Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3768722
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
10 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/roles/shellserver/userland-software/web.sls b/roles/shellserver/userland-software/web.sls
index f27d8d4..ec3e783 100644
--- a/roles/shellserver/userland-software/web.sls
+++ b/roles/shellserver/userland-software/web.sls
@@ -1,41 +1,23 @@
# -------------------------------------------------------------
# Salt — Provision web software
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2016-06-12
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-{% from "map.jinja" import dirs, packages with context %}
-
-# -------------------------------------------------------------
-# nginx
-# -------------------------------------------------------------
-
-nginx:
- pkg.installed: []
- service.running:
- - require:
- - pkg: nginx
-
-# -------------------------------------------------------------
-# SSL certificates
-# -------------------------------------------------------------
-
-letsencrypt:
- pkg.installed:
- - name: {{ packages.certbot }}
+{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Web utilities
# -------------------------------------------------------------
web_utilities:
pkg.installed:
- pkgs:
- igal2
{{ dirs.bin }}/html-directories:
file.managed:
- source: salt://roles/shellserver/userland-software/files/html-directories.sh
- mode: 755
diff --git a/roles/webserver-core/init.sls b/roles/webserver-core/init.sls
index 5cddf1d..4580956 100644
--- a/roles/webserver-core/init.sls
+++ b/roles/webserver-core/init.sls
@@ -1,11 +1,14 @@
# -------------------------------------------------------------
# Salt — Webserver core units for all webservers roles
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-25
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
- - .letsencrypt
+ - .nginx
- .tools
+ {% if 'paas-docker' not in salt['node.get_list']('roles') %}
+ - .letsencrypt
+ {% endif %}
diff --git a/roles/webserver-core/nginx/config.sls b/roles/webserver-core/nginx/config.sls
new file mode 100644
index 0000000..105dff6
--- /dev/null
+++ b/roles/webserver-core/nginx/config.sls
@@ -0,0 +1,22 @@
+# -------------------------------------------------------------
+# Salt — Webserver core units for all webservers roles
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+# -------------------------------------------------------------
+# includes folder
+#
+# :: general configuration
+# :: application-specific code
+# -------------------------------------------------------------
+
+webserver_core_nginx_includes:
+ file.recurse:
+ - name: {{ dirs.etc }}/nginx/includes
+ - source: salt://roles/webserver-core/nginx/files/includes
+ - dir_mode: 755
+ - file_mode: 644
diff --git a/roles/webserver-legacy/nginx/files/includes/fastcgi_params b/roles/webserver-core/nginx/files/includes/fastcgi_params
similarity index 96%
rename from roles/webserver-legacy/nginx/files/includes/fastcgi_params
rename to roles/webserver-core/nginx/files/includes/fastcgi_params
index 85efbbf..845811c 100644
--- a/roles/webserver-legacy/nginx/files/includes/fastcgi_params
+++ b/roles/webserver-core/nginx/files/includes/fastcgi_params
@@ -1,51 +1,51 @@
# -------------------------------------------------------------
# Configuration for Nasqueron web sites
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Created: 2017-11-19
# Project: Nasqueron
# Description: nginx FastCGI configuration
# License: Trivial work, not eligible for copyright.
-# Source file: roles/webserver-legacy/nginx/files/includes/fastcgi_params
+# Source file: roles/webserver-core/nginx/files/includes/fastcgi_params
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Headers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# -------------------------------------------------------------
# PHP tweak
#
# Required if PHP was built with --enable-force-cgi-redirect.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
fastcgi_param REDIRECT_STATUS 200;
diff --git a/roles/webserver-legacy/nginx/files/includes/tls b/roles/webserver-core/nginx/files/includes/tls
similarity index 92%
rename from roles/webserver-legacy/nginx/files/includes/tls
rename to roles/webserver-core/nginx/files/includes/tls
index 36eae43..69a30b5 100644
--- a/roles/webserver-legacy/nginx/files/includes/tls
+++ b/roles/webserver-core/nginx/files/includes/tls
@@ -1,21 +1,21 @@
# -------------------------------------------------------------
# Configuration for nginx TLS
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Created: 2016-01-05
# License: Trivial work, not eligible for copyright.
-# Source file: roles/webserver-legacy/nginx/files/includes/tls
+# Source file: roles/webserver-core/nginx/files/includes/tls
# -------------------------------------------------------------
listen 443 ssl http2;
listen [::]:443 ssl http2;
keepalive_timeout 70;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
diff --git a/roles/webserver-core/init.sls b/roles/webserver-core/nginx/init.sls
similarity index 85%
copy from roles/webserver-core/init.sls
copy to roles/webserver-core/nginx/init.sls
index 5cddf1d..fb3a480 100644
--- a/roles/webserver-core/init.sls
+++ b/roles/webserver-core/nginx/init.sls
@@ -1,11 +1,9 @@
# -------------------------------------------------------------
# Salt — Webserver core units for all webservers roles
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
-# Created: 2017-10-25
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
- - .letsencrypt
- - .tools
+ - .software
diff --git a/roles/webserver-core/init.sls b/roles/webserver-core/nginx/software.sls
similarity index 83%
copy from roles/webserver-core/init.sls
copy to roles/webserver-core/nginx/software.sls
index 5cddf1d..700bb88 100644
--- a/roles/webserver-core/init.sls
+++ b/roles/webserver-core/nginx/software.sls
@@ -1,11 +1,9 @@
# -------------------------------------------------------------
# Salt — Webserver core units for all webservers roles
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
-# Created: 2017-10-25
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-include:
- - .letsencrypt
- - .tools
+nginx:
+ pkg.installed
diff --git a/roles/webserver-core/tools/init.sls b/roles/webserver-core/tools/init.sls
index 6018a3d..d547fb1 100644
--- a/roles/webserver-core/tools/init.sls
+++ b/roles/webserver-core/tools/init.sls
@@ -1,19 +1,30 @@
# -------------------------------------------------------------
# Salt — Helper tools for nginx
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-24
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-{% from "map.jinja" import dirs with context %}
+{% from "map.jinja" import dirs, packages with context %}
+
+# -------------------------------------------------------------
+# Dependencies
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ packages.tcl }}:
+ pkg.installed
+
+# -------------------------------------------------------------
+# Salt — Helper tools for nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.bin }}/list-nginx-vhosts-conf:
file.managed:
- mode: 755
- source: salt://roles/webserver-core/tools/files/list-nginx-vhosts.tcl
{{ dirs.bin }}/autochmod:
file.managed:
- mode: 755
- source: salt://roles/webserver-core/tools/files/autochmod.sh
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Nov 25, 10:02 (1 d, 17 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2259970
Default Alt Text
(10 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment