Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introducing Puppet Module Data #453

Merged
merged 15 commits into from
Sep 24, 2014
91 changes: 91 additions & 0 deletions data/common.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
---
nginx::config::temp_dir: /tmp
nginx::config::run_dir: /var/nginx
nginx::config::conf_template: nginx/conf.d/nginx.conf.erb
nginx::config::proxy_conf_template: nginx/conf.d/proxy.conf.erb
nginx::config::confd_purge: false
nginx::config::vhost_purge: false
nginx::config::worker_processes: 1
nginx::config::worker_connections: 1024
nginx::config::worker_rlimit_nofile: 1024
nginx::config::types_hash_max_size: 1024
nginx::config::types_hash_bucket_size: 512
nginx::config::names_hash_bucket_size: 64
nginx::config::names_hash_max_size: 512
nginx::config::multi_accept: off
nginx::config::events_use: false
nginx::config::sendfile: on
nginx::config::keepalive_timeout: 65
nginx::config::http_tcp_nodelay: on
nginx::config::http_tcp_nopush: off
nginx::config::gzip: on
nginx::config::server_tokens: on
nginx::config::spdy: off
nginx::config::ssl_stapling: off
nginx::config::proxy_redirect: off
nginx::config::proxy_set_header:
- 'Host $host'
- 'X-Real-IP $remote_addr'
- 'X-Forwarded-For $proxy_add_x_forwarded_for'
nginx::config::proxy_cache_path: false
nginx::config::proxy_cache_levels: 1
nginx::config::proxy_cache_keys_zone: 'd2:100m'
nginx::config::proxy_cache_max_size: 500m
nginx::config::proxy_cache_inactive: 20m
nginx::config::fastcgi_cache_path: false
nginx::config::fastcgi_cache_levels: 1
nginx::config::fastcgi_cache_keys_zone: 'd3:100m'
nginx::config::fastcgi_cache_max_size: 500m
nginx::config::fastcgi_cache_inactive: 20m
nginx::config::fastcgi_cache_key: false
nginx::config::fastcgi_cache_use_stale: false
nginx::config::client_body_temp_path: /var/nginx/client_body_temp
nginx::config::client_body_buffer_size: 128k
nginx::config::client_max_body_size: 10m
nginx::config::proxy_temp_path: /var/nginx/proxy_temp
nginx::config::proxy_connect_timeout: 90
nginx::config::proxy_send_timeout: 90
nginx::config::proxy_read_timeout: 90
nginx::config::proxy_buffers: '32 4k'
nginx::config::proxy_http_version: 1.0
nginx::config::proxy_buffer_size: 8k
nginx::config::proxy_headers_hash_bucket_size: 64
nginx::config::logdir: /var/log/nginx

# Service restart after Nginx 0.7.53 could also be just
# "/path/to/nginx/bin -s HUP" Some init scripts do a configtest, some don't.
# If configtest_enable it's true then service restart will take
# $nx_service_restart value, forcing configtest.
nginx::config::configtest_enable: false
nginx::config::service_restart: '/etc/init.d/nginx configtest && /etc/init.d/nginx restart'
nginx::config::service_ensure: running

nginx::config::mail: false

nginx::config::http_cfg_append: false
nginx::config::nginx_error_log: /var/log/nginx/error.log
nginx::config::http_access_log: /var/log/nginx/access.log

# package name depends on distribution, e.g. for Debian nginx-full | nginx-light
nginx::config::package_name: nginx
nginx::config::package_ensure: present
nginx::config::package_source: nginx
nginx::config::manage_repo: true

nginx::config::root_group: root
# Specific owner for sites-available directory
nginx::config::sites_available_owner: root
nginx::config::sites_available_group: root
nginx::config::sites_available_mode: '0644'

# Owner for all other files
nginx::config::global_owner: root
nginx::config::global_group: root
nginx::config::global_mode: '0644'

nginx::config::pid: /var/run/nginx.pid

nginx::config::conf_dir: /etc/nginx

nginx::config::super_user: true
nginx::config::daemon_user: nginx
6 changes: 6 additions & 0 deletions data/hiera.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
:hierarchy:
- osfamily/%{::osfamily}
- kernelversion/%{::kernelversion}
- kernel/%{::kernel}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Facter falls back to kernel when it doesn't have a specific match for osfamily, so I think having kernel in the hierarchy is redundant

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That functionality is only with Facter 2.2, right? I don't know if we can assert that across the board yet. Whadda think?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like it's always been that way: puppetlabs/facter@8f938c1

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Heh. TIL. :) Incoming change.

