diff --git a/.github/workflows/kitchen.vagrant.yml b/.github/workflows/kitchen.vagrant.yml
new file mode 100644
index 0000000..9d34048
--- /dev/null
+++ b/.github/workflows/kitchen.vagrant.yml
@@ -0,0 +1,41 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: 'Kitchen Vagrant (FreeBSD)'
+'on': ['push', 'pull_request']
+
+env:
+ KITCHEN_LOCAL_YAML: 'kitchen.vagrant.yml'
+
+jobs:
+ test:
+ runs-on: 'macos-10.15'
+ strategy:
+ fail-fast: false
+ matrix:
+ instance:
+ - default-freebsd-130-master-py3
+ # - freebsd-130-master-py3
+ - default-freebsd-122-master-py3
+ # - freebsd-122-master-py3
+ - default-freebsd-114-master-py3
+ # - freebsd-114-master-py3
+ # - default-freebsd-130-3002-6-py3
+ # - default-freebsd-122-3002-6-py3
+ # - default-freebsd-114-3002-6-py3
+ steps:
+ - name: 'Check out code'
+ uses: 'actions/checkout@v2'
+ - name: 'Set up Bundler cache'
+ uses: 'actions/cache@v1'
+ with:
+ path: 'vendor/bundle'
+ key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}"
+ restore-keys: "${{ runner.os }}-gems-"
+ - name: 'Run Bundler'
+ run: |
+ ruby --version
+ bundle config path vendor/bundle
+ bundle install --jobs 4 --retry 3
+ - name: 'Run Test Kitchen'
+ run: 'bundle exec kitchen verify ${{ matrix.instance }}'
diff --git a/.gitignore b/.gitignore
index 6995110..94f77a8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -91,6 +91,9 @@ celerybeat-schedule
venv/
ENV/
+# visual studio
+.vs/
+
# Spyder project settings
.spyderproject
.spyproject
@@ -120,3 +123,11 @@ docs/*.md
Dockerfile.*_*
ignore/
tmp/
+
+# `salt-formula` -- Vagrant Specific files
+.vagrant
+top.sls
+
+# `suricata-formula` -- Platform binaries
+*.rpm
+*.deb
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2f263f1..2776168 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -46,7 +46,7 @@ variables:
DOCKER_DRIVER: 'overlay2'
###############################################################################
-# `lint` stage: `commitlint` & `pre-commit`
+# `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed)
###############################################################################
commitlint:
stage: *stage_lint
@@ -123,35 +123,129 @@ rubocop:
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
-default-debian-10-master-py3: {extends: '.test_instance'}
+# default-debian-10-tiamat-py3: {extends: '.test_instance'}
+# default-debian-9-tiamat-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
+# default-centos-8-tiamat-py3: {extends: '.test_instance'}
+# default-centos-7-tiamat-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
+# default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
+# default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
+# default-debian-10-master-py3: {extends: '.test_instance'}
+# passenger-debian-10-master-py3: {extends: '.test_instance'}
+debian-10-master-py3: {extends: '.test_instance'}
+# default-debian-9-master-py3: {extends: '.test_instance'}
+# passenger-debian-9-master-py3: {extends: '.test_instance'}
+debian-9-master-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-master-py3: {extends: '.test_instance'}
+# passenger-ubuntu-2004-master-py3: {extends: '.test_instance'}
+ubuntu-2004-master-py3: {extends: '.test_instance'}
# default-ubuntu-1804-master-py3: {extends: '.test_instance'}
+# passenger-ubuntu-1804-master-py3: {extends: '.test_instance'}
+ubuntu-1804-master-py3: {extends: '.test_instance'}
# default-centos-8-master-py3: {extends: '.test_instance'}
-# default-fedora-31-master-py3: {extends: '.test_instance'}
-# default-opensuse-leap-151-master-py3: {extends: '.test_instance'}
-# default-amazonlinux-2-master-py3: {extends: '.test_instance'}
-# default-debian-10-2019-2-py3: {extends: '.test_instance'}
-# default-debian-9-2019-2-py3: {extends: '.test_instance'}
-default-ubuntu-1804-2019-2-py3: {extends: '.test_instance'}
-default-centos-8-2019-2-py3: {extends: '.test_instance'}
-# default-fedora-31-2019-2-py3: {extends: '.test_instance'}
-# default-opensuse-leap-151-2019-2-py3: {extends: '.test_instance'}
-# default-centos-7-2019-2-py2: {extends: '.test_instance'}
-# default-amazonlinux-2-2019-2-py3: {extends: '.test_instance'}
-default-arch-base-latest-2019-2-py2: {extends: '.test_instance'}
-default-fedora-30-2018-3-py3: {extends: '.test_instance'}
-# default-debian-9-2018-3-py2: {extends: '.test_instance'}
-# default-ubuntu-1604-2018-3-py2: {extends: '.test_instance'}
-# default-centos-7-2018-3-py2: {extends: '.test_instance'}
-default-opensuse-leap-151-2018-3-py2: {extends: '.test_instance'}
-# default-amazonlinux-1-2018-3-py2: {extends: '.test_instance'}
-# default-arch-base-latest-2018-3-py2: {extends: '.test_instance'}
-# default-debian-8-2017-7-py2: {extends: '.test_instance'}
-# default-ubuntu-1604-2017-7-py2: {extends: '.test_instance'}
-# default-centos-6-2017-7-py2: {extends: '.test_instance'}
-# default-fedora-30-2017-7-py2: {extends: '.test_instance'}
-# default-opensuse-leap-151-2017-7-py2: {extends: '.test_instance'}
-# default-amazonlinux-1-2017-7-py2: {extends: '.test_instance'}
-# default-arch-base-latest-2017-7-py2: {extends: '.test_instance'}
+# passenger-centos-8-master-py3: {extends: '.test_instance'}
+centos-8-master-py3: {extends: '.test_instance'}
+default-centos-7-master-py3: {extends: '.test_instance'}
+# passenger-centos-7-master-py3: {extends: '.test_instance'}
+# centos-7-master-py3: {extends: '.test_instance'}
+default-fedora-34-master-py3: {extends: '.test_instance'}
+# fedora-34-master-py3: {extends: '.test_instance'}
+default-fedora-33-master-py3: {extends: '.test_instance'}
+# fedora-33-master-py3: {extends: '.test_instance'}
+default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
+# opensuse-leap-153-master-py3: {extends: '.test_instance'}
+default-opensuse-leap-152-master-py3: {extends: '.test_instance'}
+# opensuse-leap-152-master-py3: {extends: '.test_instance'}
+default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance'}
+# opensuse-tmbl-latest-master-py3: {extends: '.test_instance'}
+default-amazonlinux-2-master-py3: {extends: '.test_instance'}
+# amazonlinux-2-master-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-master-py3: {extends: '.test_instance'}
+# passenger-oraclelinux-8-master-py3: {extends: '.test_instance'}
+oraclelinux-8-master-py3: {extends: '.test_instance'}
+default-oraclelinux-7-master-py3: {extends: '.test_instance'}
+# oraclelinux-7-master-py3: {extends: '.test_instance'}
+default-arch-base-latest-master-py3: {extends: '.test_instance'}
+# arch-base-latest-master-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
+# gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
+default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
+# gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
+# default-almalinux-8-master-py3: {extends: '.test_instance'}
+# passenger-almalinux-8-master-py3: {extends: '.test_instance'}
+almalinux-8-master-py3: {extends: '.test_instance'}
+# default-rockylinux-8-master-py3: {extends: '.test_instance'}
+# passenger-rockylinux-8-master-py3: {extends: '.test_instance'}
+rockylinux-8-master-py3: {extends: '.test_instance'}
+# default-debian-10-3003-1-py3: {extends: '.test_instance'}
+# default-debian-9-3003-1-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-3003-1-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3003-1-py3: {extends: '.test_instance'}
+# default-centos-8-3003-1-py3: {extends: '.test_instance'}
+# default-centos-7-3003-1-py3: {extends: '.test_instance'}
+# default-fedora-34-3003-1-py3: {extends: '.test_instance'}
+# default-fedora-33-3003-1-py3: {extends: '.test_instance'}
+# default-opensuse-leap-153-3003-1-py3: {extends: '.test_instance'}
+# default-opensuse-leap-152-3003-1-py3: {extends: '.test_instance'}
+# default-opensuse-tmbl-latest-3003-1-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3003-1-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3003-1-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3003-1-py3: {extends: '.test_instance'}
+# default-arch-base-latest-3003-1-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-3003-1-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-systemd-3003-1-py3: {extends: '.test_instance'}
+# default-debian-10-3002-6-py3: {extends: '.test_instance'}
+# default-debian-9-3002-6-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-3002-6-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3002-6-py3: {extends: '.test_instance'}
+# default-centos-8-3002-6-py3: {extends: '.test_instance'}
+# default-centos-7-3002-6-py3: {extends: '.test_instance'}
+# default-fedora-34-3002-6-py3: {extends: '.test_instance'}
+# default-fedora-33-3002-6-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3002-6-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3002-6-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3002-6-py3: {extends: '.test_instance'}
+# default-arch-base-latest-3002-6-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-3002-6-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-systemd-3002-6-py3: {extends: '.test_instance'}
+# default-opensuse-leap-153-3002-2-py3: {extends: '.test_instance'}
+# default-opensuse-leap-152-3002-2-py3: {extends: '.test_instance'}
+# default-opensuse-tmbl-latest-3002-2-py3: {extends: '.test_instance'}
+# default-debian-10-3001-7-py3: {extends: '.test_instance'}
+# default-debian-9-3001-7-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-3001-7-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3001-7-py3: {extends: '.test_instance'}
+# default-centos-8-3001-7-py3: {extends: '.test_instance'}
+# default-centos-7-3001-7-py3: {extends: '.test_instance'}
+# default-fedora-34-3001-7-py3: {extends: '.test_instance'}
+# default-fedora-33-3001-7-py3: {extends: '.test_instance'}
+# default-opensuse-leap-153-3001-7-py3: {extends: '.test_instance'}
+# default-opensuse-leap-152-3001-7-py3: {extends: '.test_instance'}
+# default-opensuse-tmbl-latest-3001-7-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3001-7-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3001-7-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3001-7-py3: {extends: '.test_instance'}
+# default-arch-base-latest-3001-7-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-3001-7-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-systemd-3001-7-py3: {extends: '.test_instance'}
+# default-debian-10-3000-9-py3: {extends: '.test_instance'}
+# default-debian-9-3000-9-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3000-9-py3: {extends: '.test_instance'}
+# default-centos-8-3000-9-py3: {extends: '.test_instance'}
+# default-centos-7-3000-9-py3: {extends: '.test_instance'}
+# default-opensuse-leap-153-3000-9-py3: {extends: '.test_instance'}
+# default-opensuse-leap-152-3000-9-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3000-9-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3000-9-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3000-9-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-3000-9-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-systemd-3000-9-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3000-9-py2: {extends: '.test_instance'}
+# default-arch-base-latest-3000-9-py2: {extends: '.test_instance'}
###############################################################################
# `release` stage: `semantic-release`
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 136e470..41b5f35 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -17,15 +17,22 @@ repos:
stages: [manual]
additional_dependencies: ['@commitlint/config-conventional@8.3.4']
always_run: true
- - repo: https://github.com/jumanjihouse/pre-commit-hooks
- rev: 2.1.3
+ - repo: https://github.com/rubocop-hq/rubocop
+ rev: v1.9.1
+ hooks:
+ - id: rubocop
+ name: Check Ruby files with rubocop
+ args: [--debug]
+ always_run: true
+ pass_filenames: false
+ - repo: https://github.com/shellcheck-py/shellcheck-py
+ rev: v0.7.1.1
hooks:
- id: shellcheck
name: Check shell scripts with shellcheck
files: ^.*\.(sh|bash|ksh)$
types: []
- args: []
- - repo: https://github.com/adrienverge/yamllint.git
+ - repo: https://github.com/adrienverge/yamllint
rev: v1.23.0
hooks:
- id: yamllint
@@ -45,4 +52,14 @@ repos:
- id: rstcheck
name: Check reST files using rstcheck
exclude: 'docs/CHANGELOG.rst'
- args: [--report=warning]
+ - repo: https://github.com/saltstack-formulas/mirrors-rst-lint
+ rev: v1.3.2
+ hooks:
+ - id: rst-lint
+ name: Check reST files using rst-lint
+ exclude: |
+ (?x)^(
+ docs/CHANGELOG.rst|
+ docs/TOFS_pattern.rst|
+ )$
+ additional_dependencies: [pygments==2.9.0]
diff --git a/.rstcheck.cfg b/.rstcheck.cfg
index 05856dc..5383623 100644
--- a/.rstcheck.cfg
+++ b/.rstcheck.cfg
@@ -1,3 +1,4 @@
[rstcheck]
-report=error
+report=info
ignore_language=rst
+ignore_messages=(Duplicate (ex|im)plicit target.*|Hyperlink target ".*" is not referenced\.$)
diff --git a/.rubocop.yml b/.rubocop.yml
index 7fd75ac..2cceb73 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -7,10 +7,13 @@ Layout/LineLength:
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
Max: 88
Metrics/BlockLength:
- ExcludedMethods:
+ IgnoredMethods:
- control
- describe
# Increase from default of `25`
Max: 30
+Security/YAMLLoad:
+ Exclude:
+ - test/integration/**/_mapdata.rb
# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
diff --git a/.travis.yml b/.travis.yml
index 0110ed0..2b7acd3 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -36,17 +36,14 @@ stages:
# - name: 'release'
# if: 'branch = master AND type != pull_request'
jobs:
- allow_failures:
- - env: Lint_rubocop
- fast_finish: true
include:
## Define the test stage that runs the linters (and testing matrix, if applicable)
- # Run all of the linters in a single job (except `rubocop`)
+ # Run all of the linters in a single job
- language: 'node_js'
node_js: 'lts/*'
env: 'Lint'
- name: 'Lint: salt-lint, yamllint, shellcheck & commitlint'
+ name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint'
before_install: 'skip'
script:
# Install and run `salt-lint`
@@ -57,6 +54,9 @@ jobs:
# Need at least `v1.17.0` for the `yaml-files` setting
- pip install --user yamllint>=1.17.0
- yamllint -s .
