From 6d41a590f8ea76fd1105801122f9986302260336 Mon Sep 17 00:00:00 2001 From: George Robinson Date: Wed, 25 May 2016 11:57:25 +0100 Subject: [PATCH 1/7] Auto-restart NGINX on failure --- nginx/ng/files/nginx.service | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nginx/ng/files/nginx.service b/nginx/ng/files/nginx.service index ad3d0ca..8d566b6 100644 --- a/nginx/ng/files/nginx.service +++ b/nginx/ng/files/nginx.service @@ -9,7 +9,9 @@ ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s QUIT $MAINPID +Restart=on-failure +RestartSec=10s PrivateTmp=true [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target From c6ed2e6bcb09e71029f5b466b62b574519a2d4de Mon Sep 17 00:00:00 2001 From: George Robinson Date: Wed, 25 May 2016 12:02:43 +0100 Subject: [PATCH 2/7] NGINX zero downtime reloads --- nginx/ng/files/nginx.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/ng/files/nginx.service b/nginx/ng/files/nginx.service index 8d566b6..2a65f0b 100644 --- a/nginx/ng/files/nginx.service +++ b/nginx/ng/files/nginx.service @@ -7,7 +7,7 @@ Type=forking PIDFile=/run/nginx.pid ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx -ExecReload=/bin/kill -s HUP $MAINPID +ExecReload=/usr/sbin/nginx -s reload ExecStop=/bin/kill -s QUIT $MAINPID Restart=on-failure RestartSec=10s From 6cab66306b4e20c449b6ee9171c08f926d1c1433 Mon Sep 17 00:00:00 2001 From: George Robinson Date: Wed, 25 May 2016 12:04:27 +0100 Subject: [PATCH 3/7] Use conf_file pillar when building from source --- nginx/ng/src.sls | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nginx/ng/src.sls b/nginx/ng/src.sls index 46d52fd..76142b5 100644 --- a/nginx/ng/src.sls +++ b/nginx/ng/src.sls @@ -29,7 +29,7 @@ nginx_download: nginx_configure: cmd.run: - - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf {{ nginx.source.opts | join(' ') }} + - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path={{ nginx.lookup.conf_file }} {{ nginx.source.opts | join(' ') }} - cwd: /tmp/nginx-{{ nginx.source_version }} - require: - archive: nginx_download @@ -59,4 +59,4 @@ nginx_link: - require: - cmd: nginx_install - onchanges: - - cmd: nginx_install \ No newline at end of file + - cmd: nginx_install From 9ff1a8f22d6fa086d817113808897a8fc4a35bb6 Mon Sep 17 00:00:00 2001 From: George Robinson Date: Wed, 25 May 2016 16:53:52 +0100 Subject: [PATCH 4/7] vhost_overwrite option for nginx.ng state --- nginx/ng/map.jinja | 6 ++++++ nginx/ng/vhosts_config.sls | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/nginx/ng/map.jinja b/nginx/ng/map.jinja index 30ac548..70afee7 100644 --- a/nginx/ng/map.jinja +++ b/nginx/ng/map.jinja @@ -14,6 +14,7 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, + 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', }, 'CentOS': { @@ -24,6 +25,7 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, + 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'rh_os_releasever': '$releasever', 'gpg_check': False, @@ -37,6 +39,7 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, + 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'rh_os_releasever': '$releasever', 'gpg_check': False, @@ -50,6 +53,7 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, + 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'gpg_check': True, 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key' @@ -62,6 +66,7 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, + 'vhost_overwrite': True, }, 'Gentoo': { 'package': 'www-servers/nginx', @@ -71,6 +76,7 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, + 'vhost_overwrite': True, }, }, default='Debian' ), 'install_from_source': False, diff --git a/nginx/ng/vhosts_config.sls b/nginx/ng/vhosts_config.sls index fe806a1..f51b782 100644 --- a/nginx/ng/vhosts_config.sls +++ b/nginx/ng/vhosts_config.sls @@ -94,6 +94,10 @@ nginx_vhost_available_dir: - template: jinja - context: config: {{ settings.config|json() }} + {% if nginx.lookup.vhost_overwrite == False %} + - unless: + - test -e {{ vhost_curpath(vhost) }} + {% endif %} {% do vhost_states.append(conf_state_id) %} {% endif %} From 49e085da11ff72977f9d682aa20ad3551e599073 Mon Sep 17 00:00:00 2001 From: George Robinson Date: Wed, 25 May 2016 18:24:34 +0100 Subject: [PATCH 5/7] Use static conf path in compile time options --- nginx/ng/src.