Niels Abspoel
7 years ago
9 changed files with 44 additions and 33 deletions
+ 6
- 6
README.rst
View File
| ``nginx.users`` | ``nginx.users`` | ||||
| --------------- | --------------- | ||||
| Installs apache utils, and configures nginx users specified in the pillar. | |||||
| This requires `basicauth <https://github.com/saltstack/salt-contrib/blob/master/modules/basicauth.py>`_ | |||||
| from `salt-contrib <https://github.com/saltstack/salt-contrib/>`_ (either add it to your salt or ship | |||||
| this single file in your `_modules` directory see `Dynamic Module Distribution | |||||
| Installs apache utils, and configures nginx users specified in the pillar. | |||||
| This requires `basicauth <https://github.com/saltstack/salt-contrib/blob/master/modules/basicauth.py>`_ | |||||
| from `salt-contrib <https://github.com/saltstack/salt-contrib/>`_ (either add it to your salt or ship | |||||
| this single file in your `_modules` directory see `Dynamic Module Distribution | |||||
| <https://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html>`_ | <https://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html>`_ | ||||
| Next-generation, alternate approach | Next-generation, alternate approach | ||||
| ---------------------- | ---------------------- | ||||
| Installs and configures Phusion Passenger module for nginx. You need to enable | Installs and configures Phusion Passenger module for nginx. You need to enable | ||||
| the upstream phusion passenger repository with `install_from_phusionpassenger: true`. | |||||
| the upstream phusion passenger repository with `install_from_phusionpassenger: true`. | |||||
| Nginx will also be installed from that repository, as it needs to be modified to | Nginx will also be installed from that repository, as it needs to be modified to | ||||
| allow the passenger module to work. | |||||
| allow the passenger module to work. | |||||
+ 2
- 2
nginx/ng/config.sls
View File
| {% if 'source_path' in nginx.server.config %} | {% if 'source_path' in nginx.server.config %} | ||||
| {% set source_path = nginx.server.config.source_path %} | {% set source_path = nginx.server.config.source_path %} | ||||
| {% else %} | |||||
| {% set source_path = 'salt://nginx/ng/files/nginx.conf' %} | |||||
| {% else %} | |||||
| {% set source_path = 'salt://nginx/ng/files/nginx.conf' %} | |||||
| {% endif %} | {% endif %} | ||||
| nginx_config: | nginx_config: | ||||
| file.managed: | file.managed: |
+ 14
- 3
nginx/ng/map.jinja
View File
| 'server_enabled': '/etc/nginx/sites-enabled', | 'server_enabled': '/etc/nginx/sites-enabled', | ||||
| 'server_use_symlink': True, | 'server_use_symlink': True, | ||||
| }, | }, | ||||
| 'FreeBSD': { | |||||
| 'package': 'nginx', | |||||
| 'passenger_package': 'passenger', | |||||
| 'service': 'nginx', | |||||
| 'webuser': 'www', | |||||
| 'conf_file': '/usr/local/etc/nginx/nginx.conf', | |||||
| 'server_available': '/usr/local/etc/nginx/sites-available', | |||||
| 'server_enabled': '/usr/local/etc/nginx/sites-enabled', | |||||
| 'server_use_symlink': True, | |||||
| 'pid_file': '/var/run/nginx.pid', | |||||
| }, | |||||
| }, default='Debian' ), | }, default='Debian' ), | ||||
| 'install_from_source': False, | 'install_from_source': False, | ||||
| 'install_from_ppa': False, | 'install_from_ppa': False, | ||||
| 'gzip': 'off', | 'gzip': 'off', | ||||
| 'gzip_disable': '"msie6"', | 'gzip_disable': '"msie6"', | ||||
| 'include': [ | 'include': [ | ||||
| '/etc/nginx/mime.types', | |||||
| '/etc/nginx/conf.d/*.conf', | |||||
| '/etc/nginx/sites-enabled/*', | |||||
| 'mime.types', | |||||
| 'conf.d/*.conf', | |||||
| 'sites-enabled/*', | |||||
| ], | ], | ||||
| }, | }, | ||||
| }, | }, |
+ 2
- 2
nginx/ng/service.sls
View File
| file.managed: | file.managed: | ||||
| - name: /lib/systemd/system/nginx.service | - name: /lib/systemd/system/nginx.service | ||||
| - source: salt://nginx/ng/files/nginx.service | - source: salt://nginx/ng/files/nginx.service | ||||
