refactor(pkgs): readbility
This commit is contained in:
parent
037c13a674
commit
b76e8cc664
@ -10,8 +10,8 @@ in favor of using `keyring files` which contain a binary OpenPGP format of the k
|
|||||||
As nginx and passenger don't provide such key files, we created them following the
|
As nginx and passenger don't provide such key files, we created them following the
|
||||||
official recomendations in their sites and install the resulting files.
|
official recomendations in their sites and install the resulting files.
|
||||||
|
|
||||||
Ngninx
|
Nginx
|
||||||
------
|
-----
|
||||||
|
|
||||||
See https://nginx.org/en/linux_packages.html#Debian for details
|
See https://nginx.org/en/linux_packages.html#Debian for details
|
||||||
|
|
||||||
|
@ -19,6 +19,9 @@
|
|||||||
'server_use_symlink': True,
|
'server_use_symlink': True,
|
||||||
'pid_file': '/run/nginx.pid',
|
'pid_file': '/run/nginx.pid',
|
||||||
'openssl_package': 'openssl',
|
'openssl_package': 'openssl',
|
||||||
|
'package_repo_keyring': '/usr/share/keyrings/nginx-archive-keyring.gpg',
|
||||||
|
'passenger_package_repo_keyring': '/usr/share/keyrings/phusionpassenger-archive-keyring.gpg',
|
||||||
|
|
||||||
},
|
},
|
||||||
'CentOS': {
|
'CentOS': {
|
||||||
'package': 'nginx',
|
'package': 'nginx',
|
||||||
|
@ -37,11 +37,11 @@ nginx_install:
|
|||||||
- name: {{ nginx.lookup.package }}
|
- name: {{ nginx.lookup.package }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if salt['grains.get']('os_family') == 'Debian' %}
|
{% if grains.os_family == 'Debian' %}
|
||||||
{%- if from_official %}
|
{%- if from_official %}
|
||||||
nginx_official_repo_keyring:
|
nginx_official_repo_keyring:
|
||||||
file.managed:
|
file.managed:
|
||||||
- name: /usr/share/keyrings/nginx-archive-keyring.gpg
|
- name: {{ nginx.lookup.package_repo_keyring }}
|
||||||
- source: {{ files_switch(['nginx-archive-keyring.gpg'],
|
- source: {{ files_switch(['nginx-archive-keyring.gpg'],
|
||||||
lookup='nginx_official_repo_keyring'
|
lookup='nginx_official_repo_keyring'
|
||||||
)
|
)
|
||||||
@ -58,8 +58,10 @@ nginx_official_repo:
|
|||||||
- absent
|
- absent
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
- humanname: nginx apt repo
|
- humanname: nginx apt repo
|
||||||
- name: deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/{{ grains['os'].lower() }}/ {{ grains['oscodename'] }} nginx
|
- name: >-
|
||||||
- file: /etc/apt/sources.list.d/nginx-official-{{ grains['oscodename'] }}.list
|
deb [signed-by={{ nginx.lookup.package_repo_keyring }}]
|
||||||
|
http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx
|
||||||
|
- file: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list
|
||||||
- require_in:
|
- require_in:
|
||||||
- pkg: nginx_install
|
- pkg: nginx_install
|
||||||
- watch_in:
|
- watch_in:
|
||||||
@ -74,10 +76,10 @@ nginx_ppa_repo:
|
|||||||
{%- else %}
|
{%- else %}
|
||||||
- absent
|
- absent
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
{% if salt['grains.get']('os') == 'Ubuntu' %}
|
{% if grains.os == 'Ubuntu' %}
|
||||||
- ppa: nginx/{{ nginx.ppa_version }}
|
- ppa: nginx/{{ nginx.ppa_version }}
|
||||||
{% else %}
|
{% else %}
|
||||||
- name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains['oscodename'] }} main
|
- name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main
|
||||||
- keyid: C300EE8C
|
- keyid: C300EE8C
|
||||||
- keyserver: keyserver.ubuntu.com
|
- keyserver: keyserver.ubuntu.com
|
||||||
{% endif %}
|
{% endif %}
|
||||||
@ -101,12 +103,12 @@ nginx_phusionpassenger_repo_keyring:
|
|||||||
# Remove the old repo file
|
# Remove the old repo file
|
