Giter Club home page Giter Club logo

puppet-nginx's Introduction

NGINX Module

James Fryman [email protected]

This module manages NGINX configuration.

Quick Start

Install and bootstrap an NGINX instance

class { 'nginx': }

Setup a new virtual host

nginx::resource::vhost { 'www.puppetlabs.com':
  ensure   => present,
  www_root => '/var/www/www.puppetlabs.com',
}

Add a Proxy Server

nginx::resource::upstream { 'puppet_rack_app':
 ensure  => present,
 members => [
   'localhost:3000',
   'localhost:3001',
   'localhost:3002',
 ],
}

nginx::resource::vhost { 'rack.puppetlabs.com':
  ensure => present,
  proxy  => 'http://puppet_rack_app',
}

Add a smtp proxy

class { 'nginx':
 mail => true,
}

nginx::resource::mailhost { 'domain1.example':
 ensure      => present,
 auth_http   => 'server2.example/cgi-bin/auth',
 protocol    => 'smtp',
 listen_port => 587,
 ssl_port    => 465,
 starttls    => 'only',
 xclient     => 'off',
 ssl         => 'true',
 ssl_cert    => '/tmp/server.crt',
 ssl_key     => '/tmp/server.pem',
}

Hiera Support

Defining nginx resources in Hiera.

nginx::nginx_upstreams:
  'puppet_rack_app':
    ensure: present
    members:
      - localhost:3000
      - localhost:3001
      - localhost:3002
nginx::nginx_vhosts:
  'www.puppetlabs.com':
    www_root: '/var/www/www.puppetlabs.com'
  'rack.puppetlabs.com':
    ensure: present
    proxy: 'http://puppet_rack_app'
nginx::nginx_locations:
  'static':
    location: '~ "^/static/[0-9a-fA-F]{8}\/(.*)$"'
    vhost: www.puppetlabs.com
  'userContent':
    location: /userContent
    vhost: www.puppetlabs.com
    www_root: /var/www/html

Nginx with precompiled Passenger

Currently this works only for Debian family.

class { 'nginx':
  package_source => 'passenger',
  http_cfg_append => {
   'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini',
  }
}

Package source passenger will add Phusion Passenger repository to APT sources. For each virtual host you should specify which ruby should be used.

vhost_cfg_append => {
  'passenger_enabled'         => 'on',
  'passenger_ruby'            => '/usr/bin/ruby'
}

Puppet master served by Nginx and Passenger

Virtual host config for serving puppet master:

nginx::resource::vhost { 'puppet':
  ensure      => present,
  server_name => ['puppet'],
  listen_port => 8140,
  ssl         => true,
  ssl_cert    => '/var/lib/puppet/ssl/certs/example.com.pem',
  ssl_key     => '/var/lib/puppet/ssl/private_keys/example.com.pem',
  ssl_port    => 8140,
  ssl_cache   => 'shared:SSL:128m',
  ssl_ciphers => 'SSLv2:-LOW:-EXPORT:RC4+RSA',
  vhost_cfg_append => {
    'passenger_enabled'         => 'on',
    'passenger_ruby'            => '/usr/bin/ruby',
    'ssl_crl'                   => '/var/lib/puppet/ssl/ca/ca_crl.pem',
    'ssl_client_certificate'    => '/var/lib/puppet/ssl/certs/ca.pem',
    'ssl_verify_client'         => 'optional',
    'ssl_verify_depth'          => 1,
  },
  www_root    => '/etc/puppet/rack/public',
  use_default_location => false,
  access_log  => '/var/log/nginx/puppet_access.log',
  error_log   => '/var/log/nginx/puppet_error.log',
  passenger_cgi_param => {
    'SSL_CLIENT_S_DN'   => '$ssl_client_s_dn',
    'SSL_CLIENT_VERIFY' => '$ssl_client_verify',
  },
}

puppet-nginx's People

Contributors

jfryman avatar abraham1901 avatar helldorado avatar guzmanbraso avatar justicel avatar deric avatar buro9 avatar hunner avatar tjikkun avatar vrillusions avatar omarzt avatar xcompass avatar lboynton avatar jamorton avatar jamtur01 avatar cwarden avatar frastel avatar igoraj avatar nicklewis avatar blkperl avatar tombooth avatar rytis avatar castiel avatar brettporter avatar leoc avatar frost avatar msiedlarek avatar luxflux avatar rbolkey avatar salekseev avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.