From 20ab8fb61dee003f8c60a3cb2087826ec986ea70 Mon Sep 17 00:00:00 2001
From: PascalB <PascalBourdier@users.noreply.github.com>
Date: Tue, 29 Aug 2017 20:54:28 +0200
Subject: [PATCH] fix lint warnings (#1115)

* fix lint warnings
---
 manifests/init.pp              |  2 +-
 manifests/params.pp            |  5 +++++
 manifests/resource/location.pp |  7 ++++++-
 manifests/resource/mailhost.pp | 23 ++++++++++++++---------
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 1c1f9607a..c6256b763 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -133,7 +133,7 @@
   Variant[Integer, Enum['auto']] $worker_processes           = 1,
   Integer $worker_rlimit_nofile                              = 1024,
   $ssl_protocols                                             = 'TLSv1 TLSv1.1 TLSv1.2',
-  $ssl_ciphers                                               = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS',
+  $ssl_ciphers                                               = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS', # lint:ignore:140chars
   Optional[Stdlib::Unixpath] $ssl_dhparam                    = undef,
 
   ### START Package Configuration ###
diff --git a/manifests/params.pp b/manifests/params.pp
index a8470ef54..26d38f86b 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,3 +1,8 @@
+# Class: nginx::params
+# ====================
+#
+# nginx default settings and according to operating system
+#
 class nginx::params {
   ### Operating System Configuration
   ## This is my hacky... no hiera system. Oh well. :)
diff --git a/manifests/resource/location.pp b/manifests/resource/location.pp
index 56dd41906..d44d1978a 100644
--- a/manifests/resource/location.pp
+++ b/manifests/resource/location.pp
@@ -251,7 +251,12 @@
   # Only try to manage these files if they're the default one (as you presumably
   # usually don't want the default template if you're using a custom file.
 
-  if $ensure == present and $fastcgi != undef and !defined(File[$fastcgi_params]) and $fastcgi_params == "${::nginx::conf_dir}/fastcgi.conf" {
+  if  (
+    $ensure == present              and
+    $fastcgi != undef               and
+    !defined(File[$fastcgi_params]) and
+    $fastcgi_params == "${::nginx::conf_dir}/fastcgi.conf"
+      ) {
     file { $fastcgi_params:
       ensure  => present,
       mode    => '0644',
diff --git a/manifests/resource/mailhost.pp b/manifests/resource/mailhost.pp
index 6b508ee27..1ba4ceb44 100644
--- a/manifests/resource/mailhost.pp
+++ b/manifests/resource/mailhost.pp
@@ -17,16 +17,17 @@
 #   [*ssl*]                       - Indicates whether to setup SSL bindings for this mailhost.
 #   [*ssl_cert*]                  - Pre-generated SSL Certificate file to reference for SSL Support. This is not generated by this module.
 #   [*ssl_ciphers*]               - Override default SSL ciphers. Defaults to nginx::ssl_ciphers
-#   [*ssl_client_cert*]           - Pre-generated SSL Certificate file to reference for client verify SSL Support. This is not generated by this module.
+#   [*ssl_client_cert*]           - Pre-generated SSL Certificate file to reference for client verify SSL Support.
+#                                   This is not generated by this module.
 #   [*ssl_crl*]                   - String: Specifies CRL path in file system
-#   [*ssl_dhparam*]               - This directive specifies a file containing Diffie-Hellman key agreement protocol cryptographic parameters, in PEM
-#                                   format, utilized for exchanging session keys between server and client.
+#   [*ssl_dhparam*]               - This directive specifies a file containing Diffie-Hellman key agreement protocol cryptographic
+#                                   parameters, in PEM format, utilized for exchanging session keys between server and client.
 #   [*ssl_ecdh_curve*]            - This directive specifies a curve for ECDHE ciphers.
 #   [*ssl_key*]                   - Pre-generated SSL Key file to reference for SSL Support. This is not generated by this module.
 #   [*ssl_password_file*]         - This directive specifies a file containing passphrases for secret keys.
 #   [*ssl_port*]                  - Default IP Port for NGINX to listen with this SSL server on. Defaults to TCP 443
-#   [*ssl_prefer_server_ciphers*] - Specifies that server ciphers should be preferred over client ciphers when using the SSLv3 and TLS protocols. Defaults
-#                                   to $nginx::ssl_prefer_server_ciphers.
+#   [*ssl_prefer_server_ciphers*] - Specifies that server ciphers should be preferred over client ciphers when using the SSLv3
+#                                   and TLS protocols. Defaults to $nginx::ssl_prefer_server_ciphers.
 #   [*ssl_protocols*]             - SSL protocols enabled. Defaults to nginx::ssl_protocols
 #   [*ssl_session_cache*]         - Sets the type and size of the session cache.
 #   [*ssl_session_ticket_key*]    - This directive specifies a file containing secret key used to encrypt and decrypt TLS session tickets.
@@ -41,16 +42,19 @@
 #   [*auth_http*]                 - With this directive you can set the URL to the external HTTP-like server for authorization.
 #   [*xclient*]                   - Whether to use xclient for smtp (on|off)
 #   [*imap_auth*]                 - Sets permitted methods of authentication for IMAP clients.
-#   [*imap_capabilities*]         - Sets the IMAP protocol extensions list that is passed to the client in response to the CAPABILITY command.
+#   [*imap_capabilities*]         - Sets the IMAP protocol extensions list that is passed to the client in response to the CAPA command.
 #   [*imap_client_buffer*]        - Sets the IMAP commands read buffer size.
 #   [*pop3_auth*]                 - Sets permitted methods of authentication for POP3 clients.
 #   [*pop3_capabilities*]         - Sets the POP3 protocol extensions list that is passed to the client in response to the CAPA command.
 #   [*smtp_auth*]                 - Sets permitted methods of SASL authentication for SMTP clients.
 #   [*smtp_capabilities*]         - Sets the SMTP protocol extensions list that is passed to the client in response to the EHLO command.
-#   [*proxy_pass_error_message*]  - Indicates whether to pass the error message obtained during the authentication on the backend to the client.
+#   [*proxy_pass_error_message*]  - Indicates whether to pass the error message obtained during the authentication on the backend
+#                                   to the client.
 #   [*server_name*]               - List of mailhostnames for which this mailhost will respond. Default [$name].
-#   [*raw_prepend*]               - A single string, or an array of strings to prepend to the server directive (after mailhost_cfg_prepend directive). NOTE: YOU are responsible for a semicolon on each line that requires one.
-#   [*raw_append*]                - A single string, or an array of strings to append to the server directive (after mailhost_cfg_append directive). NOTE: YOU are responsible for a semicolon on each line that requires one.
+#   [*raw_prepend*]               - A single string, or an array of strings to prepend to the server directive (after mailhost_cfg_prepend
+#                                   directive). NOTE: YOU are responsible for a semicolon on each line that requires one.
+#   [*raw_append*]                - A single string, or an array of strings to append to the server directive (after mailhost_cfg_append
+#                                   directive). NOTE: YOU are responsible for a semicolon on each line that requires one.
 #   [*mailhost_cfg_append*]       - It expects a hash with custom directives to put after everything else inside server
 #   [*mailhost_cfg_prepend*]      - It expects a hash with custom directives to put before everything else inside server
 #
@@ -71,6 +75,7 @@
 #    ssl_cert    => '/tmp/server.crt',
 #    ssl_key     => '/tmp/server.pem',
 #  }
+#
 define nginx::resource::mailhost (
   Integer $listen_port,
   Enum['absent', 'present'] $ensure              = 'present',