Saltstack Official Nginx Formula

197 lines
5.6KB

  1. # Source currently requires package 'build-essential' which is Debian based.
  2. # Will not work with os_family RedHat! You have been warned.
  3. {% set nginx = pillar.get('nginx', {}) -%}
  4. {% set version = nginx.get('version', '1.6.2') -%}
  5. {% set checksum = nginx.get('checksum', 'sha256=b5608c2959d3e7ad09b20fc8f9e5bd4bc87b3bc8ba5936a513c04ed8f1391a18') -%}
  6. {% set home = nginx.get('home', '/var/www') -%}
  7. {% set base_temp_dir = nginx.get('base_temp_dir', '/tmp') -%}
  8. {% set source = nginx.get('source_root', '/usr/local/src') -%}
  9. {% set conf_dir = nginx.get('conf_dir', '/etc/nginx') -%}
  10. {% set conf_only = nginx.get('conf_only', false) -%}
  11. {% set log_dir = nginx.get('log_dir', '/var/log/nginx') -%}
  12. {% set pid_path = nginx.get('pid_path', '/var/run/nginx.pid') -%}
  13. {% set lock_path = nginx.get('lock_path', '/var/lock/nginx.lock') -%}
  14. {% set sbin_dir = nginx.get('sbin_dir', '/usr/sbin') -%}
  15. {% set install_prefix = nginx.get('install_prefix', '/usr/local/nginx') -%}
  16. {% set with_items = nginx.get('with', ['debug', 'http_dav_module', 'http_stub_status_module', 'pcre', 'ipv6']) -%}
  17. {% set without_items = nginx.get('without', []) -%}
  18. {% set make_flags = nginx.get('make_flags', '-j2') -%}
  19. {% set nginx_package = source + '/nginx-' + version + '.tar.gz' -%}
  20. {% set nginx_source = source + "/nginx-" + version -%}
  21. {% set nginx_modules_dir = source + "/nginx-modules" -%}
  22. include:
  23. - nginx.common
  24. {% if nginx.get('with_luajit', false) %}
  25. - nginx.luajit2
  26. {% endif -%}
  27. {% if nginx.get('with_openresty', false) %}
  28. - nginx.openresty
  29. {% endif -%}
  30. nginx_group:
  31. group.present:
  32. - name: www-data
  33. nginx_user:
  34. file.directory:
  35. - name: {{ home }}
  36. - user: www-data
  37. - group: www-data
  38. - mode: 0755
  39. - require:
  40. - user: nginx_user
  41. - group: nginx_group
  42. user.present:
  43. - name: www-data
  44. - home: {{ home }}
  45. - groups:
  46. - www-data
  47. - require:
  48. - group: nginx_group
  49. {{ nginx_modules_dir }}:
  50. file:
  51. - directory
  52. - makedirs: True
  53. get-nginx:
  54. pkg.installed:
  55. - names:
  56. - libpcre3-dev
  57. - build-essential
  58. - libssl-dev
  59. file.managed:
  60. - name: {{ nginx_package }}
  61. - source: http://nginx.org/download/nginx-{{ version }}.tar.gz
  62. - source_hash: {{ checksum }}
  63. cmd.wait:
  64. - cwd: {{ source }}
  65. - name: tar -zxf {{ nginx_package }}
  66. - require:
  67. - pkg: get-nginx
  68. - watch:
  69. - file: get-nginx
  70. {% for name, module in nginx.get('modules', {}).items() -%}
  71. get-nginx-{{name}}:
  72. file.managed:
  73. - name: {{ nginx_modules_dir }}/{{name}}.tar.gz
  74. - source: {{ module['source'] }}
  75. - source_hash: {{ module['source_hash'] }}
  76. cmd.wait:
  77. - cwd: {{ nginx_modules_dir }}
  78. - names:
  79. - tar --transform "s,^$(tar --list -zf {{name}}.tar.gz | head -n 1),{{name}}/," -zxf {{name}}.tar.gz
  80. - watch:
  81. - file: get-nginx-{{name}}