| {% endif %} | |||||
| {% endif %} | |||||
| nginx_service: | nginx_service: | ||||
| service.{{ service_function }}: | service.{{ service_function }}: | ||||
| {{ sls_block(nginx.service.opts) }} | {{ sls_block(nginx.service.opts) }} |
+ 2
- 2
nginx/openresty.sls
View File
| install_openresty: | install_openresty: | ||||
| cmd.wait: | cmd.wait: | ||||
| - cwd: {{ home }}/ngx_openresty-{{ openresty_version }} | - cwd: {{ home }}/ngx_openresty-{{ openresty_version }} | ||||
| - names: | |||||
| - names: | |||||
| - ./configure --with-luajit \ | - ./configure --with-luajit \ | ||||
| --with-http_drizzle_module \ | --with-http_drizzle_module \ | ||||
| --with-http_postgres_module \ | |||||
| --with-http_postgres_module \ | |||||
| --with-http_iconv_module | --with-http_iconv_module | ||||
| - make && make install | - make && make install | ||||
| - watch: | - watch: |
+ 1
- 1
nginx/package.sls
View File
| - require: | - require: | ||||
| - pkg: nginx | - pkg: nginx | ||||
| - file: nginx-old-init | - file: nginx-old-init | ||||
| - module: nginx-old-init | |||||
| - module: nginx-old-init | |||||
| {% endif %} | {% endif %} | ||||
| service.running: | service.running: | ||||
| - enable: True | - enable: True |
+ 1
- 1
nginx/source.sls
View File
| {% if use_sysvinit %} | {% if use_sysvinit %} | ||||
| - watch_in: | - watch_in: | ||||
| {% set logger_types = ('access', 'error') %} | {% set logger_types = ('access', 'error') %} | ||||
| {% for log_type in logger_types %} | |||||
| {% for log_type in logger_types %} | |||||
| - service: nginx-logger-{{ log_type }} | - service: nginx-logger-{{ log_type }} | ||||
| {% endfor %} | {% endfor %} | ||||
| {% endif %} | {% endif %} |
+ 6
- 6
nginx/templates/upstart.jinja
View File
| # nginx | # nginx | ||||
| description "nginx http daemon" | description "nginx http daemon" | ||||
| author "George Shammas <georgyo@gmail.com>" | author "George Shammas <georgyo@gmail.com>" | ||||
| start on (runlevel [345] and started network) | start on (runlevel [345] and started network) | ||||
| stop on (runlevel [!345] or stopping network) | stop on (runlevel [!345] or stopping network) | ||||
| env DAEMON=/usr/sbin/nginx | env DAEMON=/usr/sbin/nginx | ||||
| expect fork | expect fork | ||||
| respawn | respawn | ||||
| respawn limit 10 5 | respawn limit 10 5 | ||||
| #oom never | #oom never | ||||
| pre-start script | pre-start script | ||||
| $DAEMON -t | $DAEMON -t | ||||
| if [ $? -ne 0 ] | if [ $? -ne 0 ] | ||||
| then exit $? | then exit $? | ||||
| fi | fi | ||||
| end script | end script | ||||
| exec $DAEMON | exec $DAEMON |
+ 10
- 10
pillar.example
View File
| # Source install | # Source install | ||||
| source_version: '1.10.0' | source_version: '1.10.0' | ||||
| source_hash: '' | source_hash: '' | ||||
| # These are usually set by grains in map.jinja | # These are usually set by grains in map.jinja | ||||
| # Typically you can comment these out. | # Typically you can comment these out. | ||||
| lookup: | lookup: | ||||
| # Currently it can be used on rhel/centos/suse when installing from repo | # Currently it can be used on rhel/centos/suse when installing from repo | ||||
| gpg_check: True | gpg_check: True | ||||
| pid_file: /var/run/nginx.pid ### Prevent Rendering SLS error (map.jinja:149) if nginx.server.config.pid undefined (Ubuntu, etc) ### | pid_file: /var/run/nginx.pid ### Prevent Rendering SLS error (map.jinja:149) if nginx.server.config.pid undefined (Ubuntu, etc) ### | ||||
| # Source compilation is not currently a part of nginx.ng | # Source compilation is not currently a part of nginx.ng | ||||
| from_source: False | from_source: False | ||||
| # nginx.conf (main server) declarations | # nginx.conf (main server) declarations | ||||
| # dictionaries map to blocks {} and lists cause the same declaration to repeat with different values | # dictionaries map to blocks {} and lists cause the same declaration to repeat with different values | ||||
