278 lines
8.8 KiB
Plaintext
278 lines
8.8 KiB
Plaintext
{% from "nginx/map.jinja" import nginx as nginx_map with context %}
|
|
|
|
{% set nginx = pillar.get('nginx', {}) -%}
|
|
{% set use_sysvinit = nginx.get('use_sysvinit', nginx_map['use_sysvinit']) %}
|
|
{% set version = nginx.get('version', '1.6.2') -%}
|
|
{% set tarball_url = nginx.get('tarball_url', 'http://nginx.org/download/nginx-' + version + '.tar.gz') -%}
|
|
{% set checksum = nginx.get('checksum', 'sha256=b5608c2959d3e7ad09b20fc8f9e5bd4bc87b3bc8ba5936a513c04ed8f1391a18') -%}
|
|
{% set home = nginx.get('home', nginx_map['home']) -%}
|
|
{% set base_temp_dir = nginx.get('base_temp_dir', '/tmp') -%}
|
|
{% set source = nginx.get('source_root', '/usr/local/src') -%}
|
|
|
|
{% set conf_dir = nginx.get('conf_dir', nginx_map['conf_dir']) -%}
|
|
{% set conf_only = nginx.get('conf_only', false) -%}
|
|
{% set log_dir = nginx.get('log_dir', nginx_map['log_dir']) -%}
|
|
{% set pid_path = nginx.get('pid_path', nginx_map['pid_path']) -%}
|
|
{% set lock_path = nginx.get('lock_path', '/var/lock/nginx.lock') -%}
|
|
{% set sbin_dir = nginx.get('sbin_dir', nginx_map['sbin_dir']) -%}
|
|
|
|
{% set install_prefix = nginx.get('install_prefix', nginx_map['install_prefix']) -%}
|
|
{% set with_items = nginx.get('with', ['debug', 'http_dav_module', 'http_stub_status_module', 'pcre', 'ipv6']) -%}
|
|
{% set without_items = nginx.get('without', []) -%}
|
|
{% set make_flags = nginx.get('make_flags', nginx_map['make_flags']) -%}
|
|
|
|
{% set service_name = nginx.get('service_name', 'nginx') %}
|
|
{% set service_enable = nginx.get('service_enable', True) %}
|
|
|
|
{% set nginx_package = source + '/nginx-' + version + '.tar.gz' -%}
|
|
{% set nginx_source = source + "/nginx-" + version -%}
|
|
{% set nginx_modules_dir = source + "/nginx-modules" -%}
|
|
|
|
include:
|
|
- nginx.common
|
|
{% if nginx.get('with_luajit', false) %}
|
|
- nginx.luajit2
|
|
{% endif -%}
|
|
{% if nginx.get('with_openresty', false) %}
|
|
- nginx.openresty
|
|
{% endif -%}
|
|
|
|
|
|
nginx_group:
|
|
group.present:
|
|
- name: {{ nginx_map.default_group }}
|
|
|
|
nginx_user:
|
|
file.directory:
|
|
- name: {{ home }}
|
|
- user: {{ nginx_map.default_user }}
|
|
- group: {{ nginx_map.default_group }}
|
|
- mode: 0755
|
|
- require:
|
|
- user: nginx_user
|
|
- group: nginx_group
|
|
user.present:
|
|
- name: {{ nginx_map.default_user }}
|
|
- home: {{ home }}
|
|
- groups:
|
|
- {{ nginx_map.default_group }}
|
|
- require:
|
|
- group: nginx_group
|
|
|
|
{{ nginx_modules_dir }}:
|
|
file:
|
|
- directory
|
|
- makedirs: True
|
|
|
|
get-build-tools:
|
|
{% if grains['saltversion'] < '2015.8.0' and grains['os_family'] == 'RedHat' %}
|
|
module.run:
|
|
- name: pkg.group_install
|
|
- m_name: {{ nginx_map.group_pkg }}
|
|
{% else %}
|
|
{{ nginx_map.group_action }}:
|
|
- name: {{ nginx_map.group_pkg }}
|
|
{% endif %}
|
|
|
|
get-nginx:
|
|
pkg.installed:
|
|
- names:
|
|
- {{ nginx_map.libpcre_dev }}
|
|
- {{ nginx_map.libssl_dev }}
