%}
  18. {% set sbin_dir = nginx.get('sbin_dir', nginx_map['sbin_dir']) -%}
  19. {% set install_prefix = nginx.get('install_prefix', nginx_map['install_prefix']) -%}
  20. {% set with_items = nginx.get('with', ['debug', 'http_dav_module', 'http_stub_status_module', 'pcre', 'ipv6']) -%}
  21. {% set without_items = nginx.get('without', []) -%}
  22. {% set make_flags = nginx.get('make_flags', nginx_map['make_flags']) -%}
  23. {% set nginx_package = source + '/nginx-' + version + '.tar.gz' -%}
  24. {% set nginx_source = source + "/nginx-" + version -%}
  25. {% set nginx_modules_dir = source + "/nginx-modules" -%}
  26. include:
  27. - nginx.common
  28. {% if nginx.get('with_luajit', false) %}
  29. - nginx.luajit2
  30. {% endif -%}
  31. {% if nginx.get('with_openresty', false) %}
  32. - nginx.openresty
  33. {% endif -%}
  34. nginx_group:
  35. group.present:
  36. - name: {{ nginx_map.default_group }}
  37. nginx_user:
  38. file.directory:
  39. - name: {{ home }}
  40. - user: {{ nginx_map.default_user }}
  41. - group: {{ nginx_map.default_group }}
  42. - mode: 0755
  43. - require:
  44. - user: nginx_user
  45. - group: nginx_group
  46. user.present:
  47. - name: {{ nginx_map.default_user }}
  48. - home: {{ home }}
  49. - groups:
  50. - {{ nginx_map.default_group }}
  51. - require:
  52. - group: nginx_group
  53. {{ nginx_modules_dir }}:
  54. file:
  55. - directory
  56. - makedirs: True
  57. get-nginx:
  58. pkg.installed:
  59. - names:
  60. - libpcre3-dev
  61. - build-essential
  62. - libssl-dev
  63. file.managed:
  64. - name: {{ nginx_package }}
  65. - source: {{ tarball_url }}
  66. - source_hash: {{ checksum }}
  67. - require:
  68. - file: {{ nginx_modules_dir }}
  69. cmd.wait:
  70. - cwd: {{ source }}
  71. - name: tar -zxf {{ nginx_package }}
  72. - require:
  73. - pkg: get-nginx
  74. - file: get-nginx
  75. - watch:
  76. - file: get-nginx
  77. {% for name, module in nginx.get('modules', {}).items() -%}
  78. get-nginx-{{name}}:
  79. file.managed:
  80. - name: {{ nginx_modules_dir }}/{{name}}.tar.gz
  81. - source: {{ module['source'] }}
  82. - source_hash: {{ module['source_hash'] }}
  83. cmd.wait:
  84. - cwd: {{ nginx_modules_dir }}
  85. - names:
  86. - tar --transform "s,^$(tar --list -zf {{name}}.tar.gz | head -n 1),{{name}}/," -zxf {{name}}.tar.gz
  87. - watch:
  88. - file: get-nginx-{{name}}
  89. - require_in:
  90. - cmd: nginx
  91. {% endfor -%}
  92. {% if nginx.get('ngx_devel_kit', true) -%}
  93. get-ngx_devel_kit:
  94. file.managed:
  95. - name: {{ source }}/ngx_devel_kit.tar.gz
  96. - source: https://github.com/simpl/ngx_devel_kit/archive/v0.2.18.tar.gz
  97. - source_hash: sha1=e21ba642f26047661ada678b21eef001ee2121d8
  98. cmd.wait:
  99. - cwd: {{ source }}
  100. - name: tar -zxf {{ source }}/ngx_devel_kit.tar.gz -C {{ source }}
  101. - watch:
  102. - file: get-ngx_devel_kit
  103. {% endif %}
  104. nginx-source-modified:
  105. cmd.run:
  106. - cwd: {{ nginx_source }}
  107. - stateful: True
  108. - names:
  109. - m=$(find . \! -name "build.*" -newer {{ sbin_dir }}/nginx -print -quit);
  110. r=$?;
  111. if [ x$r != x0 ]; then
  112. echo "changed=yes comment='binary file does not exist or other find error'";
  113. exit 0;
  114. fi;
  115. if [ x$m != "x" ]; then
  116. echo "changed=yes comment='source files are newer than binary'";
  117. exit 0;
  118. fi;
  119. echo "changed=no comment='source files are older than binary'"
  120. {% for name, module in nginx.get('modules', {}).items() -%}
  121. nginx-module-modified-{{name}}:
  122. cmd.run:
  123. - cwd: {{ nginx_modules_dir }}/{{name}}
  124. - stateful: True
  125. - names:
