# Set defaults, use debian as base

server_available = '/etc/nginx/sites-available'
server_enabled	 = '/etc/nginx/sites-enabled'

# Override by OS
case os[:name]
when 'redhat', 'centos', 'fedora'
  server_available = '/etc/nginx/conf.d'
  server_enabled   = '/etc/nginx/conf.d'
when 'opensuse'
  server_available = '/etc/nginx/vhosts.d'
  server_enabled   = '/etc/nginx/vhosts.d'
end

control 'Nginx configuration' do
  title 'should match desired lines'

  # main configuration
  describe file('/etc/nginx/nginx.conf') do
    it { should be_file }
    it { should be_owned_by 'root' }
    it { should be_grouped_into 'root' }
    its('mode') { should cmp '0644' }
    its('content') { should include %Q[    log_format main '$remote_addr - $remote_user [$time_local] $status '
                    '"$request" $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';] }
  end

  # snippets configuration
  describe file('/etc/nginx/snippets/letsencrypt.conf') do
    it { should be_file }
    it { should be_owned_by 'root' }
    it { should be_grouped_into 'root' }
    its('mode') { should cmp '0644' }
    its('content') { should include 'location ^~ /.well-known/acme-challenge/ {' }
    its('content') { should include 'proxy_pass http://localhost:9999;' }
    its('content') { should include '{' }
  end

  # sites configuration
  [server_available, server_enabled].each do |dir|

    describe file ("#{dir}/default") do
     it { should_not exist }
    end

    describe file ("#{dir}/mysite") do
      it { should be_file }
      it { should be_owned_by 'root' }
      it { should be_grouped_into 'root' }
      its('mode') { should cmp '0644' }
      its('content') { should include 'server_name localhost;' }
      its('content') { should include 'listen 80 default_server;' }
      its('content') { should include 'index index.html index.htm;' }
      its('content') { should include 'location ~ .htm {' }
      its('content') { should include 'try_files $uri $uri/ =404;' }
      its('content') { should include 'include snippets/letsencrypt.conf;' }
    end

  end
end