From 9bd63d348dbb2a20d4900ba20557b5777e1d496e Mon Sep 17 00:00:00 2001 From: James Fryman Date: Sat, 20 Sep 2014 13:29:40 -0500 Subject: [PATCH 01/14] Introducing Puppet Module Tool --- data/common.yaml | 91 ++++++++ data/hiera.yaml | 6 + data/kernelversion/Joyent.yaml | 3 + data/osfamily/Archlinux.yaml | 3 + data/osfamily/Debian.yaml | 2 + data/osfamily/FreeBSD.yaml | 4 + data/osfamily/Solaris.yaml | 2 + docs/hiera.md | 33 +++ manifests/config.pp | 205 ++++++++++++----- manifests/init.pp | 304 +++++++++++++------------ manifests/notice/puppet_module_data.pp | 5 + manifests/params.pp | 161 ------------- metadata.json | 5 +- 13 files changed, 452 insertions(+), 372 deletions(-) create mode 100644 data/common.yaml create mode 100644 data/hiera.yaml create mode 100644 data/kernelversion/Joyent.yaml create mode 100644 data/osfamily/Archlinux.yaml create mode 100644 data/osfamily/Debian.yaml create mode 100644 data/osfamily/FreeBSD.yaml create mode 100644 data/osfamily/Solaris.yaml create mode 100644 docs/hiera.md create mode 100644 manifests/notice/puppet_module_data.pp delete mode 100644 manifests/params.pp diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 000000000..db935a4b0 --- /dev/null +++ b/data/common.yaml @@ -0,0 +1,91 @@ +--- +nginx::config::temp_dir: /tmp +nginx::config::run_dir: /var/nginx +nginx::config::conf_template: nginx/conf.d/nginx.conf.erb +nginx::config::proxy_conf_template: nginx/conf.d/proxy.conf.erb +nginx::config::confd_purge: false +nginx::config::vhost_purge: false +nginx::config::worker_processes: 1 +nginx::config::worker_connections: 1024 +nginx::config::worker_rlimit_nofile: 1024 +nginx::config::types_hash_max_size: 1024 +nginx::config::types_hash_bucket_size: 512 +nginx::config::names_hash_bucket_size: 64 +nginx::config::names_hash_max_size: 512 +nginx::config::multi_accept: off +nginx::config::events_use: false +nginx::config::sendfile: on +nginx::config::keepalive_timeout: 65 +nginx::config::http_tcp_nodelay: on +nginx::config::http_tcp_nopush: off +nginx::config::gzip: on +nginx::config::server_tokens: on +nginx::config::spdy: off +nginx::config::ssl_stapling: off +nginx::config::proxy_redirect: off +nginx::config::proxy_set_header: + - 'Host $host' + - 'X-Real-IP $remote_addr' + - 'X-Forwarded-For $proxy_add_x_forwarded_for' +nginx::config::proxy_cache_path: false +nginx::config::proxy_cache_levels: 1 +nginx::config::proxy_cache_keys_zone: 'd2:100m' +nginx::config::proxy_cache_max_size: 500m +nginx::config::proxy_cache_inactive: 20m +nginx::config::fastcgi_cache_path: false +nginx::config::fastcgi_cache_levels: 1 +nginx::config::fastcgi_cache_keys_zone: 'd3:100m' +nginx::config::fastcgi_cache_max_size: 500m +nginx::config::fastcgi_cache_inactive: 20m +nginx::config::fastcgi_cache_key: false +nginx::config::fastcgi_cache_use_stale: false +nginx::config::client_body_temp_path: /var/nginx/client_body_temp +nginx::config::client_body_buffer_size: 128k +nginx::config::client_max_body_size: 10m +nginx::config::proxy_temp_path: /var/nginx/proxy_temp +nginx::config::proxy_connect_timeout: 90 +nginx::config::proxy_send_timeout: 90 +nginx::config::proxy_read_timeout: 90 +nginx::config::proxy_buffers: '32 4k' +nginx::config::proxy_http_version: 1.0 +nginx::config::proxy_buffer_size: 8k +nginx::config::proxy_headers_hash_bucket_size: 64 +nginx::config::logdir: /var/log/nginx + +# Service restart after Nginx 0.7.53 could also be just +# "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't. +# If configtest_enable it's true then service restart will take +# $nx_service_restart value, forcing configtest. +nginx::config::configtest_enable: false +nginx::config::service_restart: '/etc/init.d/nginx configtest && /etc/init.d/nginx restart' +nginx::config::service_ensure: running + +nginx::config::mail: false + +nginx::config::http_cfg_append: false +nginx::config::nginx_error_log: /var/log/nginx/error.log +nginx::config::http_access_log: /var/log/nginx/access.log + +# package name depends on distribution, e.g. for Debian nginx-full | nginx-light +nginx::config::package_name: nginx +nginx::config::package_ensure: present +nginx::config::package_source: nginx +nginx::config::manage_repo: true + +nginx::config::root_group: root +# Specific owner for sites-available directory +nginx::config::sites_available_owner: root +nginx::config::sites_available_group: root +nginx::config::sites_available_mode: '0644' + +# Owner for all other files +nginx::config::global_owner: root +nginx::config::global_group: root +nginx::config::global_mode: '0644' + +nginx::config::pid: /var/run/nginx.pid + +nginx::config::conf_dir: /etc/nginx + +nginx::config::super_user: true +nginx::config::daemon_user: nginx diff --git a/data/hiera.yaml b/data/hiera.yaml new file mode 100644 index 000000000..3aa54c7c0 --- /dev/null +++ b/data/hiera.yaml @@ -0,0 +1,6 @@ +-- +:hierarchy: +- osfamily/%{::osfamily} +- kernelversion/%{::kernelversion} +- kernel/%{::kernel} +- common diff --git a/data/kernelversion/Joyent.yaml b/data/kernelversion/Joyent.yaml new file mode 100644 index 000000000..bafc7e68e --- /dev/null +++ b/data/kernelversion/Joyent.yaml @@ -0,0 +1,3 @@ +--- +nginx::config::conf_dir: /opt/local/etc/nginx +nginx::config::daemon_user: www \ No newline at end of file diff --git a/data/osfamily/Archlinux.yaml b/data/osfamily/Archlinux.yaml new file mode 100644 index 000000000..071c50e23 --- /dev/null +++ b/data/osfamily/Archlinux.yaml @@ -0,0 +1,3 @@ +--- +nginx::config::pid: false +nginx::config::daemon_user: http \ No newline at end of file diff --git a/data/osfamily/Debian.yaml b/data/osfamily/Debian.yaml new file mode 100644 index 000000000..565ea96f4 --- /dev/null +++ b/data/osfamily/Debian.yaml @@ -0,0 +1,2 @@ +--- +nginx::config::daemon_user: www-data \ No newline at end of file diff --git a/data/osfamily/FreeBSD.yaml b/data/osfamily/FreeBSD.yaml new file mode 100644 index 000000000..fb601d5f7 --- /dev/null +++ b/data/osfamily/FreeBSD.yaml @@ -0,0 +1,4 @@ +--- +nginx::config::conf_dir: /usr/local/etc/nginx +nginx::config::daemon_user: www +nginx::config::root_group: wheel \ No newline at end of file diff --git a/data/osfamily/Solaris.yaml b/data/osfamily/Solaris.yaml new file mode 100644 index 000000000..27ca557b7 --- /dev/null +++ b/data/osfamily/Solaris.yaml @@ -0,0 +1,2 @@ +--- +nginx::config::daemon_user: webservd \ No newline at end of file diff --git a/docs/hiera.md b/docs/hiera.md new file mode 100644 index 000000000..59e82ac95 --- /dev/null +++ b/docs/hiera.md @@ -0,0 +1,33 @@ +# Usage of Hiera + +This module takes advantage of the `puppet-module-data` pattern as introduced +by R.I. Pinnear to allow for a significant amount of flexibility with base +configuration of the module. This is to reduce the amount of clutter starting +to gather in `params.pp`, and provide a foundation for future enhancements. + +## Upgrading + +If you happen to be here because of some silly deprecation notice, it is +probably because a manifest is declaring attributes for the Nginx Class. +Upgrading should be easy! + +* Step 1: Make sure you have Hiera configured. https://docs.puppetlabs.com/hiera/1/puppet.html#puppet-3-and-newer +* Step 2: Move any declared parameters to hiera. +* Step 3: Profit! + +For example: + +``` +class { 'nginx': + logdir => '/data/nginx/logs', +} +``` + +should become in your hiera configs: + +``` +nginx::config::logdir: /data/nginx/logs +``` + +Please note: This module takes advantage of Puppet 3 data module bindings. +Be aware of any gotchas that accompany this. Take a look at https://docs.puppetlabs.com/hiera/1/puppet.html#limitations diff --git a/manifests/config.pp b/manifests/config.pp index 918039ebe..4aa1588de 