Home Explore Help
Register Sign In
rklein
/
ffho-salt-public
forked from FreifunkHochstift/ffho-salt-public
1
0
Fork 0
Files
Branch: master
Branches Tags
ffho-salt-pu...
/
nginx
/
init.sls

init.sls 2.2 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. #
    2. 

  2. # Nginx
    3. 

  3. #
    4. 

  4. 

  5. {% set node_config = salt['pillar.get']('nodes:' ~ grains.id) %}
    6. 

  6. {% set nginx_pkg = node_config.get('nginx:pkg', 'nginx') %}
    7. 

  7. 

  8. nginx:
    9. 

  9.   pkg.installed:
    10. 

  10.     - name: {{nginx_pkg}}
    11. 

  11. {% if grains.oscodename in ['jessie'] %}
    12. 

  12.     - fromrepo: {{ grains.oscodename }}-backports
    13. 

  13. {% endif %}
    14. 

  14.   service.running:
    15. 

  15.     - enable: TRUE
    16. 

  16.     - reload: TRUE
    17. 

  17.     - require:
    18. 

  18.       - pkg: nginx
    19. 

  19.     - watch:
    20. 

  20.       - cmd: nginx-configtest
    21. 

  21. 

  22. # Add cache directory
    23. 

  23. nginx-cache:
    24. 

  24.   file.directory:
    25. 

  25.     - name: /srv/cache
    26. 

  26.     - user: www-data
    27. 

  27.     - group: www-data
    28. 

  28.     - require:
    29. 

  29.       - pkg: nginx
    30. 

  30.     - require_in:
    31. 

  31.       - cmd: nginx-configtest
    32. 

  32. 

  33. # Install meaningful main configuration (SSL tweaks 'n stuff)
    34. 

  34. /etc/nginx/nginx.conf:
    35. 

  35.   file.managed:
    36. 

  36.     - source: salt://nginx/nginx.conf
    37. 

  37.     - template: jinja
    38. 

  38.     - watch_in:
    39. 

  39.       - cmd: nginx-configtest
    40. 

  40. 

  41. /etc/nginx/ffho.d:
    42. 

  42.   file.recurse:
    43. 

  43.     - source: salt://nginx/ffho.d
    44. 

  44.     - file_mode: 755
    45. 

  45.     - dir_mode: 755
    46. 

  46.     - user: root
    47. 

  47.     - group: root
    48. 

  48.     - clean: True
    49. 

  49.     - watch_in:
    50. 

  50.       - cmd: nginx-configtest
    51. 

  51. 

  52. # Disable default configuration
    53. 

  53. /etc/nginx/sites-enabled/default:
    54. 

  54.   file.absent:
    55. 

  55.     - watch_in:
    56. 

  56.       - cmd: nginx-configtest
    57. 

  57. 

  58. # Install website configuration files configured for this node
    59. 

  59. {% for website, website_config in node_config.get('nginx', {}).get('websites', {}).items() %}
    60. 

  60. /etc/nginx/sites-enabled/{{website}}:
    61. 

  61.   file.managed:
    62. 

  62.     - source: salt://nginx/{{website}}
    63. 

  63.     - template: jinja
    64. 

  64.       config: {{ website_config }}
    65. 

  65.     - require:
    66. 

  66.       - pkg: nginx
    67. 

  67.     - watch_in:
    68. 

  68.       - cmd: nginx-configtest
    69. 

  69. {% endfor %}
    70. 

  70. 

  71. {% if 'frontend' in node_config.get('roles', []) %}
    72. 

  72.   {% for domain, config in pillar.get('frontend', {}).items()|sort %}
    73. 

  73.     {% if 'file' in config %}
    74. 

  74. /etc/nginx/sites-enabled/{{domain}}:
    75. 

  75.   file.managed:
    76. 

  76.     - source: salt://nginx/{{config.file}}
    77. 

  77.     - template: jinja
    78. 

  78.     - require:
    79. 

  79.       - pkg: nginx
    80. 

  80.     - watch_in:
    81. 

  81.       - cmd: nginx-configtest
    82. 

  82.     {% endif %}
    83. 

  83.   {% endfor %}
    84. 

  84. 

  85. /etc/nginx/sites-enabled/ff-frontend.conf:
    86. 

  86.   file.managed:
    87. 

  87.     - source: salt://nginx/ff-frontend.conf
    88. 

  88.     - template: jinja
    89. 

  89.     - require:
    90. 

  90.       - pkg: nginx
    91. 

  91.     - watch_in:
    92. 

  92.       - cmd: nginx-configtest
    93. 

  93. {% endif %}
    94. 

  94. 

  95. # Test configuration before reload
    96. 

  96. nginx-configtest:
    97. 

  97.   cmd.wait:
    98. 

  98.     - name: /usr/sbin/nginx -t
    99.