  82. - require_in:
  83. - cmd: nginx
  84. {% endfor -%}
  85. {% if nginx.get('ngx_devel_kit', true) -%}
  86. get-ngx_devel_kit:
  87. file.managed:
  88. - name: {{ source }}/ngx_devel_kit.tar.gz
  89. - source: https://github.com/simpl/ngx_devel_kit/archive/v0.2.18.tar.gz
  90. - source_hash: sha1=e21ba642f26047661ada678b21eef001ee2121d8
  91. cmd.wait:
  92. - cwd: {{ source }}
  93. - name: tar -zxf {{ source }}/ngx_devel_kit.tar.gz -C {{ source }}
  94. - watch:
  95. - file: get-ngx_devel_kit
  96. {% endif %}
  97. nginx:
  98. cmd.wait:
  99. - cwd: {{ nginx_source }}
  100. - names:
  101. - ./configure --conf-path={{ conf_dir }}/nginx.conf
  102. --sbin-path={{ sbin_dir }}/nginx
  103. --user=www-data
  104. --group=www-data
  105. --prefix={{ install_prefix }}
  106. --http-log-path={{ log_dir }}/access.log
  107. --error-log-path={{ log_dir }}/error.log
  108. --pid-path={{ pid_path }}
  109. --lock-path={{ lock_path }}
  110. --http-client-body-temp-path={{ base_temp_dir }}/body
  111. --http-proxy-temp-path={{ base_temp_dir }}/proxy
  112. --http-fastcgi-temp-path={{ base_temp_dir }}/fastcgi
  113. --http-uwsgi-temp-path={{ base_temp_dir }}/temp_uwsgi
  114. --http-scgi-temp-path={{ base_temp_dir }}/temp_scgi
  115. {%- for name, module in nginx.get('modules', {}).items() %}
  116. --add-module={{nginx_modules_dir}}/{{name}}
  117. {%- endfor %}
  118. {%- for name in with_items %}
  119. --with-{{ name }}
  120. {%- endfor %}
  121. {%- for name in without_items %}
  122. --without-{{ name }}
  123. {%- endfor %}
  124. && make {{ make_flags }}
  125. && make install
  126. - watch:
  127. - cmd: get-nginx
  128. {% for name, module in nginx.get('modules', {}).items() -%}
  129. - file: get-nginx-{{name}}
  130. {% endfor %}
  131. - watch_in:
  132. {% set logger_types = ('access', 'error') %}
  133. {% for log_type in logger_types %}
  134. - service: nginx-logger-{{ log_type }}
  135. {% endfor %}
  136. - require:
  137. - cmd: get-nginx
  138. {% for name, module in nginx.get('modules', {}).items() -%}
  139. - file: get-nginx-{{name}}
  140. {% endfor %}
  141. - require_in:
  142. - service: nginx
  143. file:
  144. - managed
  145. - template: jinja
  146. - name: /etc/init.d/nginx
  147. - source: salt://nginx/templates/nginx.init.jinja
  148. - user: root
  149. - group: root
  150. - mode: 0755
  151. - context:
  152. sbin_dir: {{ sbin_dir }}
  153. pid_path: {{ pid_path }}
  154. service:
  155. - running
  156. - enable: True
  157. - reload: True
  158. - watch:
  159. - cmd: nginx
  160. - file: {{ conf_dir }}/nginx.conf
  161. - require:
  162. - cmd: nginx
  163. - file: {{ conf_dir }}/nginx.conf
  164. {% for file in nginx.get('delete_confs', []) %}
  165. {{ conf_dir }}/{{ file }}:
  166. file:
  167. - absent
  168. watch:
  169. - cmd: nginx
  170. {{ conf_dir }}/{{ file }}.default:
  171. file:
  172. - absent
  173. watch:
  174. - cmd: nginx
  175. {% endfor %}
  176. {% for file in nginx.get('delete_htdocs', []) %}
  177. {{ install_prefix }}/html/{{ file }}:
  178. file:
  179. - absent
  180. watch:
  181. - cmd: nginx
  182. {% endfor %}