From 0d192b392843adf070c7a29586a31c1b6374c876 Mon Sep 17 00:00:00 2001 From: Ari Lerner Date: Wed, 21 Aug 2013 12:01:37 -0700 Subject: [PATCH 1/3] Moving package to be on the top-level, instead of one level down --- nginx/init.sls | 107 --------------------------- nginx/templates/config.jinja | 58 --------------- nginx/templates/upstart-logger.jinja | 19 ----- nginx/templates/upstart.jinja | 8 -- nginx/users.sls | 21 ------ 5 files changed, 213 deletions(-) delete mode 100644 nginx/init.sls delete mode 100644 nginx/templates/config.jinja delete mode 100644 nginx/templates/upstart-logger.jinja delete mode 100644 nginx/templates/upstart.jinja delete mode 100644 nginx/users.sls diff --git a/nginx/init.sls b/nginx/init.sls deleted file mode 100644 index 75c1380..0000000 --- a/nginx/init.sls +++ /dev/null @@ -1,107 +0,0 @@ -include: - - nginx.users - -{% for filename in ('default', 'example_ssl') %} -/etc/nginx/conf.d/{{ filename }}.conf: - file.absent -{% endfor %} - -/etc/nginx/nginx.conf: - file: - - managed - - template: jinja - - user: root - - group: root - - mode: 440 - - source: salt://nginx/templates/config.jinja - - require: - - pkg: nginx - -nginx-old-init: - file: - - rename - - name: /usr/share/nginx/init.d - - source: /etc/init.d/nginx - - require: - - pkg: nginx - cmd: - - wait - - name: dpkg-divert --divert /usr/share/nginx/init.d --add /etc/init.d/nginx - - require: - - module: nginx-old-init - - watch: - - file: nginx-old-init - module: - - wait - - name: cmd.run - - cmd: kill `cat /var/run/nginx.pid` - - watch: - - file: nginx-old-init - -nginx-old-init-disable: - cmd: - - wait - - name: update-rc.d -f nginx remove - - require: - - module: nginx-old-init - - watch: - - file: nginx-old-init - -{% set logger_types = ('access', 'error') %} - -{% for log_type in logger_types %} -/var/log/nginx/{{ log_type }}.log: - file.absent - -nginx-logger-{{ log_type }}: - file: - - managed - - name: /etc/init/nginx-logger-{{ log_type }}.conf - - template: jinja - - user: root - - group: root - - mode: 440 - - source: salt://nginx/templates/upstart-logger.jinja - - context: - type: {{ log_type }} - service: - - running - - enable: True - - require: - - file: nginx-logger-{{ log_type }} - - pkg: nginx -{% endfor %} - -/etc/logrotate.d/nginx: - file: - - absent - -nginx: - pkg: - - installed - - name: nginx - file: - - managed - - name: /etc/init/nginx.conf - - template: jinja - - user: root - - group: root - - mode: 440 - - source: salt://nginx/templates/upstart.jinja - - require: - - pkg: nginx - - file: nginx-old-init - - module: nginx-old-init - service: - - running - - enable: True - - watch: - - file: nginx - - file: /etc/nginx/nginx.conf - - file: /etc/nginx/conf.d/default.conf - - file: /etc/nginx/conf.d/example_ssl.conf - - pkg: nginx - - require: -{% for log_type in logger_types %} - - service: nginx-logger-{{ log_type }} -{% endfor %} diff --git a/nginx/templates/config.jinja b/nginx/templates/config.jinja deleted file mode 100644 index 693be56..0000000 --- a/nginx/templates/config.jinja +++ /dev/null @@ -1,58 +0,0 @@ -{% set nginx = pillar.get('nginx', {}) -%} -{% set user = nginx.get('user', 'www-data') -%} -{% set group = nginx.get('group', 'www-data') -%} -user {{ user }} {{ group }}; -worker_processes {{ nginx.get('worker_processes', 1) }}; - -error_log /var/log/nginx/error.fifo warn; -pid {{ nginx.get('pid', '/var/run/nginx.pid') }}; -daemon {{ nginx.get('daemon', 'off') }}; - -events { - worker_connections {{ nginx.get('events', {}).get('worker_connections', 1024) }}; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - log_format main '$scheme://$host:$server_port$uri$is_args$args $remote_addr:$remote_user "$request" $request_time $request_length:$bytes_sent $status "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'; - access_log /var/log/nginx/access.fifo main; - sendfile {{ nginx.get('sendfile', 'on') }}; - #tcp_nopush on; - keepalive_timeout {{ nginx.get('keepalive_timeout', 65) }}; - server_names_hash_bucket_size {{ nginx.get('server_names_hash_bucket_size', 128) }}; - server_names_hash_max_size {{ nginx.get('server_names_hash_max_size', 1024) }}; - types_hash_max_size {{ nginx.get('types_hash_max_size', 8192) }}; - - gzip {{ nginx.get('gzip', 'on') }}; - gzip_vary {{ nginx.get('gzip_vary', 'on') }}; - gzip_proxied {{ nginx.get('gzip_proxied', 'any') }}; - gzip_comp_level {{ nginx.get('gzip_comp_level', 6) }}; - gzip_buffers {{ nginx.get('gzip_buffers', '16 8k') }}; - gzip_http_version {{ nginx.get('gzip_http_version', '1.1') }}; - gzip_types {{ nginx.get('gzip_types', ['text/plain', 'text/css', 'application/json', 'application/x-javascript', 'text/xml', 'application/xml', 'application/xml+rss', 'text/javascript'])|join(' ') }}; - - # turn on nginx_status on localhost - server { - listen 127.0.0.1:80; - server_name 127.0.0.1; - location /nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - } -{% if pillar['nginx'] is defined -%} -{% if pillar['nginx']['redirect_numeric_ip']|default(False) %} - server { - server_name {% for ip in salt['network.interfaces']()['eth0']['inet'] %}{{ ip['address'] }}:80{% if not loop.last %} {% endif %}{% endfor %}; - return 302 {{ pillar['nginx']['redirect_numeric_ip'] }}; - access_log off; - } -{% endif %} -{% endif %} - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*.conf; -} diff --git a/nginx/templates/upstart-logger.jinja b/nginx/templates/upstart-logger.jinja deleted file mode 100644 index e5356ad..0000000 --- a/nginx/templates/upstart-logger.jinja +++ /dev/null @@ -1,19 +0,0 @@ -# {{ pillar['message_do_not_modify'] }} -# startup script for Nginx loggers - -start on starting nginx -stop on runlevel [!2345] - -respawn - -pre-start script - if [ ! -r /var/log/nginx/{{ type }}.fifo ]; then - mkfifo /var/log/nginx/{{ type }}.fifo - chown root.root /var/log/nginx/{{ type }}.fifo - chmod 660 /var/log/nginx/{{ type }}.fifo - fi -end script - -emits nginx-logger-{{ type }} - -exec logger -f /var/log/nginx/{{ type }}.fifo -t nginx -p {% if type == 'error' %}warn{% else %}debug{% endif %} diff --git a/nginx/templates/upstart.jinja b/nginx/templates/upstart.jinja deleted file mode 100644 index 3257cbe..0000000 --- a/nginx/templates/upstart.jinja +++ /dev/null @@ -1,8 +0,0 @@ -# startup script for Nginx - -respawn - -start on filesystem or runlevel [2345] -stop on runlevel [!2345] - -exec /usr/sbin/nginx -c /etc/nginx/nginx.conf diff --git a/nginx/users.sls b/nginx/users.sls deleted file mode 100644 index 1d820bc..0000000 --- a/nginx/users.sls +++ /dev/null @@ -1,21 +0,0 @@ -{% set