+ # Install and run `rubocop`
+ - gem install rubocop
+ - rubocop -d
# Run `shellcheck` (already pre-installed in Travis)
- shellcheck --version
- git ls-files -- '*.sh' '*.bash' '*.ksh'
@@ -65,17 +65,6 @@ jobs:
- npm i -D @commitlint/config-conventional
@commitlint/travis-cli
- commitlint-travis
- # Run the `rubocop` linter in a separate job that is allowed to fail
- # Once these lint errors are fixed, this can be merged into a single job
- - language: node_js
- node_js: lts/*
- env: Lint_rubocop
- name: 'Lint: rubocop'
- before_install: skip
- script:
- # Install and run `rubocop`
- - gem install rubocop
- - rubocop -d
# Run `pre-commit` linters in a single job
- language: 'python'
@@ -94,35 +83,129 @@ jobs:
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
- - env: INSTANCE=default-debian-10-master-py3
+ # - env: INSTANCE=default-debian-10-tiamat-py3
+ # - env: INSTANCE=default-debian-9-tiamat-py3
+ # - env: INSTANCE=default-ubuntu-2004-tiamat-py3
+ # - env: INSTANCE=default-ubuntu-1804-tiamat-py3
+ # - env: INSTANCE=default-centos-8-tiamat-py3
+ # - env: INSTANCE=default-centos-7-tiamat-py3
+ # - env: INSTANCE=default-amazonlinux-2-tiamat-py3
+ # - env: INSTANCE=default-oraclelinux-8-tiamat-py3
+ # - env: INSTANCE=default-oraclelinux-7-tiamat-py3
+ # - env: INSTANCE=default-almalinux-8-tiamat-py3
+ # - env: INSTANCE=default-rockylinux-8-tiamat-py3
+ # - env: INSTANCE=default-debian-10-master-py3
+ # - env: INSTANCE=passenger-debian-10-master-py3
+ - env: INSTANCE=debian-10-master-py3
+ # - env: INSTANCE=default-debian-9-master-py3
+ # - env: INSTANCE=passenger-debian-9-master-py3
+ - env: INSTANCE=debian-9-master-py3
+ # - env: INSTANCE=default-ubuntu-2004-master-py3
+ # - env: INSTANCE=passenger-ubuntu-2004-master-py3
+ - env: INSTANCE=ubuntu-2004-master-py3
# - env: INSTANCE=default-ubuntu-1804-master-py3
+ # - env: INSTANCE=passenger-ubuntu-1804-master-py3
+ - env: INSTANCE=ubuntu-1804-master-py3
# - env: INSTANCE=default-centos-8-master-py3
- # - env: INSTANCE=default-fedora-31-master-py3
- # - env: INSTANCE=default-opensuse-leap-151-master-py3
- # - env: INSTANCE=default-amazonlinux-2-master-py3
- # - env: INSTANCE=default-debian-10-2019-2-py3
- # - env: INSTANCE=default-debian-9-2019-2-py3
- - env: INSTANCE=default-ubuntu-1804-2019-2-py3
- - env: INSTANCE=default-centos-8-2019-2-py3
- # - env: INSTANCE=default-fedora-31-2019-2-py3
- # - env: INSTANCE=default-opensuse-leap-151-2019-2-py3
- # - env: INSTANCE=default-centos-7-2019-2-py2
- # - env: INSTANCE=default-amazonlinux-2-2019-2-py3
- - env: INSTANCE=default-arch-base-latest-2019-2-py2
- - env: INSTANCE=default-fedora-30-2018-3-py3
- # - env: INSTANCE=default-debian-9-2018-3-py2
- # - env: INSTANCE=default-ubuntu-1604-2018-3-py2
- # - env: INSTANCE=default-centos-7-2018-3-py2
- - env: INSTANCE=default-opensuse-leap-151-2018-3-py2
- # - env: INSTANCE=default-amazonlinux-1-2018-3-py2
- # - env: INSTANCE=default-arch-base-latest-2018-3-py2
- # - env: INSTANCE=default-debian-8-2017-7-py2
- # - env: INSTANCE=default-ubuntu-1604-2017-7-py2
- # - env: INSTANCE=default-centos-6-2017-7-py2
- # - env: INSTANCE=default-fedora-30-2017-7-py2
- # - env: INSTANCE=default-opensuse-leap-151-2017-7-py2
- # - env: INSTANCE=default-amazonlinux-1-2017-7-py2
- # - env: INSTANCE=default-arch-base-latest-2017-7-py2
+ # - env: INSTANCE=passenger-centos-8-master-py3
+ - env: INSTANCE=centos-8-master-py3
+ - env: INSTANCE=default-centos-7-master-py3
+ # - env: INSTANCE=passenger-centos-7-master-py3
+ # - env: INSTANCE=centos-7-master-py3
+ - env: INSTANCE=default-fedora-34-master-py3
+ # - env: INSTANCE=fedora-34-master-py3
+ - env: INSTANCE=default-fedora-33-master-py3
+ # - env: INSTANCE=fedora-33-master-py3
+ - env: INSTANCE=default-opensuse-leap-153-master-py3
+ # - env: INSTANCE=opensuse-leap-153-master-py3
+ - env: INSTANCE=default-opensuse-leap-152-master-py3
+ # - env: INSTANCE=opensuse-leap-152-master-py3
+ - env: INSTANCE=default-opensuse-tmbl-latest-master-py3
+ # - env: INSTANCE=opensuse-tmbl-latest-master-py3
+ - env: INSTANCE=default-amazonlinux-2-master-py3
+ # - env: INSTANCE=amazonlinux-2-master-py3
+ # - env: INSTANCE=default-oraclelinux-8-master-py3
+ # - env: INSTANCE=passenger-oraclelinux-8-master-py3
+ - env: INSTANCE=oraclelinux-8-master-py3
+ - env: INSTANCE=default-oraclelinux-7-master-py3
+ # - env: INSTANCE=oraclelinux-7-master-py3
+ - env: INSTANCE=default-arch-base-latest-master-py3
+ # - env: INSTANCE=arch-base-latest-master-py3
+ # - env: INSTANCE=default-gentoo-stage3-latest-master-py3
+ # - env: INSTANCE=gentoo-stage3-latest-master-py3
+ - env: INSTANCE=default-gentoo-stage3-systemd-master-py3
+ # - env: INSTANCE=gentoo-stage3-systemd-master-py3
+ # - env: INSTANCE=default-almalinux-8-master-py3
+ # - env: INSTANCE=passenger-almalinux-8-master-py3
+ - env: INSTANCE=almalinux-8-master-py3
+ # - env: INSTANCE=default-rockylinux-8-master-py3
+ # - env: INSTANCE=passenger-rockylinux-8-master-py3
+ - env: INSTANCE=rockylinux-8-master-py3
+ # - env: INSTANCE=default-debian-10-3003-1-py3
+ # - env: INSTANCE=default-debian-9-3003-1-py3
+ # - env: INSTANCE=default-ubuntu-2004-3003-1-py3
+ # - env: INSTANCE=default-ubuntu-1804-3003-1-py3
+ # - env: INSTANCE=default-centos-8-3003-1-py3
+ # - env: INSTANCE=default-centos-7-3003-1-py3
+ # - env: INSTANCE=default-fedora-34-3003-1-py3
+ # - env: INSTANCE=default-fedora-33-3003-1-py3
+ # - env: INSTANCE=default-opensuse-leap-153-3003-1-py3
+ # - env: INSTANCE=default-opensuse-leap-152-3003-1-py3
+ # - env: INSTANCE=default-opensuse-tmbl-latest-3003-1-py3
+ # - env: INSTANCE=default-amazonlinux-2-3003-1-py3
+ # - env: INSTANCE=default-oraclelinux-8-3003-1-py3
+ # - env: INSTANCE=default-oraclelinux-7-3003-1-py3
+ # - env: INSTANCE=default-arch-base-latest-3003-1-py3
+ # - env: INSTANCE=default-gentoo-stage3-latest-3003-1-py3
+ # - env: INSTANCE=default-gentoo-stage3-systemd-3003-1-py3
+ # - env: INSTANCE=default-debian-10-3002-6-py3
+ # - env: INSTANCE=default-debian-9-3002-6-py3
+ # - env: INSTANCE=default-ubuntu-2004-3002-6-py3
+ # - env: INSTANCE=default-ubuntu-1804-3002-6-py3
+ # - env: INSTANCE=default-centos-8-3002-6-py3
+ # - env: INSTANCE=default-centos-7-3002-6-py3
+ # - env: INSTANCE=default-fedora-34-3002-6-py3
+ # - env: INSTANCE=default-fedora-33-3002-6-py3
+ # - env: INSTANCE=default-amazonlinux-2-3002-6-py3
+ # - env: INSTANCE=default-oraclelinux-8-3002-6-py3
+ # - env: INSTANCE=default-oraclelinux-7-3002-6-py3
+ # - env: INSTANCE=default-arch-base-latest-3002-6-py3
+ # - env: INSTANCE=default-gentoo-stage3-latest-3002-6-py3
+ # - env: INSTANCE=default-gentoo-stage3-systemd-3002-6-py3
+ # - env: INSTANCE=default-opensuse-leap-153-3002-2-py3
+ # - env: INSTANCE=default-opensuse-leap-152-3002-2-py3
+ # - env: INSTANCE=default-opensuse-tmbl-latest-3002-2-py3
+ # - env: INSTANCE=default-debian-10-3001-7-py3
+ # - env: INSTANCE=default-debian-9-3001-7-py3
+ # - env: INSTANCE=default-ubuntu-2004-3001-7-py3
+ # - env: INSTANCE=default-ubuntu-1804-3001-7-py3
+ # - env: INSTANCE=default-centos-8-3001-7-py3
+ # - env: INSTANCE=default-centos-7-3001-7-py3
+ # - env: INSTANCE=default-fedora-34-3001-7-py3
+ # - env: INSTANCE=default-fedora-33-3001-7-py3
+ # - env: INSTANCE=default-opensuse-leap-153-3001-7-py3
+ # - env: INSTANCE=default-opensuse-leap-152-3001-7-py3
+ # - env: INSTANCE=default-opensuse-tmbl-latest-3001-7-py3
+ # - env: INSTANCE=default-amazonlinux-2-3001-7-py3
+ # - env: INSTANCE=default-oraclelinux-8-3001-7-py3
+ # - env: INSTANCE=default-oraclelinux-7-3001-7-py3
+ # - env: INSTANCE=default-arch-base-latest-3001-7-py3
+ # - env: INSTANCE=default-gentoo-stage3-latest-3001-7-py3
+ # - env: INSTANCE=default-gentoo-stage3-systemd-3001-7-py3
+ # - env: INSTANCE=default-debian-10-3000-9-py3
+ # - env: INSTANCE=default-debian-9-3000-9-py3
+ # - env: INSTANCE=default-ubuntu-1804-3000-9-py3
+ # - env: INSTANCE=default-centos-8-3000-9-py3
+ # - env: INSTANCE=default-centos-7-3000-9-py3
+ # - env: INSTANCE=default-opensuse-leap-153-3000-9-py3
+ # - env: INSTANCE=default-opensuse-leap-152-3000-9-py3
+ # - env: INSTANCE=default-amazonlinux-2-3000-9-py3
+ # - env: INSTANCE=default-oraclelinux-8-3000-9-py3
+ # - env: INSTANCE=default-oraclelinux-7-3000-9-py3
+ # - env: INSTANCE=default-gentoo-stage3-latest-3000-9-py3
+ # - env: INSTANCE=default-gentoo-stage3-systemd-3000-9-py3
+ # - env: INSTANCE=default-ubuntu-1804-3000-9-py2
