From a0d560a45b67ff7deda616d2fd389c8bb15a2b2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Tue, 21 Oct 2025 14:27:47 +0200
Subject: [PATCH 1/9] streamline defaults with nginx
---
REFERENCE.md | 174 +++++++--------
manifests/config.pp | 4 +-
manifests/init.pp | 380 ++++++++++++++++----------------
spec/classes/nginx_spec.rb | 4 +-
templates/conf.d/nginx.conf.erb | 42 +++-
5 files changed, 320 insertions(+), 284 deletions(-)
diff --git a/REFERENCE.md b/REFERENCE.md
index 09e67698b..10ec8371f 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -165,8 +165,8 @@ The following parameters are available in the `nginx` class:
* [`mime_types_path`](#-nginx--mime_types_path)
* [`stream`](#-nginx--stream)
* [`multi_accept`](#-nginx--multi_accept)
-* [`names_hash_bucket_size`](#-nginx--names_hash_bucket_size)
-* [`names_hash_max_size`](#-nginx--names_hash_max_size)
+* [`server_names_hash_bucket_size`](#-nginx--server_names_hash_bucket_size)
+* [`server_names_hash_max_size`](#-nginx--server_names_hash_max_size)
* [`nginx_cfg_prepend`](#-nginx--nginx_cfg_prepend)
* [`proxy_buffers`](#-nginx--proxy_buffers)
* [`proxy_buffer_size`](#-nginx--proxy_buffer_size)
@@ -533,7 +533,7 @@ Default value: `'error'`
##### `pid`
-Data type: `Variant[Stdlib::Absolutepath,Boolean]`
+Data type: `Variant[Stdlib::Absolutepath, Boolean]`
@@ -637,63 +637,63 @@ Default value: `undef`
##### `accept_mutex`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'on'`
+Default value: `undef`
##### `accept_mutex_delay`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'500ms'`
+Default value: `undef`
##### `client_body_buffer_size`
-Data type: `Nginx::Size`
+Data type: `Optional[Nginx::Size]`
-Default value: `'128k'`
+Default value: `undef`
##### `client_max_body_size`
-Data type: `Nginx::Size`
+Data type: `Optional[Nginx::Size]`
-Default value: `'10m'`
+Default value: `undef`
##### `client_body_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'60s'`
+Default value: `undef`
##### `send_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'60s'`
+Default value: `undef`
##### `lingering_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'5s'`
+Default value: `undef`
##### `lingering_close`
-Data type: `Optional[Enum['on','off','always']]`
+Data type: `Optional[Enum['on', 'off', 'always']]`
@@ -781,11 +781,11 @@ Default value: `undef`
##### `gzip`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
##### `gzip_buffers`
@@ -797,11 +797,11 @@ Default value: `undef`
##### `gzip_comp_level`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `1`
+Default value: `undef`
##### `gzip_disable`
@@ -813,31 +813,31 @@ Default value: `'msie6'`
##### `gzip_min_length`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `20`
+Default value: `undef`
##### `gzip_http_version`
-Data type: `Enum['1.0','1.1']`
+Data type: `Optional[Enum['1.0', '1.1']]`
-Default value: `'1.1'`
+Default value: `undef`
##### `gzip_proxied`
-Data type: `Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]]`
+Data type: `Optional[Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]]]`
-Default value: `'off'`
+Default value: `undef`
##### `gzip_types`
-Data type: `Optional[Variant[String[1],Array[String[1]]]]`
+Data type: `Optional[Variant[String[1], Array[String[1]]]]`
@@ -845,11 +845,11 @@ Default value: `undef`
##### `gzip_vary`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
##### `gzip_static`
@@ -893,35 +893,35 @@ Default value: `undef`
##### `http_tcp_nodelay`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'on'`
+Default value: `undef`
##### `http_tcp_nopush`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
##### `keepalive_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'65s'`
+Default value: `undef`
##### `keepalive_requests`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `100`
+Default value: `undef`
##### `log_format`
@@ -981,31 +981,31 @@ Default value: `false`
##### `multi_accept`
-Data type: `String`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
-##### `names_hash_bucket_size`
+##### `server_names_hash_bucket_size`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `64`
+Default value: `undef`
-##### `names_hash_max_size`
+##### `server_names_hash_max_size`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `512`
+Default value: `undef`
##### `nginx_cfg_prepend`
-Data type: `Variant[Boolean,Array,Hash]`
+Data type: `Variant[Boolean, Array, Hash]`
@@ -1013,19 +1013,19 @@ Default value: `false`
##### `proxy_buffers`
-Data type: `String`
+Data type: `Optional[String]`
-Default value: `'32 4k'`
+Default value: `undef`
##### `proxy_buffer_size`
-Data type: `Nginx::Size`
+Data type: `Optional[Nginx::Size]`
-Default value: `'8k'`
+Default value: `undef`
##### `proxy_cache_inactive`
@@ -1101,19 +1101,19 @@ Default value: `undef`
##### `proxy_connect_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'90s'`
+Default value: `undef`
##### `proxy_headers_hash_bucket_size`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `64`
+Default value: `undef`
##### `proxy_headers_hash_max_size`
@@ -1133,15 +1133,15 @@ Default value: `undef`
##### `proxy_read_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'90s'`
+Default value: `undef`
##### `proxy_redirect`
-Data type: `Optional[Variant[Array[String],String]]`
+Data type: `Optional[Variant[Array[String], String]]`
@@ -1149,11 +1149,11 @@ Default value: `undef`
##### `proxy_send_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'90s'`
+Default value: `undef`
##### `proxy_set_header`
@@ -1216,19 +1216,19 @@ Default value: `undef`
##### `sendfile`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'on'`
+Default value: `undef`
##### `server_tokens`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'on'`
+Default value: `undef`
##### `spdy`
@@ -1248,19 +1248,19 @@ Default value: `'off'`
##### `ssl_stapling`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
##### `ssl_stapling_verify`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'off'`
+Default value: `undef`
##### `snippets_dir`
@@ -1280,43 +1280,43 @@ Default value: `true`
##### `types_hash_bucket_size`
-Data type: `Variant[Integer,String]`
+Data type: `Optional[Integer]`
-Default value: `'512'`
+Default value: `undef`
##### `types_hash_max_size`
-Data type: `Variant[Integer,String]`
+Data type: `Optional[Integer]`
-Default value: `'1024'`
+Default value: `undef`
##### `worker_connections`
-Data type: `Integer`
+Data type: `Optional[Integer]`
-Default value: `1024`
+Default value: `undef`
##### `ssl_prefer_server_ciphers`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
-Default value: `'on'`
+Default value: `undef`
##### `worker_processes`
-Data type: `Variant[Integer, Enum['auto']]`
+Data type: `Optional[Variant[Integer, Enum['auto']]]`
-Default value: `'auto'`
+Default value: `undef`
##### `worker_rlimit_nofile`
@@ -1336,19 +1336,19 @@ Default value: `undef`
##### `ssl_protocols`
-Data type: `String`
+Data type: `Optional[String]`
-Default value: `'TLSv1 TLSv1.1 TLSv1.2'`
+Default value: `undef`
##### `ssl_ciphers`
-Data type: `String`
+Data type: `Optional[String]`
-Default value: `'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'`
+Default value: `undef`
##### `ssl_dhparam`
@@ -1368,19 +1368,19 @@ Default value: `undef`
##### `ssl_session_cache`
-Data type: `String`
+Data type: `Optional[String]`
-Default value: `'shared:SSL:10m'`
+Default value: `undef`
##### `ssl_session_timeout`
-Data type: `Nginx::Time`
+Data type: `Optional[Nginx::Time]`
-Default value: `'5m'`
+Default value: `undef`
##### `ssl_session_tickets`
diff --git a/manifests/config.pp b/manifests/config.pp
index c373364ef..08a148d5a 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -85,8 +85,8 @@
default => $nginx::mime_types,
}
$multi_accept = $nginx::multi_accept
- $names_hash_bucket_size = $nginx::names_hash_bucket_size
- $names_hash_max_size = $nginx::names_hash_max_size
+ $server_names_hash_bucket_size = $nginx::server_names_hash_bucket_size
+ $server_names_hash_max_size = $nginx::server_names_hash_max_size
$nginx_cfg_prepend = $nginx::nginx_cfg_prepend
$proxy_buffers = $nginx::proxy_buffers
$proxy_buffer_size = $nginx::proxy_buffer_size
diff --git a/manifests/init.pp b/manifests/init.pp
index 7f03fd688..d28795632 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -129,8 +129,8 @@
# @param mime_types_path
# @param stream
# @param multi_accept
-# @param names_hash_bucket_size
-# @param names_hash_max_size
+# @param server_names_hash_bucket_size
+# @param server_names_hash_max_size
# @param nginx_cfg_prepend
# @param proxy_buffers
# @param proxy_buffer_size
@@ -221,114 +221,114 @@
# @param variables_hash_max_size
class nginx (
### START Nginx Configuration ###
- Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $client_body_temp_path = undef,
- Boolean $confd_only = false,
- Boolean $confd_purge = false,
- Stdlib::Absolutepath $conf_dir = $nginx::params::conf_dir,
- Optional[Enum['on', 'off']] $daemon = undef,
- String[1] $daemon_user = $nginx::params::daemon_user,
- Optional[String[1]] $daemon_group = undef,
- Array[String] $dynamic_modules = [],
- String[1] $global_owner = 'root',
- String[1] $global_group = $nginx::params::global_group,
- Stdlib::Filemode $global_mode = '0644',
- Optional[Variant[String[1], Array[String[1]]]] $limit_req_zone = undef,
- Stdlib::Absolutepath $log_dir = $nginx::params::log_dir,
- Boolean $manage_log_dir = true,
- String[1] $log_user = $nginx::params::log_user,
- String[1] $log_group = $nginx::params::log_group,
- Stdlib::Filemode $log_mode = $nginx::params::log_mode,
- Variant[String, Array[String]] $http_access_log = "${log_dir}/access.log",
- Optional[String] $http_format_log = undef,