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/ng/src.sls b/nginx/ng/src.sls index 76142b5..0c75b15 100644 --- a/nginx/ng/src.sls +++ b/nginx/ng/src.sls @@ -29,7 +29,7 @@ nginx_download: nginx_configure: cmd.run: - - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path={{ nginx.lookup.conf_file }} {{ nginx.source.opts | join(' ') }} + - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf {{ nginx.source.opts | join(' ') }} - cwd: /tmp/nginx-{{ nginx.source_version }} - require: - archive: nginx_download From 241d8683ed6d645561c8780c2af5cb72d6c7bc70 Mon Sep 17 00:00:00 2001 From: George Robinson Date: Sun, 5 Jun 2016 19:34:53 +0100 Subject: [PATCH 6/7] Overwrite existing vhost files on a per vhost granularity --- nginx/ng/map.jinja | 7 ------- nginx/ng/vhosts_config.sls | 2 +- pillar.example | 1 + 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/nginx/ng/map.jinja b/nginx/ng/map.jinja index 70afee7..423987f 100644 --- a/nginx/ng/map.jinja +++ b/nginx/ng/map.jinja @@ -14,7 +14,6 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, - 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', }, 'CentOS': { @@ -25,7 +24,6 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, - 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'rh_os_releasever': '$releasever', 'gpg_check': False, @@ -39,7 +37,6 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, - 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'rh_os_releasever': '$releasever', 'gpg_check': False, @@ -53,7 +50,6 @@ 'vhost_available': '/etc/nginx/conf.d', 'vhost_enabled': '/etc/nginx/conf.d', 'vhost_use_symlink': False, - 'vhost_overwrite': True, 'pid_file': '/run/nginx.pid', 'gpg_check': True, 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key' @@ -66,7 +62,6 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, - 'vhost_overwrite': True, }, 'Gentoo': { 'package': 'www-servers/nginx', @@ -76,7 +71,6 @@ 'vhost_available': '/etc/nginx/sites-available', 'vhost_enabled': '/etc/nginx/sites-enabled', 'vhost_use_symlink': True, - 'vhost_overwrite': True, }, }, default='Debian' ), 'install_from_source': False, @@ -87,7 +81,6 @@ 'source_hash': '8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d', 'source': { 'opts': {}, - 'modules': {} }, 'package': { 'opts': {}, diff --git a/nginx/ng/vhosts_config.sls b/nginx/ng/vhosts_config.sls index f51b782..5b422ec 100644 --- a/nginx/ng/vhosts_config.sls +++ b/nginx/ng/vhosts_config.sls @@ -94,7 +94,7 @@ nginx_vhost_available_dir: - template: jinja - context: config: {{ settings.config|json() }} - {% if nginx.lookup.vhost_overwrite == False %} + {% if 'overwrite' in vhost and vhost.overwrite == False %} - unless: - test -e {{ vhost_curpath(vhost) }} {% endif %} diff --git a/pillar.example b/pillar.example index 847cdde..bfdc737 100644 --- a/pillar.example +++ b/pillar.example @@ -90,6 +90,7 @@ nginx: enabled_dir: /tmp/sites-enabled # an alternate directory (not sites-enabled) where this vhost may be found disabled_name: mysite.aint_on # an alternative disabled name to be use when not symlinking enabled: True + overwrite: True # overwrite an existing vhost file or not # May be a list of config options or None, if None, no vhost file will be managed/templated # Take server directives as lists of dictionaries. If the dictionary value is another list of From 0dcd4feb28c21cea5224fb3089cfd421599ebb7c Mon Sep 17 00:00:00 2001 From: George Robinson Date: Sun, 5 Jun 2016 19:35:35 +0100 Subject: [PATCH 7/7] Use NGINX lookup conf path or fallback --- nginx/ng/src.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/ng/src.sls b/nginx/ng/src.sls index 0c75b15..bee24b8 100644 --- a/nginx/ng/src.sls +++ b/nginx/ng/src.sls @@ -29,7 +29,7 @@ nginx_download: nginx_configure: cmd.run: - - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf {{ nginx.source.opts | join(' ') }} + - name: ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path={{ nginx.lookup.conf_file or '/etc/nginx/nginx.conf' }} {{ nginx.source.opts | join(' ') }} - cwd: /tmp/nginx-{{ nginx.source_version }} - require: - archive: nginx_download