Defined Type: nginx::resource::vhost

Defined in:
manifests/resource/vhost.pp

Overview

define: nginx::resource::location

This definition creates a new location entry within a virtual host

Parameters:

[*ensure*]           - Enables or disables the specified location (present|absent)
[*listen_ip*]        - Default IP Address for NGINX to listen with this vHost on. Defaults to all interfaces (*)
[*listen_port*]      - Default IP Port for NGINX to listen with this vHost on. Defaults to TCP 80
[*ipv6_enable*]      - BOOL value to enable/disable IPv6 support (false|true). Module will check to see if IPv6
                       support exists on your system before enabling.
[*ipv6_listen_ip*]   - Default IPv6 Address for NGINX to listen with this vHost on. Defaults to all interfaces (::)
[*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this vHost on. Defaults to TCP 80
[*index_files*]      -  Default index files for NGINX to read when traversing a directory
[*proxy*]            - Proxy server(s) for a location to connect to. Accepts a single value, can be used in conjunction
                       with nginx::resource::upstream
[*ssl*]              - Indicates whether to setup SSL bindings for this location.
[*ssl_cert*]         - Pre-generated SSL Certificate file to reference for SSL Support. This is not generated by this module.
[*ssl_key*]          - Pre-generated SSL Key file to reference for SSL Support. This is not generated by this module.
[*www_root*]         - Specifies the location on disk for files to be read from. Cannot be set in conjunction with $proxy

Actions:

Requires:

Sample Usage:

nginx::resource::vhost { 'test2.local':
  ensure   => present,
  www_root => '/var/www/nginx-default',
  ssl      => 'true',
  ssl_cert => '/tmp/server.crt',
  ssl_key  => '/tmp/server.pem',
}

Parameters:

  • ensure (Any) (defaults to: 'enable')
  • listen_ip (Any) (defaults to: '*')
  • listen_port (Any) (defaults to: '80')
  • ipv6_enable (Any) (defaults to: false)
  • ipv6_listen_ip (Any) (defaults to: '::')
  • ipv6_listen_port (Any) (defaults to: '80')
  • ssl (Any) (defaults to: false)
  • ssl_cert (Any) (defaults to: undef)
  • ssl_key (Any) (defaults to: undef)
  • proxy (Any) (defaults to: undef)
  • index_files (Any) (defaults to: ['index.html', 'index.htm', 'index.php'])
  • www_root (Any) (defaults to: undef) 


33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'manifests/resource/vhost.pp', line 33

define nginx::resource::vhost(
  $ensure           = 'enable',
  $listen_ip        = '*',
  $listen_port      = '80',
  $ipv6_enable      = false,
  $ipv6_listen_ip   = '::',
  $ipv6_listen_port = '80',
  $ssl              = false,
  $ssl_cert         = undef,
  $ssl_key          = undef,
  $proxy            = undef,
  $index_files      = ['index.html', 'index.htm', 'index.php'],
  $www_root         = undef
) {

  File {
    owner => 'root',
    group => 'root',
    mode  => '0644',
  }

  # Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
  # and support does not exist for it in the kernel.
  if ($ipv6_enable == 'true') and ($ipaddress6)  {
    warning('nginx: IPv6 support is not enabled or configured properly')
  }

  # Check to see if SSL Certificates are properly defined.
  if ($ssl == 'true') {
    if ($ssl_cert == undef) or ($ssl_key == undef) {
      fail('nginx: SSL certificate/key (ssl_cert/ssl_cert) and/or SSL Private must be defined and exist on the target system(s)')
    }
  }

  # Use the File Fragment Pattern to construct the configuration files.
  # Create the base configuration file reference.
  file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-001":
    ensure  => $ensure ? {
      'absent' => absent,
      default  => 'file',
    },
    content => template('nginx/vhost/vhost_header.erb'),
    notify => Class['nginx::service'],
  }

  # Create the default location reference for the vHost
  nginx::resource::location {"${name}-default":
    ensure   => $ensure,
    vhost    => $name,
    ssl      => $ssl,
    location => '/',
    proxy    => $proxy,
    www_root => $www_root,
    notify   => Class['nginx::service'],
  }

  # Create a proper file close stub.
  file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-699":
    ensure  => $ensure ? {
      'absent' => absent,
      default  => 'file',
    },
    content => template('nginx/vhost/vhost_footer.erb'),
    notify  => Class['nginx::service'],
  }

  # Create SSL File Stubs if SSL is enabled
  if ($ssl == 'true') {
    file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-700-ssl":
      ensure => $ensure ? {
	'absent' => absent,
        default  => 'file',
      },
      content => template('nginx/vhost/vhost_ssl_header.erb'),
      notify => Class['nginx::service'],
    }
    file { "${nginx::config::nx_temp_dir}/nginx.d/${name}-999-ssl":
      ensure => $ensure ? {
        'absent' => absent,
	default  => 'file',
      },
      content => template('nginx/vhost/vhost_footer.erb'),
      notify => Class['nginx::service'],
    }
  }
}