- Variant[String, Array[String]] $stream_access_log = "${log_dir}/stream-access.log",
- Optional[String] $stream_custom_format_log = undef,
- Variant[String, Array[String]] $nginx_error_log = "${log_dir}/error.log",
- Nginx::ErrorLogSeverity $nginx_error_log_severity = 'error',
- Variant[Stdlib::Absolutepath,Boolean] $pid = $nginx::params::pid,
- Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $proxy_temp_path = undef,
- String[1] $root_group = $nginx::params::root_group,
- String[1] $sites_available_owner = 'root',
- String[1] $sites_available_group = $nginx::params::sites_available_group,
- Stdlib::Filemode $sites_available_mode = '0644',
- Boolean $super_user = true,
- Stdlib::Absolutepath $temp_dir = '/tmp',
- Boolean $server_purge = false,
- Boolean $include_modules_enabled = $nginx::params::include_modules_enabled,
+ Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $client_body_temp_path = undef,
+ Boolean $confd_only = false,
+ Boolean $confd_purge = false,
+ Stdlib::Absolutepath $conf_dir = $nginx::params::conf_dir,
+ Optional[Enum['on', 'off']] $daemon = undef,
+ String[1] $daemon_user = $nginx::params::daemon_user,
+ Optional[String[1]] $daemon_group = undef,
+ Array[String] $dynamic_modules = [],
+ String[1] $global_owner = 'root',
+ String[1] $global_group = $nginx::params::global_group,
+ Stdlib::Filemode $global_mode = '0644',
+ Optional[Variant[String[1], Array[String[1]]]] $limit_req_zone = undef,
+ Stdlib::Absolutepath $log_dir = $nginx::params::log_dir,
+ Boolean $manage_log_dir = true,
+ String[1] $log_user = $nginx::params::log_user,
+ String[1] $log_group = $nginx::params::log_group,
+ Stdlib::Filemode $log_mode = $nginx::params::log_mode,
+ Variant[String, Array[String]] $http_access_log = "${log_dir}/access.log",
+ Optional[String] $http_format_log = undef,
+ Variant[String, Array[String]] $stream_access_log = "${log_dir}/stream-access.log",
+ Optional[String] $stream_custom_format_log = undef,
+ Variant[String, Array[String]] $nginx_error_log = "${log_dir}/error.log",
+ Nginx::ErrorLogSeverity $nginx_error_log_severity = 'error',
+ Variant[Stdlib::Absolutepath, Boolean] $pid = $nginx::params::pid,
+ Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $proxy_temp_path = undef,
+ String[1] $root_group = $nginx::params::root_group,
+ String[1] $sites_available_owner = 'root',
+ String[1] $sites_available_group = $nginx::params::sites_available_group,
+ Stdlib::Filemode $sites_available_mode = '0644',
+ Boolean $super_user = true,
+ Stdlib::Absolutepath $temp_dir = '/tmp',
+ Boolean $server_purge = false,
+ Boolean $include_modules_enabled = $nginx::params::include_modules_enabled,
# Primary Templates
- String[1] $conf_template = 'nginx/conf.d/nginx.conf.erb',
- String[1] $fastcgi_conf_template = 'nginx/server/fastcgi.conf.erb',
- String[1] $uwsgi_params_template = 'nginx/server/uwsgi_params.erb',
+ String[1] $conf_template = 'nginx/conf.d/nginx.conf.erb',
+ String[1] $fastcgi_conf_template = 'nginx/server/fastcgi.conf.erb',
+ String[1] $uwsgi_params_template = 'nginx/server/uwsgi_params.erb',
### START Nginx Configuration ###
- Optional[Enum['on', 'off']] $absolute_redirect = undef,
- Enum['on', 'off'] $accept_mutex = 'on',
- Nginx::Time $accept_mutex_delay = '500ms',
- Nginx::Size $client_body_buffer_size = '128k',
- Nginx::Size $client_max_body_size = '10m',
- Nginx::Time $client_body_timeout = '60s',
- Nginx::Time $send_timeout = '60s',
- Nginx::Time $lingering_timeout = '5s',
- Optional[Enum['on','off','always']] $lingering_close = undef,
- Optional[String[1]] $lingering_time = undef,
- Optional[Enum['on', 'off']] $etag = undef,
- Optional[String] $events_use = undef,
- Array[Nginx::DebugConnection] $debug_connections = [],
- Nginx::Time $fastcgi_cache_inactive = '20m',
- Optional[String] $fastcgi_cache_key = undef,
- String $fastcgi_cache_keys_zone = 'd3:100m',
- String $fastcgi_cache_levels = '1',
- Nginx::Size $fastcgi_cache_max_size = '500m',
- Optional[String] $fastcgi_cache_path = undef,
- Optional[String] $fastcgi_cache_use_stale = undef,
- Enum['on', 'off'] $gzip = 'off',
- Optional[String] $gzip_buffers = undef,
- Integer $gzip_comp_level = 1,
- String $gzip_disable = 'msie6',
- Integer $gzip_min_length = 20,
- Enum['1.0','1.1'] $gzip_http_version = '1.1',
- Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]] $gzip_proxied = 'off',
- Optional[Variant[String[1],Array[String[1]]]] $gzip_types = undef,
- Enum['on', 'off'] $gzip_vary = 'off',
- Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
- Optional[Variant[Hash, Array]] $http_cfg_prepend = undef,
- Optional[Variant[Hash, Array]] $http_cfg_append = undef,
- Optional[Variant[Array[String], String]] $http_raw_prepend = undef,
- Optional[Variant[Array[String], String]] $http_raw_append = undef,
- Enum['on', 'off'] $http_tcp_nodelay = 'on',
- Enum['on', 'off'] $http_tcp_nopush = 'off',
- Nginx::Time $keepalive_timeout = '65s',
- Integer $keepalive_requests = 100,
- Hash[String[1], Nginx::LogFormat] $log_format = {},
- Hash[String[1], Nginx::LogFormat] $stream_log_format = {},
- Boolean $mail = false,
- Optional[Integer] $map_hash_bucket_size = undef,
- Optional[Integer] $map_hash_max_size = undef,
- Variant[String, Boolean] $mime_types_path = 'mime.types',
- Boolean $stream = false,
- String $multi_accept = 'off',
- Integer $names_hash_bucket_size = 64,
- Integer $names_hash_max_size = 512,
- Variant[Boolean,Array,Hash] $nginx_cfg_prepend = false,
- String $proxy_buffers = '32 4k',
- Nginx::Size $proxy_buffer_size = '8k',
- Nginx::Time $proxy_cache_inactive = '20m',
- String $proxy_cache_keys_zone = 'd2:100m',
- String $proxy_cache_levels = '1',
- Nginx::Size $proxy_cache_max_size = '500m',
- Optional[Variant[Hash, String]] $proxy_cache_path = undef,
- Optional[Integer] $proxy_cache_loader_files = undef,
- Optional[String] $proxy_cache_loader_sleep = undef,
- Optional[String] $proxy_cache_loader_threshold = undef,
- Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
- Nginx::Time $proxy_connect_timeout = '90s',
- Integer $proxy_headers_hash_bucket_size = 64,
- Optional[Integer] $proxy_headers_hash_max_size = undef,
- Optional[String] $proxy_http_version = undef,
- Nginx::Time $proxy_read_timeout = '90s',
- Optional[Variant[Array[String],String]] $proxy_redirect = undef,
- Nginx::Time $proxy_send_timeout = '90s',
- Array $proxy_set_header = [
+ Optional[Enum['on', 'off']] $absolute_redirect = undef,
+ Optional[Enum['on', 'off']] $accept_mutex = undef, # nginx default is 'off'
+ Optional[Nginx::Time] $accept_mutex_delay = undef,
+ Optional[Nginx::Size] $client_body_buffer_size = undef, # nginx default is 2 memory pages
+ Optional[Nginx::Size] $client_max_body_size = undef, # nginx default is '1m'
+ Optional[Nginx::Time] $client_body_timeout = undef,
+ Optional[Nginx::Time] $send_timeout = undef,
+ Optional[Nginx::Time] $lingering_timeout = undef,
+ Optional[Enum['on', 'off', 'always']] $lingering_close = undef,
+ Optional[String[1]] $lingering_time = undef,
+ Optional[Enum['on', 'off']] $etag = undef,
+ Optional[String] $events_use = undef,
+ Array[Nginx::DebugConnection] $debug_connections = [],
+ Nginx::Time $fastcgi_cache_inactive = '20m',
+ Optional[String] $fastcgi_cache_key = undef,
+ String $fastcgi_cache_keys_zone = 'd3:100m',
+ String $fastcgi_cache_levels = '1',
+ Nginx::Size $fastcgi_cache_max_size = '500m',
+ Optional[String] $fastcgi_cache_path = undef,
+ Optional[String] $fastcgi_cache_use_stale = undef,
+ Optional[Enum['on', 'off']] $gzip = undef,
+ Optional[String] $gzip_buffers = undef,
+ Optional[Integer] $gzip_comp_level = undef,
+ String $gzip_disable = 'msie6',
+ Optional[Integer] $gzip_min_length = undef,
+ Optional[Enum['1.0', '1.1']] $gzip_http_version = undef,
+ Optional[Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]]] $gzip_proxied = undef,
+ Optional[Variant[String[1], Array[String[1]]]] $gzip_types = undef,
+ Optional[Enum['on', 'off']] $gzip_vary = undef,
+ Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
+ Optional[Variant[Hash, Array]] $http_cfg_prepend = undef,
+ Optional[Variant[Hash, Array]] $http_cfg_append = undef,
+ Optional[Variant[Array[String], String]] $http_raw_prepend = undef,
+ Optional[Variant[Array[String], String]] $http_raw_append = undef,
+ Optional[Enum['on', 'off']] $http_tcp_nodelay = undef,
+ Optional[Enum['on', 'off']] $http_tcp_nopush = undef,
+ Optional[Nginx::Time] $keepalive_timeout = undef, # nginx default is '75s'
+ Optional[Integer] $keepalive_requests = undef, # nginx default is 1000
+ Hash[String[1], Nginx::LogFormat] $log_format = {},
+ Hash[String[1], Nginx::LogFormat] $stream_log_format = {},
+ Boolean $mail = false,
+ Optional[Integer] $map_hash_bucket_size = undef,
+ Optional[Integer] $map_hash_max_size = undef,
+ Variant[String, Boolean] $mime_types_path = 'mime.types',
+ Boolean $stream = false,
+ Optional[Enum['on', 'off']] $multi_accept = undef,
+ Optional[Integer] $server_names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
+ Optional[Integer] $server_names_hash_max_size = undef,
+ Variant[Boolean, Array, Hash] $nginx_cfg_prepend = false,
+ Optional[String] $proxy_buffers = undef, # nginx defaults to 1 memory page
+ Optional[Nginx::Size] $proxy_buffer_size = undef, # nginx default is 1 memory page
+ Nginx::Time $proxy_cache_inactive = '20m',
+ String $proxy_cache_keys_zone = 'd2:100m',
+ String $proxy_cache_levels = '1',
+ Nginx::Size $proxy_cache_max_size = '500m',
+ Optional[Variant[Hash, String]] $proxy_cache_path = undef,
+ Optional[Integer] $proxy_cache_loader_files = undef,
+ Optional[String] $proxy_cache_loader_sleep = undef,
+ Optional[String] $proxy_cache_loader_threshold = undef,
+ Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
+ Optional[Nginx::Time] $proxy_connect_timeout = undef, # nginx default is '60s'
+ Optional[Integer] $proxy_headers_hash_bucket_size = undef,
+ Optional[Integer] $proxy_headers_hash_max_size = undef,
+ Optional[String] $proxy_http_version = undef,
+ Optional[Nginx::Time] $proxy_read_timeout = undef, # nginx default is '60s'
+ Optional[Variant[Array[String], String]] $proxy_redirect = undef,
+ Optional[Nginx::Time] $proxy_send_timeout = undef, # nginx default is '60s'
+ Array $proxy_set_header = [
'Host $host',
'X-Real-IP $remote_addr',
'X-Forwarded-For $proxy_add_x_forwarded_for',
@@ -336,91 +336,91 @@
'X-Forwarded-Proto $scheme',
'Proxy ""',
],
- Array $proxy_hide_header = [],
- Array $proxy_pass_header = [],
- Array $proxy_ignore_header = [],
- Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
- Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
- Enum['on', 'off'] $sendfile = 'on',
- Enum['on', 'off'] $server_tokens = 'on',
- Enum['on', 'off'] $spdy = 'off',
- Enum['on', 'off'] $http2 = 'off',
- Enum['on', 'off'] $ssl_stapling = 'off',
- Enum['on', 'off'] $ssl_stapling_verify = 'off',
- Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
- Boolean $manage_snippets_dir = true,
- Variant[Integer,String] $types_hash_bucket_size = '512',
- Variant[Integer,String] $types_hash_max_size = '1024',
- Integer $worker_connections = 1024,
- Enum['on', 'off'] $ssl_prefer_server_ciphers = 'on',
- Variant[Integer, Enum['auto']] $worker_processes = 'auto',
- Integer $worker_rlimit_nofile = 1024,
- Optional[Enum['on', 'off']] $pcre_jit = undef,
- String $ssl_protocols = 'TLSv1 TLSv1.1 TLSv1.2',
- String $ssl_ciphers = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS', # lint:ignore:140chars
- Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
- Optional[String] $ssl_ecdh_curve = undef,
- String $ssl_session_cache = 'shared:SSL:10m',
- Nginx::Time $ssl_session_timeout = '5m',
- Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
- Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,
- Optional[String] $ssl_buffer_size = undef,
- Optional[Stdlib::Absolutepath] $ssl_crl = undef,
- Optional[Stdlib::Absolutepath] $ssl_stapling_file = undef,
- Optional[String] $ssl_stapling_responder = undef,
- Optional[Stdlib::Absolutepath] $ssl_trusted_certificate = undef,
- Optional[Integer] $ssl_verify_depth = undef,
- Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
- Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
+ Array $proxy_hide_header = [],
+ Array $proxy_pass_header = [],
+ Array $proxy_ignore_header = [],
+ Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
+ Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
+ Optional[Enum['on', 'off']] $sendfile = undef, # nginx default is 'off'
+ Optional[Enum['on', 'off']] $server_tokens = undef,
+ Enum['on', 'off'] $spdy = 'off',
+ Enum['on', 'off'] $http2 = 'off',
+ Optional[Enum['on', 'off']] $ssl_stapling = undef,
+ Optional[Enum['on', 'off']] $ssl_stapling_verify = undef,
+ Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
+ Boolean $manage_snippets_dir = true,
+ Optional[Integer] $types_hash_bucket_size = undef, # nginx default is 64
+ Optional[Integer] $types_hash_max_size = undef,
+ Optional[Integer] $worker_connections = undef, # nginx default is 512
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef, # nginx default is 'off'
+ Optional[Variant[Integer, Enum['auto']]] $worker_processes = undef, # nginx default is 1
+ Integer $worker_rlimit_nofile = 1024,
+ Optional[Enum['on', 'off']] $pcre_jit = undef,
+ Optional[String] $ssl_protocols = undef, # nginx default is 'TLSv1.2 TLSv1.3'
+ Optional[String] $ssl_ciphers = undef, # nginx default is 'HIGH:!aNULL:!MD5'
+ Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
+ Optional[String] $ssl_ecdh_curve = undef,
+ Optional[String] $ssl_session_cache = undef, # nginx default is 'none'
+ Optional[Nginx::Time] $ssl_session_timeout = undef,
+ Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
+ Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,
+ Optional[String] $ssl_buffer_size = undef,
+ Optional[Stdlib::Absolutepath] $ssl_crl = undef,
+ Optional[Stdlib::Absolutepath] $ssl_stapling_file = undef,
+ Optional[String] $ssl_stapling_responder = undef,
+ Optional[Stdlib::Absolutepath] $ssl_trusted_certificate = undef,
+ Optional[Integer] $ssl_verify_depth = undef,
+ Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
+ Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
+ Optional[Integer] $variables_hash_bucket_size = undef,
+ Optional[Integer] $variables_hash_max_size = undef,
### START Package Configuration ###
- String $package_ensure = installed,
- String $package_name = $nginx::params::package_name,
- Nginx::Package_source $package_source = 'nginx',
- Optional[String] $package_flavor = undef,
- Boolean $manage_repo = $nginx::params::manage_repo,
- Hash[String[1], String[1]] $mime_types = $nginx::params::mime_types,
- Boolean $mime_types_preserve_defaults = false,
- Optional[String] $repo_release = undef,
- String $passenger_package_ensure = installed,
- String[1] $passenger_package_name = $nginx::params::passenger_package_name,
+ String $package_ensure = installed,
+ String $package_name = $nginx::params::package_name,
+ Nginx::Package_source $package_source = 'nginx',
+ Optional[String] $package_flavor = undef,
+ Boolean $manage_repo = $nginx::params::manage_repo,
+ Hash[String[1], String[1]] $mime_types = $nginx::params::mime_types,
+ Boolean $mime_types_preserve_defaults = false,
+ Optional[String] $repo_release = undef,
+ String $passenger_package_ensure = installed,
+ String[1] $passenger_package_name = $nginx::params::passenger_package_name,
# This is optional, to allow it to be set to undef for systems that install it with nginx always
- Optional[String[1]] $mail_package_name = $nginx::params::mail_package_name,
- Optional[Stdlib::HTTPUrl] $repo_source = undef,
+ Optional[String[1]] $mail_package_name = $nginx::params::mail_package_name,
+ Optional[Stdlib::HTTPUrl] $repo_source = undef,
### END Package Configuration ###
### START Service Configuation ###
- Stdlib::Ensure::Service $service_ensure = 'running',
- Boolean $service_enable = true,
- Optional[String] $service_flags = undef,
- Optional[String] $service_restart = undef,
- String $service_name = 'nginx',
- Boolean $service_manage = true,
- Boolean $service_config_check = false,
- String $service_config_check_command = 'nginx -t',
+ Stdlib::Ensure::Service $service_ensure = 'running',
+ Boolean $service_enable = true,
+ Optional[String] $service_flags = undef,
+ Optional[String] $service_restart = undef,
+ String $service_name = 'nginx',
+ Boolean $service_manage = true,
+ Boolean $service_config_check = false,
+ String $service_config_check_command = 'nginx -t',
### END Service Configuration ###
### START Hiera Lookups ###
- Hash $geo_mappings = {},
- Hash $geo_mappings_defaults = {},
- Hash $string_mappings = {},
- Hash $string_mappings_defaults = {},
- Hash $nginx_snippets = {},
- Hash $nginx_snippets_defaults = {},
- Hash $nginx_locations = {},
- Hash $nginx_locations_defaults = {},
- Hash $nginx_mailhosts = {},
- Hash $nginx_mailhosts_defaults = {},
- Hash $nginx_servers = {},
- Hash $nginx_servers_defaults = {},
- Hash $nginx_streamhosts = {},
- Hash $nginx_streamhosts_defaults = {},
- Hash $nginx_upstreams = {},
- Nginx::UpstreamDefaults $nginx_upstreams_defaults = {},
- Boolean $purge_passenger_repo = true,
- String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'),
- Optional[Integer] $variables_hash_bucket_size = undef,
- Optional[Integer] $variables_hash_max_size = undef,
+ Hash $geo_mappings = {},
+ Hash $geo_mappings_defaults = {},
+ Hash $string_mappings = {},
+ Hash $string_mappings_defaults = {},
+ Hash $nginx_snippets = {},
+ Hash $nginx_snippets_defaults = {},
+ Hash $nginx_locations = {},
+ Hash $nginx_locations_defaults = {},
+ Hash $nginx_mailhosts = {},
+ Hash $nginx_mailhosts_defaults = {},
+ Hash $nginx_servers = {},
+ Hash $nginx_servers_defaults = {},
+ Hash $nginx_streamhosts = {},
+ Hash $nginx_streamhosts_defaults = {},
+ Hash $nginx_upstreams = {},
+ Nginx::UpstreamDefaults $nginx_upstreams_defaults = {},
+ Boolean $purge_passenger_repo = true,
+ String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'),
### END Hiera Lookups ###
) inherits nginx::params {
@@ -428,14 +428,14 @@
contain 'nginx::config'
contain 'nginx::service'
- create_resources( 'nginx::resource::geo', $geo_mappings, $geo_mappings_defaults )
- create_resources( 'nginx::resource::snippet', $nginx_snippets, $nginx_snippets_defaults )
- create_resources( 'nginx::resource::location', $nginx_locations, $nginx_locations_defaults )
- create_resources( 'nginx::resource::mailhost', $nginx_mailhosts, $nginx_mailhosts_defaults )
- create_resources( 'nginx::resource::map', $string_mappings, $string_mappings_defaults )
- create_resources( 'nginx::resource::server', $nginx_servers, $nginx_servers_defaults )
- create_resources( 'nginx::resource::streamhost', $nginx_streamhosts, $nginx_streamhosts_defaults )
- create_resources( 'nginx::resource::upstream', $nginx_upstreams, $nginx_upstreams_defaults )
+ create_resources('nginx::resource::geo', $geo_mappings, $geo_mappings_defaults)
+ create_resources('nginx::resource::snippet', $nginx_snippets, $nginx_snippets_defaults)
+ create_resources('nginx::resource::location', $nginx_locations, $nginx_locations_defaults)
+ create_resources('nginx::resource::mailhost', $nginx_mailhosts, $nginx_mailhosts_defaults)
+ create_resources('nginx::resource::map', $string_mappings, $string_mappings_defaults)
+ create_resources('nginx::resource::server', $nginx_servers, $nginx_servers_defaults)
+ create_resources('nginx::resource::streamhost', $nginx_streamhosts, $nginx_streamhosts_defaults)
+ create_resources('nginx::resource::upstream', $nginx_upstreams, $nginx_upstreams_defaults)
# Allow the end user to establish relationships to the "main" class
# and preserve the relationship to the implementation classes through
diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb
index 7bf2a3c3d..515f4fc67 100644
--- a/spec/classes/nginx_spec.rb
+++ b/spec/classes/nginx_spec.rb
@@ -645,13 +645,13 @@
},
{
title: 'should set server_names_hash_bucket_size',
- attr: 'names_hash_bucket_size',
+ attr: 'server_names_hash_bucket_size',
value: 10,
match: ' server_names_hash_bucket_size 10;'
},
{
title: 'should set server_names_hash_max_size',
- attr: 'names_hash_max_size',
+ attr: 'server_names_hash_max_size',
value: 10,
match: ' server_names_hash_max_size 10;'
},
diff --git a/templates/conf.d/nginx.conf.erb b/templates/conf.d/nginx.conf.erb
index 39805a3ac..942a8baf0 100644
--- a/templates/conf.d/nginx.conf.erb
+++ b/templates/conf.d/nginx.conf.erb
@@ -13,7 +13,9 @@ daemon <%= @daemon %>;
<% if @super_user -%>
user <%= @daemon_user %><% if @daemon_group -%> <%= @daemon_group %><% end -%>;
<% end -%>
+<% if @worker_processes -%>
worker_processes <%= @worker_processes %>;
+<% end -%>
<% if @worker_rlimit_nofile -%>
worker_rlimit_nofile <%= @worker_rlimit_nofile %>;
<% end -%>
@@ -38,11 +40,15 @@ include /etc/nginx/modules-enabled/*.conf;
<% end -%>
events {
+ <%- if @accept_mutex -%>
accept_mutex <%= @accept_mutex %>;
+ <%- end -%>
<%- if @accept_mutex_delay -%>
accept_mutex_delay <%= @accept_mutex_delay %>;
<%- end -%>
+ <%- if @worker_connections -%>
worker_connections <%= @worker_connections -%>;
+ <%- end -%>
<%- if @multi_accept == 'on' -%>
multi_accept on;
<%- end -%>
@@ -117,13 +123,23 @@ http {
tcp_nopush on;
<%- end -%>
<% end -%>
+<% if @server_tokens -%>
server_tokens <%= @server_tokens %>;
+<% end -%>
+<% if @types_hash_max_size -%>
types_hash_max_size <%= @types_hash_max_size %>;
+<% end -%>
+<% if @types_hash_bucket_size -%>
types_hash_bucket_size <%= @types_hash_bucket_size %>;
+<% end -%>
- server_names_hash_bucket_size <%= @names_hash_bucket_size %>;
- server_names_hash_max_size <%= @names_hash_max_size %>;
+<% if @server_names_hash_bucket_size -%>
+ server_names_hash_bucket_size <%= @server_names_hash_bucket_size %>;
+<% end -%>
+<% if @server_names_hash_max_size -%>
+ server_names_hash_max_size <%= @server_names_hash_max_size %>;
+<% end -%>
<% if @map_hash_bucket_size -%>
map_hash_bucket_size <%= @map_hash_bucket_size %>;
@@ -139,18 +155,30 @@ http {
variables_hash_max_size <%= @variables_hash_max_size %>;
<% end -%>
+<% if @keepalive_timeout -%>
keepalive_timeout <%= @keepalive_timeout %>;
+<% end -%>
+<% if @keepalive_requests -%>
keepalive_requests <%= @keepalive_requests %>;
+<% end -%>
+<% if @client_body_timeout -%>
client_body_timeout <%= @client_body_timeout %>;
+<% end -%>
+<% if @send_timeout -%>
send_timeout <%= @send_timeout %>;
+<% end -%>
<% if @lingering_close -%>
lingering_close <%= @lingering_close %>;
<% end -%>
<% if @lingering_time -%>
lingering_time <%= @lingering_time %>;
<% end -%>
+<% if @lingering_timeout -%>
lingering_timeout <%= @lingering_timeout %>;
+<% end -%>
+<% if @http_tcp_nodelay -%>
tcp_nodelay <%= @http_tcp_nodelay %>;
+<% end -%>
<% if @reset_timedout_connection -%>
reset_timedout_connection <%= @reset_timedout_connection %>;
<% end -%>
@@ -160,27 +188,35 @@ http {
<% end -%>
<% if @gzip_static -%>
- gzip_static <%= @gzip_static %>;
+ gzip_static <%= @gzip_static %>;
<% end -%>
<% if @gzip == 'on' -%>
gzip on;
<% if @gzip_buffers -%>
gzip_buffers <%= @gzip_buffers %>;
<% end -%>
+<% if @gzip_comp_level -%>
gzip_comp_level <%= @gzip_comp_level %>;
+<% end -%>
<% if @gzip_disable -%>
gzip_disable <%= @gzip_disable %>;
<% end -%>
+<% if @gzip_min_length -%>
gzip_min_length <%= @gzip_min_length %>;
+<% end -%>
+<% if @gzip_http_version -%>
gzip_http_version <%= @gzip_http_version %>;
+<% end -%>
<% if @gzip_proxied -%>
gzip_proxied <%= Array(@gzip_proxied).uniq.join(' ') %>;
<% end -%>
<% if @gzip_types -%>
gzip_types <%= @gzip_types.kind_of?(Array) ? @gzip_types.join(' ') : @gzip_types %>;
<% end -%>
+<% if @gzip_vary -%>
gzip_vary <%= @gzip_vary %>;
<% end -%>
+<% end -%>
<% if @_client_body_temp_path -%>
client_body_temp_path <%= @_client_body_temp_path.join(' ') %>;
From f205134fba21b924e9c6ec7ad9fca6a14d3a280b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Tue, 21 Oct 2025 19:53:24 +0200
Subject: [PATCH 2/9] revert name changes, fix some more types
---
manifests/config.pp | 4 +-
manifests/init.pp | 8 +-
manifests/package/debian.pp | 6 +-
manifests/resource/geo.pp | 16 ++--
manifests/resource/location.pp | 13 ++-
manifests/resource/mailhost.pp | 94 ++++++++++----------
manifests/resource/map.pp | 4 +-
manifests/resource/server.pp | 10 +--
manifests/resource/streamhost.pp | 6 +-
manifests/resource/upstream.pp | 44 ++++-----
manifests/resource/upstream/member.pp | 36 ++++----
spec/classes/nginx_spec.rb | 4 +-
spec/defines/resource_location_spec.rb | 6 --
templates/conf.d/nginx.conf.erb | 8 +-
templates/mailhost/mailhost_ssl_settings.epp | 2 +
templates/server/locations/proxy.erb | 6 ++
templates/streamhost/streamhost.erb | 4 +
17 files changed, 138 insertions(+), 133 deletions(-)
diff --git a/manifests/config.pp b/manifests/config.pp
index 08a148d5a..c373364ef 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -85,8 +85,8 @@
default => $nginx::mime_types,
}
$multi_accept = $nginx::multi_accept
- $server_names_hash_bucket_size = $nginx::server_names_hash_bucket_size
- $server_names_hash_max_size = $nginx::server_names_hash_max_size
+ $names_hash_bucket_size = $nginx::names_hash_bucket_size
+ $names_hash_max_size = $nginx::names_hash_max_size
$nginx_cfg_prepend = $nginx::nginx_cfg_prepend
$proxy_buffers = $nginx::proxy_buffers
$proxy_buffer_size = $nginx::proxy_buffer_size
diff --git a/manifests/init.pp b/manifests/init.pp
index d28795632..fe0b99656 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -129,8 +129,8 @@
# @param mime_types_path
# @param stream
# @param multi_accept
-# @param server_names_hash_bucket_size
-# @param server_names_hash_max_size
+# @param names_hash_bucket_size
+# @param names_hash_max_size
# @param nginx_cfg_prepend
# @param proxy_buffers
# @param proxy_buffer_size
@@ -307,8 +307,8 @@
Variant[String, Boolean] $mime_types_path = 'mime.types',
Boolean $stream = false,
Optional[Enum['on', 'off']] $multi_accept = undef,
- Optional[Integer] $server_names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
- Optional[Integer] $server_names_hash_max_size = undef,
+ Optional[Integer] $names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
+ Optional[Integer] $names_hash_max_size = undef,
Variant[Boolean, Array, Hash] $nginx_cfg_prepend = false,
Optional[String] $proxy_buffers = undef, # nginx defaults to 1 memory page
Optional[Nginx::Size] $proxy_buffer_size = undef, # nginx default is 1 memory page
diff --git a/manifests/package/debian.pp b/manifests/package/debian.pp
index 3d720309f..f725db403 100644
--- a/manifests/package/debian.pp
+++ b/manifests/package/debian.pp
@@ -25,7 +25,7 @@
case $package_source {
'nginx', 'nginx-stable': {
$stable_repo_source = $repo_source ? {
- undef => "https://nginx.org/packages/${distro}",
+ undef => "https://nginx.org/packages/${distro}",
default => $repo_source,
}
apt::source { 'nginx':
@@ -41,7 +41,7 @@
}
'nginx-mainline': {
$mainline_repo_source = $repo_source ? {
- undef => "https://nginx.org/packages/mainline/${distro}",
+ undef => "https://nginx.org/packages/mainline/${distro}",
default => $repo_source,
}
apt::source { 'nginx':
@@ -57,7 +57,7 @@
}
'passenger': {
$passenger_repo_source = $repo_source ? {
- undef => 'https://oss-binaries.phusionpassenger.com/apt/passenger',
+ undef => 'https://oss-binaries.phusionpassenger.com/apt/passenger',
default => $repo_source,
}
apt::source { 'nginx':
diff --git a/manifests/resource/geo.pp b/manifests/resource/geo.pp
index 12eefa81d..6329969b4 100644
--- a/manifests/resource/geo.pp
+++ b/manifests/resource/geo.pp
@@ -56,20 +56,20 @@
# '192.168.0.0/16': 'intra'
define nginx::resource::geo (
Hash $networks,
- Optional[String] $default = undef,
- Enum['present', 'absent'] $ensure = 'present',
- Boolean $ranges = false,
- Optional[String] $address = undef,
- Optional[String] $delete = undef,
- Optional[Array] $proxies = undef,
- Optional[Boolean] $proxy_recursive = undef
+ Optional[String] $default = undef,
+ Enum['present', 'absent'] $ensure = 'present',
+ Boolean $ranges = false,
+ Optional[String] $address = undef,
+ Optional[String] $delete = undef,
+ Optional[Array] $proxies = undef,
+ Optional[Boolean] $proxy_recursive = undef
) {
if ! defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
$root_group = $nginx::root_group
- $conf_dir = "${nginx::conf_dir}/conf.d"
+ $conf_dir = "${nginx::conf_dir}/conf.d"
$ensure_real = $ensure ? {
'absent' => 'absent',
diff --git a/manifests/resource/location.pp b/manifests/resource/location.pp
index e23661be3..653e212a4 100644
--- a/manifests/resource/location.pp
+++ b/manifests/resource/location.pp
@@ -264,10 +264,10 @@
'index.php',
],
Optional[String] $proxy = undef,
- Optional[Variant[Array[String],String]] $proxy_redirect = $nginx::proxy_redirect,
- String $proxy_read_timeout = $nginx::proxy_read_timeout,
- String $proxy_connect_timeout = $nginx::proxy_connect_timeout,
- String $proxy_send_timeout = $nginx::proxy_send_timeout,
+ Optional[Variant[Array[String], String]] $proxy_redirect = $nginx::proxy_redirect,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
+ Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
Array $proxy_set_header = $nginx::proxy_set_header,
Array $proxy_hide_header = $nginx::proxy_hide_header,
Array $proxy_pass_header = $nginx::proxy_pass_header,
@@ -286,7 +286,7 @@
Boolean $ssl = false,
Boolean $ssl_only = false,
Optional[String] $location_alias = undef,
- Optional[Variant[String[1],Array[String[1],1]]] $limit_zone = undef,
+ Optional[Variant[String[1], Array[String[1], 1]]] $limit_zone = undef,
Optional[Enum['any', 'all']] $location_satisfy = undef,
Optional[Array] $location_allow = undef,
Optional[Array] $location_deny = undef,
@@ -358,8 +358,7 @@
# Use proxy, fastcgi or uwsgi template if $proxy is defined, otherwise use directory template.
# fastcgi_script is deprecated
if ($fastcgi_script != undef) {
- warning(
- 'The $fastcgi_script parameter is deprecated; please use $fastcgi_param instead to define custom fastcgi_params!')
+ warning('The $fastcgi_script parameter is deprecated; please use $fastcgi_param instead to define custom fastcgi_params!')
}
# Only try to manage these files if they're the default one (as you presumably
diff --git a/manifests/resource/mailhost.pp b/manifests/resource/mailhost.pp
index 50f813d8e..bbc76e266 100644
--- a/manifests/resource/mailhost.pp
+++ b/manifests/resource/mailhost.pp
@@ -131,69 +131,69 @@
#
define nginx::resource::mailhost (
Stdlib::Port $listen_port,
- Enum['absent', 'present'] $ensure = 'present',
- Variant[Array[String], String] $listen_ip = '*',
- Optional[String] $listen_options = undef,
- Boolean $ipv6_enable = false,
- Variant[Array[String], String] $ipv6_listen_ip = '::',
- Stdlib::Port $ipv6_listen_port = $listen_port,
- String $ipv6_listen_options = 'default ipv6only=on',
- Boolean $ssl = false,
- Optional[String] $ssl_cert = undef,
- String $ssl_ciphers = $nginx::ssl_ciphers,
- Optional[String] $ssl_client_cert = undef,
- Optional[String] $ssl_crl = undef,
- Optional[String] $ssl_dhparam = $nginx::ssl_dhparam,
- Optional[String] $ssl_ecdh_curve = undef,
- Optional[String] $ssl_key = undef,
- Optional[String] $ssl_password_file = undef,
- Optional[Stdlib::Port] $ssl_port = undef,
- Enum['on', 'off'] $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers,
- String $ssl_protocols = $nginx::ssl_protocols,
- Optional[String] $ssl_session_cache = undef,
- Optional[String] $ssl_session_ticket_key = undef,
- Optional[String] $ssl_session_tickets = undef,
- String $ssl_session_timeout = '5m',
- Optional[String] $ssl_trusted_cert = undef,
- Optional[Integer] $ssl_verify_depth = undef,
- Enum['on', 'off', 'only'] $starttls = 'off',
+ Enum['absent', 'present'] $ensure = 'present',
+ Variant[Array[String], String] $listen_ip = '*',
+ Optional[String] $listen_options = undef,
+ Boolean $ipv6_enable = false,
+ Variant[Array[String], String] $ipv6_listen_ip = '::',
+ Stdlib::Port $ipv6_listen_port = $listen_port,
+ String $ipv6_listen_options = 'default ipv6only=on',
+ Boolean $ssl = false,
+ Optional[String] $ssl_cert = undef,
+ Optional[String] $ssl_ciphers = $nginx::ssl_ciphers,
+ Optional[String] $ssl_client_cert = undef,
+ Optional[String] $ssl_crl = undef,
+ Optional[String] $ssl_dhparam = $nginx::ssl_dhparam,
+ Optional[String] $ssl_ecdh_curve = undef,
+ Optional[String] $ssl_key = undef,
+ Optional[String] $ssl_password_file = undef,
+ Optional[Stdlib::Port] $ssl_port = undef,
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers,
+ Optional[String] $ssl_protocols = $nginx::ssl_protocols,
+ Optional[String] $ssl_session_cache = undef,
+ Optional[String] $ssl_session_ticket_key = undef,
+ Optional[String] $ssl_session_tickets = undef,
+ String $ssl_session_timeout = '5m',
+ Optional[String] $ssl_trusted_cert = undef,
+ Optional[Integer] $ssl_verify_depth = undef,
+ Enum['on', 'off', 'only'] $starttls = 'off',
Optional[Enum['imap', 'pop3', 'sieve', 'smtp']] $protocol = undef,
- Optional[String] $auth_http = undef,
- Optional[String] $auth_http_header = undef,
- Enum['on', 'off'] $xclient = 'on',
- Enum['on', 'off'] $proxy_protocol = 'off',
- Enum['on', 'off'] $proxy_smtp_auth = 'off',
- Optional[String] $imap_auth = undef,
- Optional[Array] $imap_capabilities = undef,
- Optional[String] $imap_client_buffer = undef,
- Optional[String] $pop3_auth = undef,
- Optional[Array] $pop3_capabilities = undef,
- Optional[String] $smtp_auth = undef,
- Optional[Array] $smtp_capabilities = undef,
- String $proxy_pass_error_message = 'off',
- Array $server_name = [$name],
- Variant[Array[String], String] $raw_prepend = [],
- Variant[Array[String], String] $raw_append = [],
+ Optional[String] $auth_http = undef,
+ Optional[String] $auth_http_header = undef,
+ Enum['on', 'off'] $xclient = 'on',
+ Enum['on', 'off'] $proxy_protocol = 'off',
+ Enum['on', 'off'] $proxy_smtp_auth = 'off',
+ Optional[String] $imap_auth = undef,
+ Optional[Array] $imap_capabilities = undef,
+ Optional[String] $imap_client_buffer = undef,
+ Optional[String] $pop3_auth = undef,
+ Optional[Array] $pop3_capabilities = undef,
+ Optional[String] $smtp_auth = undef,
+ Optional[Array] $smtp_capabilities = undef,
+ String $proxy_pass_error_message = 'off',
+ Array $server_name = [$name],
+ Variant[Array[String], String] $raw_prepend = [],
+ Variant[Array[String], String] $raw_append = [],
Hash[String,
Variant[
String,
Array[String],
Hash[String, Variant[String, Array[String]]],
]
- ] $mailhost_cfg_prepend = {},
+ ] $mailhost_cfg_prepend = {},
Hash[String,
Variant[
String,
Array[String],
Hash[String, Variant[String, Array[String]]],
]
- ] $mailhost_cfg_append = {},
+ ] $mailhost_cfg_append = {},
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
} elsif versioncmp($facts.get('nginx_version', $nginx::nginx_version), '1.15.0') < 0 {
fail('The mail module requires nginx 1.15 or newer')
- } elsif ! $nginx::mail {
+ } elsif !$nginx::mail {
fail('nginx mail proxy requires the nginx::mail flag to be set true')
}
@@ -234,7 +234,7 @@
}
}
- $config_dir = "${nginx::conf_dir}/conf.mail.d"
+ $config_dir = "${nginx::conf_dir}/conf.mail.d"
$config_file = "${config_dir}/${name}.conf"
# Pre-render some common parts
diff --git a/manifests/resource/map.pp b/manifests/resource/map.pp
index 9c3ef1c56..de6a02476 100644
--- a/manifests/resource/map.pp
+++ b/manifests/resource/map.pp
@@ -65,7 +65,7 @@
#
define nginx::resource::map (
String[2] $string,
- Nginx::StringMappings $mappings = [],
+ Nginx::StringMappings $mappings = [],
Optional[String] $default = undef,
Enum['absent', 'present'] $ensure = 'present',
Array[String] $include_files = [],
@@ -78,7 +78,7 @@
$root_group = $nginx::root_group
- $conf_dir = $context ? {
+ $conf_dir = $context ? {
'stream' => "${nginx::conf_dir}/conf.stream.d",
'http' => "${nginx::conf_dir}/conf.d",
}
diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp
index 780504f11..2806ef57b 100644
--- a/manifests/resource/server.pp
+++ b/manifests/resource/server.pp
@@ -331,10 +331,10 @@
Enum['on', 'off'] $spdy = $nginx::spdy,
Enum['on', 'off'] $http2 = $nginx::http2,
Optional[String] $proxy = undef,
- Optional[Variant[Array[String],String]] $proxy_redirect = undef,
- String $proxy_read_timeout = $nginx::proxy_read_timeout,
- String $proxy_send_timeout = $nginx::proxy_send_timeout,
- $proxy_connect_timeout = $nginx::proxy_connect_timeout,
+ Optional[Variant[Array[String], String]] $proxy_redirect = undef,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
+ Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
Array[String] $proxy_set_header = $nginx::proxy_set_header,
Array[String] $proxy_hide_header = $nginx::proxy_hide_header,
Array[String] $proxy_pass_header = $nginx::proxy_pass_header,
@@ -423,7 +423,7 @@
Hash $locations = {},
Hash $locations_defaults = {},
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp
index 35c6c0f38..3903075b7 100644
--- a/manifests/resource/streamhost.pp
+++ b/manifests/resource/streamhost.pp
@@ -58,8 +58,8 @@
Integer $ipv6_listen_port = $listen_port,
String $ipv6_listen_options = 'default ipv6only=on',
$proxy = undef,
- String $proxy_read_timeout = $nginx::proxy_read_timeout,
- $proxy_connect_timeout = $nginx::proxy_connect_timeout,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
Array $resolver = [],
Variant[Array[String], String] $raw_prepend = [],
Variant[Array[String], String] $raw_append = [],
@@ -67,7 +67,7 @@
String $group = $nginx::global_group,
String $mode = $nginx::global_mode,
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp
index 2a43550f8..4081ca565 100644
--- a/manifests/resource/upstream.pp
+++ b/manifests/resource/upstream.pp
@@ -103,27 +103,27 @@
# }
#
define nginx::resource::upstream (
- Enum['present', 'absent'] $ensure = 'present',
- Enum['http', 'stream'] $context = 'http',
- Nginx::UpstreamMembers $members = {},
- Optional[String[1]] $members_tag = undef,
- Nginx::UpstreamMemberDefaults $member_defaults = {},