- common
3 changes: 3 additions & 0 deletions data/kernelversion/Joyent.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this will be problematic... kernelversion on Joyent is a full string including version number. So "Joyent" will never match this. If I'm reading the Facter code right you could use operatingsystem/SmartOS.yaml

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. Joyent is the only use-case in params that uses kernelversion. I'm 👍 with s/Joyent/SmartOS

nginx::config::conf_dir: /opt/local/etc/nginx
nginx::config::daemon_user: www
3 changes: 3 additions & 0 deletions data/osfamily/Archlinux.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
nginx::config::pid: false
nginx::config::daemon_user: http
2 changes: 2 additions & 0 deletions data/osfamily/Debian.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
nginx::config::daemon_user: www-data
4 changes: 4 additions & 0 deletions data/osfamily/FreeBSD.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
nginx::config::conf_dir: /usr/local/etc/nginx
nginx::config::daemon_user: www
nginx::config::root_group: wheel
2 changes: 2 additions & 0 deletions data/osfamily/Solaris.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
nginx::config::daemon_user: webservd
33 changes: 33 additions & 0 deletions docs/hiera.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# Usage of Hiera

This module takes advantage of the `puppet-module-data` pattern as introduced
by R.I. Pinnear to allow for a significant amount of flexibility with base
configuration of the module. This is to reduce the amount of clutter starting
to gather in `params.pp`, and provide a foundation for future enhancements.

## Upgrading

If you happen to be here because of some silly deprecation notice, it is
probably because a manifest is declaring attributes for the Nginx Class.
Upgrading should be easy!

* Step 1: Make sure you have Hiera configured. https://docs.puppetlabs.com/hiera/1/puppet.html#puppet-3-and-newer
* Step 2: Move any declared parameters to hiera.
* Step 3: Profit!

For example:

```
class { 'nginx':
logdir => '/data/nginx/logs',
}
```

should become in your hiera configs:

```
nginx::config::logdir: /data/nginx/logs
```

