Skip to content

Commit

Permalink
Merge pull request voxpupuli#1131 from xaque208/ipv6logic
Browse files Browse the repository at this point in the history
Improve logic for ipv6 listening
  • Loading branch information
wyardley authored Oct 9, 2017
2 parents 39cd4ed + 83bdb5b commit 580beb2
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 43 deletions.
2 changes: 1 addition & 1 deletion manifests/resource/server.pp
Original file line number Diff line number Diff line change
Expand Up @@ -285,7 +285,7 @@

# Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
# and support does not exist for it in the kernel.
if $ipv6_enable and !$::ipaddress6 {
if $ipv6_enable and !$ipv6_listen_ip {
warning('nginx: IPv6 support is not enabled or configured properly')
}

Expand Down
23 changes: 2 additions & 21 deletions templates/server/server_header.erb
Original file line number Diff line number Diff line change
Expand Up @@ -18,17 +18,7 @@ server {
listen unix:<%= @listen_unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>;
<%- end -%>
<%- end -%>
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%# FIXME this logic is duplicated all over the place -%>
<%- if @ipv6_enable && (defined? @ipaddress6) -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
<%= scope.function_template(["nginx/server/server_ipv6_listen.erb"]) %>
server_name www.<%= s.gsub(/^www\./, '') %>;
<%- if @ssl_redirect or @ssl_only -%>
return 301 https://<%= s.gsub(/^www\./, '') %><% if @_ssl_redirect_port.to_i != 443 %>:<%= @_ssl_redirect_port %><% end %>$request_uri;
Expand Down Expand Up @@ -56,16 +46,7 @@ server {
listen unix:<%= @listen_unix_socket %><% if @listen_unix_socket_options %> <%= @listen_unix_socket_options %><% end %>;
<%- end -%>
<%- end -%>
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%- if @ipv6_enable && (defined? @ipaddress6) -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
<%= scope.function_template(["nginx/server/server_ipv6_listen.erb"]) %>
server_name <%= @rewrite_www_to_non_www ? @server_name.join(" ").gsub(/(^| )(www\.)?(?=[a-z0-9])/, '') : @server_name.join(" ") %>;
<%- if instance_variables.any? { |iv| iv.to_s.include? 'auth_basic' } -%>
<%- if defined? @auth_basic -%>
Expand Down
10 changes: 10 additions & 0 deletions templates/server/server_ipv6_listen.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%- if @ipv6_enable -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
23 changes: 2 additions & 21 deletions templates/server/server_ssl_header.erb
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,7 @@ server {
<%- else -%>
listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%# FIXME this logic is duplicated all over the place -%>
<%- if @ipv6_enable && (defined? @ipaddress6) -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
<%= scope.function_template(["nginx/server/server_ssl_ipv6_listen.erb"]) %>
server_name www.<%= s.gsub(/^www\./, '') %>;
return 301 https://<%= s.gsub(/^www\./, '') %>$request_uri;

Expand All @@ -37,16 +27,7 @@ server {
<%- else -%>
listen <%= @listen_ip %>:<%= @ssl_port %> <% if @ssl_listen_option %>ssl<% end %><% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%- if @ipv6_enable && (defined? @ipaddress6) -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
<%= scope.function_template(["nginx/server/server_ssl_ipv6_listen.erb"]) %>
server_name <%= @rewrite_www_to_non_www ? @server_name.join(" ").gsub(/(^| )(www\.)?(?=[a-z0-9])/, '') : @server_name.join(" ") %>;

<%= scope.function_template(["nginx/server/server_ssl_settings.erb"]) %>
Expand Down
10 changes: 10 additions & 0 deletions templates/server/server_ssl_ipv6_listen.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%- if @ipv6_enable -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @http2 == 'on' %> http2<% end %><% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>

0 comments on commit 580beb2

Please sign in to comment.