- Optional[String[1]] $hash = undef,
- Boolean $ip_hash = false,
- Optional[Integer[1]] $keepalive = undef,
- Optional[Integer[1]] $keepalive_requests = undef,
- Optional[Nginx::Time] $keepalive_timeout = undef,
- Boolean $least_conn = false,
- Optional[Nginx::UpstreamLeastTime] $least_time = undef,
- Boolean $ntlm = false,
- Optional[Integer] $queue_max = undef,
- Optional[Nginx::Time] $queue_timeout = undef,
- Optional[String[1]] $random = undef,
- Optional[Stdlib::Unixpath] $statefile = undef,
- Optional[Nginx::UpstreamSticky] $sticky = undef,
- Optional[Nginx::UpstreamZone] $zone = undef,
- Nginx::UpstreamCustomParameters $cfg_append = {},
- Nginx::UpstreamCustomParameters $cfg_prepend = {},
+ Enum['present', 'absent'] $ensure = 'present',
+ Enum['http', 'stream'] $context = 'http',
+ Nginx::UpstreamMembers $members = {},
+ Optional[String[1]] $members_tag = undef,
+ Nginx::UpstreamMemberDefaults $member_defaults = {},
+ Optional[String[1]] $hash = undef,
+ Boolean $ip_hash = false,
+ Optional[Integer[1]] $keepalive = undef,
+ Optional[Integer[1]] $keepalive_requests = undef,
+ Optional[Nginx::Time] $keepalive_timeout = undef,
+ Boolean $least_conn = false,
+ Optional[Nginx::UpstreamLeastTime] $least_time = undef,
+ Boolean $ntlm = false,
+ Optional[Integer] $queue_max = undef,
+ Optional[Nginx::Time] $queue_timeout = undef,
+ Optional[String[1]] $random = undef,
+ Optional[Stdlib::Unixpath] $statefile = undef,
+ Optional[Nginx::UpstreamSticky] $sticky = undef,
+ Optional[Nginx::UpstreamZone] $zone = undef,
+ Nginx::UpstreamCustomParameters $cfg_append = {},
+ Nginx::UpstreamCustomParameters $cfg_prepend = {},
) {
if ! defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
@@ -168,7 +168,7 @@
}
if ! empty($members) {
- $members.each |$member,$values| {
+ $members.each |$member, $values| {
$member_values = $member_defaults + $values + { 'upstream' => $name, 'context' => $context }
if $context == 'stream' and $member_values['route'] {
diff --git a/manifests/resource/upstream/member.pp b/manifests/resource/upstream/member.pp
index 449d0412f..12d8c26a2 100644
--- a/manifests/resource/upstream/member.pp
+++ b/manifests/resource/upstream/member.pp
@@ -55,24 +55,24 @@
# }
#
define nginx::resource::upstream::member (
- String[1] $upstream,
- Enum['present', 'absent'] $ensure = 'present',
- Enum['http', 'stream'] $context = 'http',
- Optional[Nginx::UpstreamMemberServer] $server = $name,
- Stdlib::Port $port = 80,
- Optional[Integer[1]] $weight = undef,
- Optional[Integer[1]] $max_conns = undef,
- Optional[Integer[0]] $max_fails = undef,
- Optional[Nginx::Time] $fail_timeout = undef,
- Boolean $backup = false,
- Boolean $resolve = false,
- Optional[String[1]] $route = undef,
- Optional[String[1]] $service = undef,
- Optional[Nginx::Time] $slow_start = undef,
- Optional[Enum['drain','down']] $state = undef,
- Optional[String[1]] $params_prepend = undef,
- Optional[String[1]] $params_append = undef,
- Optional[String[1]] $comment = undef,
+ String[1] $upstream,
+ Enum['present', 'absent'] $ensure = 'present',
+ Enum['http', 'stream'] $context = 'http',
+ Optional[Nginx::UpstreamMemberServer] $server = $name,
+ Stdlib::Port $port = 80,
+ Optional[Integer[1]] $weight = undef,
+ Optional[Integer[1]] $max_conns = undef,
+ Optional[Integer[0]] $max_fails = undef,
+ Optional[Nginx::Time] $fail_timeout = undef,
+ Boolean $backup = false,
+ Boolean $resolve = false,
+ Optional[String[1]] $route = undef,
+ Optional[String[1]] $service = undef,
+ Optional[Nginx::Time] $slow_start = undef,
+ Optional[Enum['drain', 'down']] $state = undef,
+ Optional[String[1]] $params_prepend = undef,
+ Optional[String[1]] $params_append = undef,
+ Optional[String[1]] $comment = undef,
) {
if ! defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb
index 515f4fc67..7bf2a3c3d 100644
--- a/spec/classes/nginx_spec.rb
+++ b/spec/classes/nginx_spec.rb
@@ -645,13 +645,13 @@
},
{
title: 'should set server_names_hash_bucket_size',
- attr: 'server_names_hash_bucket_size',
+ attr: 'names_hash_bucket_size',
value: 10,
match: ' server_names_hash_bucket_size 10;'
},
{
title: 'should set server_names_hash_max_size',
- attr: 'server_names_hash_max_size',
+ attr: 'names_hash_max_size',
value: 10,
match: ' server_names_hash_max_size 10;'
},
diff --git a/spec/defines/resource_location_spec.rb b/spec/defines/resource_location_spec.rb
index 326b9d54c..ddde4e105 100644
--- a/spec/defines/resource_location_spec.rb
+++ b/spec/defines/resource_location_spec.rb
@@ -1055,12 +1055,6 @@
value: 'value',
match: %r{\s+proxy_connect_timeout\s+value;}
},
- {
- title: 'should set proxy_read_timeout',
- attr: 'proxy_read_timeout',
- value: 'value',
- match: %r{\s+proxy_read_timeout\s+value;}
- },
{
title: 'should set proxy headers',
attr: 'proxy_set_header',
diff --git a/templates/conf.d/nginx.conf.erb b/templates/conf.d/nginx.conf.erb
index 942a8baf0..2e9d7203c 100644
--- a/templates/conf.d/nginx.conf.erb
+++ b/templates/conf.d/nginx.conf.erb
@@ -134,11 +134,11 @@ http {
types_hash_bucket_size <%= @types_hash_bucket_size %>;
<% end -%>
-<% if @server_names_hash_bucket_size -%>
- server_names_hash_bucket_size <%= @server_names_hash_bucket_size %>;
+<% if @names_hash_bucket_size -%>
+ server_names_hash_bucket_size <%= @names_hash_bucket_size %>;
<% end -%>
-<% if @server_names_hash_max_size -%>
- server_names_hash_max_size <%= @server_names_hash_max_size %>;
+<% if @names_hash_max_size -%>
+ server_names_hash_max_size <%= @names_hash_max_size %>;
<% end -%>
<% if @map_hash_bucket_size -%>
diff --git a/templates/mailhost/mailhost_ssl_settings.epp b/templates/mailhost/mailhost_ssl_settings.epp
index af791710b..06acb0a1b 100644
--- a/templates/mailhost/mailhost_ssl_settings.epp
+++ b/templates/mailhost/mailhost_ssl_settings.epp
@@ -19,7 +19,9 @@
ssl_certificate <%= $ssl_cert %>;
ssl_certificate_key <%= $ssl_key %>;
+<%- if $ssl_ciphers { -%>
ssl_ciphers <%= $ssl_ciphers %>;
+<%- } -%>
<%- if $ssl_client_cert { -%>
ssl_client_certificate <%= $ssl_client_cert %>;
ssl_verify_client on;
diff --git a/templates/server/locations/proxy.erb b/templates/server/locations/proxy.erb
index 881008fe9..216576798 100644
--- a/templates/server/locations/proxy.erb
+++ b/templates/server/locations/proxy.erb
@@ -1,8 +1,14 @@
<% if @proxy -%>
proxy_pass <%= @proxy %>;
+<% if @proxy_read_timeout -%>
proxy_read_timeout <%= @proxy_read_timeout %>;
+<% end -%>
+<% if @proxy_connect_timeout -%>
proxy_connect_timeout <%= @proxy_connect_timeout %>;
+<% end -%>
+<% if @proxy_send_timeout -%>
proxy_send_timeout <%= @proxy_send_timeout %>;
+<% end -%>
<% Array(@proxy_redirect).each do |value| -%>
proxy_redirect <%= value %>;
<% end -%>
diff --git a/templates/streamhost/streamhost.erb b/templates/streamhost/streamhost.erb
index e9549c42b..74496dbd2 100644
--- a/templates/streamhost/streamhost.erb
+++ b/templates/streamhost/streamhost.erb
@@ -26,8 +26,12 @@ server {
<%= line %>
<% end %>
+<% if @proxy_read_timeout -%>
proxy_timeout <%= @proxy_read_timeout %>;
+<% end -%>
+<% if @proxy_connect_timeout -%>
proxy_connect_timeout <%= @proxy_connect_timeout %>;
+<% end -%>
proxy_pass <%= @proxy %>;
<% Array(@raw_append).each do |line| -%>
From ec05eabab21b7fb7bec5f978ae7c7d2795c21599 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Tue, 21 Oct 2025 19:56:30 +0200
Subject: [PATCH 3/9] fix docs
---
REFERENCE.md | 38 +++++++++++++++++++-------------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/REFERENCE.md b/REFERENCE.md
index 10ec8371f..d18d0213f 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -165,8 +165,8 @@ The following parameters are available in the `nginx` class:
* [`mime_types_path`](#-nginx--mime_types_path)
* [`stream`](#-nginx--stream)
* [`multi_accept`](#-nginx--multi_accept)
-* [`server_names_hash_bucket_size`](#-nginx--server_names_hash_bucket_size)
-* [`server_names_hash_max_size`](#-nginx--server_names_hash_max_size)
+* [`names_hash_bucket_size`](#-nginx--names_hash_bucket_size)
+* [`names_hash_max_size`](#-nginx--names_hash_max_size)
* [`nginx_cfg_prepend`](#-nginx--nginx_cfg_prepend)
* [`proxy_buffers`](#-nginx--proxy_buffers)
* [`proxy_buffer_size`](#-nginx--proxy_buffer_size)
@@ -987,7 +987,7 @@ Data type: `Optional[Enum['on', 'off']]`
Default value: `undef`
-##### `server_names_hash_bucket_size`
+##### `names_hash_bucket_size`
Data type: `Optional[Integer]`
@@ -995,7 +995,7 @@ Data type: `Optional[Integer]`
Default value: `undef`
-##### `server_names_hash_max_size`
+##### `names_hash_max_size`
Data type: `Optional[Integer]`
@@ -2123,7 +2123,7 @@ Default value: `undef`
##### `proxy_redirect`
-Data type: `Optional[Variant[Array[String],String]]`
+Data type: `Optional[Variant[Array[String], String]]`
sets the text, which must be changed in response-header "Location" and
"Refresh" in the response of the proxied server.
