diff --git a/CHANGELOG.md b/CHANGELOG.md index de1e9d7..828b0fa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,16 @@ cookbook-nginx CHANGELOG =============== +## 1.2.0 + + - Miguel Negrón + - [4435c11] Merge pull request #15 from redBorder/bugfix/#19144_missing_nginx_confd_files + - David Vanhoucke + - [524bf9d] remove files if service disabled + - Miguel Negron + - [fcbbde2] erchef_hosts + - [26ab787] Add balancing + ## 1.0.2 - Miguel Negrón diff --git a/resources/metadata.rb b/resources/metadata.rb index d179976..af58e15 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -3,4 +3,4 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures cookbook-nginx' -version '1.0.2' +version '1.2.0' diff --git a/resources/providers/config.rb b/resources/providers/config.rb index d165682..2f14e20 100644 --- a/resources/providers/config.rb +++ b/resources/providers/config.rb @@ -89,10 +89,38 @@ end end +action :add_http2k do + begin + http2k_hosts = new_resource.http2k_hosts + http2k_port = new_resource.http2k_port + + service 'nginx' do + service_name 'nginx' + supports status: true, reload: true, restart: true, start: true, enable: true + action :nothing + end + + template '/etc/nginx/conf.d/http2k.conf' do + source 'http2k.conf.erb' + owner 'nginx' + group 'nginx' + mode '0644' + cookbook 'nginx' + variables(http2k_hosts: http2k_hosts, http2k_port: http2k_port) + notifies :restart, 'service[nginx]' + end + + Chef::Log.info('nginx http2k configuration has been processed') + rescue => e + Chef::Log.error(e.message) + end +end + action :add_s3 do # Only for configure solo begin s3_port = new_resource.s3_port s3_hosts = new_resource.s3_hosts + template '/etc/nginx/conf.d/s3.conf' do source 's3.conf.erb' owner user @@ -116,6 +144,7 @@ action :add_erchef do begin + erchef_hosts = new_resource.erchef_hosts erchef_port = new_resource.erchef_port template '/etc/nginx/conf.d/erchef.conf' do @@ -124,7 +153,7 @@ group user mode '0644' cookbook 'nginx' - variables(erchef_port: erchef_port) + variables(erchef_hosts: erchef_hosts, erchef_port: erchef_port) notifies :restart, 'service[nginx]' end @@ -141,6 +170,7 @@ action :add_aioutliers do begin + aioutliers_hosts = new_resource.aioutliers_hosts aioutliers_port = new_resource.aioutliers_port template '/etc/nginx/conf.d/aioutliers.conf' do @@ -149,7 +179,7 @@ group user mode '0644' cookbook 'nginx' - variables(aioutliers_port: aioutliers_port) + variables(aioutliers_hosts: aioutliers_hosts, aioutliers_port: aioutliers_port) notifies :restart, 'service[nginx]' end @@ -180,6 +210,46 @@ end end +action :remove_http2k do + begin + + service 'nginx' do + service_name 'nginx' + supports status: true, reload: true, restart: true, start: true, enable: true + action :nothing + end + + file '/etc/nginx/conf.d/http2k.conf' do + action :delete + notifies :restart, 'service[nginx]' + end + + Chef::Log.info('nginx http2k configuration has been processed') + rescue => e + Chef::Log.error(e.message) + end +end + +action :remove_aioutliers do + begin + + service 'nginx' do + service_name 'nginx' + supports status: true, reload: true, restart: true, start: true, enable: true + action :nothing + end + + file '/etc/nginx/conf.d/aioutliers.conf' do + action :delete + notifies :restart, 'service[nginx]' + end + + Chef::Log.info('nginx aioutliers configuration has been processed') + rescue => e + Chef::Log.error(e.message) + end +end + action :register do begin consul_servers = system('serf members -tag consul=ready | grep consul=ready &> /dev/null') diff --git a/resources/resources/config.rb b/resources/resources/config.rb index 591b0f4..c003858 100644 --- a/resources/resources/config.rb +++ b/resources/resources/config.rb @@ -1,13 +1,17 @@ # Cookbook:: nginx # Resource:: config -actions :add, :add_s3, :add_erchef, :add_aioutliers, :configure_certs, :remove, :register, :deregister +actions :add, :add_http2k, :add_s3, :add_erchef, :add_aioutliers, :configure_certs, :remove_http2k, :remove_aioutliers, :remove, :register, :deregister default_action :add attribute :user, kind_of: String, default: 'nginx' -attribute :s3_port, kind_of: Integer, default: 9000 +attribute :http2k_port, kind_of: Integer, default: 9000 +attribute :http2k_hosts, kind_of: Array +attribute :s3_port, kind_of: Integer, default: 7980 attribute :s3_hosts, kind_of: Array, default: ['localhost:9000'] +attribute :erchef_hosts, kind_of: Array attribute :erchef_port, kind_of: Integer, default: 4443 +attribute :aioutliers_hosts, kind_of: Array attribute :aioutliers_port, kind_of: Integer, default: 39091 attribute :cdomain, kind_of: String, default: 'redborder.cluster' attribute :service_name, kind_of: String diff --git a/resources/templates/default/aioutliers.conf.erb b/resources/templates/default/aioutliers.conf.erb index a31a32e..b379a70 100644 --- a/resources/templates/default/aioutliers.conf.erb +++ b/resources/templates/default/aioutliers.conf.erb @@ -3,7 +3,13 @@ ####################################################### upstream rb-aioutliers { - server localhost:<%= @aioutliers_port %> max_fails=3 fail_timeout=5s; + <% @aioutliers_hosts.each do |aioutliers_host| %> + <% if aioutliers_host == "#{node['name']}.#{node['redborder']['cdomain']}" %> + server 127.0.0.1:<%= @aioutliers_port %> weight=6 max_fails=3 fail_timeout=5s; + <% else %> + server <%= aioutliers_host %>:<%= @aioutliers_port %> weight=4 max_fails=3 fail_timeout=120; + <% end%> + <% end %> } server { diff --git a/resources/templates/default/erchef.conf.erb b/resources/templates/default/erchef.conf.erb index 6a5e609..9735213 100644 --- a/resources/templates/default/erchef.conf.erb +++ b/resources/templates/default/erchef.conf.erb @@ -3,7 +3,13 @@ ####################################################### upstream erchef { - server localhost:<%= @erchef_port %> weight=2 max_fails=3 fail_timeout=5s; + <% @erchef_hosts.each do |erchef_host| %> + <% if erchef_host == "#{node['name']}.#{node['redborder']['cdomain']}" %> + server 127.0.0.1:<%= @erchef_port %> weight=6 max_fails=3 fail_timeout=5s; + <% else %> + server <%= erchef_host %>:<%= @erchef_port %> weight=4 max_fails=3 fail_timeout=120; + <% end %> + <% end %> } server { diff --git a/resources/templates/default/http2k.conf.erb b/resources/templates/default/http2k.conf.erb new file mode 100644 index 0000000..3d690aa --- /dev/null +++ b/resources/templates/default/http2k.conf.erb @@ -0,0 +1,49 @@ +#################################################### +## Generated by Chef for <%= node["hostname"] %> +#################################################### + +upstream http2k { + <% @http2k_hosts.each do |http2k_host| %> + <% if http2k_host == "#{node['name']}.#{node['redborder']['cdomain']}" %> + server 127.0.0.1:<%= @http2k_port %> weight=6 max_fails=3 fail_timeout=5s; + <% else %> + server <%=http2k_host%>:<%= @http2k_port %> weight=4 max_fails=3 fail_timeout=120; + <% end %> + <% end %> + } + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name http2k.service. .http2k.service; + + ssl_certificate /etc/nginx/ssl/http2k.crt; + ssl_certificate_key /etc/nginx/ssl/http2k.key; + ssl_session_timeout 10m; + ssl_protocols TLSv1.2; + ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; + ssl_prefer_server_ciphers on; + access_log /var/log/nginx/access.log main; + + client_max_body_size 512m; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_pass_request_headers on; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + proxy_temp_file_write_size 256k; + + location / { + proxy_redirect http://http2k /; + proxy_pass http://http2k; + } + }