+ # - env: INSTANCE=default-arch-base-latest-3000-9-py2
## Define the release stage that runs `semantic-release`
- stage: 'release'
diff --git a/.yamllint b/.yamllint
index 73bcbe2..f9a94a4 100644
--- a/.yamllint
+++ b/.yamllint
@@ -2,17 +2,23 @@
# vim: ft=yaml
---
# Extend the `default` configuration provided by `yamllint`
-extends: default
+extends: 'default'
# Files to ignore completely
-# 1. All YAML files under directory `node_modules/`, introduced during the Travis run
-# 2. Any SLS files under directory `test/`, which are actually state files
-# 3. Any YAML files under directory `.kitchen/`, introduced during local testing
+# 1. All YAML files under directory `.cache/`, introduced during the GitLab CI run
+# 2. All YAML files under directory `.git/`
+# 3. All YAML files under directory `node_modules/`, introduced during the Travis run
+# 4. Any SLS files under directory `test/`, which are actually state files
+# 5. Any YAML files under directory `.kitchen/`, introduced during local testing
+# 6. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
ignore: |
.cache/
+ .git/
node_modules/
test/**/states/**/*.sls
.kitchen/
+ kitchen.vagrant.yml
+ test/salt/passenger/pillar/nginx.sls
yaml-files:
# Default settings
diff --git a/AUTHORS.md b/AUTHORS.md
index 87a22dc..b9e6fb2 100644
--- a/AUTHORS.md
+++ b/AUTHORS.md
@@ -4,79 +4,82 @@ This list is sorted by the number of commits per contributor in _descending_ ord
Avatar|Contributor|Contributions
:-:|---|:-:
-
|[@myii](https://github.com/myii)|82
-
|[@aboe76](https://github.com/aboe76)|46
-
|[@gravyboat](https://github.com/gravyboat)|27
-
|[@nmadhok](https://github.com/nmadhok)|24
-
|[@noelmcloughlin](https://github.com/noelmcloughlin)|18
-
|[@whiteinge](https://github.com/whiteinge)|17
-
|[@ross-p](https://github.com/ross-p)|13
-
|[@daks](https://github.com/daks)|11
-
|[@techhat](https://github.com/techhat)|10
-
|[@javierbertoli](https://github.com/javierbertoli)|9
-
|[@arthurlogilab](https://github.com/arthurlogilab)|8
-
|[@cheuschober](https://github.com/cheuschober)|8
-
|[@dseira](https://github.com/dseira)|8
-
|[@amontalban](https://github.com/amontalban)|7
-
|[@puneetk](https://github.com/puneetk)|7
-
|[@TaiSHiNet](https://github.com/TaiSHiNet)|6
-
|[@EvaSDK](https://github.com/EvaSDK)|6
-
|[@cackovic](https://github.com/cackovic)|5
-
|[@auser](https://github.com/auser)|5
-
|[@stp-ip](https://github.com/stp-ip)|5
-
|[@ahmadsherif](https://github.com/ahmadsherif)|4
-
|[@n-rodriguez](https://github.com/n-rodriguez)|4
-
|[@teepark](https://github.com/teepark)|4
-
|[@alinefr](https://github.com/alinefr)|3
-
|[@devaos](https://github.com/devaos)|3
-
|[@bmwiedemann](https://github.com/bmwiedemann)|3
-
|[@terminalmage](https://github.com/terminalmage)|3
-
|[@imran1008](https://github.com/imran1008)|3
-
|[@morsik](https://github.com/morsik)|3
-
|[@msciciel](https://github.com/msciciel)|3
-
|[@rfairburn](https://github.com/rfairburn)|3
-
|[@westurner](https://github.com/westurner)|3
-
|[@chris-sanders](https://github.com/chris-sanders)|2
-
|[@dafyddj](https://github.com/dafyddj)|2
-
|[@UtahDave](https://github.com/UtahDave)|2
-
|[@ghtyrant](https://github.com/ghtyrant)|2
-
|[@pprkut](https://github.com/pprkut)|2
-
|[@jstrunk](https://github.com/jstrunk)|2
-
|[@johnkeates](https://github.com/johnkeates)|2
-
|[@kmshultz](https://github.com/kmshultz)|2
-
|[@malept](https://github.com/malept)|2
-
|[@meganlkm](https://github.com/meganlkm)|2
-
|[@garrettw](https://github.com/garrettw)|2
-
|[@ErisDS](https://github.com/ErisDS)|2
-
|[@myoung34](https://github.com/myoung34)|2
-
|[@sticky-note](https://github.com/sticky-note)|2
-
|[@bebosudo](https://github.com/bebosudo)|1
-
|[@aanriot](https://github.com/aanriot)|1
-
|[@andrew-vant](https://github.com/andrew-vant)|1
-
|[@bemosior](https://github.com/bemosior)|1
-
|[@SuperTux88](https://github.com/SuperTux88)|1
-
|[@bogdanr](https://github.com/bogdanr)|1
-
|[@blbradley](https://github.com/blbradley)|1
-
|[@CorwinTanner](https://github.com/CorwinTanner)|1
-
|[@fayetted](https://github.com/fayetted)|1
-
|[@czarneckid](https://github.com/czarneckid)|1
-
|[@statik](https://github.com/statik)|1
-
|[@ekristen](https://github.com/ekristen)|1
-
|[@jeduardo](https://github.com/jeduardo)|1
-
|[@stromnet](https://github.com/stromnet)|1
-
|[@bsdlp](https://github.com/bsdlp)|1
-
|[@MEschenbacher](https://github.com/MEschenbacher)|1
-
|[@renich](https://github.com/renich)|1
-
|[@outime](https://github.com/outime)|1
-
|[@scub](https://github.com/scub)|1
-
|[@thatch45](https://github.com/thatch45)|1
-
|[@blarghmatey](https://github.com/blarghmatey)|1
-
|[@babilen5](https://github.com/babilen5)|1
-
|[@abednarik](https://github.com/abednarik)|1
-
|[@francesco-a](https://github.com/francesco-a)|1
-
|[@oboyle](https://github.com/oboyle)|1
-
|[@bersace](https://github.com/bersace)|1
+
|[@myii](https://github.com/myii)|107
+
|[@aboe76](https://github.com/aboe76)|46
+
|[@gravyboat](https://github.com/gravyboat)|27
+
|[@nmadhok](https://github.com/nmadhok)|24
+
|[@javierbertoli](https://github.com/javierbertoli)|21
+
|[@noelmcloughlin](https://github.com/noelmcloughlin)|18
+
|[@whiteinge](https://github.com/whiteinge)|17
+
|[@ross-p](https://github.com/ross-p)|13
+
|[@daks](https://github.com/daks)|11
+
|[@techhat](https://github.com/techhat)|10
+
|[@arthurlogilab](https://github.com/arthurlogilab)|8
+
|[@cheuschober](https://github.com/cheuschober)|8
+
|[@dseira](https://github.com/dseira)|8
+
|[@amontalban](https://github.com/amontalban)|7
+
|[@puneetk](https://github.com/puneetk)|7
+
|[@TaiSHiNet](https://github.com/TaiSHiNet)|6
+
|[@EvaSDK](https://github.com/EvaSDK)|6
+
|[@cackovic](https://github.com/cackovic)|5
+
|[@auser](https://github.com/auser)|5
+
|[@stp-ip](https://github.com/stp-ip)|5
+
|[@ahmadsherif](https://github.com/ahmadsherif)|4
+
|[@n-rodriguez](https://github.com/n-rodriguez)|4
+
|[@teepark](https://github.com/teepark)|4
+
|[@alinefr](https://github.com/alinefr)|3
+
|[@devaos](https://github.com/devaos)|3
+
|[@bmwiedemann](https://github.com/bmwiedemann)|3
+
|[@dafyddj](https://github.com/dafyddj)|3
+
|[@terminalmage](https://github.com/terminalmage)|3
+
|[@imran1008](https://github.com/imran1008)|3
+
|[@morsik](https://github.com/morsik)|3
+
|[@msciciel](https://github.com/msciciel)|3
+
|[@rfairburn](https://github.com/rfairburn)|3
+
|[@westurner](https://github.com/westurner)|3
+
|[@toanju](https://github.com/toanju)|3
+
|[@chris-sanders](https://github.com/chris-sanders)|2
+
|[@UtahDave](https://github.com/UtahDave)|2
+
|[@ghtyrant](https://github.com/ghtyrant)|2
+
|[@pprkut](https://github.com/pprkut)|2
+
|[@jstrunk](https://github.com/jstrunk)|2
+
|[@johnkeates](https://github.com/johnkeates)|2
+
|[@kmshultz](https://github.com/kmshultz)|2
+
|[@malept](https://github.com/malept)|2
+
|[@meganlkm](https://github.com/meganlkm)|2
+
|[@ErisDS](https://github.com/ErisDS)|2
+
|[@myoung34](https://github.com/myoung34)|2
+
|[@sticky-note](https://github.com/sticky-note)|2
+
|[@bebosudo](https://github.com/bebosudo)|1
+
|[@aanriot](https://github.com/aanriot)|1
+
|[@andrew-vant](https://github.com/andrew-vant)|1
+
|[@bemosior](https://github.com/bemosior)|1
+
|[@SuperTux88](https://github.com/SuperTux88)|1
+
|[@bogdanr](https://github.com/bogdanr)|1
+
|[@blbradley](https://github.com/blbradley)|1
+
|[@CorwinTanner](https://github.com/CorwinTanner)|1
+
|[@fayetted](https://github.com/fayetted)|1
+
|[@baby-gnu](https://github.com/baby-gnu)|1
+
|[@czarneckid](https://github.com/czarneckid)|1
+
|[@statik](https://github.com/statik)|1
+
|[@ekristen](https://github.com/ekristen)|1
+
|[@garrettw](https://github.com/garrettw)|1
+
|[@jeduardo](https://github.com/jeduardo)|1
+
|[@stromnet](https://github.com/stromnet)|1
+
|[@bsdlp](https://github.com/bsdlp)|1
+
|[@anderbubble](https://github.com/anderbubble)|1
+
|[@MEschenbacher](https://github.com/MEschenbacher)|1
+
|[@renich](https://github.com/renich)|1
+
|[@outime](https://github.com/outime)|1
+
|[@scub](https://github.com/scub)|1
+
|[@thatch45](https://github.com/thatch45)|1
+
|[@blarghmatey](https://github.com/blarghmatey)|1
+
|[@babilen5](https://github.com/babilen5)|1
+
|[@abednarik](https://github.com/abednarik)|1
+
|[@francesco-a](https://github.com/francesco-a)|1
+
|[@oboyle](https://github.com/oboyle)|1
+
|[@bersace](https://github.com/bersace)|1
---
-Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-01-04.
+Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-06-15.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c1a27ac..8d9a66a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,131 @@
# Changelog
+## [2.7.4](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.3...v2.7.4) (2021-06-15)
+
+
+### Bug Fixes
+
+* **servers:** include main config file watch in extend ([00387e7](https://github.com/saltstack-formulas/nginx-formula/commit/00387e7cbd90ceb5496df5cf9bce8f7dae25b056))
+
+## [2.7.3](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.2...v2.7.3) (2021-06-14)
+
+
+### Tests
+
+* **snippets:** add tests for snippets includes ([1c83b6d](https://github.com/saltstack-formulas/nginx-formula/commit/1c83b6d5fa93079476ca9e8baa1ccd9d44e5237f)), closes [#275](https://github.com/saltstack-formulas/nginx-formula/issues/275) [#274](https://github.com/saltstack-formulas/nginx-formula/issues/274)
+
+## [2.7.2](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.1...v2.7.2) (2021-06-14)
+
+
+### Bug Fixes
+
+* **certificates:** ensure `openssl` installed before `cmd.run` ([0cd7c7b](https://github.com/saltstack-formulas/nginx-formula/commit/0cd7c7b20528ce9fbd4f8991a365415a3093546d)), closes [/gitlab.com/saltstack-formulas/nginx-formula/-/jobs/1345325819#L2830](https://github.com//gitlab.com/saltstack-formulas/nginx-formula/-/jobs/1345325819/issues/L2830)
+* **snippets:** ignore servers or snippets when undefined ([6cb486d](https://github.com/saltstack-formulas/nginx-formula/commit/6cb486dbd290c91bbdbf00fd0061efaedbef4dea)), closes [#274](https://github.com/saltstack-formulas/nginx-formula/issues/274)
+
+## [2.7.1](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.0...v2.7.1) (2021-05-12)
+
+
+### Bug Fixes
+
+* **servers:** wrong conditional specification ([494b2fb](https://github.com/saltstack-formulas/nginx-formula/commit/494b2fbea490fded02cecd4d3e3e0372476548fb))
+
+
+### Continuous Integration
+
+* add `arch-master` to matrix and update `.travis.yml` [skip ci] ([4697152](https://github.com/saltstack-formulas/nginx-formula/commit/46971528d7a7e23241564da146ee8d28b7d2eecc))
+
+# [2.7.0](https://github.com/saltstack-formulas/nginx-formula/compare/v2.6.3...v2.7.0) (2021-04-28)
+
+
+### Continuous Integration
+
+* **kitchen+gitlab:** adjust matrix to add `3003` [skip ci] ([46faf4e](https://github.com/saltstack-formulas/nginx-formula/commit/46faf4e24b39f7d4fd138126dbe5eb6a06eb5b67))
+* **vagrant:** add FreeBSD 13.0 [skip ci] ([b41062e](https://github.com/saltstack-formulas/nginx-formula/commit/b41062e3b19c4c109198bd95c53158d871bbff85))
+* **vagrant:** use pre-salted boxes & conditional local settings [skip ci] ([b9e9cd3](https://github.com/saltstack-formulas/nginx-formula/commit/b9e9cd38e6d29b7eb4cd8ae74a1bdf901959dee3))
+
+
+### Documentation
+
+* **readme:** add `Testing with Vagrant` section [skip ci] ([5727848](https://github.com/saltstack-formulas/nginx-formula/commit/57278481de489441a5c04aee544962212e91c5af))
+
+
+### Features
+
+* **servers_config:** add require statement to manage dependencies ([622d22f](https://github.com/saltstack-formulas/nginx-formula/commit/622d22f9711085aeca19f3907e22e87c6b21b8d0))
+
+
+### Tests
+
+* **requires:** verify dependencies in vhosts ([6478143](https://github.com/saltstack-formulas/nginx-formula/commit/64781431b9187d392f56ce5461c3b1a9c2944f90))
+
+## [2.6.3](https://github.com/saltstack-formulas/nginx-formula/compare/v2.6.2...v2.6.3) (2021-04-03)
+
+
+### Bug Fixes
+
+* **freebsd:** add `openssl` pkg and update all `default` tests ([4cd351a](https://github.com/saltstack-formulas/nginx-formula/commit/4cd351adbc184b938b0d0cf587419bab5b39a7d3))
+
+
+### Continuous Integration
+
+* enable Vagrant-based testing using GitHub Actions ([c79ce9a](https://github.com/saltstack-formulas/nginx-formula/commit/c79ce9a9ae30e889ab925bb0398008b434bc9b0a))
+
+## [2.6.2](https://github.com/saltstack-formulas/nginx-formula/compare/v2.6.1...v2.6.2) (2021-03-30)
+
+
+### Bug Fixes
+
+* **servers_config:** fixup 05994e1 ([c03729a](https://github.com/saltstack-formulas/nginx-formula/commit/c03729ae326876a20cb22c346f9d4cd96418af9a))
+
+## [2.6.1](https://github.com/saltstack-formulas/nginx-formula/compare/v2.6.0...v2.6.1) (2021-03-29)
+
+
+### Bug Fixes
+
+* **servers_config:** remove service depedency ([05994e1](https://github.com/saltstack-formulas/nginx-formula/commit/05994e1b174ccdf3ff4a444f81314ad925fa478d))
+
+
+### Code Refactoring
+
+* **servers_config:** remove unused loop ([3825557](https://github.com/saltstack-formulas/nginx-formula/commit/3825557070a18db4828cc634dd036a428f8a9836))
+
+
+### Continuous Integration
+
+* **kitchen+ci:** include `passenger` suite [skip ci] ([0bbe686](https://github.com/saltstack-formulas/nginx-formula/commit/0bbe68619fdf3791e6202ce3f17ca03efc4441c1))
+
+
+### Tests
+
+* standardise use of `share` suite & `_mapdata` state [skip ci] ([8ea3c82](https://github.com/saltstack-formulas/nginx-formula/commit/8ea3c82be3fccb2bad8bac566f210454549d141e))
+
+# [2.6.0](https://github.com/saltstack-formulas/nginx-formula/compare/v2.5.0...v2.6.0) (2021-03-11)
+
+
+### Bug Fixes
+
+* **passenger:** various fixes ([7271c9d](https://github.com/saltstack-formulas/nginx-formula/commit/7271c9d16c8218244ae5ef0b188b7f9f4a414074))
+* **pkg:** add inline EPEL repo configuration for Amazon Linux 2 ([ae6375c](https://github.com/saltstack-formulas/nginx-formula/commit/ae6375ccccd56a506ee28babbeabf351112a06de))
+
+
+### Continuous Integration
+
+* **gemfile+lock:** use `ssf` customised `kitchen-docker` repo [skip ci] ([123d13e](https://github.com/saltstack-formulas/nginx-formula/commit/123d13e2f483c203cbfc1366b36a30e1732603e1))
+* **kitchen+ci:** make rubocop happy [skip ci] ([eedfc56](https://github.com/saltstack-formulas/nginx-formula/commit/eedfc56b41b673e196029274048670e89e55a694))
+* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] ([63d32a4](https://github.com/saltstack-formulas/nginx-formula/commit/63d32a40b13ca2c77bb83cceba620218617aab6a))
+* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] ([b4411c6](https://github.com/saltstack-formulas/nginx-formula/commit/b4411c61d3352ecb9775197f991f5f33996730dc))
+* **pre-commit:** update hook for `rubocop` [skip ci] ([2a23743](https://github.com/saltstack-formulas/nginx-formula/commit/2a23743fca8fd54b2a18dc2a07d0daa8142c0289))
+
+
+### Features
+
+* **config:** validate config before applying ([b396b24](https://github.com/saltstack-formulas/nginx-formula/commit/b396b24fe456de7001b2cc013814ada189351e6f))
+
+
+### Tests
+
+* **config:** fix for Amazon Linux 2 & Oracle Linux 7/8 ([ab39c8f](https://github.com/saltstack-formulas/nginx-formula/commit/ab39c8f7c3c9bf5dbd4436cad8ccce21263fe646))
+
# [2.5.0](https://github.com/saltstack-formulas/nginx-formula/compare/v2.4.1...v2.5.0) (2021-01-04)
diff --git a/CODEOWNERS b/CODEOWNERS
index 05c8e5d..2dd5bf8 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -15,8 +15,11 @@
/docs/AUTHORS.rst @saltstack-formulas/ssf
/docs/CHANGELOG.rst @saltstack-formulas/ssf
/docs/TOFS_pattern.rst @saltstack-formulas/ssf
+/*/_mapdata/ @saltstack-formulas/ssf
/*/libsaltcli.jinja @saltstack-formulas/ssf
/*/libtofs.jinja @saltstack-formulas/ssf
+/test/integration/**/_mapdata.rb @saltstack-formulas/ssf
+/test/integration/**/libraries/system.rb @saltstack-formulas/ssf
/test/integration/**/inspec.yml @saltstack-formulas/ssf
/test/integration/**/README.md @saltstack-formulas/ssf
/.gitignore @saltstack-formulas/ssf
@@ -36,6 +39,8 @@
/Gemfile @saltstack-formulas/ssf
/Gemfile.lock @saltstack-formulas/ssf
/kitchen.yml @saltstack-formulas/ssf
+/kitchen.vagrant.yml @saltstack-formulas/ssf
+/kitchen.windows.yml @saltstack-formulas/ssf
/pre-commit_semantic-release.sh @saltstack-formulas/ssf
/release-rules.js @saltstack-formulas/ssf
/release.config.js @saltstack-formulas/ssf
diff --git a/FORMULA b/FORMULA
index 0dc428b..636b36f 100644
--- a/FORMULA
+++ b/FORMULA
@@ -1,7 +1,7 @@
name: nginx
os: Debian, Ubuntu, RedHat, Fedora, CentOS, Suse, openSUSE
os_family: Debian, RedHat, Suse
-version: 2.5.0
+version: 2.7.4
release: 1
minimum_version: 2017.3
summary: nginx formula
diff --git a/Gemfile b/Gemfile
index 82c4a31..8be107e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,8 +5,14 @@ source 'https://rubygems.org'
# Use the latest version of `inspec` prior to `4.23.4`, which introduces a
# regression where the diff isn't displayed when comparing using `eq`.
gem 'inspec', '~> 4.22.22'
-# Install the `kitchen-docker` gem from GitHub because the latest version
+# Install the `kitchen-docker` gem using `git` because the latest version
# currently available (`2.10.0`) doesn't include a recent fix for Gentoo.
-gem 'kitchen-docker', github: 'test-kitchen/kitchen-docker', ref: '41e80fe'
+# rubocop:disable Layout/LineLength
+gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf'
+# rubocop:enable Layout/LineLength
gem 'kitchen-inspec', '>= 2.2.1'
gem 'kitchen-salt', '>= 0.6.3'
+
+group :vagrant do
+ gem 'kitchen-vagrant'
+end
diff --git a/Gemfile.lock b/Gemfile.lock
index 19bf26d..e2f62f3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
GIT
- remote: https://github.com/test-kitchen/kitchen-docker.git
- revision: 41e80fed3a7cc86323e19c16a5a340cebf7e5848
- ref: 41e80fe
+ remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker
+ revision: 1f543f654da5c1774cb8737f6f07a01745520bb5
+ branch: ssf
specs:
kitchen-docker (2.10.0)
test-kitchen (>= 1.0.0)
@@ -292,6 +292,8 @@ GEM
kitchen-salt (0.6.3)
hashie (>= 3.5)
test-kitchen (>= 1.4)
+ kitchen-vagrant (1.7.0)
+ test-kitchen (>= 1.4, < 3)
libyajl2 (1.2.0)
license-acceptance (1.0.19)
pastel (~> 0.7)
@@ -525,6 +527,7 @@ DEPENDENCIES
kitchen-docker!
kitchen-inspec (>= 2.2.1)
kitchen-salt (>= 0.6.3)
+ kitchen-vagrant
BUNDLED WITH
2.1.2
diff --git a/docs/AUTHORS.rst b/docs/AUTHORS.rst
index 57a4015..a8e625c 100644
--- a/docs/AUTHORS.rst
+++ b/docs/AUTHORS.rst
@@ -13,224 +13,233 @@ This list is sorted by the number of commits per contributor in *descending* ord
* - Avatar
- Contributor
- Contributions
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@myii `_
- - 82
- * - :raw-html-m2r:``
+ - 107
+ * - :raw-html-m2r:``
- `@aboe76 `_
- 46
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@gravyboat `_
- 27
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@nmadhok `_
- 24
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@javierbertoli `_
+ - 21
+ * - :raw-html-m2r:``
- `@noelmcloughlin `_
- 18
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@whiteinge `_
- 17
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@ross-p `_
- 13
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@daks `_
- 11
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@techhat `_
- 10
- * - :raw-html-m2r:``
- - `@javierbertoli `_
- - 9
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@arthurlogilab `_
- 8
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@cheuschober `_
- 8
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@dseira `_
- 8
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@amontalban `_
- 7
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@puneetk `_
- 7
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@TaiSHiNet `_
- 6
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@EvaSDK `_
- 6
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@cackovic `_
- 5
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@auser `_
- 5
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@stp-ip `_
- 5
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@ahmadsherif `_
- 4
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@n-rodriguez `_
- 4
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@teepark `_
- 4
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@alinefr `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@devaos `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bmwiedemann `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@dafyddj `_
+ - 3
+ * - :raw-html-m2r:``
- `@terminalmage `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@imran1008 `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@morsik `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@msciciel `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@rfairburn `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@westurner `_
- 3
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@toanju `_
+ - 3
+ * - :raw-html-m2r:``
- `@chris-sanders `_
- 2
- * - :raw-html-m2r:``
- - `@dafyddj `_
- - 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@UtahDave `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@ghtyrant `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@pprkut `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@jstrunk `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@johnkeates `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@kmshultz `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@malept `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@meganlkm `_
- 2
- * - :raw-html-m2r:``
- - `@garrettw `_
- - 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@ErisDS `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@myoung34 `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@sticky-note `_
- 2
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bebosudo `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@aanriot `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@andrew-vant `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bemosior `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@SuperTux88 `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bogdanr `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@blbradley `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@CorwinTanner `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@fayetted `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@baby-gnu `_
+ - 1
+ * - :raw-html-m2r:``
- `@czarneckid `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@statik `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@ekristen `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@garrettw `_
+ - 1
+ * - :raw-html-m2r:``
- `@jeduardo `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@stromnet `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bsdlp `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
+ - `@anderbubble `_
+ - 1
+ * - :raw-html-m2r:``
- `@MEschenbacher `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@renich `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@outime `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@scub `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@thatch45 `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@blarghmatey `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@babilen5 `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@abednarik `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@francesco-a `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@oboyle `_
- 1
- * - :raw-html-m2r:``
+ * - :raw-html-m2r:``
- `@bersace `_
- 1
----
-Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2021-01-04.
+Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2021-06-15.
diff --git a/docs/CHANGELOG.rst b/docs/CHANGELOG.rst
index a0e38f1..f25d2de 100644
--- a/docs/CHANGELOG.rst
+++ b/docs/CHANGELOG.rst
@@ -2,6 +2,161 @@
Changelog
=========
+`2.7.4 `_ (2021-06-15)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **servers:** include main config file watch in extend (\ `00387e7 `_\ )
+
+`2.7.3 `_ (2021-06-14)
+-------------------------------------------------------------------------------------------------------
+
+Tests
+^^^^^
+
+
+* **snippets:** add tests for snippets includes (\ `1c83b6d `_\ ), closes `#275 `_ `#274 `_
+
+`2.7.2 `_ (2021-06-14)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **certificates:** ensure ``openssl`` installed before ``cmd.run`` (\ `0cd7c7b `_\ ), closes `/gitlab.com/saltstack-formulas/nginx-formula/-/jobs/1345325819#L2830 `_
+* **snippets:** ignore servers or snippets when undefined (\ `6cb486d `_\ ), closes `#274 `_
+
+`2.7.1 `_ (2021-05-12)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **servers:** wrong conditional specification (\ `494b2fb `_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* add ``arch-master`` to matrix and update ``.travis.yml`` [skip ci] (\ `4697152 `_\ )
+
+`2.7.0 `_ (2021-04-28)
+-------------------------------------------------------------------------------------------------------
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* **kitchen+gitlab:** adjust matrix to add ``3003`` [skip ci] (\ `46faf4e `_\ )
+* **vagrant:** add FreeBSD 13.0 [skip ci] (\ `b41062e `_\ )
+* **vagrant:** use pre-salted boxes & conditional local settings [skip ci] (\ `b9e9cd3 `_\ )
+
+Documentation
+^^^^^^^^^^^^^
+
+
+* **readme:** add ``Testing with Vagrant`` section [skip ci] (\ `5727848 `_\ )
+
+Features
+^^^^^^^^
+
+
+* **servers_config:** add require statement to manage dependencies (\ `622d22f `_\ )
+
+Tests
+^^^^^
+
+
+* **requires:** verify dependencies in vhosts (\ `6478143 `_\ )
+
+`2.6.3 `_ (2021-04-03)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **freebsd:** add ``openssl`` pkg and update all ``default`` tests (\ `4cd351a `_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* enable Vagrant-based testing using GitHub Actions (\ `c79ce9a `_\ )
+
+`2.6.2 `_ (2021-03-30)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **servers_config:** fixup 05994e1 (\ `c03729a `_\ )
+
+`2.6.1 `_ (2021-03-29)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **servers_config:** remove service depedency (\ `05994e1 `_\ )
+
+Code Refactoring
+^^^^^^^^^^^^^^^^
+
+
+* **servers_config:** remove unused loop (\ `3825557 `_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* **kitchen+ci:** include ``passenger`` suite [skip ci] (\ `0bbe686 `_\ )
+
+Tests
+^^^^^
+
+
+* standardise use of ``share`` suite & ``_mapdata`` state [skip ci] (\ `8ea3c82 `_\ )
+
+`2.6.0 `_ (2021-03-11)
+-------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **passenger:** various fixes (\ `7271c9d `_\ )
+* **pkg:** add inline EPEL repo configuration for Amazon Linux 2 (\ `ae6375c `_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* **gemfile+lock:** use ``ssf`` customised ``kitchen-docker`` repo [skip ci] (\ `123d13e `_\ )
+* **kitchen+ci:** make rubocop happy [skip ci] (\ `eedfc56 `_\ )
+* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] (\ `63d32a4 `_\ )
+* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] (\ `b4411c6 `_\ )
+* **pre-commit:** update hook for ``rubocop`` [skip ci] (\ `2a23743 `_\ )
+
+Features
+^^^^^^^^
+
+
+* **config:** validate config before applying (\ `b396b24 `_\ )
+
+Tests
+^^^^^
+
+
+* **config:** fix for Amazon Linux 2 & Oracle Linux 7/8 (\ `ab39c8f `_\ )
+
`2.5.0 `_ (2021-01-04)
-------------------------------------------------------------------------------------------------------
diff --git a/docs/README.rst b/docs/README.rst
index 7451490..78148a4 100644
--- a/docs/README.rst
+++ b/docs/README.rst
@@ -169,3 +169,65 @@ Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``veri
^^^^^^^^^^^^^^^^^^^^^
Gives you SSH access to the instance for manual testing.
+
+Testing with Vagrant
+--------------------
+
+Windows/FreeBSD/OpenBSD testing is done with ``kitchen-salt``.
+
+Requirements
+^^^^^^^^^^^^
+
+* Ruby
+* Virtualbox
+* Vagrant
+
+Setup
+^^^^^
+
+.. code-block:: bash
+
+ $ gem install bundler
+ $ bundle install --with=vagrant
+ $ bin/kitchen test [platform]
+
+Where ``[platform]`` is the platform name defined in ``kitchen.vagrant.yml``,
+e.g. ``windows-81-latest-py3``.
+
+Note
+^^^^
+
+When testing using Vagrant you must set the environment variable ``KITCHEN_LOCAL_YAML`` to ``kitchen.vagrant.yml``. For example:
+
+.. code-block:: bash
+
+ $ KITCHEN_LOCAL_YAML=kitchen.vagrant.yml bin/kitchen test # Alternatively,
+ $ export KITCHEN_LOCAL_YAML=kitchen.vagrant.yml
+ $ bin/kitchen test
+
+Then run the following commands as needed.
+
+``bin/kitchen converge``
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+Creates the Vagrant instance and runs the ``nginx`` main state, ready for testing.
+
+``bin/kitchen verify``
+^^^^^^^^^^^^^^^^^^^^^^
+
+Runs the ``inspec`` tests on the actual instance.
+
+``bin/kitchen destroy``
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Removes the Vagrant instance.
+
+``bin/kitchen test``
+^^^^^^^^^^^^^^^^^^^^
+
+Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
+
+``bin/kitchen login``
+^^^^^^^^^^^^^^^^^^^^^
+
+Gives you RDP/SSH access to the instance for manual testing.
diff --git a/kitchen.vagrant.yml b/kitchen.vagrant.yml
new file mode 100644
index 0000000..542ba90
--- /dev/null
+++ b/kitchen.vagrant.yml
@@ -0,0 +1,40 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+driver:
+ name: vagrant
+ cache_directory: false
+ customize:
+ usbxhci: 'off'
+ gui: false
+ ssh:
+ shell: /bin/sh
+ <% unless ENV['CI'] %>
+ linked_clone: true
+ synced_folders:
+ - - '.kitchen/kitchen-vagrant/%{instance_name}/vagrant'
+ - '/vagrant'
+ - 'create: true, disabled: false'
+ <% end %>
+
+platforms:
+ - name: freebsd-130-master-py3
+ driver:
+ box: myii/freebsd-13.0-master-py3
+ synced_folders: [] # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255208
+ - name: freebsd-122-master-py3
+ driver:
+ box: myii/freebsd-12.2-master-py3
+ - name: freebsd-114-master-py3
+ driver:
+ box: myii/freebsd-11.4-master-py3
+ - name: freebsd-130-3002-6-py3
+ driver:
+ box: myii/freebsd-13.0-3002.6-py3
+ synced_folders: [] # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255208
+ - name: freebsd-122-3002-6-py3
+ driver:
+ box: myii/freebsd-12.2-3002.6-py3
+ - name: freebsd-114-3002-6-py3
+ driver:
+ box: myii/freebsd-11.4-3002.6-py3
diff --git a/kitchen.yml b/kitchen.yml
index 6ea5972..6a38258 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -8,128 +8,384 @@ driver:
privileged: true
run_command: /lib/systemd/systemd
-# Make sure the platforms listed below match up with
-# the `env.matrix` instances defined in `.travis.yml`
platforms:
+ ## SALT `tiamat`
+ - name: debian-10-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:debian-10
+ - name: debian-9-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:debian-9
+ - name: ubuntu-2004-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:ubuntu-20.04
+ - name: ubuntu-1804-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:ubuntu-18.04
+ - name: centos-8-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:centos-8
+ - name: centos-7-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:centos-7
+ - name: amazonlinux-2-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:amazonlinux-2
+ - name: oraclelinux-8-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:oraclelinux-8
+ - name: oraclelinux-7-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:oraclelinux-7
+ - name: almalinux-8-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:almalinux-8
+ - name: rockylinux-8-tiamat-py3
+ driver:
+ image: saltimages/salt-tiamat-py3:rockylinux-8
+
## SALT `master`
- name: debian-10-master-py3
driver:
image: saltimages/salt-master-py3:debian-10
+ - name: debian-9-master-py3
+ driver:
+ image: saltimages/salt-master-py3:debian-9
+ - name: ubuntu-2004-master-py3
+ driver:
+ image: saltimages/salt-master-py3:ubuntu-20.04
- name: ubuntu-1804-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-18.04
- name: centos-8-master-py3
driver:
image: saltimages/salt-master-py3:centos-8
- - name: fedora-31-master-py3
+ - name: centos-7-master-py3
driver:
- image: saltimages/salt-master-py3:fedora-31
- - name: opensuse-leap-151-master-py3
+ image: saltimages/salt-master-py3:centos-7
+ - name: fedora-34-master-py3
driver:
- image: netmanagers/salt-master-py3:opensuse-leap-15.1
+ image: saltimages/salt-master-py3:fedora-34
+ - name: fedora-33-master-py3
+ driver:
+ image: saltimages/salt-master-py3:fedora-33
+ - name: opensuse-leap-153-master-py3
+ driver:
+ image: saltimages/salt-master-py3:opensuse-leap-15.3
run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-leap-152-master-py3
+ driver:
+ image: saltimages/salt-master-py3:opensuse-leap-15.2
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-tmbl-latest-master-py3
+ driver:
+ image: saltimages/salt-master-py3:opensuse-tumbleweed-latest
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-master-py3
driver:
image: saltimages/salt-master-py3:amazonlinux-2
-
- ## SALT `2019.2`
- - name: debian-10-2019-2-py3
+ - name: oraclelinux-8-master-py3
driver:
- image: saltimages/salt-2019.2-py3:debian-10
- - name: debian-9-2019-2-py3
+ image: saltimages/salt-master-py3:oraclelinux-8
+ - name: oraclelinux-7-master-py3
driver:
- image: saltimages/salt-2019.2-py3:debian-9
- - name: ubuntu-1804-2019-2-py3
+ image: saltimages/salt-master-py3:oraclelinux-7
+ - name: arch-base-latest-master-py3
driver:
- image: saltimages/salt-2019.2-py3:ubuntu-18.04
- - name: centos-8-2019-2-py3
- driver:
- image: saltimages/salt-2019.2-py3:centos-8
- - name: fedora-31-2019-2-py3
- driver:
- image: saltimages/salt-2019.2-py3:fedora-31
- - name: opensuse-leap-151-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:opensuse-leap-15.1
+ image: saltimages/salt-master-py3:arch-base-latest
run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+ - name: gentoo-stage3-latest-master-py3
+ driver:
+ image: saltimages/salt-master-py3:gentoo-stage3-latest
+ run_command: /sbin/init
+ - name: gentoo-stage3-systemd-master-py3
+ driver:
+ image: saltimages/salt-master-py3:gentoo-stage3-systemd
+ - name: almalinux-8-master-py3
+ driver:
+ image: saltimages/salt-master-py3:almalinux-8
+ - name: rockylinux-8-master-py3
+ driver:
+ image: saltimages/salt-master-py3:rockylinux-8
+
+ ## SALT `3003.1`
+ - name: debian-10-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:debian-10
+ - name: debian-9-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:debian-9
+ - name: ubuntu-2004-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:ubuntu-20.04
+ - name: ubuntu-1804-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:ubuntu-18.04
+ - name: centos-8-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:centos-8
+ - name: centos-7-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:centos-7
+ - name: fedora-34-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:fedora-34
+ - name: fedora-33-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:fedora-33
+ - name: opensuse-leap-153-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:opensuse-leap-15.3
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- - name: centos-7-2019-2-py2
+ - name: opensuse-leap-152-3003-1-py3
driver:
- image: netmanagers/salt-2019.2-py2:centos-7
- - name: amazonlinux-2-2019-2-py3
- driver:
- image: saltimages/salt-2019.2-py3:amazonlinux-2
- - name: arch-base-latest-2019-2-py2
- driver:
- image: saltimages/salt-2019.2-py2:arch-base-latest
+ image: saltimages/salt-3003.1-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
-
- ## SALT `2018.3`
- - name: fedora-30-2018-3-py3
- driver:
- image: netmanagers/salt-2018.3-py3:fedora-30
- - name: debian-9-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:debian-9
- - name: ubuntu-1604-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:ubuntu-16.04
- - name: centos-7-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:centos-7
- - name: opensuse-leap-151-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- - name: amazonlinux-1-2018-3-py2
+ - name: opensuse-tmbl-latest-3003-1-py3
driver:
- image: netmanagers/salt-2018.3-py2:amazonlinux-1
- run_command: /sbin/init
- - name: arch-base-latest-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:arch-base-latest
+ image: saltimages/salt-3003.1-py3:opensuse-tumbleweed-latest
run_command: /usr/lib/systemd/systemd
-
- ## SALT `2017.7`
- - name: debian-8-2017-7-py2
- driver:
- image: netmanagers/salt-2017.7-py2:debian-8
- - name: ubuntu-1604-2017-7-py2
- driver:
- image: netmanagers/salt-2017.7-py2:ubuntu-16.04
- - name: centos-6-2017-7-py2
- driver:
- image: netmanagers/salt-2017.7-py2:centos-6
- run_command: /sbin/init
- - name: fedora-30-2017-7-py2
- driver:
- image: netmanagers/salt-2017.7-py2:fedora-30
- - name: opensuse-leap-151-2017-7-py2
- driver:
- image: netmanagers/salt-2017.7-py2:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+ # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- - name: amazonlinux-1-2017-7-py2
