diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..d955a86 --- /dev/null +++ b/LICENSE @@ -0,0 +1,11 @@ +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/Modulefile b/Modulefile new file mode 100644 index 0000000..48ceb86 --- /dev/null +++ b/Modulefile @@ -0,0 +1,11 @@ +name 'jfryman-nginx' +version '0.0.1' +source 'UNKNOWN' +author 'jfryman' +license 'UNKNOWN' +summary 'UNKNOWN' +description 'UNKNOWN' +project_page 'UNKNOWN' + +## Add dependencies, if any: +# dependency 'username/name', '>= 1.2.0' diff --git a/README b/README index e69de29..7ddc087 100644 --- a/README +++ b/README @@ -0,0 +1,19 @@ +nginx + +This is the nginx module. + +User Stories: + * Must be able to be used on a major linux system + - Ubuntu (LTS/Current) + - Debian (stable) + - CentOS/RHEL/Fedora + - SLES + - Solaris (optional goal) + * Must be able to install NGINX + - must have an option to perform a base install + - must have an option to install a PHP/MySQL Stack + - must have an option to install a Perl/MySQL stack + * Must be able to create a new vhost + - vhost must be able to be ssl enabled + - vhost must be able to point to N proxies + - vhost must be able to create a rewrite rule \ No newline at end of file diff --git a/files/README.markdown b/files/README.markdown new file mode 100644 index 0000000..be52188 --- /dev/null +++ b/files/README.markdown @@ -0,0 +1,22 @@ +Files +===== + +Puppet comes with both a client and server for copying files around. The file +serving function is provided as part of the central Puppet daemon, +puppetmasterd, and the client function is used through the source attribute of +file objects. Learn more at +http://projects.puppetlabs.com/projects/puppet/wiki/File_Serving_Configuration + +You can use managed files like this: + + class myclass { + package { mypackage: ensure => latest } + service { myservice: ensure => running } + file { "/etc/myfile": + source => "puppet://$servername/modules/mymodule/myfile" + } + } + +The files are searched for in: + + $modulepath/mymodule/files/myfile diff --git a/files/centos/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL b/files/centos/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL new file mode 100644 index 0000000..fa87c79 --- /dev/null +++ b/files/centos/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.2.6 (GNU/Linux) + +mQGiBEXopTIRBACZDBMOoFOakAjaxw1LXjeSvh/kmE35fU1rXfM7T0AV31NATCLF +l5CQiNDA4oWreDThg2Bf6+LIVTsGQb1V+XXuLak4Em5yTYwMTVB//4/nMxQEbpl/ +QB2XwlJ7EQ0vW+kiPDz/7pHJz1p1jADzd9sQQicMtzysS4qT2i5A23j0VwCg1PB/ +lpYqo0ZhWTrevxKMa1n34FcD/REavj0hSLQFTaKNLHRotRTF8V0BajjSaTkUT4uk +/RTaZ8Kr1mTosVtosqmdIAA2XHxi8ZLiVPPSezJjfElsSqOAxEKPL0djfpp2wrTm +l/1iVnX+PZH5DRKCbjdCMLDJhYap7YUhcPsMGSeUKrwmBCBJUPc6DhjFvyhA9IMl +1T0+A/9SKTv94ToP/JYoCTHTgnG5MoVNafisfe0wojP2mWU4gRk8X4dNGKMj6lic +vM6gne3hESyjcqZSmr7yELPPGhI9MNauJ6Ob8cTR2T12Fmv9w03DD3MnBstR6vhP +QcqZKhc5SJYYY7oVfxlSOfF4xfwcHQKoD5TOKwIAQ6T8jyFpKbQkRmVkb3JhIEVQ +RUwgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iGQEExECACQFAkXopTICGwMFCRLM +AwAGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQEZzANiF1IfabmQCgzvE60MnHSOBa +ZXXF7uU2Vzu8EOkAoKg9h+j0NuNom6WUYZyJQt4zc5seuQINBEXopTYQCADapnR/ +blrJ8FhlgNPl0X9S3JE/kygPbNXIqne4XBVYisVp0uzNCRUxNZq30MpY027JCs2J +nL2fMpwvx33f0phU029vrIZKA3CmnnwVsjcWfMJOVPBmVN7m5bGU68F+PdRIcDsl +PMOWRLkTBZOGolLgIbM4719fqA8etewILrX6uPvRDwywV7/sPCFpRcfNNBUY+Zx3 +5bf4fnkaCKxgXgQS3AT+hGYhlzIqQVTkGNveHTnt4SSzgAqR9sSwQwqvEfVtYNeS +w5rDguLG41HQm1Hojv59HNYjH6F/S1rClZi21bLgZbKpCFX76qPt8CTw+iQLBPPd +yoOGHfzyp7nsfhUrAAMFB/9/H9Gpk822ZpBexQW4y3LGFo9ZSnmu+ueOZPU3SqDA +DW1ovZdYzGuJTGGM9oMl6bL8eZrcUBBOFaWge5wZczIE3hx2exEOkDdvq+MUDVD1 +axmN45q/7h1NYRp5GQL2ZsoV4g9U2gMdzHOFtZCER6PP9ErVlfJpgBUCdSL93V4H +Sgpkk7znmTOklbCM6l/G/A6q4sCRqfzHwVSTiruyTBiU9lfROsAl8fjIq2OzWJ2T +P9sadBe1llUYaow7txYSUxssW+89avct35gIyrBbof5M+CBXyAOUaSWmpM2eub24 +0qbqiSr/Y6Om0t6vSzR8gRk7g+1H6IE0Tt1IJCvCAMimiE8EGBECAA8FAkXopTYC +GwwFCRLMAwAACgkQEZzANiF1IfZQYgCgiZHCv4xb+sTHCn/otc1Ovvi/OgMAnRXY +bbsLFWOfmzAnNIGvFRWy+YHi +=MMNL +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/lib/facter/README.markdown b/lib/facter/README.markdown new file mode 100644 index 0000000..2b96273 --- /dev/null +++ b/lib/facter/README.markdown @@ -0,0 +1,22 @@ +Facter +====== + +Define facts in this directory. + +Sometimes you need to be able to write conditional expressions based +on site-specific data that just isn’t available via Facter. The +solution may be to add a fact to Facter. These additional facts can +then be distributed to Puppet clients and are available for use in +manifests. Learn more at +http://projects.puppetlabs.com/projects/puppet/wiki/Adding_Facts + +File paths should match the fact name; for example, a fact +`hardware_platform`, defined like this: + + Facter.add("hardware_platform") do + setcode do + %x{/bin/uname -i}.chomp + end + end + +Should be found in `hardware_platform.rb` in this directory. diff --git a/lib/puppet/parser/functions/README.markdown b/lib/puppet/parser/functions/README.markdown new file mode 100644 index 0000000..15d7495 --- /dev/null +++ b/lib/puppet/parser/functions/README.markdown @@ -0,0 +1,17 @@ +Functions +========= + +Define functions in this directory. + +File paths should match the function name; for example, a function +`myfunction`, defined like this: + + Puppet::Parser::Functions::newfunction( + :myfunction, + :type => :statement, + :doc => "Documentation here." + ) do |vals| + # ... + end + +Should be found in `myfunction.rb` in this directory. diff --git a/lib/puppet/provider/README.markdown b/lib/puppet/provider/README.markdown new file mode 100644 index 0000000..27aa1a9 --- /dev/null +++ b/lib/puppet/provider/README.markdown @@ -0,0 +1,14 @@ +Providers +========= + +Define providers under this directory. + +File paths should match the resource type name and provider name; for +example, a provider `myprovider` for a resource type `mytype`, defined like this: + + Puppet::Type.type(:mytype).provide(:myprovider) do + desc "Documentation here" + # ... + end + +Should be found in `mytype/myprovider.rb` under this directory. diff --git a/lib/puppet/type/README.markdown b/lib/puppet/type/README.markdown new file mode 100644 index 0000000..7a169c7 --- /dev/null +++ b/lib/puppet/type/README.markdown @@ -0,0 +1,14 @@ +Resource Types +============== + +Define resource types in this directory. + +Filenames should match the resource type name; for example, a resource +type `mytype`, defined like this: + + Puppet::Type.newtype(:mytype) do + @doc = "Documentation here." + # ... + end + +Should be found in `mytype.rb` diff --git a/manifests/README.markdown b/manifests/README.markdown new file mode 100644 index 0000000..bbf645a --- /dev/null +++ b/manifests/README.markdown @@ -0,0 +1,28 @@ +Manifests +========= + +Module manifest files belong in this directory. + +`init.pp` defines how the module will carry out its tasks in this file. + +Add additional definitions in this directory. Their file paths should match the +definition name; for example, a definition `mydefinition`, defined like this: + + # Definition: mydefinition + # + # This is the mydefinition in the mymodule module. + # + # Parameters: + # + # Actions: + # + # Requires: + # + # Sample Usage: + # + # [Remember: No empty lines between comments and class definition] + define mydefinition { + # ... + } + +Should be found in `mydefinition.pp` in this directory. diff --git a/manifests/config.pp b/manifests/config.pp new file mode 100644 index 0000000..36125b6 --- /dev/null +++ b/manifests/config.pp @@ -0,0 +1,32 @@ +class nginx::config { + $daemon_user = $operatingsystem ? { + /(debian|ubuntu)/ => 'www-data', + /(fedora|rhel|centos)/ => 'nginx', + } + user { $daemon_user: + ensure => present, + } + group { $daemon_user: + ensure => present, + } + file { '/etc/nginx/nginx.conf': + ensure => file, + owner => 'root', + group => 'root', + content => template('nginx/nginx.conf.erb'), + require => Class['nginx::install'], + notify => Class['nginx::service'], + } + file { '/etc/nginx/sites-available': + ensure => directory, + owner => 'root', + group => 'root', + require => Class['nginx::install'], + } + file { '/etc/nginx/sites-enabled': + ensure => directory, + owner => 'root', + group => 'root', + require => Class['nginx::install'], + } +} \ No newline at end of file diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..f07ab16 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,16 @@ +# Class: nginx +# +# This module manages nginx +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# [Remember: No empty lines between comments and class definition] +class nginx { + include nginx::service, nginx::install, nginx::config, +} diff --git a/manifests/install.pp b/manifests/install.pp new file mode 100644 index 0000000..c8d2654 --- /dev/null +++ b/manifests/install.pp @@ -0,0 +1,12 @@ +class nginix::install { + + # prepopulating a potential install for non-Linux distros. + $package = $operatingsystem ? { + /(ubuntu|debian|centos|fedora|rhel)/ => 'nginx' + } + + package { $package: + name => 'nginx', + ensure => installed, + } +} \ No newline at end of file diff --git a/manifests/params.pp b/manifests/params.pp new file mode 100644 index 0000000..1bf7c6d --- /dev/null +++ b/manifests/params.pp @@ -0,0 +1,28 @@ +# Defines a default install from package. Update as appropriate for base install. +####################################################################### +# +# This is the main Nginx configuration file. +# +# More information about the configuration options is available on +# * the English wiki - http://wiki.nginx.org/Main +# * the Russian documentation - http://sysoev.ru/nginx/ +# +####################################################################### + +class nginx::params { + $worker_processes = 1 + $worker_connections = 1024 + $multi_accept = off + $sendfile = on + $keepalive_timeout = 65 + $tcp_nodelay = on + $gzip = on + + # Setup OS Specific Logging Directories and PID files. + case $kernel { + default { + $log_dir = '/var/log/nginx' + $pid = '/var/run/nginx.pid' + } + } +} \ No newline at end of file diff --git a/manifests/service.pp b/manifests/service.pp new file mode 100644 index 0000000..623b576 --- /dev/null +++ b/manifests/service.pp @@ -0,0 +1,9 @@ +class nginix::service { + service { "nginx": + ensure => running, + enable => true, + hasstatus => true, + hasrestart => true, + require => Class['nginx::install'], + } +} \ No newline at end of file diff --git a/manifests/vhost.pp b/manifests/vhost.pp new file mode 100644 index 0000000..aa6b4e5 --- /dev/null +++ b/manifests/vhost.pp @@ -0,0 +1,25 @@ +define nginx::vhost( + $listen = '*', + $listen_port, + $www_root, + $ssl = 'off', + $ssl_cert, + $ssl_key, + $location, + $state = 'enable', +) { + file { "/etc/nginx/sites-available/${name}": + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => template('nginx/vhost.erb') + } + file { "/etc/nginx/sites-enabled/${name}": + ensure => $state ? { + 'disable' => absent, + default => 'symlink', + } + target => "/etc/nginx/sites-available/${name}", + } +} \ No newline at end of file diff --git a/metadata.json b/metadata.json new file mode 100644 index 0000000..8ce7797 --- /dev/null +++ b/metadata.json @@ -0,0 +1,12 @@ +/* ++-----------------------------------------------------------------------+ +| | +| ==> DO NOT EDIT THIS FILE! <== | +| | +| You should edit the `Modulefile` and run `puppet-module build` | +| to generate the `metadata.json` file for your releases. | +| | ++-----------------------------------------------------------------------+ +*/ + +{} diff --git a/spec/README.markdown b/spec/README.markdown new file mode 100644 index 0000000..286d341 --- /dev/null +++ b/spec/README.markdown @@ -0,0 +1,7 @@ +Specs +===== + +The Puppet project uses RSpec for testing. + +For more information on RSpec, see http://rspec.info/ + diff --git a/spec/spec.opts b/spec/spec.opts new file mode 100644 index 0000000..91cd642 --- /dev/null +++ b/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..a4aeeae --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,18 @@ +require 'pathname' +dir = Pathname.new(__FILE__).parent +$LOAD_PATH.unshift(dir, dir + 'lib', dir + '../lib') + +require 'mocha' +require 'puppet' +gem 'rspec', '=1.2.9' +require 'spec/autorun' + +Spec::Runner.configure do |config| + config.mock_with :mocha +end + +# We need this because the RAL uses 'should' as a method. This +# allows us the same behaviour but with a different method