Skip to content

Commit

Permalink
Set log directory ownership / permissions explicitly
Browse files Browse the repository at this point in the history
  • Loading branch information
William Yardley committed Nov 2, 2016
1 parent 5aaf21c commit ad5be25
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 3 deletions.
5 changes: 5 additions & 0 deletions manifests/config.pp
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@
$global_group = $::nginx::params::global_group,
$global_mode = $::nginx::params::global_mode,
$log_dir = $::nginx::params::log_dir,
$log_group = $::nginx::params::log_group,
$log_mode = '0750',
$http_access_log = "${log_dir}/${::nginx::params::http_access_log_file}",
$http_format_log = undef,
$nginx_error_log = "${log_dir}/${::nginx::params::nginx_error_log_file}",
Expand Down Expand Up @@ -271,6 +273,9 @@

file { $log_dir:
ensure => directory,
mode => $log_mode,
owner => $daemon_user,
group => $log_group,
}

file {$client_body_temp_path:
Expand Down
12 changes: 11 additions & 1 deletion manifests/params.pp
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
'pid' => '/var/run/nginx.pid',
'root_group' => 'root',
'log_dir' => '/var/log/nginx',
'log_group' => 'root',
'run_dir' => '/var/nginx',
'package_name' => 'nginx',
'manage_repo' => false,
Expand All @@ -16,6 +17,7 @@
$_module_os_overrides = {
'pid' => false,
'daemon_user' => 'http',
'log_group' => 'log',
}
}
'Debian': {
Expand All @@ -24,10 +26,12 @@
$_module_os_overrides = {
'manage_repo' => true,
'daemon_user' => 'www-data',
'log_group' => 'adm',
}
} else {
$_module_os_overrides = {
'daemon_user' => 'www-data',
'log_group' => 'adm',
}
}
}
Expand All @@ -36,6 +40,7 @@
'conf_dir' => '/usr/local/etc/nginx',
'daemon_user' => 'www',
'root_group' => 'wheel',
'log_group' => 'wheel',
}
}
'Gentoo': {
Expand All @@ -47,9 +52,12 @@
if ($::operatingsystem in ['RedHat', 'CentOS'] and $::operatingsystemmajrelease in ['5', '6', '7']) {
$_module_os_overrides = {
'manage_repo' => true,
'log_group' => 'nginx',
}
} else {
$_module_os_overrides = {}
$_module_os_overrides = {
'log_group' => 'nginx',
}
}
}
'Solaris': {
Expand All @@ -63,6 +71,7 @@
'daemon_user' => 'www',
'root_group' => 'wheel',
'log_dir' => '/var/www/logs',
'log_group' => 'wheel',
'run_dir' => '/var/www',
}
}
Expand All @@ -86,6 +95,7 @@
### Referenced Variables
$conf_dir = $_module_parameters['conf_dir']
$log_dir = $_module_parameters['log_dir']
$log_group = $_module_parameters['log_group']
$run_dir = $_module_parameters['run_dir']
$temp_dir = '/tmp'
$pid = $_module_parameters['pid']
Expand Down
24 changes: 22 additions & 2 deletions spec/classes/config_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -88,8 +88,9 @@
it do
is_expected.to contain_file('/var/log/nginx').with(
ensure: 'directory',
group: 'root',
mode: '0644'
owner: 'www-data',
group: 'adm',
mode: '0750'
)
end

Expand Down Expand Up @@ -842,5 +843,24 @@
)
end
end

context 'when log_mode is non-default' do
let(:params) { { log_mode: '0771' } }

it { is_expected.to contain_file('/var/log/nginx').with(mode: '0771') }
end
end

context 'With RedHat facts' do
let(:facts) { { operatingsystem: 'redhat', osfamily: 'RedHat', operatingsystemmajrelease: '6' } }

it do
is_expected.to contain_file('/var/log/nginx').with(
ensure: 'directory',
owner: 'nginx',
group: 'nginx',
mode: '0750'
)
end
end
end

0 comments on commit ad5be25

Please sign in to comment.