diff --git a/templates/server/server_header.erb b/templates/server/server_header.erb index 39b4525..10c911a 100644 --- a/templates/server/server_header.erb +++ b/templates/server/server_header.erb @@ -1,197 +1,197 @@ # MANAGED BY PUPPET <% if @rewrite_www_to_non_www || @rewrite_non_www_to_www -%> <%- @server_name.each do |s| -%> server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- if @listen_unix_socket_enable -%> <%- if @listen_unix_socket.is_a?(Array) then -%> <%- @listen_unix_socket.each do |unix_socket| -%> listen unix:<%= unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>; <%- end -%> <%- else -%> listen unix:<%= @listen_unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>; <%- end -%> <%- end -%> <%= scope.function_template(["nginx/server/server_ipv6_listen.erb"]) %> <%- if @rewrite_www_to_non_www -%> server_name www.<%= s.gsub(/^www\./, '') %>; <%- if @ssl_redirect or @ssl_only -%> return 301 https://<%= s.gsub(/^www\./, '') %><% if @_ssl_redirect_port.to_i != 443 %>:<%= @_ssl_redirect_port %><% end %>$request_uri; <%- else -%> return 301 http://<%= s.gsub(/^www\./, '') %>$request_uri; <%- end -%> <%- elsif @rewrite_non_www_to_www -%> server_name <%= s %>; <%- if @ssl_redirect or @ssl_only -%> return 301 https://www.<%= s %><% if @_ssl_redirect_port.to_i != 443 %>:<%= @_ssl_redirect_port %><% end %>$request_uri; <%- else -%> return 301 http://www.<%= s %>$request_uri; <%- end -%> <%- end -%> } <% end -%> <% end -%> server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- if @listen_unix_socket_enable -%> <%- if @listen_unix_socket.is_a?(Array) then -%> <%- @listen_unix_socket.each do |unix_socket| -%> listen unix:<%= unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>; <%- end -%> <%- else -%> listen unix:<%= @listen_unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>; <%- end -%> <%- end -%> <%= scope.function_template(["nginx/server/server_ipv6_listen.erb"]) %> <%- if @rewrite_www_to_non_www -%> server_name <%= @server_name.join(" ").gsub(/(^| )(www\.)?(?=[a-z0-9])/, '') %>; <%- elsif @rewrite_non_www_to_www -%> server_name <%= @server_name.join(" ").gsub(/(^| )(?=[a-z0-9])/, 'www.') %>; <%- else %> server_name <%= @server_name.join(" ") %>; <%- end -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%> <%- if defined? @auth_basic -%> auth_basic "<%= @auth_basic %>"; <%- end -%> <%- if defined? @auth_basic_user_file -%> auth_basic_user_file <%= @auth_basic_user_file %>; <%- end -%> <% end -%> <%- if defined? @auth_request -%> auth_request <%= @auth_request %>; <%- end -%> <% if instance_variables.any? { |iv| iv.to_s.include? 'client_' } -%> <%- if defined? @client_body_timeout -%> client_body_timeout <%= @client_body_timeout %>; <%- end -%> <%- if defined? @client_header_timeout -%> client_header_timeout <%= @client_header_timeout %>; <%- end -%> <%- if defined? @client_max_body_size -%> client_max_body_size <%= @client_max_body_size %>; <%- end -%> <% end -%> <% if defined? @gzip_types -%> gzip_types <%= @gzip_types %>; <% end -%> <% if defined? @gzip_static -%> gzip_static <%= @gzip_static %>; <% end -%> <%# make sure that allow comes before deny by forcing the allow key (if it -%> <%# exists) to be first in the output order. The hash keys also need to be -%> <%# sorted so that the ordering is stable. -%> <% if @server_cfg_prepend -%> <%- @server_cfg_prepend.sort_by{ |k, v| k.to_s == 'allow' ? '' : k.to_s }.each do |key,value| -%> <%- if value.is_a?