name. +class Object + alias :must :should +end diff --git a/spec/unit/puppet/provider/README.markdown b/spec/unit/puppet/provider/README.markdown new file mode 100644 index 0000000..7025850 --- /dev/null +++ b/spec/unit/puppet/provider/README.markdown @@ -0,0 +1,4 @@ +Provider Specs +============== + +Define specs for your providers under this directory. diff --git a/spec/unit/puppet/type/README.markdown b/spec/unit/puppet/type/README.markdown new file mode 100644 index 0000000..1ee19ac --- /dev/null +++ b/spec/unit/puppet/type/README.markdown @@ -0,0 +1,4 @@ +Resource Type Specs +=================== + +Define specs for your resource types in this directory. diff --git a/templates/README.markdown b/templates/README.markdown new file mode 100644 index 0000000..575bbea --- /dev/null +++ b/templates/README.markdown @@ -0,0 +1,23 @@ +Templates +========= + +Puppet supports templates and templating via ERB, which is part of the Ruby +standard library and is used for many other projects including Ruby on Rails. +Templates allow you to manage the content of template files, for example +configuration files that cannot yet be managed as a Puppet type. Learn more at +http://projects.puppetlabs.com/projects/puppet/wiki/Puppet_Templating + +You can use templates like this: + + class myclass { + package { mypackage: ensure => latest } + service { myservice: ensure => running } + file { "/etc/myfile": + content => template("mymodule/myfile.erb") + } + } + +The templates are searched for in: + + $templatedir/mymodule/myfile.erb + $modulepath/mymodule/templates/myfile.erb diff --git a/templates/nginx.conf.erb b/templates/nginx.conf.erb new file mode 100644 index 0000000..08c92a2 --- /dev/null +++ b/templates/nginx.conf.erb @@ -0,0 +1,35 @@ +user <%= scope.lookupvar('nginx::config::daemon_user') %>; +worker_processes <%= scope.lookupvar('nginx::params::worker_processes')%>; + +error_log <%= scope.lookupvar('nginx::params::log_dir')%>/error.log; +pid <%= scope.lookupvar('nginx::params::pid')%>; + +events { + worker_connections <%= scope.lookupvar('nginx::params::worker_connections') %>; + <% if scope.lookupvar('nginx::params::multi_accept' == 'on') %> + multi_accept on; + <% end %> +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + access_log <%= scope.lookupvar('nginx::params::log_dir')%>/access.log; + + sendfile <%= scope.lookupvar('nginx::params::sendfile')%>; + <% if scope.lookupvar('nginx::params::tcp_nopush' == 'on') %> + tcp_nopush on; + <% end %> + + keepalive_timeout <%= scope.lookupvar('nginx::params::keepalive_timeout')%>; + tcp_nodelay <%= scope.lookupvar('nginx::params::tcp_nodelay')%>; + + <% if scope.lookupvar('nginx::params::gzip' == 'on') %> + gzip on; + gzip_disable "MSIE [1-6]\.(?!.*SV1)"; + <% end %> + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} \ No newline at end of file diff --git a/templates/vhost.pp b/templates/vhost.pp new file mode 100644 index 0000000..0f37925 --- /dev/null +++ b/templates/vhost.pp @@ -0,0 +1,36 @@ +server { + + listen <%= listen %>; ## listen for ipv4 + listen [::]:80 default ipv6only=on; ## listen for ipv6 + + server_name <%= name %>; + + access_log <%= scope.lookupvar('nginx::params::log_dir')%>/<%= name %>.access.log; + + location / { + root <%= www_root %>; + index index.html index.htm; + } +} + +<% if ssl == 'on' %> +server { + listen 443; + server_name <%= name %>; + + ssl on; + ssl_certificate <%= ssl_cert %>; + ssl_certificate_key <%= ssl_key %>; + + ssl_session_timeout 5m; + + ssl_protocols SSLv3 TLSv1; + ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; + ssl_prefer_server_ciphers on; + + location / { + root <%= www_root %>; + index index.html index.htm; + } +} +<% end %> \ No newline at end of file diff --git a/tests/init.pp b/tests/init.pp new file mode 100644 index 0000000..47b61b0 --- /dev/null +++ b/tests/init.pp @@ -0,0 +1,2 @@ +include nginx + diff --git a/tests/vhost.pp b/tests/vhost.pp new file mode 100644 index 0000000..642ba31 --- /dev/null +++ b/tests/vhost.pp @@ -0,0 +1,7 @@ +include nginix + +nginix::vhost { 'www.test.com': + port => '80', + webroot => "/opt/www/test", + ssl => false, +} \ No newline at end of file