Page MenuHomeSoftware Heritage
Files F8391910

init.pp
No OneTemporary
Actions

init.pp
View Options

# @summary Manage NGINX
#
# Packaged NGINX
# - RHEL: EPEL or custom package
# - Debian/Ubuntu: Default Install or custom package
# - SuSE: Default Install or custom package
#
# @example Use the sensible defaults
# include nginx
#
# @param include_modules_enabled
# When set, nginx will include module configurations files installed in the
# /etc/nginx/modules-enabled directory.
#
# @param passenger_package_name
# The name of the package to install in order for the passenger module of
# nginx being usable.
#
# @param nginx_version
# The version of nginx installed (or being installed).
# Unfortunately, different versions of nginx may need configuring
# differently. The default is derived from the version of nginx
# already installed. If the fact is unavailable, it defaults to '1.6.0'.
# You may need to set this manually to get a working and idempotent
# configuration.
#
# @param debug_connections
# Configures nginx `debug_connection` lines in the `events` section of the nginx config.
# See http://nginx.org/en/docs/ngx_core_module.html#debug_connection
#
# @param service_config_check
# whether to en- or disable the config check via nginx -t on config changes
#
# @param service_config_check_command
# Command to execute to validate the generated configuration.
#
# @param reset_timedout_connection
# Enables or disables resetting timed out connections and connections closed
# with the non-standard code 444.
#
class nginx (
### START Nginx Configuration ###
Variant[Stdlib::Absolutepath, Boolean] $client_body_temp_path = $nginx::params::client_body_temp_path,
Boolean $confd_only = false,
Boolean $confd_purge = false,
$conf_dir = $nginx::params::conf_dir,
Optional[Enum['on', 'off']] $daemon = undef,
$daemon_user = $nginx::params::daemon_user,
$daemon_group = undef,
Array[String] $dynamic_modules = [],
$global_owner = $nginx::params::global_owner,
$global_group = $nginx::params::global_group,
$global_mode = $nginx::params::global_mode,
Optional[Variant[String[1], Array[String[1]]]] $limit_req_zone = undef,
Stdlib::Absolutepath $log_dir = $nginx::params::log_dir,
String[1] $log_user = $nginx::params::log_user,
String[1] $log_group = $nginx::params::log_group,
Stdlib::Filemode $log_mode = $nginx::params::log_mode,
Variant[String, Array[String]] $http_access_log = "${log_dir}/${nginx::params::http_access_log_file}",
Optional[String] $http_format_log = undef,
Variant[String, Array[String]] $nginx_error_log = "${log_dir}/${nginx::params::nginx_error_log_file}",
Nginx::ErrorLogSeverity $nginx_error_log_severity = 'error',
$pid = $nginx::params::pid,
Variant[Stdlib::Absolutepath, Boolean] $proxy_temp_path = $nginx::params::proxy_temp_path,
$root_group = $nginx::params::root_group,
$run_dir = $nginx::params::run_dir,
$sites_available_owner = $nginx::params::sites_available_owner,
$sites_available_group = $nginx::params::sites_available_group,
$sites_available_mode = $nginx::params::sites_available_mode,
Boolean $super_user = $nginx::params::super_user,
$temp_dir = $nginx::params::temp_dir,
Boolean $server_purge = false,
Boolean $include_modules_enabled = $nginx::params::include_modules_enabled,
# Primary Templates
$conf_template = 'nginx/conf.d/nginx.conf.erb',
### START Nginx Configuration ###
Optional[Enum['on', 'off']] $absolute_redirect = undef,
Enum['on', 'off'] $accept_mutex = 'on',
$accept_mutex_delay = '500ms',
$client_body_buffer_size = '128k',
String $client_max_body_size = '10m',
$client_body_timeout = '60s',
$send_timeout = '60s',
$lingering_timeout = '5s',
Optional[Enum['on','off','always']] $lingering_close = undef,
Optional[String[1]] $lingering_time = undef,
Optional[Enum['on', 'off']] $etag = undef,
Optional[String] $events_use = undef,
Array[Nginx::DebugConnection] $debug_connections = [],
String $fastcgi_cache_inactive = '20m',
Optional[String] $fastcgi_cache_key = undef,
String $fastcgi_cache_keys_zone = 'd3:100m',
String $fastcgi_cache_levels = '1',
String $fastcgi_cache_max_size = '500m',
Optional[String] $fastcgi_cache_path = undef,
Optional[String] $fastcgi_cache_use_stale = undef,
Enum['on', 'off'] $gzip = 'off',
$gzip_buffers = undef,
$gzip_comp_level = 1,
$gzip_disable = 'msie6',
$gzip_min_length = 20,
$gzip_http_version = 1.1,
$gzip_proxied = 'off',
$gzip_types = undef,
Enum['on', 'off'] $gzip_vary = 'off',
Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
Optional[Variant[Hash, Array]] $http_cfg_prepend = undef,
Optional[Variant[Hash, Array]] $http_cfg_append = undef,
Optional[Variant[Array[String], String]] $http_raw_prepend = undef,
Optional[Variant[Array[String], String]] $http_raw_append = undef,
Enum['on', 'off'] $http_tcp_nodelay = 'on',
Enum['on', 'off'] $http_tcp_nopush = 'off',
$keepalive_timeout = '65s',
$keepalive_requests = '100',
$log_format = {},
Boolean $mail = false,
Variant[String, Boolean] $mime_types_path = 'mime.types',
Boolean $stream = false,
String $multi_accept = 'off',
Integer $names_hash_bucket_size = 64,
Integer $names_hash_max_size = 512,
$nginx_cfg_prepend = false,