(Hash) -%> <%- value.sort_by {|k,v| k}.each do |subkey,subvalue| -%> <%- Array(subvalue).each do |asubvalue| -%> <%= key %> <%= subkey %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- else -%> <%- Array(value).each do |asubvalue| -%> <%= key %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- end -%> <% end -%> <% Array(@raw_prepend).each do |line| -%> <%= line %> <% end %> <% if @root -%> root <%= @root %>; <% end -%> <% if @passenger_cgi_param -%> <%- @passenger_cgi_param.keys.sort.each do |key| -%> passenger_set_cgi_param <%= key %> <%= @passenger_cgi_param[key] %>; <%- end -%> <% end -%> <% if @passenger_set_header -%> <%- @passenger_set_header.keys.sort.each do |key| -%> passenger_set_header <%= key %> <%= @passenger_set_header[key] %>; <%- end -%> <% end -%> <% if @passenger_env_var -%> <%- @passenger_env_var.keys.sort.each do |key| -%> passenger_env_var <%= key %> <%= @passenger_env_var[key] %>; <%- end -%> <% end -%> <% if Array(@resolver).count > 0 -%> resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>; <% end -%> -<%= scope.function_template(["nginx/server/locations/headers.erb"]) %> + <%= scope.function_template(["nginx/server/locations/headers.erb"]) %> <% if @maintenance -%> <%= @maintenance_value %>; <% end -%> <% if @index_files and @index_files.count > 0 and not @ssl_only -%> index <% Array(@index_files).each do |i| %> <%= i %><% end %>; <% end -%> <% if defined? @autoindex -%> autoindex <%= @autoindex %>; <% end -%> <% if defined? @autoindex_exact_size -%> autoindex_exact_size <%= @autoindex_exact_size %>; <% end -%> <% if defined? @autoindex_format -%> autoindex_format <%= @autoindex_format %>; <% end -%> <% if defined? @autoindex_localtime -%> autoindex_localtime <%= @autoindex_localtime %>; <% end -%> <% if defined? @log_by_lua -%> log_by_lua '<%= @log_by_lua %>'; <% end -%> <% if defined? @log_by_lua_file -%> log_by_lua_file "<%= @log_by_lua_file %>"; <% end -%> <% if @absolute_redirect -%> absolute_redirect <%= @absolute_redirect %>; <% end -%> <% if @access_log.is_a?(Array) -%> <%- @access_log.each do |log_item| -%> access_log <%= log_item %> <%= @format_log %>; <%- end -%> <% elsif @access_log == 'absent' -%> <% elsif @access_log == 'off' -%> access_log off; <% elsif not @access_log -%> access_log <%= scope['::nginx::config::log_dir'] %>/<%= @name_sanitized %>.access.log <%= @format_log %>; <% else -%> access_log <%= @access_log %> <%= @format_log %>; <% end -%> <% if @error_log.is_a?(Array) -%> <%- @error_log.each do |log_item| -%> error_log <%= log_item %>; <%- end -%> <% elsif @error_log == 'absent' -%> <% elsif not @error_log -%> error_log <%= scope['::nginx::config::log_dir'] %>/<%= @name_sanitized %>.error.log; <% else -%> error_log <%= @error_log %>; <% end -%> <% if @error_pages -%> <%- @error_pages.keys.sort.each do |key| -%> error_page <%= key %> <%= @error_pages[key] %>; <%- end -%> <% end -%> <% if @ssl_redirect -%> location / { return 301 https://$host<% if @_ssl_redirect_port.to_i != 443 %>:<%= @_ssl_redirect_port %><% end %>$request_uri; } <% end -%> diff --git a/templates/server/server_ssl_header.erb b/templates/server/server_ssl_header.erb index 7c9c8c4..6ea1700 100644 --- a/templates/server/server_ssl_header.erb +++ b/templates/server/server_ssl_header.erb @@ -1,172 +1,172 @@ # MANAGED BY PUPPET <% if @rewrite_www_to_non_www || @rewrite_non_www_to_www -%> <%- @server_name.each do |s| -%> server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> listen <%= ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%= scope.function_template(["nginx/server/server_ssl_ipv6_listen.erb"]) %> <%- if @rewrite_www_to_non_www -%> server_name www.<%= s.gsub(/^www\./, '') %>; return 301 https://<%= s.gsub(/^www\./, '') %>$request_uri; <%- elsif @rewrite_non_www_to_www %> server_name <%= s.gsub(/^www\./, '') %>; return 301 https://www.<%= s %>$request_uri; <%- end -%> <%= scope.function_template(["nginx/server/server_ssl_settings.erb"]) %> } <% end -%> <% end -%> server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> listen <%= ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%= scope.function_template(["nginx/server/server_ssl_ipv6_listen.erb"]) %> <%- if @rewrite_www_to_non_www -%> server_name <%= @server_name.join(" ").gsub(/(^| )(www\.)?(?=[a-z0-9])/, '') %>; <%- elsif @rewrite_non_www_to_www -%> server_name <%= @server_name.join(" ").gsub(/(^| )(?