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -14,70 +14,149 @@ # # This class file is not called directly class nginx::config( - $client_body_buffer_size = $nginx::params::nx_client_body_buffer_size, - $client_body_temp_path = $nginx::params::nx_client_body_temp_path, - $client_max_body_size = $nginx::params::nx_client_max_body_size, - $confd_purge = $nginx::params::nx_confd_purge, - $conf_dir = $nginx::params::nx_conf_dir, - $conf_template = $nginx::params::nx_conf_template, - $daemon_user = $nginx::params::nx_daemon_user, - $events_use = $nginx::params::nx_events_use, - $fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive, - $fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key, - $fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone, - $fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels, - $fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size, - $fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path, - $fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale, - $gzip = $nginx::params::nx_gzip, - $http_access_log = $nginx::params::nx_http_access_log, - $http_cfg_append = $nginx::params::nx_http_cfg_append, - $http_tcp_nodelay = $nginx::params::nx_http_tcp_nodelay, - $http_tcp_nopush = $nginx::params::nx_http_tcp_nopush, - $keepalive_timeout = $nginx::params::nx_keepalive_timeout, - $logdir = $nginx::params::nx_logdir, - $mail = $nginx::params::nx_mail, - $multi_accept = $nginx::params::nx_multi_accept, - $names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size, - $names_hash_max_size = $nginx::params::nx_names_hash_max_size, - $nginx_error_log = $nginx::params::nx_nginx_error_log, - $pid = $nginx::params::nx_pid, - $proxy_buffers = $nginx::params::nx_proxy_buffers, - $proxy_buffer_size = $nginx::params::nx_proxy_buffer_size, - $proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive, - $proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone, - $proxy_cache_levels = $nginx::params::nx_proxy_cache_levels, - $proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size, - $proxy_cache_path = $nginx::params::nx_proxy_cache_path, - $proxy_conf_template = $nginx::params::nx_proxy_conf_template, - $proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout, - $proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size, - $proxy_http_version = $nginx::params::nx_proxy_http_version, - $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout, - $proxy_redirect = $nginx::params::nx_proxy_redirect, - $proxy_send_timeout = $nginx::params::nx_proxy_send_timeout, - $proxy_set_header = $nginx::params::nx_proxy_set_header, - $proxy_temp_path = $nginx::params::nx_proxy_temp_path, - $run_dir = $nginx::params::nx_run_dir, - $sendfile = $nginx::params::nx_sendfile, - $server_tokens = $nginx::params::nx_server_tokens, - $spdy = $nginx::params::nx_spdy, - $super_user = $nginx::params::nx_super_user, - $temp_dir = $nginx::params::nx_temp_dir, - $types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size, - $types_hash_max_size = $nginx::params::nx_types_hash_max_size, - $vhost_purge = $nginx::params::nx_vhost_purge, - $worker_connections = $nginx::params::nx_worker_connections, - $worker_processes = $nginx::params::nx_worker_processes, - $worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile, - $global_owner = $nginx::params::global_owner, - $global_group = $nginx::params::global_group, - $global_mode = $nginx::params::global_mode, - $sites_available_owner = $nginx::params::sites_available_owner, - $sites_available_group = $nginx::params::sites_available_group, - $sites_available_mode = $nginx::params::sites_available_mode, -) inherits nginx::params { + $client_body_buffer_size = undef, + $client_body_temp_path = undef, + $client_max_body_size = undef, + $confd_purge = undef, + $conf_dir = undef, + $conf_template = undef, + $daemon_user = undef, + $events_use = undef, + $fastcgi_cache_inactive = undef, + $fastcgi_cache_key = undef, + $fastcgi_cache_keys_zone = undef, + $fastcgi_cache_levels = undef, + $fastcgi_cache_max_size = undef, + $fastcgi_cache_path = undef, + $fastcgi_cache_use_stale = undef, + $gzip = undef, + $http_access_log = undef, + $http_cfg_append = undef, + $http_tcp_nodelay = undef, + $http_tcp_nopush = undef, + $keepalive_timeout = undef, + $logdir = undef, + $mail = undef, + $multi_accept = undef, + $names_hash_bucket_size = undef, + $names_hash_max_size = undef, + $nginx_error_log = undef, + $pid = undef, + $proxy_buffers = undef, + $proxy_buffer_size = undef, + $proxy_cache_inactive = undef, + $proxy_cache_keys_zone = undef, + $proxy_cache_levels = undef, + $proxy_cache_max_size = undef, + $proxy_cache_path = undef, + $proxy_conf_template = undef, + $proxy_connect_timeout = undef, + $proxy_headers_hash_bucket_size = undef, + $proxy_http_version = undef, + $proxy_read_timeout = undef, + $proxy_redirect = undef, + $proxy_send_timeout = undef, + $proxy_set_header = undef, + $proxy_temp_path = undef, + $run_dir = undef, + $sendfile = undef, + $server_tokens = undef, + $spdy = undef, + $super_user = undef, + $temp_dir = undef, + $types_hash_bucket_size = undef, + $types_hash_max_size = undef, + $vhost_purge = undef, + $worker_connections = undef, + $worker_processes = undef, + $worker_rlimit_nofile = undef, + $global_owner = undef, + $global_group = undef, + $global_mode = undef, + $sites_available_owner = undef, + $sites_available_group = undef, + $sites_available_mode = undef, +) { + ### Validations ### + if (!is_string($worker_processes)) and (!is_integer($worker_processes)) { + fail('$worker_processes must be an integer or have value "auto".') + } + if (!is_integer($worker_connections)) { + fail('$worker_connections must be an integer.') + } + if (!is_integer($worker_rlimit_nofile)) { + fail('$worker_rlimit_nofile must be an integer.') + } + if (!is_string($events_use)) and ($events_use != false) { + fail('$events_use must be a string or false.') + } + validate_string($multi_accept) + validate_string($package_name) + validate_string($package_ensure) + validate_string($package_source) + validate_array($proxy_set_header) + validate_string($proxy_http_version) + validate_bool($confd_purge) + validate_bool($vhost_purge) + if ($proxy_cache_path != false) { + validate_string($proxy_cache_path) + } + validate_re($proxy_cache_levels, '^[12](:[12])*$') + validate_string($proxy_cache_keys_zone) + validate_string($proxy_cache_max_size) + validate_string($proxy_cache_inactive) + + if ($fastcgi_cache_path != false) { + validate_string($fastcgi_cache_path) + } + validate_re($fastcgi_cache_levels, '^[12](:[12])*$') + validate_string($fastcgi_cache_keys_zone) + validate_string($fastcgi_cache_max_size) + validate_string($fastcgi_cache_inactive) + if ($fastcgi_cache_key != false) { + validate_string($fastcgi_cache_key) + } + if ($fastcgi_cache_use_stale != false) { + validate_string($fastcgi_cache_use_stale) + } + + validate_bool($configtest_enable) + validate_string($service_restart) + validate_bool($mail) + validate_string($server_tokens) + validate_string($client_max_body_size) + if (!is_integer($names_hash_bucket_size)) { + fail('$names_hash_bucket_size must be an integer.') + } + if (!is_integer($names_hash_max_size)) { + fail('$names_hash_max_size must be an integer.') + } + validate_string($proxy_buffers) + validate_string($proxy_buffer_size) + if ($http_cfg_append != false) { + if !