@@ -2132,7 +2132,7 @@ Default value: `$nginx::proxy_redirect`
##### `proxy_read_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default the proxy read timeout value of 90 seconds
@@ -2140,7 +2140,7 @@ Default value: `$nginx::proxy_read_timeout`
##### `proxy_connect_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default the proxy connect timeout value of 90 seconds
@@ -2148,7 +2148,7 @@ Default value: `$nginx::proxy_connect_timeout`
##### `proxy_send_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default the proxy send timeout
value of 90 seconds
@@ -2323,7 +2323,7 @@ Default value: `undef`
##### `limit_zone`
-Data type: `Optional[Variant[String[1],Array[String[1],1]]]`
+Data type: `Optional[Variant[String[1], Array[String[1], 1]]]`
Apply a limit_req_zone to the location. Expects a string or array of
strings indicating a previously defined limit_req_zone in the main nginx
@@ -2828,7 +2828,7 @@ Default value: `undef`
##### `ssl_ciphers`
-Data type: `String`
+Data type: `Optional[String]`
Override default SSL ciphers.
@@ -2896,7 +2896,7 @@ Default value: `undef`
##### `ssl_prefer_server_ciphers`
-Data type: `Enum['on', 'off']`
+Data type: `Optional[Enum['on', 'off']]`
Specifies that server ciphers should be preferred over client ciphers when
using the SSLv3 and TLS protocols.
@@ -2905,7 +2905,7 @@ Default value: `$nginx::ssl_prefer_server_ciphers`
##### `ssl_protocols`
-Data type: `String`
+Data type: `Optional[String]`
SSL protocols enabled.
@@ -3637,7 +3637,7 @@ Default value: `undef`
##### `proxy_read_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default proxy read timeout value of 90 seconds
@@ -3645,7 +3645,7 @@ Default value: `$nginx::proxy_read_timeout`
##### `proxy_send_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default proxy send timeout value of 90 seconds
@@ -3653,7 +3653,7 @@ Default value: `$nginx::proxy_send_timeout`
##### `proxy_redirect`
-Data type: `Optional[Variant[Array[String],String]]`
+Data type: `Optional[Variant[Array[String], String]]`
Override the default proxy_redirect value of off.
@@ -4428,7 +4428,7 @@ Default value: `undef`
##### `proxy_connect_timeout`
-Data type: `Any`
+Data type: `Optional[Nginx::Time]`
@@ -4721,7 +4721,7 @@ Default value: `undef`
##### `proxy_read_timeout`
-Data type: `String`
+Data type: `Optional[Nginx::Time]`
Override the default the proxy read timeout value of 90 seconds
@@ -4782,7 +4782,7 @@ Default value: `$nginx::global_mode`
##### `proxy_connect_timeout`
-Data type: `Any`
+Data type: `Optional[Nginx::Time]`
@@ -5215,7 +5215,7 @@ Default value: `undef`
##### `state`
-Data type: `Optional[Enum['drain','down']]`
+Data type: `Optional[Enum['drain', 'down']]`
Set the state for this upstream member
From 7ab7e4c402e2206bb58dbf566c12c2402135fc48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Wed, 22 Oct 2025 11:10:30 +0200
Subject: [PATCH 4/9] remove whitespace formatting
---
manifests/config.pp | 276 +++++++++++++-------------
manifests/package.pp | 10 +-
manifests/package/debian.pp | 16 +-
manifests/package/redhat.pp | 14 +-
manifests/params.pp | 32 +--
manifests/resource/geo.pp | 2 +-
manifests/resource/map.pp | 2 +-
manifests/resource/snippet.pp | 2 +-
manifests/resource/upstream.pp | 8 +-
manifests/resource/upstream/member.pp | 2 +-
10 files changed, 182 insertions(+), 182 deletions(-)
diff --git a/manifests/config.pp b/manifests/config.pp
index c373364ef..3028edc21 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -3,150 +3,150 @@
class nginx::config {
assert_private()
- $client_body_temp_path = $nginx::client_body_temp_path
- $confd_only = $nginx::confd_only
- $confd_purge = $nginx::confd_purge
- $conf_dir = $nginx::conf_dir
- $daemon = $nginx::daemon
- $daemon_user = $nginx::daemon_user
- $daemon_group = $nginx::daemon_group
- $dynamic_modules = $nginx::dynamic_modules
- $global_owner = $nginx::global_owner
- $global_group = $nginx::global_group
- $global_mode = $nginx::global_mode
- $limit_req_zone = $nginx::limit_req_zone
- $log_dir = $nginx::log_dir
- $log_user = $nginx::log_user
- $log_group = $nginx::log_group
- $log_mode = $nginx::log_mode
- $http_access_log = $nginx::http_access_log
- $http_format_log = $nginx::http_format_log
- $stream_access_log = $nginx::stream_access_log
- $stream_custom_format_log = $nginx::stream_custom_format_log
- $nginx_error_log = $nginx::nginx_error_log
- $nginx_error_log_severity = $nginx::nginx_error_log_severity
- $pid = $nginx::pid
- $proxy_temp_path = $nginx::proxy_temp_path
- $root_group = $nginx::root_group
- $sites_available_owner = $nginx::sites_available_owner
- $sites_available_group = $nginx::sites_available_group
- $sites_available_mode = $nginx::sites_available_mode
- $super_user = $nginx::super_user
- $temp_dir = $nginx::temp_dir
- $server_purge = $nginx::server_purge
- $absolute_redirect = $nginx::absolute_redirect
- $accept_mutex = $nginx::accept_mutex
- $accept_mutex_delay = $nginx::accept_mutex_delay
- $client_body_buffer_size = $nginx::client_body_buffer_size
- $client_max_body_size = $nginx::client_max_body_size
- $client_body_timeout = $nginx::client_body_timeout
- $send_timeout = $nginx::send_timeout
- $lingering_timeout = $nginx::lingering_timeout
- $lingering_close = $nginx::lingering_close
- $lingering_time = $nginx::lingering_time
- $reset_timedout_connection = $nginx::reset_timedout_connection
- $etag = $nginx::etag
- $events_use = $nginx::events_use
- $debug_connections = $nginx::debug_connections
- $fastcgi_cache_inactive = $nginx::fastcgi_cache_inactive
- $fastcgi_cache_key = $nginx::fastcgi_cache_key
- $fastcgi_cache_keys_zone = $nginx::fastcgi_cache_keys_zone
- $fastcgi_cache_levels = $nginx::fastcgi_cache_levels
- $fastcgi_cache_max_size = $nginx::fastcgi_cache_max_size
- $fastcgi_cache_path = $nginx::fastcgi_cache_path
- $fastcgi_cache_use_stale = $nginx::fastcgi_cache_use_stale
- $gzip = $nginx::gzip
- $gzip_buffers = $nginx::gzip_buffers
- $gzip_comp_level = $nginx::gzip_comp_level
- $gzip_disable = $nginx::gzip_disable
- $gzip_min_length = $nginx::gzip_min_length
- $gzip_http_version = $nginx::gzip_http_version
- $gzip_proxied = $nginx::gzip_proxied
- $gzip_types = $nginx::gzip_types
- $gzip_vary = $nginx::gzip_vary
- $gzip_static = $nginx::gzip_static
- $http_raw_prepend = $nginx::http_raw_prepend
- $http_raw_append = $nginx::http_raw_append
- $http_cfg_prepend = $nginx::http_cfg_prepend
- $http_cfg_append = $nginx::http_cfg_append
- $http_tcp_nodelay = $nginx::http_tcp_nodelay
- $http_tcp_nopush = $nginx::http_tcp_nopush
- $keepalive_timeout = $nginx::keepalive_timeout
- $keepalive_requests = $nginx::keepalive_requests
- $log_format = $nginx::log_format
- $stream_log_format = $nginx::stream_log_format
- $mail = $nginx::mail
- $mime_types_path = $nginx::mime_types_path
- $stream = $nginx::stream
- $map_hash_bucket_size = $nginx::map_hash_bucket_size
- $map_hash_max_size = $nginx::map_hash_max_size
- $mime_types = $nginx::mime_types_preserve_defaults ? {
+ $client_body_temp_path = $nginx::client_body_temp_path
+ $confd_only = $nginx::confd_only
+ $confd_purge = $nginx::confd_purge
+ $conf_dir = $nginx::conf_dir
+ $daemon = $nginx::daemon
+ $daemon_user = $nginx::daemon_user
+ $daemon_group = $nginx::daemon_group
+ $dynamic_modules = $nginx::dynamic_modules
+ $global_owner = $nginx::global_owner
+ $global_group = $nginx::global_group
+ $global_mode = $nginx::global_mode
+ $limit_req_zone = $nginx::limit_req_zone
+ $log_dir = $nginx::log_dir
+ $log_user = $nginx::log_user
+ $log_group = $nginx::log_group
+ $log_mode = $nginx::log_mode
+ $http_access_log = $nginx::http_access_log
+ $http_format_log = $nginx::http_format_log
