Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/nginx/manifests/init.pp

Issue 5734493784637440: Issue 245 - Unify SSL configuration for all servers (Closed)
Patch Set: Created April 2, 2014, 2:05 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: modules/nginx/manifests/init.pp
===================================================================
--- a/modules/nginx/manifests/init.pp
+++ b/modules/nginx/manifests/init.pp
@@ -41,45 +41,83 @@ class nginx (
require => Package['nginx']
}
file {'/etc/nginx/sites-enabled':
ensure => directory,
require => Package['nginx']
}
- file {'/etc/nginx/sites-available/default':
- ensure => absent,
- require => Package['nginx']
- }
+ define hostconfig (
+ $domain = $title,
+ $alt_names = [],
+ $log,
+ $is_default = false,
+ $source = undef,
+ $content = undef,
+ $global_config = undef,
+ $certificate = undef,
+ $private_key = undef,
+ $enabled = true) {
+ file {"/etc/nginx/sites-available/${domain}":
+ ensure => file,
+ content => template('nginx/site.erb'),
+ require => Package['nginx'],
+ notify => Service['nginx'],
+ }
- define hostconfig ($file = $title, $source = undef, $content = undef, $enabled = false) {
- if $content != undef {
- file {"/etc/nginx/sites-available/${file}":
- ensure => file,
- content => $content,
- require => Package['nginx'],
- notify => Service['nginx'],
+ if $certificate and $private_key {
+ if !defined(File["/etc/nginx/${certificate}"]) {
+ file {"/etc/nginx/${certificate}":
+ ensure => file,
+ mode => 0400,
+ notify => Service['nginx'],
+ before => File["/etc/nginx/sites-available/${domain}"],
+ require => Package['nginx'],
+ source => "puppet:///modules/private/${certificate}"
+ }
+ }
+
+ if !defined(File["/etc/nginx/${private_key}"]) {
+ file {"/etc/nginx/${private_key}":
+ ensure => file,
+ mode => 0400,
+ notify => Service['nginx'],
+ before => File["/etc/nginx/sites-available/${domain}"],
+ require => Package['nginx'],
+ source => "puppet:///modules/private/${private_key}"
+ }
+ }
+
+ if !defined(File["/etc/nginx/sites-available/${certificate}"]) {
+ file {"/etc/nginx/sites-available/${certificate}":
+ ensure => absent
+ }
+ }
+
+ if !defined(File["/etc/nginx/sites-available/${private_key}"]) {
+ file {"/etc/nginx/sites-available/${private_key}":
+ ensure => absent
+ }
}
}
- else {
- file {"/etc/nginx/sites-available/${file}":
- ensure => file,
- source => $source,
- require => Package['nginx'],
- notify => Service['nginx'],
+
+ if $enabled == true {
+ file {"/etc/nginx/sites-enabled/${domain}":
+ ensure => link,
+ require => File["/etc/nginx/sites-available/${domain}"],
+ target => "/etc/nginx/sites-available/${domain}",
+ notify => Service['nginx']
}
}
- if $enabled == true {
- file {"/etc/nginx/sites-enabled/${file}":
- ensure => link,
- require => File["/etc/nginx/sites-available/${file}"],
- target => "/etc/nginx/sites-available/${file}",
- notify => Service['nginx']
- }
+
+ file {"/etc/logrotate.d/nginx_$domain":
+ ensure => file,
+ require => File["/etc/nginx/sites-available/${domain}"],
+ content => template('nginx/logrotate.erb')
}
}
file {'/etc/logrotate.d/nginx':
source => 'puppet:///modules/nginx/logrotate',
require => Package['nginx']
}

Powered by Google App Engine
This is Rietveld