||||||
nginx_phusionpassenger_repo_remove:
|
nginx_phusionpassenger_repo_remove:
|
||||||
pkgrepo.absent:
|
pkgrepo.absent:
|
||||||
- name: deb http://nginx.org/packages/{{ grains['os'].lower() }}/ {{ grains['oscodename'] }} nginx
|
- name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx
|
||||||
- keyid: 561F9B9CAC40B2F7
|
- keyid: 561F9B9CAC40B2F7
|
||||||
- require_in:
|
- require_in:
|
||||||
- pkgrepo: nginx_phusionpassenger_repo
|
- pkgrepo: nginx_phusionpassenger_repo
|
||||||
file.absent:
|
file.absent:
|
||||||
- name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains['oscodename'] }}.list
|
- name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list
|
||||||
- require_in:
|
- require_in:
|
||||||
- pkgrepo: nginx_phusionpassenger_repo
|
- pkgrepo: nginx_phusionpassenger_repo
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
@ -119,15 +121,17 @@ nginx_phusionpassenger_repo:
|
|||||||
- absent
|
- absent
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
- humanname: nginx phusionpassenger repo
|
- humanname: nginx phusionpassenger repo
|
||||||
- name: deb [signed-by=/usr/share/keyrings/phusionpassenger-archive-keyring.gpg] https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains['oscodename'] }} main
|
- name: >-
|
||||||
- file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains['oscodename'] }}.list
|
deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}]
|
||||||
|
https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main
|
||||||
|
- file: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list
|
||||||
- require_in:
|
- require_in:
|
||||||
- pkg: nginx_install
|
- pkg: nginx_install
|
||||||
- watch_in:
|
- watch_in:
|
||||||
- pkg: nginx_install
|
- pkg: nginx_install
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if salt['grains.get']('os_family') == 'Suse' or salt['grains.get']('os') == 'SUSE' %}
|
{% if grains.os_family == 'Suse' or grains.os == 'SUSE' %}
|
||||||
nginx_zypp_repo:
|
nginx_zypp_repo:
|
||||||
pkgrepo:
|
pkgrepo:
|
||||||
{%- if from_official %}
|
{%- if from_official %}
|
||||||
@ -148,8 +152,8 @@ nginx_zypp_repo:
|
|||||||
- pkg: nginx_install
|
- pkg: nginx_install
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if salt['grains.get']('os_family') == 'RedHat' %}
|
{% if grains.os_family == 'RedHat' %}
|
||||||
{% if salt['grains.get']('osfinger', '') in ['Amazon Linux-2'] %}
|
{% if grains.osfinger in ['Amazon Linux-2'] %}
|
||||||
nginx_epel_repo:
|
nginx_epel_repo:
|
||||||
pkgrepo.managed:
|
pkgrepo.managed:
|
||||||
- name: epel
|
- name: epel
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
case os[:name]
|
case os.family
|
||||||
when 'centos'
|
when 'redhat'
|
||||||
repo_file = '/etc/yum.repos.d/passenger.repo'
|
repo_file = '/etc/yum.repos.d/passenger.repo'
|
||||||
repo_url = 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
|
repo_url = 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch'
|
||||||
when 'debian', 'ubuntu'
|
when 'debian'
|
||||||
# Inspec does not provide a `codename` matcher, so we add ours
|
# Inspec does not provide a `codename` matcher, so we add ours
|
||||||
case platform[:release].to_f.truncate
|
case platform[:release].to_f.truncate
|
||||||
# ubuntu
|
# ubuntu
|
||||||
@ -13,6 +13,8 @@ when 'debian', 'ubuntu'
|
|||||||
when 20
|
when 20
|
||||||
codename = 'focal'
|
codename = 'focal'
|
||||||
# debian
|
# debian
|
||||||
|
when 9
|
||||||
|
codename = 'stretch'
|
||||||
when 10
|
when 10
|
||||||
codename = 'buster'
|
codename = 'buster'
|
||||||
when 11
|
when 11
|
||||||
|
Loading…
Reference in New Issue
Block a user