Please note: This module takes advantage of Puppet 3 data module bindings.
Be aware of any gotchas that accompany this. Take a look at https://docs.puppetlabs.com/hiera/1/puppet.html#limitations
205 changes: 142 additions & 63 deletions manifests/config.pp
Original file line number Diff line number Diff line change
Expand Up @@ -14,70 +14,149 @@
#
# This class file is not called directly
class nginx::config(
$client_body_buffer_size = $nginx::params::nx_client_body_buffer_size,
$client_body_temp_path = $nginx::params::nx_client_body_temp_path,
$client_max_body_size = $nginx::params::nx_client_max_body_size,
$confd_purge = $nginx::params::nx_confd_purge,
$conf_dir = $nginx::params::nx_conf_dir,
$conf_template = $nginx::params::nx_conf_template,
$daemon_user = $nginx::params::nx_daemon_user,
$events_use = $nginx::params::nx_events_use,
$fastcgi_cache_inactive = $nginx::params::nx_fastcgi_cache_inactive,
$fastcgi_cache_key = $nginx::params::nx_fastcgi_cache_key,
$fastcgi_cache_keys_zone = $nginx::params::nx_fastcgi_cache_keys_zone,
$fastcgi_cache_levels = $nginx::params::nx_fastcgi_cache_levels,
$fastcgi_cache_max_size = $nginx::params::nx_fastcgi_cache_max_size,
$fastcgi_cache_path = $nginx::params::nx_fastcgi_cache_path,
$fastcgi_cache_use_stale = $nginx::params::nx_fastcgi_cache_use_stale,
$gzip = $nginx::params::nx_gzip,
$http_access_log = $nginx::params::nx_http_access_log,
$http_cfg_append = $nginx::params::nx_http_cfg_append,
$http_tcp_nodelay = $nginx::params::nx_http_tcp_nodelay,
$http_tcp_nopush = $nginx::params::nx_http_tcp_nopush,
$keepalive_timeout = $nginx::params::nx_keepalive_timeout,
$logdir = $nginx::params::nx_logdir,
$mail = $nginx::params::nx_mail,
$multi_accept = $nginx::params::nx_multi_accept,
$names_hash_bucket_size = $nginx::params::nx_names_hash_bucket_size,
$names_hash_max_size = $nginx::params::nx_names_hash_max_size,
$nginx_error_log = $nginx::params::nx_nginx_error_log,
$pid = $nginx::params::nx_pid,
$proxy_buffers = $nginx::params::nx_proxy_buffers,
$proxy_buffer_size = $nginx::params::nx_proxy_buffer_size,
$proxy_cache_inactive = $nginx::params::nx_proxy_cache_inactive,
$proxy_cache_keys_zone = $nginx::params::nx_proxy_cache_keys_zone,
$proxy_cache_levels = $nginx::params::nx_proxy_cache_levels,
$proxy_cache_max_size = $nginx::params::nx_proxy_cache_max_size,
$proxy_cache_path = $nginx::params::nx_proxy_cache_path,
$proxy_conf_template = $nginx::params::nx_proxy_conf_template,
$proxy_connect_timeout = $nginx::params::nx_proxy_connect_timeout,
$proxy_headers_hash_bucket_size = $nginx::params::nx_proxy_headers_hash_bucket_size,
$proxy_http_version = $nginx::params::nx_proxy_http_version,
$proxy_read_timeout = $nginx::params::nx_proxy_read_timeout,
$proxy_redirect = $nginx::params::nx_proxy_redirect,
$proxy_send_timeout = $nginx::params::nx_proxy_send_timeout,
$proxy_set_header = $nginx::params::nx_proxy_set_header,
$proxy_temp_path = $nginx::params::nx_proxy_temp_path,
$run_dir = $nginx::params::nx_run_dir,
$sendfile = $nginx::params::nx_sendfile,
$server_tokens = $nginx::params::nx_server_tokens,
$spdy = $nginx::params::nx_spdy,
$super_user = $nginx::params::nx_super_user,
$temp_dir = $nginx::params::nx_temp_dir,
$types_hash_bucket_size = $nginx::params::nx_types_hash_bucket_size,
$types_hash_max_size = $nginx::params::nx_types_hash_max_size,
$vhost_purge = $nginx::params::nx_vhost_purge,
$worker_connections = $nginx::params::nx_worker_connections,
$worker_processes = $nginx::params::nx_worker_processes,
$worker_rlimit_nofile = $nginx::params::nx_worker_rlimit_nofile,
$global_owner = $nginx::params::global_owner,
$global_group = $nginx::params::global_group,
$global_mode = $nginx::params::global_mode,
$sites_available_owner = $nginx::params::sites_available_owner,
$sites_available_group = $nginx::params::sites_available_group,
$sites_available_mode = $nginx::params::sites_available_mode,
) inherits nginx::params {
$client_body_buffer_size = undef,
$client_body_temp_path = undef,
$client_max_body_size = undef,
$confd_purge = undef,
$conf_dir = undef,
$conf_template = undef,
$daemon_user = undef,
$events_use = undef,
$fastcgi_cache_inactive = undef,
$fastcgi_cache_key = undef,
$fastcgi_cache_keys_zone = undef,
$fastcgi_cache_levels = undef,
$fastcgi_cache_max_size = undef,
$fastcgi_cache_path = undef,
$fastcgi_cache_use_stale = undef,
$gzip = undef,
$http_access_log = undef,
$http_cfg_append = undef,
$http_tcp_nodelay = undef,
$http_tcp_nopush = undef,
$keepalive_timeout = undef,
$logdir = undef,
$mail = undef,
$multi_accept = undef,
$names_hash_bucket_size = undef,
$names_hash_max_size = undef,
$nginx_error_log = undef,
$pid = undef,
$proxy_buffers = undef,
$proxy_buffer_size = undef,
$proxy_cache_inactive = undef,
$proxy_cache_keys_zone = undef,
$proxy_cache_levels = undef,
$proxy_cache_max_size = undef,
$proxy_cache_path = undef,
$proxy_conf_template = undef,
$proxy_connect_timeout = undef,
$proxy_headers_hash_bucket_size = undef,
$proxy_http_version = undef,
$proxy_read_timeout = undef,
$proxy_redirect = undef,
$proxy_send_timeout = undef,
$proxy_set_header = undef,
$proxy_temp_path = undef,
$run_dir = undef,
$sendfile = undef,
$server_tokens = undef,
$spdy = undef,
$super_user = undef,
$temp_dir = undef,
$types_hash_bucket_size = undef,
$types_hash_max_size = undef,
$vhost_purge = undef,
$worker_connections = undef,
$worker_processes = undef,
$worker_rlimit_nofile = undef,
$global_owner = undef,
$global_group = undef,
$global_mode = undef,
$sites_available_owner = undef,
$sites_available_group = undef,
$sites_available_mode = undef,
) {