|
|
|
|
file.managed:
|
|
- name: {{ nginx_package }}
|
|
- source: {{ tarball_url }}
|
|
- source_hash: {{ checksum }}
|
|
- require:
|
|
- file: {{ nginx_modules_dir }}
|
|
cmd.wait:
|
|
- cwd: {{ source }}
|
|
- name: tar --transform "s,^$(tar --list -zf nginx-{{ version }}.tar.gz | head -n 1),nginx-{{ version }}/," -zxf {{ nginx_package }}
|
|
- require:
|
|
- pkg: get-nginx
|
|
- file: get-nginx
|
|
- watch:
|
|
- file: get-nginx
|
|
|
|
{% for name, module in nginx.get('modules', {}).items() -%}
|
|
get-nginx-{{name}}:
|
|
file.managed:
|
|
- name: {{ nginx_modules_dir }}/{{name}}.tar.gz
|
|
- source: {{ module['source'] }}
|
|
- source_hash: {{ module['source_hash'] }}
|
|
cmd.wait:
|
|
- cwd: {{ nginx_modules_dir }}
|
|
- names:
|
|
- tar --transform "s,^$(tar --list -zf {{name}}.tar.gz | head -n 1),{{name}}/," -zxf {{name}}.tar.gz
|
|
- watch:
|
|
- file: get-nginx-{{name}}
|
|
- require_in:
|
|
- cmd: nginx
|
|
{% endfor -%}
|
|
|
|
{% if nginx.get('ngx_devel_kit', true) -%}
|
|
get-ngx_devel_kit:
|
|
file.managed:
|
|
- name: {{ source }}/ngx_devel_kit.tar.gz
|
|
- source: https://github.com/simpl/ngx_devel_kit/archive/v0.2.18.tar.gz
|
|
- source_hash: sha1=e21ba642f26047661ada678b21eef001ee2121d8
|
|
cmd.wait:
|
|
- cwd: {{ source }}
|
|
- name: tar -zxf {{ source }}/ngx_devel_kit.tar.gz -C {{ source }}
|
|
- watch:
|
|
- file: get-ngx_devel_kit
|
|
{% endif %}
|
|
|
|
is-nginx-source-modified:
|
|
cmd.run:
|
|
- cwd: {{ source }}
|
|
- stateful: True
|
|
- names:
|
|
- if [ ! -d "nginx-{{ version }}" ]; then
|
|
echo "changed=yes comment='Tarball has not yet been extracted'";
|
|
exit 0;
|
|
fi;
|
|
cd "nginx-{{ version }}";
|
|
m=$(find . \! -name "build.*" -newer {{ sbin_dir }}/nginx -print -quit);
|
|
r=$?;
|
|
if [ x$r != x0 ]; then
|
|
echo "changed=yes comment='binary file does not exist or other find error'";
|
|
exit 0;
|
|
fi;
|
|
if [ x$m != "x" ]; then
|
|
echo "changed=yes comment='source files are newer than binary'";
|
|
exit 0;
|
|
fi;
|
|
echo "changed=no comment='source files are older than binary'"
|
|
|
|
{% for name, module in nginx.get('modules', {}).items() -%}
|
|
is-nginx-module-modified-{{name}}:
|
|
cmd.run:
|
|
- cwd: {{ nginx_modules_dir }}/{{name}}
|
|
- stateful: True
|
|
- names:
|
|
- m=$(find . \! -name "build.*" -newer {{ sbin_dir }}/nginx -print -quit);
|
|
r=$?;
|
|
if [ x$r != x0 ]; then
|
|
echo "changed=yes comment='binary file does not exist or other find error'";
|
|
exit 0;
|
|
fi;
|
|
if [ x$m != "x" ]; then
|
|
echo "changed=yes comment='module source files are newer than binary'";
|
|
exit 0;
|
|
fi;
|
|
echo "changed=no comment='module source files are older than binary'"
|
|
{% endfor -%}
|
|
|
|
nginx:
|
|
cmd.wait:
|
|
- cwd: {{ nginx_source }}
|
|
- names:
|
|
- (
|
|
{%- if nginx.get('debug_symbols', false) %}
|
|
CFLAGS="-g -O0" ./configure --conf-path={{ conf_dir }}/nginx.conf
|
|
{%- else %}
|
|
./configure --conf-path={{ conf_dir }}/nginx.conf
|
|
{%- endif %}
|
|