+ - name: amazonlinux-2-3003-1-py3
driver:
- image: netmanagers/salt-2017.7-py2:amazonlinux-1
+ image: saltimages/salt-3003.1-py3:amazonlinux-2
+ - name: oraclelinux-8-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:oraclelinux-8
+ - name: oraclelinux-7-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:oraclelinux-7
+ - name: arch-base-latest-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:arch-base-latest
+ run_command: /usr/lib/systemd/systemd
+ - name: gentoo-stage3-latest-3003-1-py3
+ driver:
+ image: saltimages/salt-3003.1-py3:gentoo-stage3-latest
run_command: /sbin/init
- - name: arch-base-latest-2017-7-py2
+ - name: gentoo-stage3-systemd-3003-1-py3
driver:
- image: netmanagers/salt-2017.7-py2:arch-base-latest
+ image: saltimages/salt-3003.1-py3:gentoo-stage3-systemd
+
+ ## SALT `3002.6`
+ - name: debian-10-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:debian-10
+ - name: debian-9-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:debian-9
+ - name: ubuntu-2004-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:ubuntu-20.04
+ - name: ubuntu-1804-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:ubuntu-18.04
+ - name: centos-8-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:centos-8
+ - name: centos-7-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:centos-7
+ - name: fedora-34-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:fedora-34
+ - name: fedora-33-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:fedora-33
+ - name: amazonlinux-2-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:amazonlinux-2
+ - name: oraclelinux-8-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:oraclelinux-8
+ - name: oraclelinux-7-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:oraclelinux-7
+ - name: arch-base-latest-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:arch-base-latest
+ run_command: /usr/lib/systemd/systemd
+ - name: gentoo-stage3-latest-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:gentoo-stage3-latest
+ run_command: /sbin/init
+ - name: gentoo-stage3-systemd-3002-6-py3
+ driver:
+ image: saltimages/salt-3002.6-py3:gentoo-stage3-systemd
+
+ ## SALT `3002.2`
+ - name: opensuse-leap-153-3002-2-py3
+ driver:
+ image: saltimages/salt-3002.2-py3:opensuse-leap-15.3
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-leap-152-3002-2-py3
+ driver:
+ image: saltimages/salt-3002.2-py3:opensuse-leap-15.2
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-tmbl-latest-3002-2-py3
+ driver:
+ image: saltimages/salt-3002.2-py3:opensuse-tumbleweed-latest
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+
+ ## SALT `3001.7`
+ - name: debian-10-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:debian-10
+ - name: debian-9-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:debian-9
+ - name: ubuntu-2004-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:ubuntu-20.04
+ - name: ubuntu-1804-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:ubuntu-18.04
+ - name: centos-8-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:centos-8
+ - name: centos-7-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:centos-7
+ - name: fedora-34-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:fedora-34
+ - name: fedora-33-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:fedora-33
+ - name: opensuse-leap-153-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:opensuse-leap-15.3
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-leap-152-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:opensuse-leap-15.2
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-tmbl-latest-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:opensuse-tumbleweed-latest
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: amazonlinux-2-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:amazonlinux-2
+ - name: oraclelinux-8-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:oraclelinux-8
+ - name: oraclelinux-7-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:oraclelinux-7
+ - name: arch-base-latest-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:arch-base-latest
+ run_command: /usr/lib/systemd/systemd
+ - name: gentoo-stage3-latest-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:gentoo-stage3-latest
+ run_command: /sbin/init
+ - name: gentoo-stage3-systemd-3001-7-py3
+ driver:
+ image: saltimages/salt-3001.7-py3:gentoo-stage3-systemd
+
+ ## SALT `3000.9`
+ - name: debian-10-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:debian-10
+ - name: debian-9-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:debian-9
+ - name: ubuntu-1804-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:ubuntu-18.04
+ - name: centos-8-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:centos-8
+ - name: centos-7-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:centos-7
+ - name: opensuse-leap-153-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:opensuse-leap-15.3
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: opensuse-leap-152-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:opensuse-leap-15.2
+ run_command: /usr/lib/systemd/systemd
+ # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
+ # => SCP did not finish successfully (255): (Net::SCP::Error)
+ transport:
+ max_ssh_sessions: 1
+ - name: amazonlinux-2-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:amazonlinux-2
+ - name: oraclelinux-8-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:oraclelinux-8
+ - name: oraclelinux-7-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:oraclelinux-7
+ - name: gentoo-stage3-latest-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:gentoo-stage3-latest
+ run_command: /sbin/init
+ - name: gentoo-stage3-systemd-3000-9-py3
+ driver:
+ image: saltimages/salt-3000.9-py3:gentoo-stage3-systemd
+ - name: ubuntu-1804-3000-9-py2
+ driver:
+ image: saltimages/salt-3000.9-py2:ubuntu-18.04
+ - name: arch-base-latest-3000-9-py2
+ driver:
+ image: saltimages/salt-3000.9-py2:arch-base-latest
run_command: /usr/lib/systemd/systemd
provisioner:
@@ -153,9 +409,14 @@ verifier:
suites:
- name: default
provisioner:
+ dependencies:
+ - name: test_dep
+ path: test/salt/default/states
state_top:
base:
'*':
+ - test_dep.create_dependency_file
+ - nginx._mapdata
- nginx
pillars:
top.sls:
@@ -167,3 +428,67 @@ suites:
verifier:
inspec_tests:
- path: test/integration/default
+ - name: passenger
+ includes:
+ - debian-10-tiamat-py3
+ - debian-9-tiamat-py3
+ - ubuntu-2004-tiamat-py3
+ - ubuntu-1804-tiamat-py3
+ - centos-8-tiamat-py3
+ - centos-7-tiamat-py3
+ - oraclelinux-8-tiamat-py3
+ - almalinux-8-tiamat-py3
+ - rockylinux-8-tiamat-py3
+ - debian-10-master-py3
+ - debian-9-master-py3
+ - ubuntu-2004-master-py3
+ - ubuntu-1804-master-py3
+ - centos-8-master-py3
+ - centos-7-master-py3
+ - oraclelinux-8-master-py3
+ - almalinux-8-master-py3
+ - rockylinux-8-master-py3
+ - debian-10-3003-1-py3
+ - debian-9-3003-1-py3
+ - ubuntu-2004-3003-1-py3
+ - ubuntu-1804-3003-1-py3
+ - centos-8-3003-1-py3
+ - centos-7-3003-1-py3
+ - oraclelinux-8-3003-1-py3
+ - debian-10-3002-6-py3
+ - debian-9-3002-6-py3
+ - ubuntu-2004-3002-6-py3
+ - ubuntu-1804-3002-6-py3
+ - centos-8-3002-6-py3
+ - centos-7-3002-6-py3
+ - oraclelinux-8-3002-6-py3
+ - debian-10-3001-7-py3
+ - debian-9-3001-7-py3
+ - ubuntu-2004-3001-7-py3
+ - ubuntu-1804-3001-7-py3
+ - centos-8-3001-7-py3
+ - centos-7-3001-7-py3
+ - oraclelinux-8-3001-7-py3
+ - debian-10-3000-9-py3
+ - debian-9-3000-9-py3
+ - ubuntu-1804-3000-9-py3
+ - centos-8-3000-9-py3
+ - centos-7-3000-9-py3
+ - oraclelinux-8-3000-9-py3
+ - ubuntu-1804-3000-9-py2
+ provisioner:
+ state_top:
+ base:
+ '*':
+ - nginx._mapdata
+ - nginx.passenger
+ pillars:
+ top.sls:
+ base:
+ '*':
+ - nginx
+ pillars_from_files:
+ nginx.sls: test/salt/passenger/pillar/nginx.sls
+ verifier:
+ inspec_tests:
+ - path: test/integration/passenger
diff --git a/nginx/_mapdata/_mapdata.jinja b/nginx/_mapdata/_mapdata.jinja
new file mode 100644
index 0000000..aa9649c
--- /dev/null
+++ b/nginx/_mapdata/_mapdata.jinja
@@ -0,0 +1,13 @@
+# yamllint disable rule:indentation rule:line-length
+# {{ grains.get("osfinger", grains.os) }}
+---
+{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
+{{ salt["slsutil.serialize"](
+ "yaml",
+ map,
+ default_flow_style=False,
+ allow_unicode=True,
+ )
+ | regex_replace("^\s+'$", "'", multiline=True)
+ | trim
+}}
diff --git a/nginx/_mapdata/init.sls b/nginx/_mapdata/init.sls
new file mode 100644
index 0000000..650b3e8
--- /dev/null
+++ b/nginx/_mapdata/init.sls
@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+---
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split("/")[0] %}
+{%- from tplroot ~ "/map.jinja" import nginx with context %}
+
+{%- set _mapdata = {
+ "values": nginx,
+ } %}
+{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
+
+{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
+{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
+
+{{ tplroot }}-mapdata-dump:
+ file.managed:
+ - name: {{ output_file }}
+ - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
+ - template: jinja
+ - context:
+ map: {{ _mapdata | yaml }}
diff --git a/nginx/certificates.sls b/nginx/certificates.sls
index 2a8330b..8781045 100644
--- a/nginx/certificates.sls
+++ b/nginx/certificates.sls
@@ -30,6 +30,7 @@ generate_nginx_dhparam_{{ dh_param }}_key:
- creates: {{ certificates_path }}/{{ dh_param }}
- require:
- file: prepare_certificates_path_dir
+ - pkg: generate_nginx_dhparam_{{ dh_param }}_key
- watch_in:
- service: nginx_service
{%- endif %}
diff --git a/nginx/map.jinja b/nginx/map.jinja
index 2238a11..2927150 100644
--- a/nginx/map.jinja
+++ b/nginx/map.jinja
@@ -9,7 +9,7 @@
'Debian': {
'package': 'nginx',
'passenger_package': 'passenger',
- 'passenger_config_file': '/etc/nginx/conf.d/passenger.conf',
+ 'passenger_config_file': '/etc/nginx/conf.d/mod-http-passenger.conf',
'service': 'nginx',
'webuser': 'www-data',
'conf_file': '/etc/nginx/nginx.conf',
@@ -112,6 +112,7 @@
'snippets_dir': '/usr/local/etc/nginx/snippets',
'streams_dir': '/usr/local/etc/nginx/streams',
'server_use_symlink': True,
+ 'openssl_package': 'openssl',
'pid_file': '/var/run/nginx.pid',
},
}, default='Debian' ),
@@ -119,6 +120,7 @@
'install_from_ppa': False,
'install_from_repo': False,
'install_from_phusionpassenger': False,
+ 'check_config_before_apply': False,
'ppa_version': 'stable',
'source_version': '1.10.0',
'source_hash': '8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d',
diff --git a/nginx/passenger.sls b/nginx/passenger.sls
index c6d55bd..ca4156b 100644
--- a/nginx/passenger.sls
+++ b/nginx/passenger.sls
@@ -28,6 +28,7 @@ passenger_install:
- pkg: nginx_install
- require_in:
- service: nginx_service
+ - file: nginx_config
/etc/nginx/passenger.conf:
file.absent:
@@ -49,6 +50,7 @@ passenger_config:
- service: nginx_service
- require_in:
- service: nginx_service
+ - file: nginx_config
- require:
- file: /etc/nginx/passenger.conf
- pkg: passenger_install
diff --git a/nginx/pkg.sls b/nginx/pkg.sls
index 11d91ec..a136e18 100644
--- a/nginx/pkg.sls
+++ b/nginx/pkg.sls
@@ -113,6 +113,22 @@ nginx_zypp_repo:
{% endif %}
{% if salt['grains.get']('os_family') == 'RedHat' %}
+{% if salt['grains.get']('osfinger', '') in ['Amazon Linux-2'] %}
+nginx_epel_repo:
+ pkgrepo.managed:
+ - name: epel
+ - humanname: Extra Packages for Enterprise Linux 7 - $basearch
+ - mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
+ - enabled: 1
+ - gpgcheck: 1
+ - gpgkey: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+ - failovermethod: priority
+ - require_in:
+ - pkg: nginx_install
+ - watch_in:
+ - pkg: nginx_install
+{% endif %}
+
nginx_yum_repo:
pkgrepo:
{%- if from_official %}
@@ -147,7 +163,7 @@ nginx_phusionpassenger_yum_repo:
- baseurl: 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
- repo_gpgcheck: 1
- gpgcheck: 0
- - gpgkey: 'https://packagecloud.io/gpg.key'
+ - gpgkey: 'https://oss-binaries.phusionpassenger.com/yum/definitions/RPM-GPG-KEY.asc'
- enabled: True
- sslverify: 1
- sslcacert: /etc/pki/tls/certs/ca-bundle.crt
diff --git a/nginx/servers.sls b/nginx/servers.sls
index f3033bb..4f26fd4 100644
--- a/nginx/servers.sls
+++ b/nginx/servers.sls
@@ -5,12 +5,11 @@
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ '/map.jinja' import nginx, sls_block with context %}
{%- from tplroot ~ '/servers_config.sls' import server_states with context %}
-{%- from tplroot ~ '/service.sls' import service_function with context %}
{% macro file_requisites(states) %}
- {%- for state in states %}
- - file: {{ state }}
- {%- endfor -%}
+{%- for state in states %}
+ - file: {{ state }}
+{%- endfor -%}
{% endmacro %}
include:
@@ -18,15 +17,14 @@ include:
- nginx.servers_config
{% if server_states|length() > 0 %}
-nginx_service_reload:
- service.{{ service_function }}:
- - name: {{ nginx.lookup.service }}
- - reload: True
- - use:
- - service: nginx_service
- - listen:
- {{ file_requisites(server_states) }}
- - require:
- {{ file_requisites(server_states) }}
- - service: nginx_service
+extend:
+ nginx_service:
+ service:
+ - reload: True
+ - require:
+ - file: nginx_config
+ {{ file_requisites(server_states) }}
+ - listen:
+ - file: nginx_config
+ {{ file_requisites(server_states) }}
{% endif %}
diff --git a/nginx/servers_config.sls b/nginx/servers_config.sls
index aa7d84c..2b87f1d 100644
--- a/nginx/servers_config.sls
+++ b/nginx/servers_config.sls
@@ -10,9 +10,14 @@
{% set server_states = [] %}
{#- _nginx is a lightened copy of nginx map intended to passed in templates #}
{%- set _nginx = nginx.copy() %}
+<<<<<<< HEAD
{%- do _nginx.pop('snippets') %}
{%- do _nginx.pop('streams') %}
{%- do _nginx.pop('servers') %}
+=======
+{%- do _nginx.pop('snippets') if nginx.snippets is defined %}
+{%- do _nginx.pop('servers') if nginx.servers is defined %}
+>>>>>>> 6a42a9bdf84e764cb4b3313ad2b6d95688517dec
# Simple path concatenation.
# Needs work to make this function on windows.
@@ -53,6 +58,7 @@
file.symlink:
{{ sls_block(nginx.servers.symlink_opts) }}
- name: {{ server_path(server, state) }}
+ - makedirs: True
- target: {{ server_path(server, anti_state) }}
{%- else %}
{%- if deleted == True %}
@@ -99,10 +105,6 @@ nginx_server_available_dir:
- clean: {{ nginx.servers.purge_servers_config }}
{%- endif %}
-# Manage the actual server files
-{% for server, settings in nginx.servers.managed.items() %}
-{% endfor %}
-
# Managed enabled/disabled state for servers
{% for server, settings in nginx.servers.managed.items() %}
{% set conf_state_id = 'server_conf_' ~ loop.index0 %}
@@ -110,6 +112,7 @@ nginx_server_available_dir:
{{ conf_state_id }}:
file.absent:
- name: {{ server_curpath(server) }}
+{% do server_states.append(conf_state_id) %}
{% else %}
{% if settings.enabled == True %}
{{ conf_state_id }}:
@@ -126,8 +129,12 @@ nginx_server_available_dir:
}}
- makedirs: True
- template: jinja
- - require_in:
- - service: nginx_service
+ {%- if 'requires' in settings %}
+ - require:
+ {%- for k, v in settings.requires.items() %}
+ - {{ k }}: {{ v }}
+ {%- endfor %}
+ {%- endif %}
{% if 'source_path' not in settings.config %}
- context:
config: {{ settings.config|json(sort_keys=False) }}
@@ -157,9 +164,7 @@ nginx_server_available_dir:
- file: {{ conf_state_id }}
{% endif %}
-{% if 'deleted' not in settings or ( 'deleted' in settings and settings.deleted == False ) %}
{% do server_states.append(status_state_id) %}
-{% endif %}
{%- endif %} {# enabled != available_dir #}
{% endif %}
{% endfor %}
diff --git a/nginx/service.sls b/nginx/service.sls
index 9cbc5cc..adb51f0 100644
--- a/nginx/service.sls
+++ b/nginx/service.sls
@@ -42,3 +42,6 @@ nginx_service:
{% else %}
- pkg: nginx_install
{% endif %}
+{% if nginx.check_config_before_apply %}
+ - onlyif: /usr/sbin/nginx -t
+{% endif %}
diff --git a/nginx/snippets.sls b/nginx/snippets.sls
index 31a0a15..f19905b 100644
--- a/nginx/snippets.sls
+++ b/nginx/snippets.sls
@@ -8,8 +8,8 @@
{#- _nginx is a lightened copy of nginx map intended to passed in templates #}
{%- set _nginx = nginx.copy() %}
-{%- do _nginx.pop('snippets') %}
-{%- do _nginx.pop('servers') %}
+{%- do _nginx.pop('snippets') if nginx.snippets is defined %}
+{%- do _nginx.pop('servers') if nginx.servers is defined %}
nginx_snippets_dir:
file.directory:
@@ -28,4 +28,9 @@ nginx_snippet_{{ snippet }}:
- context:
config: {{ config|json() }}
nginx: {{ _nginx|json() }}
+ - require:
+ - file: nginx_snippets_dir
+ - require_in:
+ - file: nginx_config
+ - service: nginx_service
{% endfor %}
diff --git a/pillar.example b/pillar.example
index 6e56588..24d91a6 100644
--- a/pillar.example
+++ b/pillar.example
@@ -28,6 +28,17 @@ nginx:
source_version: '1.10.0'
source_hash: ''
+ # Check the configuration before applying:
+ # To prevent applying a configuration that might break nginx, set this
+ # parameter to true so the configuration is checked BEFORE applying. If
+ # the check fails, the state will fail and it won't be deployed.
+ # CAVEAT: As the configuration file is created in a temp dir, it can't
+ # have relative references or it will fail to check. You'll need to
+ # specify full paths where required (ie, `include`, `load_module`,
+ # `snippets`, etc.0
+ # Defaults to false
+ check_config_before_apply: false
+
# These are usually set by grains in map.jinja
# Typically you can comment these out.
lookup:
@@ -200,6 +211,18 @@ nginx:
# and None indicates no action
enabled: true
+ # This let's you add dependencies on other resources being applied for a
+ # particular vhost
+ # A common case is when you use this formula together with letsencrypt's,
+ # validating through nginx: you need nginx running (to validate the vhost) but
+ # can't have the ssl vhost up until the certificate is created (because it
+ # won't exist and will make nginx fail to load the configuration)
+ #
+ # An example, when using LE to create the cert for 'some.host.domain':
+ # requires:
+ # cmd: create-initial-cert-some.host.domain
+ requires: {}
+
# Remove the site config file shipped by nginx
# (i.e. '/etc/nginx/sites-available/default' by default)
# It also remove the symlink (if it is exists).
diff --git a/test/integration/default/controls/config.rb b/test/integration/default/controls/config.rb
index fb7d69c..c2845eb 100644
--- a/test/integration/default/controls/config.rb
+++ b/test/integration/default/controls/config.rb
@@ -1,37 +1,52 @@
+# frozen_string_literal: true
+
# Set defaults, use debian as base
-server_available = '/etc/nginx/sites-available'
-server_enabled = '/etc/nginx/sites-enabled'
+# Override by platform family
+server_available, server_enabled =
+ case platform[:family]
+ when 'redhat', 'fedora'
+ %w[/etc/nginx/conf.d /etc/nginx/conf.d]
+ when 'suse'
+ %w[/etc/nginx/vhosts.d /etc/nginx/vhosts.d]
+ when 'bsd'
+ %w[/usr/local/etc/nginx/sites-available /usr/local/etc/nginx/sites-enabled]
+ else
+ %w[/etc/nginx/sites-available /etc/nginx/sites-enabled]
+ end
-# Override by OS
-case os[:name]
-when 'redhat', 'centos', 'fedora'
- server_available = '/etc/nginx/conf.d'
- server_enabled = '/etc/nginx/conf.d'
-when 'opensuse'
- server_available = '/etc/nginx/vhosts.d'
- server_enabled = '/etc/nginx/vhosts.d'
-end
+nginx_conf, snippets_letsencrypt_conf, file_owner, file_group =
+ case platform[:family]
+ when 'bsd'
+ %w[/usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/snippets/letsencrypt.conf
+ root wheel]
+ else
+ %w[/etc/nginx/nginx.conf /etc/nginx/snippets/letsencrypt.conf root root]
+ end
control 'Nginx configuration' do
title 'should match desired lines'
# main configuration
- describe file('/etc/nginx/nginx.conf') do
+ describe file(nginx_conf) do
it { should be_file }
- it { should be_owned_by 'root' }
- it { should be_grouped_into 'root' }
+ it { should be_owned_by file_owner }
+ it { should be_grouped_into file_group }
its('mode') { should cmp '0644' }
- its('content') { should include %Q[ log_format main '$remote_addr - $remote_user [$time_local] $status '
+ its('content') do
+ # rubocop:disable Metrics/LineLength
+ should include %( log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';] }
+ '"$http_user_agent" "$http_x_forwarded_for"';)
+ # rubocop:enable Metrics/LineLength
+ end
end
# snippets configuration
- describe file('/etc/nginx/snippets/letsencrypt.conf') do
+ describe file(snippets_letsencrypt_conf) do
it { should be_file }
- it { should be_owned_by 'root' }
- it { should be_grouped_into 'root' }
+ it { should be_owned_by file_owner }
+ it { should be_grouped_into file_group }
its('mode') { should cmp '0644' }
its('content') { should include 'location ^~ /.well-known/acme-challenge/ {' }
its('content') { should include 'proxy_pass http://localhost:9999;' }
@@ -40,15 +55,14 @@ control 'Nginx configuration' do
# sites configuration
[server_available, server_enabled].each do |dir|
-
- describe file ("#{dir}/default") do
- it { should_not exist }
+ describe file "#{dir}/default" do
+ it { should_not exist }
end
- describe file ("#{dir}/mysite") do
+ describe file "#{dir}/mysite" do
it { should be_file }
- it { should be_owned_by 'root' }
- it { should be_grouped_into 'root' }
+ it { should be_owned_by file_owner }
+ it { should be_grouped_into file_group }
its('mode') { should cmp '0644' }
its('content') { should include 'server_name localhost;' }
its('content') { should include 'listen 80 default_server;' }
@@ -57,6 +71,16 @@ control 'Nginx configuration' do
its('content') { should include 'try_files $uri $uri/ =404;' }
its('content') { should include 'include snippets/letsencrypt.conf;' }
end
-
+ describe file "#{dir}/mysite_with_require" do
+ it { should be_file }
+ it { should be_owned_by file_owner }
+ it { should be_grouped_into file_group }
+ its('mode') { should cmp '0644' }
+ its('content') { should include 'server_name with-deps;' }
+ its('content') { should include 'listen 80;' }
+ its('content') { should include 'index index.html index.htm;' }
+ its('content') { should include 'location ~ .htm {' }
+ its('content') { should include 'try_files $uri $uri/ =404;' }
+ end
end
end
diff --git a/test/integration/default/controls/file.rb b/test/integration/default/controls/file.rb
new file mode 100644
index 0000000..57151af
--- /dev/null
+++ b/test/integration/default/controls/file.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+control 'Dependency test file' do
+ title 'should exist'
+
+ describe file('/tmp/created_to_test_dependencies') do
+ it { should be_file }
+ end
+end
diff --git a/test/integration/default/controls/install.rb b/test/integration/default/controls/install.rb
index 49aea2e..5aa8d0e 100644
--- a/test/integration/default/controls/install.rb
+++ b/test/integration/default/controls/install.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
control 'Nginx package' do
title 'should be installed'
diff --git a/test/integration/default/controls/service.rb b/test/integration/default/controls/service.rb
index 5dad48c..605e936 100644
--- a/test/integration/default/controls/service.rb
+++ b/test/integration/default/controls/service.rb
@@ -1,7 +1,10 @@
+# frozen_string_literal: true
+
control 'Nginx service' do
title 'should be running and enabled'
describe service('nginx') do
+ it { should be_installed }
it { should be_enabled }
it { should be_running }
end
diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml
index bd6a065..987eb15 100644
--- a/test/integration/default/inspec.yml
+++ b/test/integration/default/inspec.yml
@@ -6,6 +6,9 @@ title: nginx formula
maintainer: SaltStack Formulas
license: Apache-2.0
summary: Verify that the nginx formula is setup and configured correctly
+depends:
+ - name: share
+ path: test/integration/share
supports:
- platform-name: debian
- platform-name: ubuntu
@@ -14,5 +17,11 @@ supports:
- platform-name: opensuse
- platform-name: suse
- platform-name: freebsd
+ - platform-name: openbsd
- platform-name: amazon
+ - platform-name: oracle
- platform-name: arch
+ - platform-name: gentoo
+ - platform-name: almalinux
+ - platform-name: rocky
+ - platform: windows
diff --git a/test/integration/passenger/README.md b/test/integration/passenger/README.md
new file mode 100644
index 0000000..66fa3cd
--- /dev/null
+++ b/test/integration/passenger/README.md
@@ -0,0 +1,50 @@
+# InSpec Profile: `passenger`
+
+This shows the implementation of the `passenger` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+
+## Verify a profile
+
+InSpec ships with built-in features to verify a profile structure.