| config: | |||||
| config: | |||||
| source_path: salt://path_to_nginx_conf_file/nginx.conf # IMPORTANT: This option is mutually exclusive with the rest of the | source_path: salt://path_to_nginx_conf_file/nginx.conf # IMPORTANT: This option is mutually exclusive with the rest of the | ||||
| # options; if it is found other options (worker_processes: 4 and so | |||||
| # options; if it is found other options (worker_processes: 4 and so | |||||
| # on) are not processed and just upload the file from source | # on) are not processed and just upload the file from source | ||||
| worker_processes: 4 | worker_processes: 4 | ||||
| pid: /var/run/nginx.pid ### Directory location must exist | pid: /var/run/nginx.pid ### Directory location must exist | ||||
| # Remove the site config file. Nice to clean up the conf.d (or sites-available). | # Remove the site config file. Nice to clean up the conf.d (or sites-available). | ||||
| # It also remove the symlink (if it is exists). | # It also remove the symlink (if it is exists). | ||||
| # The site MUST be disabled before delete it (if not the nginx is not reloaded). | # The site MUST be disabled before delete it (if not the nginx is not reloaded). | ||||
| deleted: True | |||||
| ########### | |||||
| deleted: True | |||||
| ########### | |||||
| ## Modify 'available_dir' AND 'enabled_dir' '/etc/nginx' location to alternative value. | ## Modify 'available_dir' AND 'enabled_dir' '/etc/nginx' location to alternative value. | ||||
| ########### | ########### | ||||
| available_dir: /etc/nginx/sites-available # an alternate directory (not sites-available) where this server may be found | available_dir: /etc/nginx/sites-available # an alternate directory (not sites-available) where this server may be found | ||||
| enabled_dir: /etc/nginx/sites-enabled # an alternate directory (not sites-enabled) where this server may be found | enabled_dir: /etc/nginx/sites-enabled # an alternate directory (not sites-enabled) where this server may be found | ||||
| disabled_name: mysite.aint_on # an alternative disabled name to be use when not symlinking | disabled_name: mysite.aint_on # an alternative disabled name to be use when not symlinking | ||||
| overwrite: True # overwrite an existing server file or not | overwrite: True # overwrite an existing server file or not | ||||
| # May be a list of config options or None, if None, no server file will be managed/templated | # May be a list of config options or None, if None, no server file will be managed/templated | ||||
| # Take server directives as lists of dictionaries. If the dictionary value is another list of | # Take server directives as lists of dictionaries. If the dictionary value is another list of | ||||
| # dictionaries a block {} will be started with the dictionary key name | # dictionaries a block {} will be started with the dictionary key name | ||||
| config: | config: | ||||
| - server: | - server: | ||||
| - server_name: localhost | - server_name: localhost | ||||
| - listen: | |||||
| - listen: | |||||
| - 80 | - 80 | ||||
| - default_server | - default_server | ||||
| - index: | - index: | ||||
| - $uri | - $uri | ||||
| - $uri/ =404 | - $uri/ =404 | ||||
| - test: something else | - test: something else | ||||
| # The above outputs: | # The above outputs: | ||||
| # server { | # server { | ||||
| # server_name localhost; | # server_name localhost; | ||||
| # try_files $uri $uri/ =404; | # try_files $uri $uri/ =404; | ||||
| # test something else; | # test something else; | ||||
| # } | # } | ||||
| # } | |||||
| # } | |||||
| mysite2: # Using source_path options to upload the file instead of templating all the file | mysite2: # Using source_path options to upload the file instead of templating all the file | ||||
| enabled: True | enabled: True | ||||
| available_dir: /etc/nginx/sites-available | available_dir: /etc/nginx/sites-available |
Loading…