String $proxy_buffers = '32 4k',
String $proxy_buffer_size = '8k',
String $proxy_cache_inactive = '20m',
String $proxy_cache_keys_zone = 'd2:100m',
String $proxy_cache_levels = '1',
String $proxy_cache_max_size = '500m',
Optional[Variant[Hash, String]] $proxy_cache_path = undef,
Optional[Integer] $proxy_cache_loader_files = undef,
Optional[String] $proxy_cache_loader_sleep = undef,
Optional[String] $proxy_cache_loader_threshold = undef,
Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
$proxy_connect_timeout = '90s',
Integer $proxy_headers_hash_bucket_size = 64,
Optional[String] $proxy_http_version = undef,
$proxy_read_timeout = '90s',
$proxy_redirect = undef,
$proxy_send_timeout = '90s',
Array $proxy_set_header = [
'Host $host',
'X-Real-IP $remote_addr',
'X-Forwarded-For $proxy_add_x_forwarded_for',
'Proxy ""',
],
Array $proxy_hide_header = [],
Array $proxy_pass_header = [],
Array $proxy_ignore_header = [],
Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
Enum['on', 'off'] $sendfile = 'on',
Enum['on', 'off'] $server_tokens = 'on',
Enum['on', 'off'] $spdy = 'off',
Enum['on', 'off'] $http2 = 'off',
Enum['on', 'off'] $ssl_stapling = 'off',
Enum['on', 'off'] $ssl_stapling_verify = 'off',
Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
Boolean $manage_snippets_dir = true,
$types_hash_bucket_size = '512',
$types_hash_max_size = '1024',
Integer $worker_connections = 1024,
Enum['on', 'off'] $ssl_prefer_server_ciphers = 'on',
Variant[Integer, Enum['auto']] $worker_processes = 'auto',
Integer $worker_rlimit_nofile = 1024,
Optional[Enum['on', 'off']] $pcre_jit = undef,
String $ssl_protocols = 'TLSv1 TLSv1.1 TLSv1.2',
String $ssl_ciphers = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS', # lint:ignore:140chars
Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
Optional[String] $ssl_ecdh_curve = undef,
String $ssl_session_cache = 'shared:SSL:10m',
String $ssl_session_timeout = '5m',
Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,
Optional[String] $ssl_buffer_size = undef,
Optional[Stdlib::Absolutepath] $ssl_crl = undef,
Optional[Stdlib::Absolutepath] $ssl_stapling_file = undef,
Optional[String] $ssl_stapling_responder = undef,
Optional[Stdlib::Absolutepath] $ssl_trusted_certificate = undef,
Optional[Integer] $ssl_verify_depth = undef,
Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
### START Package Configuration ###
$package_ensure = present,
$package_name = $nginx::params::package_name,
$package_source = 'nginx',
$package_flavor = undef,
Boolean $manage_repo = $nginx::params::manage_repo,
Hash[String[1], String[1]] $mime_types = $nginx::params::mime_types,
Boolean $mime_types_preserve_defaults = false,
Optional[String] $repo_release = undef,
$passenger_package_ensure = 'present',
String[1] $passenger_package_name = $nginx::params::passenger_package_name,
Optional[Stdlib::HTTPUrl] $repo_source = undef,
### END Package Configuration ###
### START Service Configuation ###
Stdlib::Ensure::Service $service_ensure = 'running',
$service_enable = true,
$service_flags = undef,
$service_restart = undef,
$service_name = 'nginx',
$service_manage = true,
Boolean $service_config_check = false,
String $service_config_check_command = 'nginx -t',
### END Service Configuration ###
### START Hiera Lookups ###
Hash $geo_mappings = {},
Hash $geo_mappings_defaults = {},
Hash $string_mappings = {},
Hash $string_mappings_defaults = {},
Hash $nginx_locations = {},
Hash $nginx_locations_defaults = {},
Hash $nginx_mailhosts = {},
Hash $nginx_mailhosts_defaults = {},
Hash $nginx_servers = {},
Hash $nginx_servers_defaults = {},
Hash $nginx_streamhosts = {},
Hash $nginx_streamhosts_defaults = {},
Hash $nginx_upstreams = {},
Nginx::UpstreamDefaults $nginx_upstreams_defaults = {},
Boolean $purge_passenger_repo = true,
String[1] $nginx_version = pick(fact('nginx_version'), '1.6.0'),
### END Hiera Lookups ###
) inherits nginx::params {
contain 'nginx::package'
contain 'nginx::config'
contain 'nginx::service'
create_resources( 'nginx::resource::geo', $geo_mappings, $geo_mappings_defaults )
create_resources( 'nginx::resource::location', $nginx_locations, $nginx_locations_defaults )
create_resources( 'nginx::resource::mailhost', $nginx_mailhosts, $nginx_mailhosts_defaults )
create_resources( 'nginx::resource::map', $string_mappings, $string_mappings_defaults )
create_resources( 'nginx::resource::server', $nginx_servers, $nginx_servers_defaults )
create_resources( 'nginx::resource::streamhost', $nginx_streamhosts, $nginx_streamhosts_defaults )
create_resources( 'nginx::resource::upstream', $nginx_upstreams, $nginx_upstreams_defaults )
# Allow the end user to establish relationships to the "main" class
# and preserve the relationship to the implementation classes through
# a transitive relationship to the composite class.
Class['nginx::package'] -> Class['nginx::config'] ~> Class['nginx::service']
Class['nginx::package'] ~> Class['nginx::service']
}

File Metadata

Mime Type
text/plain
Expires
Jun 4 2025, 6:51 PM (12 w, 10 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3398841

Event Timeline

About · Developer information · Legal