+
+```bash
+$ inspec check passenger
+Summary
+-------
+Location: passenger
+Profile: profile
+Controls: 4
+Timestamp: 2019-06-24T23:09:01+00:00
+Valid: true
+
+Errors
+------
+
+Warnings
+--------
+```
+
+## Execute a profile
+
+To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
+
+```bash
+$ inspec exec passenger
+..
+
+Finished in 0.0025 seconds (files took 0.12449 seconds to load)
+8 examples, 0 failures
+```
+
+## Execute a specific control from a profile
+
+To run one control from the profile use `inspec exec /path/to/profile --controls name`.
+
+```bash
+$ inspec exec passenger --controls package
+.
+
+Finished in 0.0025 seconds (files took 0.12449 seconds to load)
+1 examples, 0 failures
+```
+
+See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
diff --git a/test/integration/passenger/controls/config.rb b/test/integration/passenger/controls/config.rb
new file mode 100644
index 0000000..177a8dc
--- /dev/null
+++ b/test/integration/passenger/controls/config.rb
@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+# Set defaults, use debian as base
+
+# Override by OS Family
+case platform[:family]
+when 'redhat', 'centos', 'fedora'
+ server_available = '/etc/nginx/conf.d'
+ server_enabled = '/etc/nginx/conf.d'
+ passenger_mod = '/usr/lib64/nginx/modules/ngx_http_passenger_module.so'
+ passenger_root = '/usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini'
+ passenger_config_file = '/etc/nginx/conf.d/passenger.conf'
+ should_not_exist_file = '/etc/nginx/conf.d/mod-http-passenger.conf'
+when 'debian', 'ubuntu'
+ server_available = '/etc/nginx/sites-available'
+ server_enabled = '/etc/nginx/sites-enabled'
+ passenger_mod = '/usr/lib/nginx/modules/ngx_http_passenger_module.so'
+ passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini'
+ passenger_config_file = '/etc/nginx/conf.d/mod-http-passenger.conf'
+ should_not_exist_file = '/etc/nginx/conf.d/passenger.conf'
+end
+
+control 'Passenger configuration' do
+ title 'should match desired lines'
+
+ # main configuration
+ describe file('/etc/nginx/nginx.conf') do
+ its('content') { should include "load_module #{passenger_mod}" }
+ end
+
+ describe file(passenger_config_file) do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'root' }
+ its('mode') { should cmp '0644' }
+ its('content') { should include "passenger_root #{passenger_root};" }
+ its('content') { should include 'passenger_ruby /usr/bin/ruby;' }
+ end
+
+ describe file(should_not_exist_file) do
+ it { should_not exist }
+ end
+
+ # sites configuration
+ [server_available, server_enabled].each do |dir|
+ describe file "#{dir}/default" do
+ it { should_not exist }
+ end
+
+ describe file "#{dir}/mysite" do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'root' }
+ its('mode') { should cmp '0644' }
+ its('content') { should include 'passenger_enabled on;' }
+ end
+ end
+end
diff --git a/test/integration/passenger/controls/install.rb b/test/integration/passenger/controls/install.rb
new file mode 100644
index 0000000..bbba8cb
--- /dev/null
+++ b/test/integration/passenger/controls/install.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+control 'Nginx package' do
+ title 'should be installed'
+
+ describe package('nginx') do
+ it { should be_installed }
+ end
+end
+
+control 'Passenger packages' do
+ title 'should be installed'
+
+ # Override by OS Family
+ passenger_mod_pkg = case platform[:family]
+ when 'redhat', 'centos', 'fedora'
+ 'nginx-mod-http-passenger'
+ when 'debian', 'ubuntu'
+ 'libnginx-mod-http-passenger'
+ end
+
+ describe package('passenger') do
+ it { should be_installed }
+ end
+ describe package(passenger_mod_pkg) do
+ it { should be_installed }
+ end
+end
diff --git a/test/integration/passenger/controls/service.rb b/test/integration/passenger/controls/service.rb
new file mode 100644
index 0000000..b4af800
--- /dev/null
+++ b/test/integration/passenger/controls/service.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+control 'Nginx service' do
+ title 'should be running and enabled'
+
+ describe service('nginx') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+end
+
+control 'Passenger module' do
+ title 'should be running and enabled'
+
+ describe 'Passenger engine' do
+ it 'passenger-config should say configuration "looks good"' do
+ expect(command(
+ '/usr/bin/passenger-config validate-install --auto'
+ ).stdout).to match(/looks good/)
+ end
+
+ it 'passenger-memory-stats should return Passenger stats' do
+ expect(command('/usr/sbin/passenger-memory-stats').stdout).to match(
+ %r{nginx: master process /usr/sbin/nginx.*Passenger watchdog.*Passenger core.*}m
+ )
+ end
+ end
+end
diff --git a/test/integration/passenger/inspec.yml b/test/integration/passenger/inspec.yml
new file mode 100644
index 0000000..19741ce
--- /dev/null
+++ b/test/integration/passenger/inspec.yml
@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: passenger
+title: nginx formula
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the nginx formula is setup and configured correctly
+depends:
+ - name: share
+ path: test/integration/share
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
+ - platform-name: fedora
+ - platform-name: opensuse
+ - platform-name: suse
+ - platform-name: freebsd
+ - platform-name: openbsd
+ - platform-name: amazon
+ - platform-name: oracle
+ - platform-name: arch
+ - platform-name: gentoo
+ - platform-name: almalinux
+ - platform-name: rocky
+ - platform: windows
diff --git a/test/integration/share/README.md b/test/integration/share/README.md
new file mode 100644
index 0000000..5c5785b
--- /dev/null
+++ b/test/integration/share/README.md
@@ -0,0 +1,22 @@
+# InSpec Profile: `share`
+
+This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+
+Its goal is to share the libraries between all profiles.
+
+## Libraries
+
+### `system`
+
+The `system` library provides easy access to system dependent information:
+
+- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
+ - `system.platform[:family]` provide a family name for Arch and Gentoo
+ - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
+ - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows:
+ - `Arch` is always `base-latest`
+ - `Amazon Linux` release `2018` is resolved as `1`
+ - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
+ - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format
+ - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
+ - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)
diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml
new file mode 100644
index 0000000..ee20080
--- /dev/null
+++ b/test/integration/share/inspec.yml
@@ -0,0 +1,24 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: share
+title: InSpec shared resources
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: shared resources
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
+ - platform-name: fedora
+ - platform-name: opensuse
+ - platform-name: suse
+ - platform-name: freebsd
+ - platform-name: openbsd
+ - platform-name: amazon
+ - platform-name: oracle
+ - platform-name: arch
+ - platform-name: gentoo
+ - platform-name: almalinux
+ - platform-name: rocky
+ - platform: windows
diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb
new file mode 100644
index 0000000..87daf08
--- /dev/null
+++ b/test/integration/share/libraries/system.rb
@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+# system.rb -- InSpec resources for system values
+# Author: Daniel Dehennin
+# Copyright (C) 2020 Daniel Dehennin
+
+class SystemResource < Inspec.resource(1)
+ name 'system'
+
+ attr_reader :platform
+
+ def initialize
+ super
+ @platform = build_platform
+ end
+
+ private
+
+ def build_platform
+ {
+ family: build_platform_family,
+ name: build_platform_name,
+ release: build_platform_release,
+ finger: build_platform_finger
+ }
+ end
+
+ def build_platform_family
+ case inspec.platform[:name]
+ when 'arch', 'gentoo'
+ inspec.platform[:name]
+ else
+ inspec.platform[:family]
+ end
+ end
+
+ def build_platform_name
+ case inspec.platform[:name]
+ when 'amazon', 'oracle', 'rocky'
+ "#{inspec.platform[:name]}linux"
+ when /^windows_/
+ inspec.platform[:family]
+ else
+ inspec.platform[:name]
+ end
+ end
+
+ # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
+ def build_platform_release
+ case inspec.platform[:name]
+ when 'amazon'
+ # `2018` relase is named `1` in kitchen.yaml
+ inspec.platform[:release].gsub(/2018.*/, '1')
+ when 'arch'
+ 'base-latest'
+ when 'gentoo'
+ "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
+ when 'opensuse'
+ # rubocop:disable Style/NumericLiterals,Layout/LineLength
+ inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release]
+ # rubocop:enable Style/NumericLiterals,Layout/LineLength
+ when 'windows_8.1_pro'
+ '8.1'
+ when 'windows_server_2019_datacenter'
+ '2019-server'
+ when 'windows_server_2016_datacenter'
+ '2016-server'
+ else
+ inspec.platform[:release]
+ end
+ end
+ # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
+
+ def derive_gentoo_init_system
+ inspec.command('systemctl').exist? ? 'sysd' : 'sysv'
+ end
+
+ def build_platform_finger
+ "#{build_platform_name}-#{build_finger_release}"
+ end
+
+ def build_finger_release
+ case inspec.platform[:name]
+ when 'ubuntu'
+ build_platform_release.split('.').slice(0, 2).join('.')
+ else
+ build_platform_release.split('.')[0]
+ end
+ end
+end
diff --git a/test/salt/default/pillar/nginx.sls b/test/salt/default/pillar/nginx.sls
index ef6ccfa..84afe98 100644
--- a/test/salt/default/pillar/nginx.sls
+++ b/test/salt/default/pillar/nginx.sls
@@ -37,6 +37,19 @@ nginx:
- location ~ .htm:
- try_files: '$uri $uri/ =404'
- include: 'snippets/letsencrypt.conf'
+ mysite_with_require:
+ enabled: true
+ config:
+ - server:
+ - server_name: with-deps
+ - listen:
+ - '80'
+ - index: 'index.html index.htm'
+ - location ~ .htm:
+ - try_files: '$uri $uri/ =404'
+ requires:
+ file: created_to_test_dependencies
+
dh_param:
'mydhparam2.pem':
keysize: 2048
diff --git a/test/salt/default/states/test_dep/create_dependency_file.sls b/test/salt/default/states/test_dep/create_dependency_file.sls
new file mode 100644
index 0000000..e242927
--- /dev/null
+++ b/test/salt/default/states/test_dep/create_dependency_file.sls
@@ -0,0 +1,6 @@
+## this state creates a file that is used to test vhosts dependencies
+# (see https://github.com/saltstack-formulas/nginx-formula/pull/278)
+
+created_to_test_dependencies:
+ file.managed:
+ - name: /tmp/created_to_test_dependencies
diff --git a/test/salt/passenger/pillar/nginx.sls b/test/salt/passenger/pillar/nginx.sls
new file mode 100644
index 0000000..c8d90d4
--- /dev/null
+++ b/test/salt/passenger/pillar/nginx.sls
@@ -0,0 +1,60 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+# Simple pillar setup
+# - remove 'default' site
+# - create 'mysite' site
+
+{%- if grains.os_family in ('RedHat',) %}
+ {%- set passenger_pkg = 'nginx-mod-http-passenger' %}
+ {%- set passenger_mod = '/usr/lib64/nginx/modules/ngx_http_passenger_module.so' %}
+{%- else %}
+ {%- set passenger_pkg = 'libnginx-mod-http-passenger' %}
+ {%- set passenger_mod = '/usr/lib/nginx/modules/ngx_http_passenger_module.so' %}
+{%- endif %}
+
+nginx:
+ check_config_before_apply: true
+
+ install_from_phusionpassenger: true
+ lookup:
+ passenger_package: {{ passenger_pkg }}
+
+ server:
+ config:
+ # This is required to get the passenger module loaded
+ # In Debian it can be done with this
+ # include: 'modules-enabled/*.conf'
+ load_module: {{ passenger_mod }}
+
+ worker_processes: 4
+ http:
+ ### module ngx_http_log_module example
+ log_format: |-
+ main '$remote_addr - $remote_user [$time_local] $status '
+ '"$request" $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"'
+ include:
+ - /etc/nginx/mime.types
+ - /etc/nginx/conf.d/*.conf
+ - /etc/nginx/sites-enabled/*
+
+ servers:
+ managed:
+ default:
+ deleted: true
+ enabled: false
+ config: {}
+
+ mysite:
+ enabled: true
+ config:
+ - server:
+ - passenger_enabled: 'on'
+
+ - server_name: localhost
+ - listen:
+ - '80 default_server'
+ - index: 'index.html index.htm'
+ - location ~ .htm:
+ - try_files: '$uri $uri/ =404'