=[a-z0-9])/, 'www.') %>; <%- else %> server_name <%= @server_name.join(" ") %>; <%- end -%> <%= scope.function_template(["nginx/server/server_ssl_settings.erb"]) %> <% if @maintenance -%> <%= @maintenance_value %>; <% end -%> <% if Array(@resolver).count > 0 -%> resolver <% Array(@resolver).each do |r| %> <%= r %><% end %>; <% end -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%> <% if defined? @auth_basic -%> auth_basic "<%= @auth_basic %>"; <% end -%> <%- if defined? @auth_basic_user_file -%> auth_basic_user_file "<%= @auth_basic_user_file %>"; <% end -%> <%- end -%> <%- if defined? @auth_request -%> auth_request <%= @auth_request %>; <%- end -%> <%- if instance_variables.any? { |iv| iv.to_s.include? 'client_' } -%> <%- if defined? @client_body_timeout -%> client_body_timeout <%= @client_body_timeout %>; <%- end -%> <%- if defined? @client_header_timeout -%> client_header_timeout <%= @client_header_timeout %>; <%- end -%> <%- if defined? @client_max_body_size -%> client_max_body_size <%= @client_max_body_size %>; <%- end -%> <% end -%> <% if defined? @gzip_types -%> gzip_types <%= @gzip_types %>; <% end -%> <% if defined? @gzip_static -%> gzip_static <%= @gzip_static %>; <% end -%> <% if @index_files and @index_files.count > 0 -%> index <% Array(@index_files).each do |i| %> <%= i %><% end %>; <% end -%> <% if defined? @autoindex -%> autoindex <%= @autoindex %>; <% end -%> <% if defined? @autoindex_exact_size -%> autoindex_exact_size <%= @autoindex_exact_size %>; <% end -%> <% if defined? @autoindex_format -%> autoindex_format <%= @autoindex_format %>; <% end -%> <% if defined? @autoindex_localtime -%> autoindex_localtime <%= @autoindex_localtime %>; <% end -%> <% if @absolute_redirect -%> absolute_redirect <%= @absolute_redirect %>; <% end -%> <% if @access_log.is_a?(Array) -%> <%- @access_log.each do |log_item| -%> access_log <%= log_item %> <%= @format_log %>; <%- end -%> <% elsif @access_log == 'absent' -%> <% elsif @access_log == 'off' -%> access_log off; <% elsif not @access_log -%> access_log <%= scope['::nginx::config::log_dir'] %>/ssl-<%= @name_sanitized %>.access.log <%= @format_log %>; <% else -%> access_log <%= @access_log %> <%= @format_log %>; <% end -%> <% if @error_log.is_a?(Array) -%> <%- @error_log.each do |log_item| -%> error_log <%= log_item %>; <%- end -%> <% elsif @error_log == 'absent' -%> <% elsif not @error_log -%> error_log <%= scope['::nginx::config::log_dir'] %>/ssl-<%= @name_sanitized %>.error.log; <% else -%> error_log <%= @error_log %>; <% end -%> <% if @error_pages -%> <%- @error_pages.keys.sort.each do |key| -%> error_page <%= key %> <%= @error_pages[key] %>; <%- end -%> <% end -%> <% if @server_cfg_prepend -%> <%- @server_cfg_prepend.sort_by{ |k, v| k.to_s == 'allow' ? '' : k.to_s }.each do |key,value| -%> <%- if value.is_a?(Hash) -%> <%- value.sort_by {|k,v| k}.each do |subkey,subvalue| -%> <%- Array(subvalue).each do |asubvalue| -%> <%= key %> <%= subkey %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- else -%> <%- Array(value).each do |asubvalue| -%> <%= key %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- end -%> <% end -%> <% if @server_cfg_ssl_prepend -%> <%- @server_cfg_ssl_prepend.sort_by{ |k, v| k.to_s == 'allow' ? '' : k.to_s }.each do |key,value| -%> <%- if value.is_a?(Hash) -%> <%- value.sort_by {|k,v| k}.each do |subkey,subvalue| -%> <%- Array(subvalue).each do |asubvalue| -%> <%= key %> <%= subkey %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- else -%> <%- Array(value).each do |asubvalue| -%> <%= key %> <%= asubvalue %>; <%- end -%> <%- end -%> <%- end -%> <% end -%> <% Array(@raw_prepend).each do |line| -%> <%= line %> <% end -%> <% if @root -%> root <%= @root %>; <% end -%> <% Array(@passenger_cgi_param).each do |key,value| -%> passenger_set_cgi_param <%= key %> <%= value %>; <% end -%> <% Array(@passenger_set_header).each do |key,value| -%> passenger_set_header <%= key %> <%= value %>; <% end -%> <% Array(@passenger_env_var).each do |key,value| -%> passenger_env_var <%= key %> <%= value %>; <% end -%> -<%= scope.function_template(["nginx/server/locations/headers.erb"]) %> + <%= scope.function_template(["nginx/server/locations/headers.erb"]) %>