diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2016-06-25 13:37:11 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2016-06-25 13:37:11 -0300 |
| commit | 557c50672dfa964ad0e59b0aea19e2c59121322f (patch) | |
| tree | 816b432c65d75e1494aba81848ccf4e25f77cf13 | |
| parent | 95da4e006a2bc31f409c78872472db3ac01250d4 (diff) | |
| download | puppet-nginx-557c50672dfa964ad0e59b0aea19e2c59121322f.tar.gz puppet-nginx-557c50672dfa964ad0e59b0aea19e2c59121322f.tar.bz2 | |
Aliases support on nginx::site
| -rw-r--r-- | manifests/site.pp | 16 | ||||
| -rw-r--r-- | manifests/site/config.pp | 11 | ||||
| -rw-r--r-- | templates/site-ssl.erb | 6 | ||||
| -rw-r--r-- | templates/site.erb | 6 |
4 files changed, 22 insertions, 17 deletions
diff --git a/manifests/site.pp b/manifests/site.pp index f73ae30..851d471 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -5,28 +5,32 @@ define nginx::site( $certbot = true, $template = 'site', $backend = 'weblocal', + $aliases = "*.${name}", ) { nginx::site::config { $name: ensure => $ensure, source => $source, template => $template, backend => $backend, + aliases => $aliases, } if $certbot == true { certbot::manage { $name: + aliases => $aliases, pre_hook => '/usr/sbin/service nginx restart', require => Nginx::Site::Config[$name], } } nginx::site::config { "${name}-ssl": - use_fqdn => $name, - ensure => $ssl, - source => $source, - template => "${template}-ssl", - backend => $backend, - require => $certbot ? { + server_name => $name, + ensure => $ssl, + source => $source, + template => "${template}-ssl", + backend => $backend, + aliases => $aliases, + require => $certbot ? { true => Certbot::Manage[$name], default => undef, } diff --git a/manifests/site/config.pp b/manifests/site/config.pp index 4bea495..ff8187e 100644 --- a/manifests/site/config.pp +++ b/manifests/site/config.pp @@ -1,9 +1,10 @@ define nginx::site::config( - $use_fqdn = $name, - $ensure = present, - $source = 'template', - $template = 'site', - $backend = 'weblocal', + $server_name = $name, + $ensure = present, + $source = 'template', + $template = 'site', + $backend = 'weblocal', + $aliases = "*.${name}", ){ case $source { 'file': { diff --git a/templates/site-ssl.erb b/templates/site-ssl.erb index 57b285f..c0af188 100644 --- a/templates/site-ssl.erb +++ b/templates/site-ssl.erb @@ -1,10 +1,10 @@ server { listen 443; - server_name *.<%= @use_fqdn %> <%= @use_fqdn %>; + server_name <%= @server_name %> <%= @aliases %>; ssl on; - ssl_certificate /etc/letsencrypt/live/<%= @use_fqdn %>/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/<%= @use_fqdn %>/privkey.pem; + ssl_certificate /etc/letsencrypt/live/<%= @server_name %>/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/<%= @server_name %>/privkey.pem; # enable HSTS header add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload"; diff --git a/templates/site.erb b/templates/site.erb index 9c575cb..3fe5f81 100644 --- a/templates/site.erb +++ b/templates/site.erb @@ -1,9 +1,9 @@ server { - listen 80; - server_name *.<%= @use_fqdn %> <%= @use_fqdn %>; + listen 80; + server_name <%= @server_name %> <%= @aliases %>; location /.well-known/acme-challenge { - root /var/spool/certbot/<%= @use_fqdn %>; + root /var/spool/certbot/<%= @server_name %>; } location / { |