GitHub puppet-nginx

Puppet Module to manage NGINX on various UNIXes

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Hello the goal of the pr is to fix the nginx order configuration for the block stream.
As the configuration sites included at the end of the the http block we will do the same for the stream, like that we can use declaration provided on the nginx.conf on stream configured.

This Pull Request (PR) fixes the following issues

Fixes #1551

This includes a rebase of https://github.com/voxpupuli/puppet-nginx/pull/1189. That adds a type Nginx::Duration which looks similar to Nginx::Time (added in f0bf83a1abac6c2ee7fe7257a37514319a96f0fa). We likely want to unify those, but right now I'm not sharp enough to see the exact differences.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

While this isn't perfect, it's a huge step in the direction.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Current default value for streamaccesslog will cause Nginx to fail to start if nginx::stream is true.

http://nginx.org/en/docs/stream/ngx_stream_log_module.html#access_log
Format must be defined, which current default configuration doesn't do (since streamcustomformat_log is undef as well).

Nginx default is "off", and therefore the Puppet-module default should be "off" as well.

This Pull Request (PR) fixes the following issues

• #1530

Pull Request (PR) description

The syntax for the cookie method of the sticky directive in
the ngxhttpupstream_module is:

sticky cookie name [expires=time] [domain=domain] ...

The cookie name parameter must be specified without 'name=' prefix.

This Pull Request (PR) fixes the following issues

Fixes #1285

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

This change enforce the usage of the managed repository to work around the AppStream of CentOS and RedHat, which will take precedence over none module based repositories.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Allow user to change path for sites-enabled and streams-enabled keeping it within conf dir.
related to: #1234 and #1302

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

This PR adds "proxy_bind" parameter to the nginx class. If set, it generates a config entry in nginx.conf, block "http".

Pull Request (PR) description

I want to configure nginx unix socket on SSL vhost. In my case, I have listenport == sslport, selected template does not allow me to configure unix socket.

This defines a very minimal nginx class that is just enough to make the
os-independent tests pass:

Prior to this patch:

Finished in 15.21 seconds (files took 7.58 seconds to load)

After this patch:

Finished in 2.94 seconds (files took 7.66 seconds to load)

Fixes #1416

Note - same change may be needed in other template files.

Pull Request (PR) description

This PR allows setting of maphashbucket parameters

This Pull Request (PR) fixes the following issues

Pull Request (PR) description

nginx manages the directory permissions on its own,
so the default value is undef to avoid conflicts.

This Pull Request (PR) fixes the following issues

Related to #1443

Pull Request (PR) description

• add ability to include conf.d/name.acl ACLs to server/location blocks to not repeat allow/deny rules multiple times
• allows to combine common allow list (in .acl file) with allow/deny rules in specific block (deny rule will be the last)

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Add support to install nginx through AppStream on EL8.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

The service parameter of the upstream member enables port discovery
via DNS SRV records. When it is used, a server port must not be
specified or nginx will fail with the following error:

nginx: [emerg] service upstream may not have port

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

The PR removes the port from the server directive when the serviceparameter is set and updates the corresponding unit test.

This Pull Request (PR) fixes the following issues

Fixes #1282

Pull Request (PR) description

Updated listen_port data type from Integer to Variant[String, Integer] in 'nginx::resource::server' and 'nginx::resource::streamhost' as newer versions of Nginx support port range at listen port.
Please check the release notes from 26th of March:
- http://nginx.org/en/CHANGES
- https://www.nginx.com/blog/nginx-plus-r18-released#port-ranges
```
Changes with nginx 1.15.10 26 Mar 2019

*) Change: when using a hostname in the "listen" directive nginx now
creates listening sockets for all addresses the hostname resolves to
(previously, only the first address was used).

*) Feature: port ranges in the "listen" directive.
...
```

Pull Request (PR) description

Adds support for multiple limit_req statements in a location by allowing limit_zone to be passed as an array OR a string.

This Pull Request (PR) fixes the following issues

Fixes #1569

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

modulesync 5.4.0

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Hello,
This PR adds the support of the following directives at location level

• access_log
• error_log
• lognotfound

it allows to be more precise in the logging strategy.

Hope it helps.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Allow set custom uwsgi params in nginx::resource::server (location /) by exposing location::$nginx_param parameter
-->

This Pull Request (PR) fixes the following issues

<!--
New feature
-->

This PR remove backwards-compatible data types which where bogus.

It is intended to be rebased on top of master and merged when we want to cut a new major version and people had the time to update their code to not rely on these.