GitHub puppet-nginx

Puppet Module to manage NGINX on various UNIXes

This includes a rebase of https://github.com/voxpupuli/puppet-nginx/pull/1189. That adds a type Nginx::Duration which looks similar to Nginx::Time (added in f0bf83a1abac6c2ee7fe7257a37514319a96f0fa). We likely want to unify those, but right now I'm not sharp enough to see the exact differences.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

This change enforce the usage of the managed repository to work around the AppStream of CentOS and RedHat, which will take precedence over none module based repositories.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

The syntax for the cookie method of the sticky directive in
the ngxhttpupstream_module is:

sticky cookie name [expires=time] [domain=domain] ...

The cookie name parameter must be specified without 'name=' prefix.

This Pull Request (PR) fixes the following issues

Fixes #1285

The service parameter of the upstream member enables port discovery
via DNS SRV records. When it is used, a server port must not be
specified or nginx will fail with the following error:

nginx: [emerg] service upstream may not have port

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

The PR removes the port from the server directive when the serviceparameter is set and updates the corresponding unit test.

This Pull Request (PR) fixes the following issues

Fixes #1282

While this isn't perfect, it's a huge step in the direction.

Allow user to change path for sites-enabled and streams-enabled keeping it within conf dir.
related to: #1234 and #1302

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

Updated listen_port data type from Integer to Variant[String, Integer] in 'nginx::resource::server' and 'nginx::resource::streamhost' as newer versions of Nginx support port range at listen port.
Please check the release notes from 26th of March:
- http://nginx.org/en/CHANGES
- https://www.nginx.com/blog/nginx-plus-r18-released#port-ranges
```
Changes with nginx 1.15.10 26 Mar 2019

*) Change: when using a hostname in the "listen" directive nginx now
creates listening sockets for all addresses the hostname resolves to
(previously, only the first address was used).

*) Feature: port ranges in the "listen" directive.
...
```

Pull Request (PR) description

This adds the ability to configure logging for stream configuration in Nginx, like getting IP addresses from access logging.

This PR includes the changes in #1401. That PR was built on #1336. This PR simply pulls in the changes atop the current version of master.

closes #1401
closes #1336

Pull Request (PR) description

This PR adds "proxy_bind" parameter to the nginx class. If set, it generates a config entry in nginx.conf, block "http".

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Add support to install nginx through AppStream on EL8.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

nginx manages the directory permissions on its own,
so the default value is undef to avoid conflicts.

This Pull Request (PR) fixes the following issues

Related to #1443

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Allow set custom uwsgi params in nginx::resource::server (location /) by exposing location::$nginx_param parameter
-->

This Pull Request (PR) fixes the following issues

<!--
New feature
-->

Pull Request (PR) description

I want to configure nginx unix socket on SSL vhost. In my case, I have listenport == sslport, selected template does not allow me to configure unix socket.

Fixes #1416

Note - same change may be needed in other template files.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Following on work from previous PRs to add stream log changes.

Trying to fix the tests and the file conflicts again.

Explanation of the variables:
https://github.com/voxpupuli/puppet-nginx/pull/1439#issuecomment-875198474

This Pull Request (PR) fixes the following issu

Closes: https://github.com/voxpupuli/puppet-nginx/pull/1439

Pull Request (PR) description

The escape parameter was added to nginx 1.11.8. This optional
parameter allow 3 values: 'default', 'json' and 'none'. Setting this
parameter is currently tricky do to the way the configuration snippet is
generated (note the unbalanced quotes in the middle of the log string):

puppet
class { 'nginx':
# ...
log_format => {
json_combined => "escape=json' '{...}",
# ^ ^
# | `-- start quote of the log string
# `---- end quote of the escape format
}
}


Adjust the data type of the log_format parameter to match the "legacy"
way of only passing a Hash consisting of a name (String) matching a
format string (String), but also accept a Tuple for the escape parameter
(Enum) followed by the format string, allowing a less cluttered Puppet
manifest:

puppet
class { 'nginx':
# ...
log_format => {
json_combined => [
'escape=json',
'{...}',
],
},
}


This Pull Request (PR) fixes the following issues

n/a

Package manager would show: N: Skipping acquire of configured file 'nginx/binary-i386/Packages' as repository 'http://nginx.org/packages/ubuntu bionic InRelease' doesn't support architecture 'i386'
Adding correct architecture fixes the error

Pull Request (PR) description

On Ubuntu 18.04 and later 20.04 I always got following message on 'apt update':
N: Skipping acquire of configured file 'nginx/binary-i386/Packages' as repository 'http://nginx.org/packages/ubuntu bionic InRelease' doesn't support architecture 'i386'

My PR changes the apt:source resource for amd64 ubuntu instances, to include the architecture of the distribution in the sources file, as well, eliminating the above error and allowing nginx to be updated correctly.

Hello,
This PR adds the support of the following directives at location level

• access_log
• error_log
• lognotfound

it allows to be more precise in the logging strategy.

Hope it helps.

This is to test https://github.com/voxpupuli/voxpupuli-test/pull/62 and see the impact on runtime.

This is the same as #1478 however changes the spec tests to check for
is.expect.not_to instead of removing

Fixes: #1372

modulesync 5.0.0

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

make allow/deny lists unique

Pull Request (PR) description

• add ability to include conf.d/name.acl ACLs to server/location blocks to not repeat allow/deny rules multiple times
• allows to combine common allow list (in .acl file) with allow/deny rules in specific block (deny rule will be the last)

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

do not recreate log_dir if it is already a symlink