  126. - m=$(find . \! -name "build.*" -newer {{ sbin_dir }}/nginx -print -quit);
  127. r=$?;
  128. if [ x$r != x0 ]; then
  129. echo "changed=yes comment='binary file does not exist or other find error'";
  130. exit 0;
  131. fi;
  132. if [ x$m != "x" ]; then
  133. echo "changed=yes comment='module source files are newer than binary'";
  134. exit 0;
  135. fi;
  136. echo "changed=no comment='module source files are older than binary'"
  137. {% endfor -%}
  138. nginx:
  139. cmd.wait:
  140. - cwd: {{ nginx_source }}
  141. - names:
  142. - (
  143. ./configure --conf-path={{ conf_dir }}/nginx.conf
  144. --sbin-path={{ sbin_dir }}/nginx
  145. --user={{ nginx_map.default_user }}
  146. --group={{ nginx_map.default_group }}
  147. --prefix={{ install_prefix }}
  148. --http-log-path={{ log_dir }}/access.log
  149. --error-log-path={{ log_dir }}/error.log
  150. --pid-path={{ pid_path }}
  151. --lock-path={{ lock_path }}
  152. --http-client-body-temp-path={{ base_temp_dir }}/body
  153. --http-proxy-temp-path={{ base_temp_dir }}/proxy
  154. --http-fastcgi-temp-path={{ base_temp_dir }}/fastcgi
  155. --http-uwsgi-temp-path={{ base_temp_dir }}/temp_uwsgi
  156. --http-scgi-temp-path={{ base_temp_dir }}/temp_scgi
  157. {%- for name, module in nginx.get('modules', {}).items() %}
  158. --add-module={{nginx_modules_dir}}/{{name}}
  159. {%- endfor %}
  160. {%- for name in with_items %}
  161. --with-{{ name }}
  162. {%- endfor %}
  163. {%- for name in without_items %}
  164. --without-{{ name }}
  165. {%- endfor %}
  166. && make {{ make_flags }}
  167. && make install
  168. )
  169. {#- If they want to silence the compiler output, then save it to file so we can reference it later if needed #}
  170. {%- if nginx.get('silence_compiler', true) %}
  171. > {{ nginx_source }}/build.out 2> {{ nginx_source }}/build.err;
  172. {#- If the build process failed, write stderr to stderr and exit with the error code #}
  173. r=$?;
  174. if [ x$r != x0 ]; then
  175. cat {{ nginx_source }}/build.err 1>&2; {#- copy err output to stderr #}
  176. exit $r;
  177. fi;
  178. {% endif %}
  179. - watch:
  180. - cmd: get-nginx
  181. - cmd: nginx-source-modified
  182. {% for name, module in nginx.get('modules', {}).items() -%}
  183. - cmd: nginx-module-modified-{{name}}
  184. - file: get-nginx-{{name}}
  185. {% endfor %}
  186. {% if use_sysvinit %}
  187. - watch_in:
  188. {% set logger_types = ('access', 'error') %}
  189. {% for log_type in logger_types %}
  190. - service: nginx-logger-{{ log_type }}
  191. {% endfor %}
  192. {% endif %}
  193. - require:
  194. - cmd: get-nginx
  195. {% for name, module in nginx.get('modules', {}).items() -%}
  196. - file: get-nginx-{{name}}
  197. {% endfor %}
  198. - require_in:
  199. - service: nginx
  200. file:
  201. - managed
  202. - template: jinja
  203. - name: /etc/init.d/nginx
  204. - source: salt://nginx/templates/nginx.init.jinja
  205. - user: root
  206. - group: root
  207. - mode: 0755
  208. - context:
  209. sbin_dir: {{ sbin_dir }}
  210. pid_path: {{ pid_path }}
  211. service:
  212. - running
  213. - enable: True
  214. - restart: True
  215. - watch:
  216. - cmd: nginx
  217. - file: {{ conf_dir }}/nginx.conf
  218. - require:
  219. - cmd: nginx
  220. - file: {{ conf_dir }}/nginx.conf
  221. {% for file in nginx.get('delete_confs', []) %}
  222. {{ conf_dir }}/{{ file }}:
  223. file:
  224. - absent
  225. watch:
  226. - cmd: nginx
  227. {% endfor %}
  228. {% for file in nginx.get('delete_htdocs', []) %}
  229. {{ install_prefix }}/html/{{ file }}:
  230. file:
  231. - absent
  232. watch:
  233. - cmd: nginx
  234. {% endfor %}