--sbin-path={{ sbin_dir }}/nginx
|
|
--user={{ nginx_map.default_user }}
|
|
--group={{ nginx_map.default_group }}
|
|
--prefix={{ install_prefix }}
|
|
--http-log-path={{ log_dir }}/access.log
|
|
--error-log-path={{ log_dir }}/error.log
|
|
--pid-path={{ pid_path }}
|
|
--lock-path={{ lock_path }}
|
|
--http-client-body-temp-path={{ base_temp_dir }}/body
|
|
--http-proxy-temp-path={{ base_temp_dir }}/proxy
|
|
--http-fastcgi-temp-path={{ base_temp_dir }}/fastcgi
|
|
--http-uwsgi-temp-path={{ base_temp_dir }}/temp_uwsgi
|
|
--http-scgi-temp-path={{ base_temp_dir }}/temp_scgi
|
|
{%- for name, module in nginx.get('modules', {}).items() %}
|
|
--add-module={{nginx_modules_dir}}/{{name}}
|
|
{%- endfor %}
|
|
{%- for name in with_items %}
|
|
--with-{{ name }}
|
|
{%- endfor %}
|
|
{%- for name in without_items %}
|
|
--without-{{ name }}
|
|
{%- endfor %}
|
|
&& make {{ make_flags }}
|
|
&& make install
|
|
)
|
|
{#- If they want to silence the compiler output, then save it to file so we can reference it later if needed #}
|
|
{%- if nginx.get('silence_compiler', true) %}
|
|
> {{ nginx_source }}/build.out 2> {{ nginx_source }}/build.err;
|
|
{#- If the build process failed, write stderr to stderr and exit with the error code #}
|
|
r=$?;
|
|
if [ x$r != x0 ]; then
|
|
cat {{ nginx_source }}/build.err 1>&2; {#- copy err output to stderr #}
|
|
exit $r;
|
|
fi;
|
|
{% endif %}
|
|
- watch:
|
|
- cmd: get-nginx
|
|
- cmd: is-nginx-source-modified
|
|
{% for name, module in nginx.get('modules', {}).items() -%}
|
|
- cmd: is-nginx-module-modified-{{name}}
|
|
- file: get-nginx-{{name}}
|
|
{% endfor %}
|
|
{% if use_sysvinit %}
|
|
- watch_in:
|
|
{% set logger_types = ('access', 'error') %}
|
|
{% for log_type in logger_types %}
|
|
- service: nginx-logger-{{ log_type }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
- require:
|
|
- cmd: get-nginx
|
|
{% for name, module in nginx.get('modules', {}).items() -%}
|
|
- file: get-nginx-{{name}}
|
|
{% endfor %}
|
|
{% if use_sysvinit %}
|
|
file:
|
|
- managed
|
|
- template: jinja
|
|
- name: /etc/init.d/{{ service_name }}
|
|
- source: salt://nginx/templates/nginx.init.jinja
|
|
- user: root
|
|
- group: root
|
|
- mode: 0755
|
|
- context:
|
|
service_name: {{ service_name }}
|
|
sbin_dir: {{ sbin_dir }}
|
|
pid_path: {{ pid_path }}
|
|
{% endif %}
|
|
service:
|
|
{% if service_enable %}
|
|
- running
|
|
- enable: True
|
|
- restart: True
|
|
{% else %}
|
|
- dead
|
|
- enable: False
|
|
{% endif %}
|
|
- name: {{ service_name }}
|
|
- watch:
|
|
- cmd: nginx
|
|
- file: {{ conf_dir }}/nginx.conf
|
|
- require:
|
|
- cmd: nginx
|
|
- file: {{ conf_dir }}/nginx.conf
|
|
|
|
{% for file in nginx.get('delete_confs', []) %}
|
|
{{ conf_dir }}/{{ file }}:
|
|
file:
|
|
- absent
|
|
- require_in:
|
|
- service: nginx
|
|
{% endfor %}
|
|
|
|
{% for file in nginx.get('delete_htdocs', []) %}
|
|
{{ install_prefix }}/html/{{ file }}:
|
|
file:
|
|
- absent
|
|
- require_in:
|
|
- service: nginx
|
|
{% endfor %}
|