nginx = pillar.get('nginx', {}) -%} -{% set htauth = nginx.get('htpasswd', '/etc/nginx/.htpasswd') -%} - -htpasswd: - pkg.installed: - - name: apache2-utils - -{% for name, user in pillar.get('users', {}).items() %} -{% if user['webauth'] is defined -%} - -nginx_user_{{name}}: - module.run: - - name: basicauth.adduser - - user: {{ name }} - - passwd: {{ user['webauth'] }} - - path: {{ htauth }} - - require: - - pkg: htpasswd - -{% endif -%} -{% endfor %} \ No newline at end of file From eb2bc62f5ae9152078d288a18b15d39e3797ffcd Mon Sep 17 00:00:00 2001 From: Ari Lerner Date: Wed, 21 Aug 2013 12:01:51 -0700 Subject: [PATCH 2/3] Updated structure as well as added package and source --- common.sls | 72 +++++++++++++ init.sls | 8 ++ luajit2.sls | 16 +++ openresty.sls | 31 ++++++ package.sls | 60 +++++++++++ source.sls | 180 +++++++++++++++++++++++++++++++++ templates/config.jinja | 58 +++++++++++ templates/upstart-logger.jinja | 19 ++++ templates/upstart.jinja | 8 ++ users.sls | 21 ++++ 10 files changed, 473 insertions(+) create mode 100644 common.sls create mode 100644 init.sls create mode 100644 luajit2.sls create mode 100644 openresty.sls create mode 100644 package.sls create mode 100644 source.sls create mode 100644 templates/config.jinja create mode 100644 templates/upstart-logger.jinja create mode 100644 templates/upstart.jinja create mode 100644 users.sls diff --git a/common.sls b/common.sls new file mode 100644 index 0000000..a096c48 --- /dev/null +++ b/common.sls @@ -0,0 +1,72 @@ +include: + - nrpe + +/usr/share/nginx: + file: + - directory + +{% for filename in ('default', 'example_ssl') %} +/etc/nginx/conf.d/{{ filename }}.conf: + file.absent +{% endfor %} + +{% set logger_types = ('access', 'error') %} + +{% for log_type in logger_types %} +/var/log/nginx/{{ log_type }}.log: + file.absent + +nginx-logger-{{ log_type }}: + file: + - managed + - name: /etc/init/nginx-logger-{{ log_type }}.conf + - template: jinja + - user: root + - group: root + - mode: 440 + - source: salt://nginx/templates/upstart_logger.jinja + - context: + type: {{ log_type }} + service: + - running + - enable: True + - require: + - file: nginx-logger-{{ log_type }} + - require_in: + - service: nginx +{% endfor %} + +/etc/logrotate.d/nginx: + file: + - absent + +{% for dir in ['sites-available', 'sites-enabled'] -%} +/etc/nginx/{{ dir }}: + file.directory: + - user: www-data + - group: www-data + - mode: 0755 +{% endfor -%} + +/etc/nginx: + file.directory: + - user: root + - group: root + +/etc/nginx/nginx.conf: + file: + - managed + - template: jinja + - user: root + - group: root + - mode: 440 + - source: salt://nginx/templates/config.jinja + - require: + - file: /etc/nginx + +{% for dir in ('sites-enabled', 'sites-available') %} +/etc/nginx/{{ dir }}: + file.directory: + - user: root + - group: root +{% endfor -%} diff --git a/init.sls b/init.sls new file mode 100644 index 0000000..0d47ea5 --- /dev/null +++ b/init.sls @@ -0,0 +1,8 @@ +include: + - nginx.common + - nginx.users + # To install from a package + # If you want to install from source + # simply replace this comment + - nginx.package + diff --git a/luajit2.sls b/luajit2.sls new file mode 100644 index 0000000..e24459f --- /dev/null +++ b/luajit2.sls @@ -0,0 +1,16 @@ +{% set nginx = pillar.get('nginx', {}) -%} +{% set home = nginx.get('home', '/var/www') -%} +{% set source = nginx.get('source_root', '/usr/local/src') -%} + +get-luajit2: + file.managed: + - name: {{ source }}/luajit.tar.gz + - source: http://luajit.org/download/LuaJIT-2.0.1.tar.gz + - source_hash: sha1=330492aa5366e4e60afeec72f15e44df8a794db5 + cmd.wait: + - cwd: {{ nginx_home }} + - name: tar -zxf {{ source }}/luajit.tar.gz -C {{ source }} + - watch: + - file: get-luajit2 + - require_in: + - cmd: nginx \ No newline at end of file diff --git a/openresty.sls b/openresty.sls new file mode 100644 index 0000000..fc51a17 --- /dev/null +++ b/openresty.sls @@ -0,0 +1,31 @@ +{% set nginx = pillar.get('nginx', {}) -%} +{% set home = nginx.get('home', '/var/www') -%} +{% set source = nginx.get('source_root', '/usr/local/src') -%} + +{% set openresty = nginx.get('openresty', {}) -%} +{% set openresty_version = openresty.get('version', '1.2.7.8') -%} +{% set openresty_checksum = openresty.get('checksum', 'sha1=f8bee501529ffec33f9cabc00ea4ca512a8d7b59') -%} +{% set openresty_package = source + '/openresty-' + openresty_version + '.tar.gz' -%} + +get-openresty: + file.managed: + - name: {{ openresty_package }} + - source: http://openresty.org/download/ngx_openresty-{{ openresty_version }}.tar.gz + - source_hash: {{ openresty_checksum }} + cmd.wait: + - cwd: {{ source }} + - name: tar -zxf {{ openresty_package }} -C {{ home }} + - watch: + - file: get-openresty + +install_openresty: + cmd.wait: + - cwd: {{ home }}/ngx_openresty-{{ openresty_version }} + - names: + - ./configure --with-luajit \ + --with-http_drizzle_module \ + --with-http_postgres_module \ + --with-http_iconv_module + - make && make install + - watch: + - cmd: get-openresty diff --git a/package.sls b/package.sls new file mode 100644 index 0000000..56e992c --- /dev/null +++ b/package.sls @@ -0,0 +1,60 @@ + +nginx-old-init: + file: + - rename + - name: /usr/share/nginx/init.d + - source: /etc/init.d/nginx + - require_in: + - file: nginx + cmd: + - wait + - name: dpkg-divert --divert /usr/share/nginx/init.d --add /etc/init.d/nginx + - require: + - module: nginx-old-init + - watch: + - file: nginx-old-init + - require_in: + - file: nginx + module: + - wait + - name: cmd.run + - cmd: kill `cat /var/run/nginx.pid` + - watch: + - file: nginx-old-init + - require_in: + - file: nginx + +nginx-old-init-disable: + cmd: + - wait + - name: update-rc.d -f nginx remove + - require: + - module: nginx-old-init + - watch: + - file: nginx-old-init + +nginx: + pkg.installed: + - name: nginx + file: + - managed + - name: /etc/init/nginx.conf + - template: jinja + - user: root + - group: root + - mode: 440 + - source: salt://nginx/templates/upstart.jinja + - require: + - pkg: nginx + - file: nginx-old-init + - module: nginx-old-init + service: + - running + - enable: True + - restart: True + - watch: + - file: nginx + - file: /etc/nginx/nginx.conf + - file: /etc/nginx/conf.d/default.conf + - file: /etc/nginx/conf.d/example_ssl.conf + - pkg: nginx \ No newline at end of file diff --git a/source.sls b/source.sls new file mode 100644 index 0000000..5a061d3 --- /dev/null +++ b/source.sls @@ -0,0 +1,180 @@ +include: + - nginx.common + +{% set nginx = pillar.get('nginx', {}) -%} +{% set version = nginx.get('version', '1.5.2') -%} +{% set checksum = nginx.get('checksum', 'sha1=3546be28a72251f8823ab6be6a1180d300d06f76') -%} +{% set home = nginx.get('home', '/var/www') -%} +{% set source = nginx.get('source_root', '/usr/local/src') -%} + +{% set nginx_package = source + '/nginx-' + version + '.tar.gz' -%} +{% set nginx_home = home + "/nginx-" + version -%} +{% set nginx_modules_dir = source + "/nginx-modules" -%} + +{% if nginx['with_luajit'] -%} +include: + - nginx.luajit2 +{% endif -%} + +{% if nginx['with_openresty'] -%} +include: + - nginx.openresty +{% endif -%} + +nginx_group: + group.present: + - name: www-data + +nginx_user: + file.directory: + - name: {{ home }} + - user: www-data + - group: www-data + - mode: 0755 + - require: + - user: nginx_user + - group: nginx_group + user.present: + - name: www-data + - home: {{ home }} + - groups: + - www-data + - require: + - group: nginx_group + +get-nginx: + pkg.installed: + - names: + - libpcre3-dev + - build-essential + - libssl-dev + file.managed: + - name: {{ nginx_package }} + - source: http://nginx.org/download/nginx-{{ version }}.tar.gz + - source_hash: {{ checksum }} + cmd.wait: + - cwd: {{ source }} + - name: tar -zxf {{ nginx_package }} -C {{ home }} + - require: + - file: nginx_user + - pkg: get-nginx + - watch: + - file: get-nginx + +{% for name, module in nginx.get('modules', {}) -%} +get-nginx-{{name}}: + file.managed: + - name: {{ nginx_modules_dir }}/{{name}}.tar.gz + - source: {{ module['source'] }} + - source_hash: {{ module['source_hash'] }} + - require: + - file: nginx_user + cmd.wait: + - cwd: {{ nginx_home }} + - names: + - tar -zxf {{ nginx_modules_dir }}/{{name}}.tar.gz -C {{ nginx_modules_dir }}/{{name}} + - watch: + - file: get-nginx + - require_in: + - cmd: make-nginx +{% endfor -%} + +{% if install_luajit -%} + +{% endif -%} + +get-ngx_devel_kit: + file.managed: + - name: {{ source }}/ngx_devel_kit.tar.gz + - source: https://github.com/simpl/ngx_devel_kit/archive/v0.2.18.tar.gz + - source_hash: sha1=e21ba642f26047661ada678b21eef001ee2121d8 + cmd.wait: + - cwd: {{ nginx_home }} + - name: tar -zxf {{ source }}/ngx_devel_kit.tar.gz -C {{ source }} + - watch: + - file: get-ngx_devel_kit + +get-lua-nginx-module: + file.managed: + - name: {{ source }}/lua-nginx-module.tar.gz + - source: https://github.com/chaoslawful/lua-nginx-module/archive/v0.8.3rc1.tar.gz + - source_hash: sha1=49b2fa946517fb2e9b26185d418570e98ff5ff51 + cmd.wait: + - cwd: {{ nginx_home }} + - name: tar -zxf {{ source }}/lua-nginx-module.tar.gz -C {{ source }} + - watch: + - file: get-lua-nginx-module + +{{ home }}: + file.directory: + - user: www-data + - group: www-data + - makedirs: True + - mode: 0755 + +{% for dir in ('body', 'proxy', 'fastcgi') -%} +{{ home }}-{{dir}}: + file.directory: + - name: {{ home }}/{{dir}} + - user: www-data + - group: www-data + - mode: 0755 + - require: + - file: {{ home }} + - require_in: + - service: nginx +{% endfor -%} + +nginx: + cmd.wait: + - cwd: {{ nginx_home }} + - names: + - ./configure --conf-path=/etc/nginx/nginx.conf + --sbin-path=/usr/sbin/nginx + --user=www-data + --group=www-data + --prefix=/usr/local/nginx + --error-log-path=/var/log/nginx/error.log + --pid-path=/var/run/nginx.pid + --lock-path=/var/lock/nginx.lock + --http-log-path=/var/log/nginx/access.log + --with-http_dav_module + --http-client-body-temp-path={{ home }}/body + --http-proxy-temp-path={{ home }}/proxy + --with-http_stub_status_module + --http-fastcgi-temp-path={{ home }}/fastcgi + --with-debug + --with-http_ssl_module + {% for name, module in nginx.get('modules', {}) -%} + --add-module={{nginx_modules_dir}}/{{name}} \ + --with-pcre --with-ipv6 + {% endfor %} + - make -j2 && make install + - watch: + - cmd: get-nginx + - require: + - cmd: get-nginx + - cmd: get-lua-nginx-module + - cmd: get-ngx_devel_kit + - require_in: + - service: nginx + file.managed: + - name: /etc/init/nginx.conf + - template: jinja + - user: root + - group: root + - mode: 440 + - source: salt://nginx/templates/upstart.jinja + - require: + - cmd: nginx + service.running: + - enable: True + - watch: + - file: nginx + - file: /etc/nginx/nginx.conf + - file: /etc/nginx/conf.d/default.conf + - file: /etc/nginx/conf.d/example_ssl.conf + - file: nginx + - require: + - cmd: nginx + - file: {{ home }} diff --git a/templates/config.jinja b/templates/config.jinja new file mode 100644 index 0000000..693be56 --- /dev/null +++ b/templates/config.jinja @@ -0,0 +1,58 @@ +{% set nginx = pillar.get('nginx', {}) -%} +{% set user = nginx.get('user', 'www-data') -%} +{% set group = nginx.get('group', 'www-data') -%} +user {{ user }} {{ group }}; +worker_processes {{ nginx.get('worker_processes', 1) }}; + +error_log /var/log/nginx/error.fifo warn; +pid {{ nginx.get('pid', '/var/run/nginx.pid') }}; +daemon {{ nginx.get('daemon', 'off') }}; + +events { + worker_connections {{ nginx.get('events', {}).get('worker_connections', 1024) }}; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + log_format main '$scheme://$host:$server_port$uri$is_args$args $remote_addr:$remote_user "$request" $request_time $request_length:$bytes_sent $status "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'; + access_log /var/log/nginx/access.fifo main; + sendfile {{ nginx.get('sendfile', 'on') }}; + #tcp_nopush on; + keepalive_timeout {{ nginx.get('keepalive_timeout', 65) }}; + server_names_hash_bucket_size {{ nginx.get('server_names_hash_bucket_size', 128) }}; + server_names_hash_max_size {{ nginx.get('server_names_hash_max_size', 1024) }}; + types_hash_max_size {{ nginx.get('types_hash_max_size', 8192) }}; + + gzip {{ nginx.get('gzip', 'on') }}; + gzip_vary {{ nginx.get('gzip_vary', 'on') }}; + gzip_proxied {{ nginx.get('gzip_proxied', 'any') }}; + gzip_comp_level {{ nginx.get('gzip_comp_level', 6) }}; + gzip_buffers {{ nginx.get('gzip_buffers', '16 8k') }}; + gzip_http_version {{ nginx.get('gzip_http_version', '1.1') }}; + gzip_types {{ nginx.get('gzip_types', ['text/plain', 'text/css', 'application/json', 'application/x-javascript', 'text/xml', 'application/xml', 'application/xml+rss', 'text/javascript'])|join(' ') }}; + + # turn on nginx_status on localhost + server { + listen 127.0.0.1:80; + server_name 127.0.0.1; + location /nginx_status { + stub_status on; + access_log off; + allow 127.0.0.1; + deny all; + } + } +{% if pillar['nginx'] is defined -%} +{% if pillar['nginx']['redirect_numeric_ip']|default(False) %} + server { + server_name {% for ip in salt['network.interfaces']()['eth0']['inet'] %}{{ ip['address'] }}:80{% if not loop.last %} {% endif %}{% endfor %}; + return 302 {{ pillar['nginx']['redirect_numeric_ip'] }}; + access_log off; + } +{% endif %} +{% endif %} + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*.conf; +} diff --git a/templates/upstart-logger.jinja b/templates/upstart-logger.jinja new file mode 100644 index 0000000..e5356ad --- /dev/null +++ b/templates/upstart-logger.jinja @@ -0,0 +1,19 @@ +# {{ pillar['message_do_not_modify'] }} +# startup script for Nginx loggers + +start on starting nginx +stop on runlevel [!2345] + +respawn + +pre-start script + if [ ! -r /var/log/nginx/{{ type }}.fifo ]; then + mkfifo /var/log/nginx/{{ type }}.fifo + chown root.root /var/log/nginx/{{ type }}.fifo + chmod 660 /var/log/nginx/{{ type }}.fifo + fi +end script + +emits nginx-logger-{{ type }} + +exec logger -f /var/log/nginx/{{ type }}.fifo -t nginx -p {% if type == 'error' %}warn{% else %}debug{% endif %} diff --git a/templates/upstart.jinja b/templates/upstart.jinja new file mode 100644 index 0000000..3257cbe --- /dev/null +++ b/templates/upstart.jinja @@ -0,0 +1,8 @@ +# startup script for Nginx + +respawn + +start on filesystem or runlevel [2345] +stop on runlevel [!2345] + +exec /usr/sbin/nginx -c /etc/nginx/nginx.conf diff --git a/users.sls b/users.sls new file mode 100644 index 0000000..775410a --- /dev/null +++ b/users.sls @@ -0,0 +1,21 @@ +{% set nginx = pillar.get('nginx', {}) -%} +{% set htauth = nginx.get('htpasswd', '/etc/nginx/.htpasswd') -%} + +htpasswd: + pkg.installed: + - name: apache2-utils + +{% for name, user in pillar.get('users', {}).items() %} +{% if user['webauth'] is defined -%} + +nginx_user_{{name}}: + module.run: + - name: basicauth.adduser + - user: {{ name }} + - passwd: {{ user['webauth'] }} + - path: {{ htauth }} + - require: + - pkg: htpasswd + +{% endif -%} +{% endfor %} \ No newline at end of file From d11dd3f8873cb91990106094e19d98a254251fc6 Mon Sep 17 00:00:00 2001 From: Ari Lerner Date: Wed, 21 Aug 2013 12:17:15 -0700 Subject: [PATCH 3/3] Added pillar example --- README.md | 2 -- README.rst | 4 ++++ init.sls | 7 ++++--- pillar.example | 8 ++++++++ 4 files changed, 16 insertions(+), 5 deletions(-) delete mode 100644 README.md create mode 100644 README.rst create mode 100644 pillar.example diff --git a/README.md b/README.md deleted file mode 100644 index 0ad302c..0000000 --- a/README.md +++ /dev/null @@ -1,2 +0,0 @@ -nginx -===== diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..41d0468 --- /dev/null +++ b/README.rst @@ -0,0 +1,4 @@ +nginx +===== + +Install nginx \ No newline at end of file diff --git a/init.sls b/init.sls index 0d47ea5..165cc9c 100644 --- a/init.sls +++ b/init.sls @@ -1,8 +1,9 @@ include: - nginx.common - nginx.users - # To install from a package - # If you want to install from source - # simply replace this comment +{% if pillar.get('nginx', {}).get('install_from_source') %} + - nginx.source +{% else %} - nginx.package +{% endif -%} diff --git a/pillar.example b/pillar.example new file mode 100644 index 0000000..3e90e79 --- /dev/null +++ b/pillar.example @@ -0,0 +1,8 @@ +nginx: + install_from_source: True + with_luajit: False + with_openresty: True + modules: + headers-more: + source: http://github.com/agentzh/headers-more-nginx-module/tarball/v0.21 + source_hash: sha1=DAFJAKSDFJAKDFJ