### Validations ###
if (!is_string($worker_processes)) and (!is_integer($worker_processes)) {
fail('$worker_processes must be an integer or have value "auto".')
}
if (!is_integer($worker_connections)) {
fail('$worker_connections must be an integer.')
}
if (!is_integer($worker_rlimit_nofile)) {
fail('$worker_rlimit_nofile must be an integer.')
}
if (!is_string($events_use)) and ($events_use != false) {
fail('$events_use must be a string or false.')
}
validate_string($multi_accept)
validate_string($package_name)
validate_string($package_ensure)
validate_string($package_source)
validate_array($proxy_set_header)
validate_string($proxy_http_version)
validate_bool($confd_purge)
validate_bool($vhost_purge)
if ($proxy_cache_path != false) {
validate_string($proxy_cache_path)
}
validate_re($proxy_cache_levels, '^[12](:[12])*$')
validate_string($proxy_cache_keys_zone)
validate_string($proxy_cache_max_size)
validate_string($proxy_cache_inactive)

if ($fastcgi_cache_path != false) {
validate_string($fastcgi_cache_path)
}
validate_re($fastcgi_cache_levels, '^[12](:[12])*$')
validate_string($fastcgi_cache_keys_zone)
validate_string($fastcgi_cache_max_size)
validate_string($fastcgi_cache_inactive)
if ($fastcgi_cache_key != false) {
validate_string($fastcgi_cache_key)
}
if ($fastcgi_cache_use_stale != false) {
validate_string($fastcgi_cache_use_stale)
}

validate_bool($configtest_enable)
validate_string($service_restart)
validate_bool($mail)
validate_string($server_tokens)
validate_string($client_max_body_size)
if (!is_integer($names_hash_bucket_size)) {
fail('$names_hash_bucket_size must be an integer.')
}
if (!is_integer($names_hash_max_size)) {
fail('$names_hash_max_size must be an integer.')
}
validate_string($proxy_buffers)
validate_string($proxy_buffer_size)
if ($http_cfg_append != false) {
if !(is_hash($http_cfg_append) or is_array($http_cfg_append)) {
fail('$http_cfg_append must be either a hash or array')
}
}

validate_string($nginx_error_log)
validate_string($http_access_log)
validate_hash($nginx_upstreams)
validate_hash($nginx_vhosts)
validate_hash($nginx_vhosts_defaults)
validate_hash($nginx_locations)
validate_hash($nginx_mailhosts)
validate_bool($manage_repo)
validate_string($proxy_headers_hash_bucket_size)
validate_bool($super_user)

validate_hash($string_mappings)
validate_hash($geo_mappings)
### END VALIDATIONS ###


### CONFIGURATION ###
File {
owner => $global_owner,
group => $global_group,
Expand Down
Loading