Merge pull request #278 from netmanagers/master

feat(servers_config): add require statement to manage dependencies
This commit is contained in:
Javier Bértoli 2021-04-28 11:43:14 -03:00 committed by GitHub
commit 6ec5bf2916
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 65 additions and 6 deletions

View File

@ -373,9 +373,13 @@ verifier:
suites:
- name: default
provisioner:
dependencies:
- name: test_dep
path: test/salt/default/states
state_top:
base:
'*':
- test_dep.create_dependency_file
- nginx._mapdata
- nginx
pillars:

View File

@ -31,6 +31,3 @@ nginx_config:
- context:
config: {{ nginx.server.config|json(sort_keys=False) }}
{% endif %}
{% if nginx.check_config_before_apply %}
- check_cmd: /usr/sbin/nginx -t -c
{% endif %}

View File

@ -123,6 +123,12 @@ nginx_server_available_dir:
}}
- makedirs: True
- template: jinja
{%- if 'requires' in settings %}
- require:
{%- for k, v in settings.requires.items() %}
- {{ k }}: {{ v }}
{%- endfor %}
{%- endif %}
{% if 'source_path' not in settings.config %}
- context:
config: {{ settings.config|json(sort_keys=False) }}

View File

@ -42,3 +42,6 @@ nginx_service:
{% else %}
- pkg: nginx_install
{% endif %}
{% if nginx.check_config_before_apply %}
- only_if: /usr/sbin/nginx -t
{% endif %}

View File

@ -202,6 +202,18 @@ nginx:
# and None indicates no action
enabled: true
# This let's you add dependencies on other resources being applied for a
# particular vhost
# A common case is when you use this formula together with letsencrypt's,
# validating through nginx: you need nginx running (to validate the vhost) but
# can't have the ssl vhost up until the certificate is created (because it
# won't exist and will make nginx fail to load the configuration)
#
# An example, when using LE to create the cert for 'some.host.domain':
# requires:
# cmd: create-initial-cert-some.host.domain
requires: {}
# Remove the site config file shipped by nginx
# (i.e. '/etc/nginx/sites-available/default' by default)
# It also remove the symlink (if it is exists).

View File

@ -71,5 +71,16 @@ control 'Nginx configuration' do
its('content') { should include 'try_files $uri $uri/ =404;' }
its('content') { should include 'include snippets/letsencrypt.conf;' }
end
describe file "#{dir}/mysite_with_require" do
it { should be_file }
it { should be_owned_by file_owner }
it { should be_grouped_into file_group }
its('mode') { should cmp '0644' }
its('content') { should include 'server_name with-deps;' }
its('content') { should include 'listen 80;' }
its('content') { should include 'index index.html index.htm;' }
its('content') { should include 'location ~ .htm {' }
its('content') { should include 'try_files $uri $uri/ =404;' }
end
end
end

View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
control 'Dependency test file' do
title 'should exist'
describe file('/tmp/created_to_test_dependencies') do
it { should be_file }
end
end

View File

@ -37,6 +37,19 @@ nginx:
- location ~ .htm:
- try_files: '$uri $uri/ =404'
- include: 'snippets/letsencrypt.conf'
mysite_with_require:
enabled: true
config:
- server:
- server_name: with-deps
- listen:
- '80'
- index: 'index.html index.htm'
- location ~ .htm:
- try_files: '$uri $uri/ =404'
requires:
file: created_to_test_dependencies
dh_param:
'mydhparam2.pem':
keysize: 2048

View File

@ -0,0 +1,6 @@
## this state creates a file that is used to test vhosts dependencies
# (see https://github.com/saltstack-formulas/nginx-formula/pull/278)
created_to_test_dependencies:
file.managed:
- name: /tmp/created_to_test_dependencies

View File

@ -26,7 +26,6 @@ nginx:
- location ^~ /.well-known/acme-challenge/:
- proxy_pass: http://localhost:9999
server:
config:
# This is required to get the passenger module loaded
# In Debian it can be done with this
@ -64,5 +63,4 @@ nginx:
- index: 'index.html index.htm'
- location ~ .htm:
- try_files: '$uri $uri/ =404'
# - include: '/etc/nginx/snippets/letsencrypt.conf'
- include: 'snippets/letsencrypt.conf'
- include: '/etc/nginx/snippets/letsencrypt.conf'