From 07806df3d3257e36013d15825d2237eaec1e7235 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 15 Feb 2011 17:16:16 -0200 Subject: Managing default site and nginx.conf --- manifests/init.pp | 26 ++++++--- templates/default.erb | 101 ++++++++++++++++++++++++++++++++++ templates/nginx.conf.erb | 38 ++++++++++--- templates/nginx.conf.puppetmaster.erb | 34 ++++++++++++ 4 files changed, 182 insertions(+), 17 deletions(-) create mode 100644 templates/default.erb create mode 100644 templates/nginx.conf.puppetmaster.erb diff --git a/manifests/init.pp b/manifests/init.pp index 4972730..2e66f78 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -90,6 +90,16 @@ class nginx::base { notify => Service["nginx"], } } + + # Main configuration + file { "/etc/nginx/nginx.conf": + content => template("nginx/nginx.conf.erb"), + owner => "root", + group => "root", + mode => 0644, + ensure => present, + notify => Service["nginx"], + } } class nginx inherits nginx::base { @@ -107,8 +117,13 @@ class nginx inherits nginx::base { } # Default site - nginx::base::site { "$domain": ensure => present, } + nginx::base::site { "default": + ensure => present, + source => 'template', + } + # Domain site + nginx::base::site { "$domain": ensure => present, } } class nginx::puppetmaster inherits nginx::base { @@ -147,12 +162,7 @@ class nginx::puppetmaster inherits nginx::base { ensure => absent, } - file { "/etc/nginx/nginx.conf": - content => template("nginx/nginx.conf.erb"), - owner => "root", - group => "root", - mode => 0644, - ensure => present, - notify => Service["nginx"], + File["/etc/nginx/nginx.conf"] { + content => template("nginx/nginx.conf.puppetmaster.erb"), } } diff --git a/templates/default.erb b/templates/default.erb new file mode 100644 index 0000000..6a56a35 --- /dev/null +++ b/templates/default.erb @@ -0,0 +1,101 @@ +# You may add here your +# server { +# ... +# } +# statements for each of your virtual hosts + +server { + + listen 80; ## listen for ipv4 + #listen [::]:80 default ipv6only=on; ## listen for ipv6 + + server_name localhost; + + #access_log /var/log/nginx/localhost.access.log; + access_log /dev/null; + + location / { + root /var/www; + index index.html index.htm; + } + + location /doc { + root /usr/share; + autoindex on; + allow 127.0.0.1; + deny all; + } + + location /images { + root /usr/share; + autoindex on; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + #error_page 500 502 503 504 /50x.html; + #location = /50x.html { + # root /var/www/nginx-default; + #} + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + #proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + #fastcgi_pass 127.0.0.1:9000; + #fastcgi_index index.php; + #fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + #includefastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + #deny all; + #} +} + + +# another virtual host using mix of IP-, name-, and port-based configuration +# +#server { +#listen 8000; +#listen somename:8080; +#server_name somename alias another.alias; + +#location / { +#root html; +#index index.html index.htm; +#} +#} + + +# HTTPS server +# +#server { +#listen 443; +#server_name localhost; + +#ssl on; +#ssl_certificate cert.pem; +#ssl_certificate_key cert.key; + +#ssl_session_timeout 5m; + +#ssl_protocols SSLv3 TLSv1; +#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; +#ssl_prefer_server_ciphers on; + +#location / { +#root html; +#index index.html index.htm; +#} +#} diff --git a/templates/nginx.conf.erb b/templates/nginx.conf.erb index b2be1eb..23077b0 100644 --- a/templates/nginx.conf.erb +++ b/templates/nginx.conf.erb @@ -1,22 +1,20 @@ user www-data; -worker_processes <%= worker_processes %>; +worker_processes 1; -error_log /var/log/nginx/error.log; +#error_log /var/log/nginx/error.log; +error_log /dev/null; pid /var/run/nginx.pid; events { - worker_connections <%= worker_connections %>; + worker_connections 1024; + # multi_accept on; } http { - # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524785 - # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547722 - server_names_hash_bucket_size 100; - include /etc/nginx/mime.types; - default_type application/octet-stream; - access_log /var/log/nginx/access.log; + #access_log /var/log/nginx/access.log; + access_log /dev/null; sendfile on; #tcp_nopush on; @@ -26,7 +24,29 @@ http { tcp_nodelay on; gzip on; + gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } + +# mail { +# # See sample authentication script at: +# # http://wiki.nginx.org/NginxImapAuthenticateWithApachePhpScript +# +# # auth_http localhost/auth.php; +# # pop3_capabilities "TOP" "USER"; +# # imap_capabilities "IMAP4rev1" "UIDPLUS"; +# +# server { +# listen localhost:110; +# protocol pop3; +# proxy on; +# } +# +# server { +# listen localhost:143; +# protocol imap; +# proxy on; +# } +# } diff --git a/templates/nginx.conf.puppetmaster.erb b/templates/nginx.conf.puppetmaster.erb new file mode 100644 index 0000000..a5c5765 --- /dev/null +++ b/templates/nginx.conf.puppetmaster.erb @@ -0,0 +1,34 @@ +user www-data; +worker_processes <%= worker_processes %>; + +#error_log /var/log/nginx/error.log; +error_log /dev/null; +pid /var/run/nginx.pid; + +events { + worker_connections <%= worker_connections %>; +} + +http { + # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524785 + # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547722 + server_names_hash_bucket_size 100; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + #access_log /var/log/nginx/access.log; + access_log /dev/null; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + tcp_nodelay on; + + gzip on; + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} -- cgit v1.2.3