(is_hash($http_cfg_append) or is_array($http_cfg_append)) { + fail('$http_cfg_append must be either a hash or array') + } + } + + validate_string($nginx_error_log) + validate_string($http_access_log) + validate_hash($nginx_upstreams) + validate_hash($nginx_vhosts) + validate_hash($nginx_vhosts_defaults) + validate_hash($nginx_locations) + validate_hash($nginx_mailhosts) + validate_bool($manage_repo) + validate_string($proxy_headers_hash_bucket_size) + validate_bool($super_user) + + validate_hash($string_mappings) + validate_hash($geo_mappings) + ### END VALIDATIONS ### + + + ### CONFIGURATION ### File { owner => $global_owner, group => $global_group, diff --git a/manifests/init.pp b/manifests/init.pp index 08d9a9863..c687e784e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -5,7 +5,7 @@ # Parameters: # # There are no default parameters for this class. All module parameters -# are managed via the nginx::params class +# are managed via puppet-module-data (see data/ dir) # # Actions: # @@ -29,160 +29,173 @@ # include nginx # } class nginx ( - $client_body_buffer_size = $nginx::params::nx_client_body_buffer_size, - $client_body_temp_path = $nginx::params::nx_client_body_temp_path, - $client_max_body_size = $nginx::params::nx_client_max_body_size, - $confd_purge = $nginx::params::nx_confd_purge, - $configtest_enable = $nginx::params::nx_configtest_enable, - $conf_dir = $nginx::params::nx_conf_dir, - $conf_template = $nginx::params::nx_conf_template, - $daemon_user = $nginx::params::nx_daemon_user, - $events_use = $nginx::params::nx_events_use, - $fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive, - $fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key, - $fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone, - $fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels, - $fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size, - $fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path, - $fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale, - $gzip = $nginx::params::nx_gzip, - $http_access_log = $nginx::params::nx_http_access_log, - $http_cfg_append = $nginx::params::nx_http_cfg_append, - $http_tcp_nodelay = $nginx::params::nx_http_tcp_nodelay, - $http_tcp_nopush = $nginx::params::nx_http_tcp_nopush, - $keepalive_timeout = $nginx::params::nx_keepalive_timeout, - $logdir = $nginx::params::nx_logdir, - $mail = $nginx::params::nx_mail, - $manage_repo = $nginx::params::manage_repo, - $multi_accept = $nginx::params::nx_multi_accept, - $names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size, - $names_hash_max_size = $nginx::params::nx_names_hash_max_size, - $nginx_error_log = $nginx::params::nx_nginx_error_log, + $client_body_buffer_size = undef, + $client_body_temp_path = undef, + $client_max_body_size = undef, + $confd_purge = undef, + $configtest_enable = undef, + $conf_dir = undef, + $conf_template = undef, + $daemon_user = undef, + $events_use = undef, + $fastcgi_cache_inactive = undef, + $fastcgi_cache_key = undef, + $fastcgi_cache_keys_zone = undef, + $fastcgi_cache_levels = undef, + $fastcgi_cache_max_size = undef, + $fastcgi_cache_path = undef, + $fastcgi_cache_use_stale = undef, + $gzip = undef, + $http_access_log = undef, + $http_cfg_append = undef, + $http_tcp_nodelay = undef, + $http_tcp_nopush = undef, + $keepalive_timeout = undef, + $logdir = undef, + $mail = undef, + $manage_repo = undef, + $multi_accept = undef, + $names_hash_bucket_size = undef, + $names_hash_max_size = undef, + $nginx_error_log = undef, $nginx_locations = {}, $nginx_mailhosts = {}, $nginx_upstreams = {}, $nginx_vhosts = {}, $nginx_vhosts_defaults = {}, - $package_ensure = $nginx::params::package_ensure, - $package_name = $nginx::params::package_name, - $package_source = $nginx::params::package_source, - $pid = $nginx::params::nx_pid, - $proxy_buffers = $nginx::params::nx_proxy_buffers, - $proxy_buffer_size = $nginx::params::nx_proxy_buffer_size, - $proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive, - $proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone, - $proxy_cache_levels = $nginx::params::nx_proxy_cache_levels, - $proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size, - $proxy_cache_path = $nginx::params::nx_proxy_cache_path, - $proxy_conf_template = $nginx::params::nx_proxy_conf_template, - $proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout, - $proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size, - $proxy_http_version = $nginx::params::nx_proxy_http_version, - $proxy_read_timeout = $nginx::params::nx_proxy_read_timeout, - $proxy_redirect = $nginx::params::nx_proxy_redirect, - $proxy_send_timeout = $nginx::params::nx_proxy_send_timeout, - $proxy_set_header = $nginx::params::nx_proxy_set_header, - $proxy_temp_path = $nginx::params::nx_proxy_temp_path, - $run_dir = $nginx::params::nx_run_dir, - $sendfile = $nginx::params::nx_sendfile, - $server_tokens = $nginx::params::nx_server_tokens, - $service_ensure = $nginx::params::nx_service_ensure, - $service_restart = $nginx::params::nx_service_restart, - $spdy = $nginx::params::nx_spdy, - $super_user = $nginx::params::nx_super_user, - $temp_dir = $nginx::params::nx_temp_dir, - $types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size, - $types_hash_max_size = $nginx::params::nx_types_hash_max_size, - $vhost_purge = $nginx::params::nx_vhost_purge, - $worker_connections = $nginx::params::nx_worker_connections, - $worker_processes = $nginx::params::nx_worker_processes, - $worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile, - $global_owner = $nginx::params::global_owner, - $global_group = $nginx::params::global_group, - $global_mode = $nginx::params::global_mode, - $sites_available_owner = $nginx::params::sites_available_owner, - $sites_available_group = $nginx::params::sites_available_group, - $sites_available_mode = $nginx::params::sites_available_mode, + $package_ensure = undef, + $package_name = undef, + $package_source = undef, + $pid = undef, + $proxy_buffers = undef, + $proxy_buffer_size = undef, + $proxy_cache_inactive = undef, + $proxy_cache_keys_zone = undef, + $proxy_cache_levels = undef, + $proxy_cache_max_size = undef, + $proxy_cache_path = undef, + $proxy_conf_template = undef, + $proxy_connect_timeout = undef, + $proxy_headers_hash_bucket_size = undef, + $proxy_http_version = undef, + $proxy_read_timeout = undef, + $proxy_redirect = undef, + $proxy_send_timeout = undef, + $proxy_set_header = undef, + $proxy_temp_path = undef, + $run_dir = undef, + $sendfile = undef, + $server_tokens = undef, + $service_ensure = undef, + $service_restart = undef, + $spdy = undef, + $super_user = undef, + $temp_dir = undef, + $types_hash_bucket_size = undef, + $types_hash_max_size = undef, + $vhost_purge = undef, + $worker_connections = undef, + $worker_processes = undef, + $worker_rlimit_nofile = undef, + $global_owner = undef, + $global_group = undef, + $global_mode = undef, + $sites_available_owner = undef, + $sites_available_group = undef, + $sites_available_mode = undef, $geo_mappings = {}, $string_mappings = {}, -) inherits nginx::params { +) { - include stdlib + ### DEPRECATION WARNING ### + ### + ### During the transition from the params pattern -> puppet-module-data, + ### we need a graceful way to notify the consumer that the pattern is + ### changing, and point them toward docs on how to transition. + ### + ### Once we hit 1.0, this whole block goes away. + ### + ### Please note: as a contributor to this module, no Pulls will be accepted + ### that do add additional parameters to this class. Get on this puppet-module-data + ### level! - if (!is_string($worker_processes)) and (!is_integer($worker_processes)) { - fail('$worker_processes must be an integer or have value "auto".') - } - if (!is_integer($worker_connections)) { - fail('$worker_connections must be an integer.') - } - if (!is_integer($worker_rlimit_nofile)) { - fail('$worker_rlimit_nofile must be an integer.') - } - if (!is_string($events_use)) and ($events_use != false) { - fail('$events_use must be a string or false.') - } - validate_string($multi_accept) - validate_string($package_name) - validate_string($package_ensure) - validate_string($package_source) - validate_array($proxy_set_header) - validate_string($proxy_http_version) - validate_bool($confd_purge) - validate_bool($vhost_purge) - if ($proxy_cache_path != false) { - validate_string($proxy_cache_path) - } - validate_re($proxy_cache_levels, '^[12](:[12])*$') - validate_string($proxy_cache_keys_zone) - validate_string($proxy_cache_max_size) - validate_string($proxy_cache_inactive) - - if ($fastcgi_cache_path != false) { - validate_string($fastcgi_cache_path) - } - validate_re($fastcgi_cache_levels, '^[12](:[12])*$') - validate_string($fastcgi_cache_keys_zone) - validate_string($fastcgi_cache_max_size) - validate_string($fastcgi_cache_inactive) - if ($fastcgi_cache_key != false) { - validate_string($fastcgi_cache_key) - } - if ($fastcgi_cache_use_stale != false) { - validate_string($fastcgi_cache_use_stale) - } + ### This block makes me sad, but what can you do.... we need to do this + ### migration the Right Way(tm) -- JDF - validate_bool($configtest_enable) - validate_string($service_restart) - validate_bool($mail) - validate_string($server_tokens) - validate_string($client_max_body_size) - if (!is_integer($names_hash_bucket_size)) { - fail('$names_hash_bucket_size must be an integer.') - } - if (!is_integer($names_hash_max_size)) { - fail('$names_hash_max_size must be an integer.') - } - validate_string($proxy_buffers) - validate_string($proxy_buffer_size) - if ($http_cfg_append != false) { - if !(is_hash($http_cfg_append) or is_array($http_cfg_append)) { - fail('$http_cfg_append must be either a hash or array') - } - } - - validate_string($nginx_error_log) - validate_string($http_access_log) - validate_hash($nginx_upstreams) - validate_hash($nginx_vhosts) - validate_hash($nginx_vhosts_defaults) - validate_hash($nginx_locations) - validate_hash($nginx_mailhosts) - validate_bool($manage_repo) - validate_string($proxy_headers_hash_bucket_size) - validate_bool($super_user) + if $client_body_buffer_size or + $client_body_temp_path or + $client_max_body_size or + $confd_purge or + $configtest_enable or + $conf_dir or + $conf_template or + $daemon_user or + $events_use or + $fastcgi_cache_inactive or + $fastcgi_cache_key or + $fastcgi_cache_keys_zone or + $fastcgi_cache_levels or + $fastcgi_cache_max_size or + $fastcgi_cache_path or + $fastcgi_cache_use_stale or + $gzip or + $http_access_log or + $http_cfg_append or + $http_tcp_nodelay or + $http_tcp_nopush or + $keepalive_timeout or + $logdir or + $mail or + $manage_repo or + $multi_accept or + $names_hash_bucket_size or + $names_hash_max_size or + $nginx_error_log or + $package_ensure or + $package_name or + $package_source or + $pid or + $proxy_buffers or + $proxy_buffer_size or + $proxy_cache_inactive or + $proxy_cache_keys_zone or + $proxy_cache_levels or + $proxy_cache_max_size or + $proxy_cache_path or + $proxy_conf_template or + $proxy_connect_timeout or + $proxy_headers_hash_bucket_size or + $proxy_http_version or + $proxy_read_timeout or + $proxy_redirect or + $proxy_send_timeout or + $proxy_set_header or + $proxy_temp_path or + $run_dir or + $sendfile or + $server_tokens or + $service_ensure or + $service_restart or + $spdy or + $super_user or + $temp_dir or + $types_hash_bucket_size or + $types_hash_max_size or + $vhost_purge or + $worker_connections or + $worker_processes or + $worker_rlimit_nofile or + $global_owner or + $global_group or + $global_mode or + $sites_available_owner or + $sites_available_group or + $sites_available_mode { + + include nginx::notice::puppet_module_data + } - validate_hash($string_mappings) - validate_hash($geo_mappings) + ### END DEPRECATION WARNING ### class { 'nginx::package': package_name => $package_name, @@ -259,8 +272,7 @@ notify => Class['nginx::service'], } - class { 'nginx::service': - } + class { 'nginx::service': } create_resources('nginx::resource::upstream', $nginx_upstreams) create_resources('nginx::resource::vhost', $nginx_vhosts, $nginx_vhosts_defaults) diff --git a/manifests/notice/puppet_module_data.pp b/manifests/notice/puppet_module_data.pp new file mode 100644 index 000000000..f7b26899e --- /dev/null +++ b/manifests/notice/puppet_module_data.pp @@ -0,0 +1,5 @@ +class nginx::notice::puppet_module_data { + $message = "[nginx] *** DEPRECATION WARNING***: HI! I notice that you're declaring some attributes in Class[nginx]. We are in the process of moving all of these attributes to Hiera with puppet-module-tool. Please check out https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md for more information." + + notify { $message: } +} \ No newline at end of file diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index 3acd4b343..000000000 --- a/manifests/params.pp +++ /dev/null @@ -1,161 +0,0 @@ -# Class: nginx::param -# -# This module manages NGINX paramaters -# -# Parameters: -# -# There are no default parameters for this class. -# -# Actions: -# -# Requires: -# -# Sample Usage: -# -# This class file is not called directly -class nginx::params { - - $nx_temp_dir = '/tmp' - $nx_run_dir = '/var/nginx' - - $nx_conf_template = 'nginx/conf.d/nginx.conf.erb' - $nx_proxy_conf_template = 'nginx/conf.d/proxy.conf.erb' - $nx_confd_purge = false - $nx_vhost_purge = false - $nx_worker_processes = 1 - $nx_worker_connections = 1024 - $nx_worker_rlimit_nofile = 1024 - $nx_types_hash_max_size = 1024 - $nx_types_hash_bucket_size = 512 - $nx_names_hash_bucket_size = 64 - $nx_names_hash_max_size = 512 - $nx_multi_accept = off - # One of [kqueue|rtsig|epoll|/dev/poll|select|poll|eventport] - # or false to use OS default - $nx_events_use = false - $nx_sendfile = on - $nx_keepalive_timeout = 65 - $nx_http_tcp_nodelay = on - $nx_http_tcp_nopush = off - $nx_gzip = on - $nx_server_tokens = on - $nx_spdy = off - $nx_ssl_stapling = off - - $nx_proxy_redirect = off - $nx_proxy_set_header = [ - 'Host $host', - 'X-Real-IP $remote_addr', - 'X-Forwarded-For $proxy_add_x_forwarded_for', - ] - $nx_proxy_cache_path = false - $nx_proxy_cache_levels = '1' - $nx_proxy_cache_keys_zone = 'd2:100m' - $nx_proxy_cache_max_size = '500m' - $nx_proxy_cache_inactive = '20m' - - $nx_fastcgi_cache_path = false - $nx_fastcgi_cache_levels = '1' - $nx_fastcgi_cache_keys_zone = 'd3:100m' - $nx_fastcgi_cache_max_size = '500m' - $nx_fastcgi_cache_inactive = '20m' - $nx_fastcgi_cache_key = false - $nx_fastcgi_cache_use_stale = false - - $nx_client_body_temp_path = "${nx_run_dir}/client_body_temp" - $nx_client_body_buffer_size = '128k' - $nx_client_max_body_size = '10m' - $nx_proxy_temp_path = "${nx_run_dir}/proxy_temp" - $nx_proxy_connect_timeout = '90' - $nx_proxy_send_timeout = '90' - $nx_proxy_read_timeout = '90' - $nx_proxy_buffers = '32 4k' - $nx_proxy_http_version = '1.0' - $nx_proxy_buffer_size = '8k' - $nx_proxy_headers_hash_bucket_size = '64' - - $nx_logdir = '/var/log/nginx' - - $nx_pid = $::kernel ? { - /(?i-mx:linux)/ => $::osfamily ? { - # archlinux has hardcoded pid in service file to /run/nginx.pid, setting - # it will prevent nginx from starting - /(?i-mx:archlinux)/ => false, - default => '/var/run/nginx.pid', - }, - /(?i-mx:sunos)/ => '/var/run/nginx.pid', - /(?i-mx:freebsd)/ => '/var/run/nginx.pid', - } - - $nx_conf_dir = $::kernelversion ? { - /(?i-mx:joyent)/ => '/opt/local/etc/nginx', - default => $::kernel ? { - /(?i-mx:freebsd)/ => '/usr/local/etc/nginx', - default => '/etc/nginx', - } - } - - if $::osfamily { - $solaris_nx_daemon_user = $::kernelversion ? { - /(?i-mx:joyent)/ => 'www', - default => 'webservd', - } - $nx_daemon_user = $::osfamily ? { - /(?i-mx:archlinux)/ => 'http', - /(?i-mx:redhat|suse|gentoo|linux)/ => 'nginx', - /(?i-mx:debian)/ => 'www-data', - /(?i-mx:solaris)/ => $solaris_nx_daemon_user, - /(?i-mx:freebsd)/ => 'www', - } - } else { - warning('$::osfamily not defined. Support for $::operatingsystem is deprecated') - warning("Please upgrade from facter ${::facterversion} to >= 1.7.2") - $nx_daemon_user = $::operatingsystem ? { - /(?i-mx:archlinux)/ => 'http', - /(?i-mx:debian|ubuntu)/ => 'www-data', - /(?i-mx:fedora|rhel|redhat|centos|scientific|suse|opensuse|amazon|gentoo|oraclelinux)/ => 'nginx', - /(?i-mx:solaris)/ => 'webservd', - /(?i-mx:freebsd)/ => 'www', - } - } - - $root_group = $::operatingsystem ? { - 'FreeBSD' => 'wheel', - default => 'root', - } - - # Nginx is default launched as root if not change this parameter - $nx_super_user = true - - # Service restart after Nginx 0.7.53 could also be just - # "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't. - # If configtest_enable it's true then service restart will take - # $nx_service_restart value, forcing configtest. - - $nx_configtest_enable = false - $nx_service_restart = '/etc/init.d/nginx configtest && /etc/init.d/nginx restart' - $nx_service_ensure = running - - $nx_mail = false - - $nx_http_cfg_append = false - - $nx_nginx_error_log = "${nx_logdir}/error.log" - $nx_http_access_log = "${nx_logdir}/access.log" - - # package name depends on distribution, e.g. for Debian nginx-full | nginx-light - $package_name = 'nginx' - $package_ensure = 'present' - $package_source = 'nginx' - $manage_repo = true - - # Specific owner for sites-available directory - $sites_available_owner = 'root' - $sites_available_group = $root_group - $sites_available_mode = '0644' - - # Owner for all other files - $global_owner = 'root' - $global_group = $root_group - $global_mode = '0644' -} diff --git a/metadata.json b/metadata.json index ba205d71c..a392e2872 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "jfryman-nginx", - "version": "0.0.10", + "version": "0.1.0", "author": "James Fryman", "summary": "Puppet NGINX management module", "license": "Apache License Version 2.0", @@ -11,6 +11,7 @@ "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":">= 3.0.0"}, {"name":"puppetlabs/apt","version_requirement":">= 1.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.0"} + {"name":"puppetlabs/concat","version_requirement":">= 1.1.0"}, + {"name":"ripienaar/module_data","version_requirement":">= 0.0.3"} ] } From 678256fa3d07e7f3b81f9078daf2062f06877044 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Sat, 20 Sep 2014 13:34:20 -0500 Subject: [PATCH 02/14] need moar dashes --- data/hiera.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hiera.yaml b/data/hiera.yaml index 3aa54c7c0..7595bed5f 100644 --- a/data/hiera.yaml +++ b/data/hiera.yaml @@ -1,4 +1,4 @@ --- +--- :hierarchy: - osfamily/%{::osfamily} - kernelversion/%{::kernelversion} From 4c5f1e3b2a803e847d09aa8bffbcf2aeafe5c7f0 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Sat, 20 Sep 2014 18:25:24 -0500 Subject: [PATCH 03/14] pass one of spec cleanup --- manifests/resource/geo.pp | 3 +- manifests/resource/location.pp | 3 +- manifests/resource/mailhost.pp | 3 +- manifests/resource/map.pp | 3 +- spec/classes/config_spec.rb | 54 +++++++++++++------------- spec/classes/package_spec.rb | 2 +- spec/classes/params_spec.rb | 15 ------- spec/classes/service_spec.rb | 4 +- spec/defines/resource_geo_spec.rb | 1 - spec/defines/resource_location_spec.rb | 4 +- spec/defines/resource_mailhost_spec.rb | 4 +- spec/defines/resource_upstream_spec.rb | 3 -- spec/defines/resource_vhost_spec.rb | 2 - spec/spec_helper.rb | 3 ++ 14 files changed, 39 insertions(+), 65 deletions(-) delete mode 100644 spec/classes/params_spec.rb diff --git a/manifests/resource/geo.pp b/manifests/resource/geo.pp index 859b0b29a..5db1dd847 100644 --- a/manifests/resource/geo.pp +++ b/manifests/resource/geo.pp @@ -73,8 +73,7 @@ if ($proxies != undef) { validate_array($proxies) } if ($proxy_recursive != undef) { validate_bool($proxy_recursive) } - include nginx::params - $root_group = $nginx::params::root_group + $root_group = $nginx::config::root_group $ensure_real = $ensure ? { 'absent' => 'absent', diff --git a/manifests/resource/location.pp b/manifests/resource/location.pp index 1f44fba34..3884cb228 100644 --- a/manifests/resource/location.pp +++ b/manifests/resource/location.pp @@ -172,8 +172,7 @@ $flv = false, ) { - include nginx::params - $root_group = $nginx::params::root_group + $root_group = $nginx::config::root_group File { owner => 'root', diff --git a/manifests/resource/mailhost.pp b/manifests/resource/mailhost.pp index 37b48bff1..f812d6a81 100644 --- a/manifests/resource/mailhost.pp +++ b/manifests/resource/mailhost.pp @@ -61,8 +61,7 @@ $server_name = [$name] ) { - include nginx::params - $root_group = $nginx::params::root_group + $root_group = $nginx::config::root_group File { owner => 'root', diff --git a/manifests/resource/map.pp b/manifests/resource/map.pp index 1c7aa3282..1217df31b 100644 --- a/manifests/resource/map.pp +++ b/manifests/resource/map.pp @@ -57,8 +57,7 @@ "Invalid ensure value '${ensure}'. Expected 'present' or 'absent'") if ($default != undef) { validate_string($default) } - include nginx::params - $root_group = $nginx::params::root_group + $root_group = $nginx::config::root_group $ensure_real = $ensure ? { 'absent' => absent, diff --git a/spec/classes/config_spec.rb b/spec/classes/config_spec.rb index 34ba4a66b..7222a2527 100644 --- a/spec/classes/config_spec.rb +++ b/spec/classes/config_spec.rb @@ -3,18 +3,18 @@ describe 'with defaults' do [ - { :osfamily => 'debian', :operatingsystem => 'debian', }, - { :osfamily => 'debian', :operatingsystem => 'ubuntu', }, - { :osfamily => 'redhat', :operatingsystem => 'fedora', }, - { :osfamily => 'redhat', :operatingsystem => 'rhel', }, - { :osfamily => 'redhat', :operatingsystem => 'redhat', }, - { :osfamily => 'redhat', :operatingsystem => 'centos', }, - { :osfamily => 'redhat', :operatingsystem => 'scientific', }, - { :osfamily => 'redhat', :operatingsystem => 'amazon', }, - { :osfamily => 'suse', :operatingsystem => 'suse', }, - { :osfamily => 'suse', :operatingsystem => 'opensuse', }, - { :osfamily => 'gentoo', :operatingsystem => 'gentoo', }, - { :osfamily => 'linux', :operatingsystem => 'gentoo', }, + { :osfamily => 'Debian', :operatingsystem => 'Debian', }, + { :osfamily => 'Debian', :operatingsystem => 'Ubuntu', }, + { :osfamily => 'Redhat', :operatingsystem => 'Fedora', }, + { :osfamily => 'Redhat', :operatingsystem => 'RedHat', }, + { :osfamily => 'Redhat', :operatingsystem => 'OracleLinux', }, + { :osfamily => 'Redhat', :operatingsystem => 'CentOS', }, + { :osfamily => 'Redhat', :operatingsystem => 'Scientific', }, + { :osfamily => 'Redhat', :operatingsystem => 'Amazon', }, + { :osfamily => 'SuSE', :operatingsystem => 'SuSE', }, + { :osfamily => 'SuSE', :operatingsystem => 'OpenSuSE', }, + { :osfamily => 'Gentoo', :operatingsystem => 'Gentoo', }, + { :osfamily => 'Linux', :operatingsystem => 'Gentoo', }, ].each do |facts| context "when osfamily/operatingsystem is #{facts[:osfamily]}/#{facts[:operatingsystem]}" do @@ -26,8 +26,6 @@ } end - it { is_expected.to contain_class("nginx::params") } - it { is_expected.to contain_file("/etc/nginx").only_with( :path => "/etc/nginx", :ensure => 'directory', @@ -96,8 +94,8 @@ describe 'with defaults' do [ - { :osfamily => 'debian', :operatingsystem => 'debian', }, - { :osfamily => 'debian', :operatingsystem => 'ubuntu', }, + { :osfamily => 'Debian', :operatingsystem => 'Debian', }, + { :osfamily => 'Debian', :operatingsystem => 'Ubuntu', }, ].each do |facts| context "when osfamily/operatingsystem is #{facts[:osfamily]}/#{facts[:operatingsystem]}" do @@ -117,16 +115,16 @@ describe 'with defaults' do [ - { :osfamily => 'redhat', :operatingsystem => 'fedora', }, - { :osfamily => 'redhat', :operatingsystem => 'rhel', }, - { :osfamily => 'redhat', :operatingsystem => 'redhat', }, - { :osfamily => 'redhat', :operatingsystem => 'centos', }, - { :osfamily => 'redhat', :operatingsystem => 'scientific', }, - { :osfamily => 'redhat', :operatingsystem => 'amazon', }, - { :osfamily => 'suse', :operatingsystem => 'suse', }, - { :osfamily => 'suse', :operatingsystem => 'opensuse', }, - { :osfamily => 'gentoo', :operatingsystem => 'gentoo', }, - { :osfamily => 'linux', :operatingsystem => 'gentoo', }, + { :osfamily => 'RedHat', :operatingsystem => 'Fedora', }, + { :osfamily => 'RedHat', :operatingsystem => 'RedHat', }, + { :osfamily => 'RedHat', :operatingsystem => 'OracleLinux', }, + { :osfamily => 'RedHat', :operatingsystem => 'CentOS', }, + { :osfamily => 'RedHat', :operatingsystem => 'Scientific', }, + { :osfamily => 'RedHat', :operatingsystem => 'Amazon', }, + { :osfamily => 'SuSE', :operatingsystem => 'SuSE', }, + { :osfamily => 'SuSE', :operatingsystem => 'openSuSE', }, + { :osfamily => 'Gentoo', :operatingsystem => 'Gentoo', }, + { :osfamily => 'Linux', :operatingsystem => 'Gentoo', }, ].each do |facts| context "when osfamily/operatingsystem is #{facts[:osfamily]}/#{facts[:operatingsystem]}" do @@ -148,8 +146,8 @@ let :facts do { - :osfamily => 'debian', - :operatingsystem => 'debian', + :osfamily => 'Debian', + :operatingsystem => 'Debian', } end diff --git a/spec/classes/package_spec.rb b/spec/classes/package_spec.rb index c44ba306b..808820ce1 100644 --- a/spec/classes/package_spec.rb +++ b/spec/classes/package_spec.rb @@ -4,7 +4,7 @@ shared_examples 'redhat' do |operatingsystem| let(:facts) {{ :operatingsystem => operatingsystem, :osfamily => 'RedHat' }} - +spec/classes/package_spec.rb context "using defaults" do it { is_expected.to contain_package('nginx') } it { is_expected.to contain_yumrepo('nginx-release').with( diff --git a/spec/classes/params_spec.rb b/spec/classes/params_spec.rb deleted file mode 100644 index 175f8e96a..000000000 --- a/spec/classes/params_spec.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'spec_helper' - -describe 'nginx::params' do - context "On a Debian OS" do - let :facts do { - :osfamily => 'debian', - :operatingsystem => 'debian', - } end - - it { is_expected.to contain_nginx__params } - it { is_expected.to have_class_count(1) } #only nginx::params itself - it { is_expected.to have_resource_count(0) } #params class should never declare resources - - end -end diff --git a/spec/classes/service_spec.rb b/spec/classes/service_spec.rb index f71799186..d6005d5e2 100644 --- a/spec/classes/service_spec.rb +++ b/spec/classes/service_spec.rb @@ -3,14 +3,14 @@ let :facts do { :osfamily => 'Debian', - :operatingsystem => 'debian', + :operatingsystem => 'Debian', } end let :params do { :configtest_enable => false, :service_restart => '/etc/init.d/nginx configtest && /etc/init.d/nginx restart', :service_ensure => 'running', - } end + } end context "using default parameters" do diff --git a/spec/defines/resource_geo_spec.rb b/spec/defines/resource_geo_spec.rb index cceff061f..94958f6a6 100644 --- a/spec/defines/resource_geo_spec.rb +++ b/spec/defines/resource_geo_spec.rb @@ -26,7 +26,6 @@ let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end diff --git a/spec/defines/resource_location_spec.rb b/spec/defines/resource_location_spec.rb index 9fc3989a9..a81d9b590 100644 --- a/spec/defines/resource_location_spec.rb +++ b/spec/defines/resource_location_spec.rb @@ -8,12 +8,11 @@ let :facts do { :osfamily => 'Debian', - :operatingsystem => 'debian', + :operatingsystem => 'Debian', } end let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end @@ -26,7 +25,6 @@ :vhost => 'vhost1', } end - it { is_expected.to contain_class("nginx::params") } it { is_expected.to contain_class("nginx::config") } it { is_expected.to contain_concat__fragment("f25e14942fb58942ee13b1465a4e1719").with_content(/location rspec-test/) } it { is_expected.not_to contain_file('/etc/nginx/fastcgi_params') } diff --git a/spec/defines/resource_mailhost_spec.rb b/spec/defines/resource_mailhost_spec.rb index bf808a437..36237cff4 100644 --- a/spec/defines/resource_mailhost_spec.rb +++ b/spec/defines/resource_mailhost_spec.rb @@ -6,8 +6,8 @@ end let :facts do { - :osfamily => 'debian', - :operatingsystem => 'debian', + :osfamily => 'Debian', + :operatingsystem => 'Debian', :ipaddress6 => '::', } end diff --git a/spec/defines/resource_upstream_spec.rb b/spec/defines/resource_upstream_spec.rb index d81eb9c50..148d8da91 100644 --- a/spec/defines/resource_upstream_spec.rb +++ b/spec/defines/resource_upstream_spec.rb @@ -13,7 +13,6 @@ let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end @@ -28,7 +27,6 @@ let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end @@ -39,7 +37,6 @@ describe 'basic assumptions' do let :params do default_params end - it { is_expected.to contain_class("nginx::params") } it { is_expected.to contain_class('concat::setup') } it { is_expected.to contain_file("/etc/nginx/conf.d/#{title}-upstream.conf") } it { is_expected.to contain_concat__fragment("#{title}_upstream_header").with_content(/upstream #{title}/) } diff --git a/spec/defines/resource_vhost_spec.rb b/spec/defines/resource_vhost_spec.rb index 9408b0895..08a0b0142 100644 --- a/spec/defines/resource_vhost_spec.rb +++ b/spec/defines/resource_vhost_spec.rb @@ -19,7 +19,6 @@ end let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end @@ -28,7 +27,6 @@ describe 'basic assumptions' do let :params do default_params end - it { is_expected.to contain_class("nginx::params") } it { is_expected.to contain_class("nginx::config") } it { is_expected.to contain_concat("/etc/nginx/sites-available/#{title}.conf").with({ 'owner' => 'root', diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index a987b6e6c..730b53d87 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,6 +1,9 @@ require 'puppetlabs_spec_helper/module_spec_helper' +require 'fixtures/modules/module_data/lib/hiera/backend/module_data_backend.rb' RSpec.configure do |c| + c.hiera_config = File.join('spec', 'fixtures', 'hiera', 'hiera.yaml') + c.default_facts = { :kernel => 'Linux', :concat_basedir => '/var/lib/puppet/concat', From 00ec3f4e35d7b474f44ecfb4e20e9c45c2c4ebb6 Mon Sep 17 00:00:00 2001 From: Matthew Haughton Date: Sun, 21 Sep 2014 01:27:35 -0400 Subject: [PATCH 04/14] spec fixes --- .fixtures.yml | 1 + data/common.yaml | 32 +++++++++++++++---------------- manifests/config.pp | 14 ++------------ manifests/resource/upstream.pp | 3 +-- spec/classes/nginx_spec.rb | 1 - spec/classes/package_spec.rb | 1 - spec/defines/resource_map_spec.rb | 1 - 7 files changed, 20 insertions(+), 33 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index b8473dea9..f52c3e3c6 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -5,3 +5,4 @@ fixtures: apt: "puppetlabs/apt" concat: "puppetlabs/concat" stdlib: "puppetlabs/stdlib" + module_data: "ripienaar/module_data" diff --git a/data/common.yaml b/data/common.yaml index db935a4b0..2ecf6bc28 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -12,28 +12,28 @@ nginx::config::types_hash_max_size: 1024 nginx::config::types_hash_bucket_size: 512 nginx::config::names_hash_bucket_size: 64 nginx::config::names_hash_max_size: 512 -nginx::config::multi_accept: off +nginx::config::multi_accept: 'off' nginx::config::events_use: false -nginx::config::sendfile: on +nginx::config::sendfile: 'on' nginx::config::keepalive_timeout: 65 -nginx::config::http_tcp_nodelay: on -nginx::config::http_tcp_nopush: off -nginx::config::gzip: on -nginx::config::server_tokens: on -nginx::config::spdy: off -nginx::config::ssl_stapling: off -nginx::config::proxy_redirect: off +nginx::config::http_tcp_nodelay: 'on' +nginx::config::http_tcp_nopush: 'off' +nginx::config::gzip: 'on' +nginx::config::server_tokens: 'on' +nginx::config::spdy: 'off' +nginx::config::ssl_stapling: 'off' +nginx::config::proxy_redirect: 'off' nginx::config::proxy_set_header: - 'Host $host' - 'X-Real-IP $remote_addr' - 'X-Forwarded-For $proxy_add_x_forwarded_for' nginx::config::proxy_cache_path: false -nginx::config::proxy_cache_levels: 1 +nginx::config::proxy_cache_levels: '1' nginx::config::proxy_cache_keys_zone: 'd2:100m' nginx::config::proxy_cache_max_size: 500m nginx::config::proxy_cache_inactive: 20m nginx::config::fastcgi_cache_path: false -nginx::config::fastcgi_cache_levels: 1 +nginx::config::fastcgi_cache_levels: '1' nginx::config::fastcgi_cache_keys_zone: 'd3:100m' nginx::config::fastcgi_cache_max_size: 500m nginx::config::fastcgi_cache_inactive: 20m @@ -43,13 +43,13 @@ nginx::config::client_body_temp_path: /var/nginx/client_body_temp nginx::config::client_body_buffer_size: 128k nginx::config::client_max_body_size: 10m nginx::config::proxy_temp_path: /var/nginx/proxy_temp -nginx::config::proxy_connect_timeout: 90 -nginx::config::proxy_send_timeout: 90 -nginx::config::proxy_read_timeout: 90 +nginx::config::proxy_connect_timeout: '90' +nginx::config::proxy_send_timeout: '90' +nginx::config::proxy_read_timeout: '90' nginx::config::proxy_buffers: '32 4k' -nginx::config::proxy_http_version: 1.0 +nginx::config::proxy_http_version: '1.0' nginx::config::proxy_buffer_size: 8k -nginx::config::proxy_headers_hash_bucket_size: 64 +nginx::config::proxy_headers_hash_bucket_size: '64' nginx::config::logdir: /var/log/nginx # Service restart after Nginx 0.7.53 could also be just diff --git a/manifests/config.pp b/manifests/config.pp index 4aa1588de..14e57372c 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -20,6 +20,7 @@ $confd_purge = undef, $conf_dir = undef, $conf_template = undef, + $configtest_enable = undef, $daemon_user = undef, $events_use = undef, $fastcgi_cache_inactive = undef, @@ -58,6 +59,7 @@ $proxy_send_timeout = undef, $proxy_set_header = undef, $proxy_temp_path = undef, + $root_group = undef, $run_dir = undef, $sendfile = undef, $server_tokens = undef, @@ -92,9 +94,6 @@ fail('$events_use must be a string or false.') } validate_string($multi_accept) - validate_string($package_name) - validate_string($package_ensure) - validate_string($package_source) validate_array($proxy_set_header) validate_string($proxy_http_version) validate_bool($confd_purge) @@ -122,7 +121,6 @@ } validate_bool($configtest_enable) - validate_string($service_restart) validate_bool($mail) validate_string($server_tokens) validate_string($client_max_body_size) @@ -142,17 +140,9 @@ validate_string($nginx_error_log) validate_string($http_access_log) - validate_hash($nginx_upstreams) - validate_hash($nginx_vhosts) - validate_hash($nginx_vhosts_defaults) - validate_hash($nginx_locations) - validate_hash($nginx_mailhosts) - validate_bool($manage_repo) validate_string($proxy_headers_hash_bucket_size) validate_bool($super_user) - validate_hash($string_mappings) - validate_hash($geo_mappings) ### END VALIDATIONS ### diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp index ba229b3fd..06ebf8fe7 100644 --- a/manifests/resource/upstream.pp +++ b/manifests/resource/upstream.pp @@ -54,8 +54,7 @@ validate_hash($upstream_cfg_prepend) } - include nginx::params - $root_group = $nginx::params::root_group + $root_group = $nginx::config::root_group $ensure_real = $ensure ? { 'absent' => absent, diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb index 353f0fa9e..9686f268f 100644 --- a/spec/classes/nginx_spec.rb +++ b/spec/classes/nginx_spec.rb @@ -21,7 +21,6 @@ it { is_expected.to contain_nginx__service.that_subscribes_to('Class[nginx::package]') } it { is_expected.to contain_nginx__service.that_subscribes_to('Class[nginx::config]') } it { is_expected.to contain_anchor('nginx::end').that_requires('Class[nginx::service]') } - it { is_expected.to contain_class("nginx::params") } it { is_expected.to contain_nginx__resource__upstream("upstream1") } it { is_expected.to contain_nginx__resource__vhost("test2.local") } it { is_expected.to contain_nginx__resource__vhost("test2.local").with_listen_options('default_server') } diff --git a/spec/classes/package_spec.rb b/spec/classes/package_spec.rb index 808820ce1..04bb58944 100644 --- a/spec/classes/package_spec.rb +++ b/spec/classes/package_spec.rb @@ -4,7 +4,6 @@ shared_examples 'redhat' do |operatingsystem| let(:facts) {{ :operatingsystem => operatingsystem, :osfamily => 'RedHat' }} -spec/classes/package_spec.rb context "using defaults" do it { is_expected.to contain_package('nginx') } it { is_expected.to contain_yumrepo('nginx-release').with( diff --git a/spec/defines/resource_map_spec.rb b/spec/defines/resource_map_spec.rb index ec7f8d84d..e6d262e5e 100644 --- a/spec/defines/resource_map_spec.rb +++ b/spec/defines/resource_map_spec.rb @@ -26,7 +26,6 @@ let :pre_condition do [ - 'include ::nginx::params', 'include ::nginx::config', ] end From 801208533f341bb259ed267e1497f5d30db5940f Mon Sep 17 00:00:00 2001 From: Matthew Haughton Date: Sun, 21 Sep 2014 11:40:45 -0400 Subject: [PATCH 05/14] add hiera.yaml to fixtures --- .gitignore | 3 ++- spec/fixtures/hiera/hiera.yaml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 spec/fixtures/hiera/hiera.yaml diff --git a/.gitignore b/.gitignore index bc12dc974..de069abab 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ files/server_test.pem pkg/ pkg/ Gemfile.lock -spec/fixtures/ +spec/fixtures/modules +spec/fixtures/manifests diff --git a/spec/fixtures/hiera/hiera.yaml b/spec/fixtures/hiera/hiera.yaml new file mode 100644 index 000000000..1b8490428 --- /dev/null +++ b/spec/fixtures/hiera/hiera.yaml @@ -0,0 +1,3 @@ +--- +:backends: + - module_data From 7a67a9d689cd99580584085a4a7148fb209d5c73 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Mon, 22 Sep 2014 20:08:10 -0500 Subject: [PATCH 06/14] remove kernelversion/add osmajrelease --- data/hiera.yaml | 3 ++- .../Joyent.yaml => operatingsystem/SmartOS.yaml} | 0 2 files changed, 2 insertions(+), 1 deletion(-) rename data/{kernelversion/Joyent.yaml => operatingsystem/SmartOS.yaml} (100%) diff --git a/data/hiera.yaml b/data/hiera.yaml index 7595bed5f..3df654618 100644 --- a/data/hiera.yaml +++ b/data/hiera.yaml @@ -1,6 +1,7 @@ --- :hierarchy: +- operatingsystem/%{::operatingsystem}/%{::operatingsystemmajrelease} +- operatingsystem/%{::operatingsystem} - osfamily/%{::osfamily} -- kernelversion/%{::kernelversion} - kernel/%{::kernel} - common diff --git a/data/kernelversion/Joyent.yaml b/data/operatingsystem/SmartOS.yaml similarity index 100% rename from data/kernelversion/Joyent.yaml rename to data/operatingsystem/SmartOS.yaml From c1ae12d9cd52a5c6a7b5a8f7d892f8d31547650b Mon Sep 17 00:00:00 2001 From: James Fryman Date: Mon, 22 Sep 2014 20:35:01 -0500 Subject: [PATCH 07/14] remove kernel, use osfamily (h/t @3flex) --- data/hiera.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/data/hiera.yaml b/data/hiera.yaml index 3df654618..268c1e028 100644 --- a/data/hiera.yaml +++ b/data/hiera.yaml @@ -3,5 +3,4 @@ - operatingsystem/%{::operatingsystem}/%{::operatingsystemmajrelease} - operatingsystem/%{::operatingsystem} - osfamily/%{::osfamily} -- kernel/%{::kernel} - common From abe58245663bf3a3634260eb6867c04ba74df970 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 09:11:22 -0500 Subject: [PATCH 08/14] remove nginx::config and nginx::service deprecation notice --- manifests/init.pp | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index c687e784e..6c5c51278 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -126,7 +126,6 @@ $client_body_temp_path or $client_max_body_size or $confd_purge or - $configtest_enable or $conf_dir or $conf_template or $daemon_user or @@ -146,14 +145,10 @@ $keepalive_timeout or $logdir or $mail or - $manage_repo or $multi_accept or $names_hash_bucket_size or $names_hash_max_size or $nginx_error_log or - $package_ensure or - $package_name or - $package_source or $pid or $proxy_buffers or $proxy_buffer_size or @@ -174,8 +169,6 @@ $run_dir or $sendfile or $server_tokens or - $service_ensure or - $service_restart or $spdy or $super_user or $temp_dir or @@ -191,7 +184,7 @@ $sites_available_owner or $sites_available_group or $sites_available_mode { - + include nginx::notice::puppet_module_data } From 54230bc6a8d29c396f4894be35dcca1d63e90050 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 10:23:15 -0500 Subject: [PATCH 09/14] add more doc details --- docs/hiera.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/docs/hiera.md b/docs/hiera.md index 59e82ac95..ebe7e139c 100644 --- a/docs/hiera.md +++ b/docs/hiera.md @@ -5,6 +5,18 @@ by R.I. Pinnear to allow for a significant amount of flexibility with base configuration of the module. This is to reduce the amount of clutter starting to gather in `params.pp`, and provide a foundation for future enhancements. +## Installation + +In order to leverage `puppet-module-data`, you must add an additional +configuration item to your `hiera.yaml` file to load the new backend. Simply +add the following code block. + +``` +:backends: +... + - module_data +``` + ## Upgrading If you happen to be here because of some silly deprecation notice, it is @@ -31,3 +43,20 @@ nginx::config::logdir: /data/nginx/logs Please note: This module takes advantage of Puppet 3 data module bindings. Be aware of any gotchas that accompany this. Take a look at https://docs.puppetlabs.com/hiera/1/puppet.html#limitations + +## I cannot/do not use Hiera! NOW WHAT! + +Do not fret! This is a big change to the core module, and it may be difficult +to make the conversion right away. First off, we intend to make it blatantly +clear when the module will tear out the parameters in Class[nginx] as +detailed in the deprecation notice. (The current target is v1.0) + +In the event that you are unable to leverage Hiera for your attribute configuration, you can use the Spaceship Operator to set the parameters for the nginx::config class. For example: + +```ruby +Class<| title == 'nginx::class' |> { + proxy_cache_levels => '2', +} +``` +The recommended path is to use Hiera, but this pattern should give you an intermediate step during the upgrade process. + From d8b93ee156e7465257812554aeabf690be416679 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 10:23:37 -0500 Subject: [PATCH 10/14] remove package/service data from hiera --- data/common.yaml | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/data/common.yaml b/data/common.yaml index 2ecf6bc28..5d6ae3b3d 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -52,26 +52,12 @@ nginx::config::proxy_buffer_size: 8k nginx::config::proxy_headers_hash_bucket_size: '64' nginx::config::logdir: /var/log/nginx -# Service restart after Nginx 0.7.53 could also be just -# "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't. -# If configtest_enable it's true then service restart will take -# $nx_service_restart value, forcing configtest. -nginx::config::configtest_enable: false -nginx::config::service_restart: '/etc/init.d/nginx configtest && /etc/init.d/nginx restart' -nginx::config::service_ensure: running - nginx::config::mail: false nginx::config::http_cfg_append: false nginx::config::nginx_error_log: /var/log/nginx/error.log nginx::config::http_access_log: /var/log/nginx/access.log -# package name depends on distribution, e.g. for Debian nginx-full | nginx-light -nginx::config::package_name: nginx -nginx::config::package_ensure: present -nginx::config::package_source: nginx -nginx::config::manage_repo: true - nginx::config::root_group: root # Specific owner for sites-available directory nginx::config::sites_available_owner: root From 9d2f48569ff1aff9a8f7e08cdeca7a9b2944b3ed Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 10:27:21 -0500 Subject: [PATCH 11/14] add blatant warning right up front for install/upgrade --- README.markdown | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.markdown b/README.markdown index 9b4d7a6f1..c30ae9432 100644 --- a/README.markdown +++ b/README.markdown @@ -1,7 +1,13 @@ # NGINX Module +## INSTALLING OR UPGRADING +** Please note **: This module is currently undergoing some structural +maintenance. Please take a look at https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md +before upgrading or installing Version 0.1.0 or greater. + [![Build Status](https://travis-ci.org/jfryman/puppet-nginx.png)](https://travis-ci.org/jfryman/puppet-nginx) + * James Fryman * Matthew Haughton From e31f2e49d4f4c0960f35b474c2f3c272dfff5ee2 Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 10:35:59 -0500 Subject: [PATCH 12/14] Should use markdown link here. --- README.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.markdown b/README.markdown index c30ae9432..b1a5fbe67 100644 --- a/README.markdown +++ b/README.markdown @@ -2,7 +2,7 @@ ## INSTALLING OR UPGRADING ** Please note **: This module is currently undergoing some structural -maintenance. Please take a look at https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md +maintenance. Please take a look at [https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md](https://github.com/jfryman/puppet-nginx/blob/master/docs/hiera.md) before upgrading or installing Version 0.1.0 or greater. [![Build Status](https://travis-ci.org/jfryman/puppet-nginx.png)](https://travis-ci.org/jfryman/puppet-nginx) From f5d456adf9e03595796be8d761252b0f1de8105c Mon Sep 17 00:00:00 2001 From: James Fryman Date: Tue, 23 Sep 2014 10:41:37 -0500 Subject: [PATCH 13/14] don't need this afterall --- docs/hiera.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/docs/hiera.md b/docs/hiera.md index ebe7e139c..3a45366bc 100644 --- a/docs/hiera.md +++ b/docs/hiera.md @@ -5,18 +5,6 @@ by R.I. Pinnear to allow for a significant amount of flexibility with base configuration of the module. This is to reduce the amount of clutter starting to gather in `params.pp`, and provide a foundation for future enhancements. -## Installation - -In order to leverage `puppet-module-data`, you must add an additional -configuration item to your `hiera.yaml` file to load the new backend. Simply -add the following code block. - -``` -:backends: -... - - module_data -``` - ## Upgrading If you happen to be here because of some silly deprecation notice, it is From fad593a8f24c694cf3e8b3282855056419ebaf21 Mon Sep 17 00:00:00 2001 From: Matthew Haughton <3flex@users.noreply.github.com> Date: Tue, 23 Sep 2014 15:39:41 -0400 Subject: [PATCH 14/14] remove configtest_enable from nginx::config It will continue to be set in the main nginx class. --- manifests/config.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/config.pp b/manifests/config.pp index 14e57372c..cdd60133b 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -20,7 +20,6 @@ $confd_purge = undef, $conf_dir = undef, $conf_template = undef, - $configtest_enable = undef, $daemon_user = undef, $events_use = undef, $fastcgi_cache_inactive = undef, @@ -120,7 +119,6 @@ validate_string($fastcgi_cache_use_stale) } - validate_bool($configtest_enable) validate_bool($mail) validate_string($server_tokens) validate_string($client_max_body_size)