+ $stream_access_log = $nginx::stream_access_log
+ $stream_custom_format_log = $nginx::stream_custom_format_log
+ $nginx_error_log = $nginx::nginx_error_log
+ $nginx_error_log_severity = $nginx::nginx_error_log_severity
+ $pid = $nginx::pid
+ $proxy_temp_path = $nginx::proxy_temp_path
+ $root_group = $nginx::root_group
+ $sites_available_owner = $nginx::sites_available_owner
+ $sites_available_group = $nginx::sites_available_group
+ $sites_available_mode = $nginx::sites_available_mode
+ $super_user = $nginx::super_user
+ $temp_dir = $nginx::temp_dir
+ $server_purge = $nginx::server_purge
+ $absolute_redirect = $nginx::absolute_redirect
+ $accept_mutex = $nginx::accept_mutex
+ $accept_mutex_delay = $nginx::accept_mutex_delay
+ $client_body_buffer_size = $nginx::client_body_buffer_size
+ $client_max_body_size = $nginx::client_max_body_size
+ $client_body_timeout = $nginx::client_body_timeout
+ $send_timeout = $nginx::send_timeout
+ $lingering_timeout = $nginx::lingering_timeout
+ $lingering_close = $nginx::lingering_close
+ $lingering_time = $nginx::lingering_time
+ $reset_timedout_connection = $nginx::reset_timedout_connection
+ $etag = $nginx::etag
+ $events_use = $nginx::events_use
+ $debug_connections = $nginx::debug_connections
+ $fastcgi_cache_inactive = $nginx::fastcgi_cache_inactive
+ $fastcgi_cache_key = $nginx::fastcgi_cache_key
+ $fastcgi_cache_keys_zone = $nginx::fastcgi_cache_keys_zone
+ $fastcgi_cache_levels = $nginx::fastcgi_cache_levels
+ $fastcgi_cache_max_size = $nginx::fastcgi_cache_max_size
+ $fastcgi_cache_path = $nginx::fastcgi_cache_path
+ $fastcgi_cache_use_stale = $nginx::fastcgi_cache_use_stale
+ $gzip = $nginx::gzip
+ $gzip_buffers = $nginx::gzip_buffers
+ $gzip_comp_level = $nginx::gzip_comp_level
+ $gzip_disable = $nginx::gzip_disable
+ $gzip_min_length = $nginx::gzip_min_length
+ $gzip_http_version = $nginx::gzip_http_version
+ $gzip_proxied = $nginx::gzip_proxied
+ $gzip_types = $nginx::gzip_types
+ $gzip_vary = $nginx::gzip_vary
+ $gzip_static = $nginx::gzip_static
+ $http_raw_prepend = $nginx::http_raw_prepend
+ $http_raw_append = $nginx::http_raw_append
+ $http_cfg_prepend = $nginx::http_cfg_prepend
+ $http_cfg_append = $nginx::http_cfg_append
+ $http_tcp_nodelay = $nginx::http_tcp_nodelay
+ $http_tcp_nopush = $nginx::http_tcp_nopush
+ $keepalive_timeout = $nginx::keepalive_timeout
+ $keepalive_requests = $nginx::keepalive_requests
+ $log_format = $nginx::log_format
+ $stream_log_format = $nginx::stream_log_format
+ $mail = $nginx::mail
+ $mime_types_path = $nginx::mime_types_path
+ $stream = $nginx::stream
+ $map_hash_bucket_size = $nginx::map_hash_bucket_size
+ $map_hash_max_size = $nginx::map_hash_max_size
+ $mime_types = $nginx::mime_types_preserve_defaults ? {
true => $nginx::params::mime_types + $nginx::mime_types,
default => $nginx::mime_types,
}
- $multi_accept = $nginx::multi_accept
- $names_hash_bucket_size = $nginx::names_hash_bucket_size
- $names_hash_max_size = $nginx::names_hash_max_size
- $nginx_cfg_prepend = $nginx::nginx_cfg_prepend
- $proxy_buffers = $nginx::proxy_buffers
- $proxy_buffer_size = $nginx::proxy_buffer_size
- $proxy_busy_buffers_size = $nginx::proxy_busy_buffers_size
- $proxy_cache_inactive = $nginx::proxy_cache_inactive
- $proxy_cache_keys_zone = $nginx::proxy_cache_keys_zone
- $proxy_cache_levels = $nginx::proxy_cache_levels
- $proxy_cache_max_size = $nginx::proxy_cache_max_size
- $proxy_cache_path = $nginx::proxy_cache_path
- $proxy_cache_loader_files = $nginx::proxy_cache_loader_files
- $proxy_cache_loader_sleep = $nginx::proxy_cache_loader_sleep
- $proxy_cache_loader_threshold = $nginx::proxy_cache_loader_threshold
- $proxy_use_temp_path = $nginx::proxy_use_temp_path
- $proxy_connect_timeout = $nginx::proxy_connect_timeout
+ $multi_accept = $nginx::multi_accept
+ $names_hash_bucket_size = $nginx::names_hash_bucket_size
+ $names_hash_max_size = $nginx::names_hash_max_size
+ $nginx_cfg_prepend = $nginx::nginx_cfg_prepend
+ $proxy_buffers = $nginx::proxy_buffers
+ $proxy_buffer_size = $nginx::proxy_buffer_size
+ $proxy_busy_buffers_size = $nginx::proxy_busy_buffers_size
+ $proxy_cache_inactive = $nginx::proxy_cache_inactive
+ $proxy_cache_keys_zone = $nginx::proxy_cache_keys_zone
+ $proxy_cache_levels = $nginx::proxy_cache_levels
+ $proxy_cache_max_size = $nginx::proxy_cache_max_size
+ $proxy_cache_path = $nginx::proxy_cache_path
+ $proxy_cache_loader_files = $nginx::proxy_cache_loader_files
+ $proxy_cache_loader_sleep = $nginx::proxy_cache_loader_sleep
+ $proxy_cache_loader_threshold = $nginx::proxy_cache_loader_threshold
+ $proxy_use_temp_path = $nginx::proxy_use_temp_path
+ $proxy_connect_timeout = $nginx::proxy_connect_timeout
$proxy_headers_hash_bucket_size = $nginx::proxy_headers_hash_bucket_size
- $proxy_headers_hash_max_size = $nginx::proxy_headers_hash_max_size
- $proxy_http_version = $nginx::proxy_http_version
- $proxy_max_temp_file_size = $nginx::proxy_max_temp_file_size
- $proxy_read_timeout = $nginx::proxy_read_timeout
- $proxy_redirect = $nginx::proxy_redirect
- $proxy_send_timeout = $nginx::proxy_send_timeout
- $proxy_set_header = $nginx::proxy_set_header
- $proxy_hide_header = $nginx::proxy_hide_header
- $proxy_pass_header = $nginx::proxy_pass_header
- $sendfile = $nginx::sendfile
- $server_tokens = $nginx::server_tokens
- $spdy = $nginx::spdy
- $http2 = $nginx::http2
- $ssl_buffer_size = $nginx::ssl_buffer_size
- $ssl_ciphers = $nginx::ssl_ciphers
- $ssl_crl = $nginx::ssl_crl
- $ssl_dhparam = $nginx::ssl_dhparam
- $ssl_ecdh_curve = $nginx::ssl_ecdh_curve
- $ssl_session_cache = $nginx::ssl_session_cache
- $ssl_session_timeout = $nginx::ssl_session_timeout
- $ssl_session_tickets = $nginx::ssl_session_tickets
- $ssl_session_ticket_key = $nginx::ssl_session_ticket_key
- $ssl_stapling = $nginx::ssl_stapling
- $ssl_stapling_file = $nginx::ssl_stapling_file
- $ssl_stapling_responder = $nginx::ssl_stapling_responder
- $ssl_stapling_verify = $nginx::ssl_stapling_verify
- $ssl_trusted_certificate = $nginx::ssl_trusted_certificate
- $ssl_password_file = $nginx::ssl_password_file
- $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers
- $ssl_protocols = $nginx::ssl_protocols
- $ssl_verify_depth = $nginx::ssl_verify_depth
- $types_hash_bucket_size = $nginx::types_hash_bucket_size
- $types_hash_max_size = $nginx::types_hash_max_size
- $worker_connections = $nginx::worker_connections
- $worker_processes = $nginx::worker_processes
- $worker_rlimit_nofile = $nginx::worker_rlimit_nofile
- $pcre_jit = $nginx::pcre_jit
- $include_modules_enabled = $nginx::include_modules_enabled
- $variables_hash_bucket_size = $nginx::variables_hash_bucket_size
- $variables_hash_max_size = $nginx::variables_hash_max_size
+ $proxy_headers_hash_max_size = $nginx::proxy_headers_hash_max_size
+ $proxy_http_version = $nginx::proxy_http_version
+ $proxy_max_temp_file_size = $nginx::proxy_max_temp_file_size
+ $proxy_read_timeout = $nginx::proxy_read_timeout
+ $proxy_redirect = $nginx::proxy_redirect
+ $proxy_send_timeout = $nginx::proxy_send_timeout
+ $proxy_set_header = $nginx::proxy_set_header
+ $proxy_hide_header = $nginx::proxy_hide_header
+ $proxy_pass_header = $nginx::proxy_pass_header
+ $sendfile = $nginx::sendfile
+ $server_tokens = $nginx::server_tokens
+ $spdy = $nginx::spdy
+ $http2 = $nginx::http2
+ $ssl_buffer_size = $nginx::ssl_buffer_size
+ $ssl_ciphers = $nginx::ssl_ciphers
+ $ssl_crl = $nginx::ssl_crl
+ $ssl_dhparam = $nginx::ssl_dhparam
+ $ssl_ecdh_curve = $nginx::ssl_ecdh_curve
+ $ssl_session_cache = $nginx::ssl_session_cache
+ $ssl_session_timeout = $nginx::ssl_session_timeout
+ $ssl_session_tickets = $nginx::ssl_session_tickets
+ $ssl_session_ticket_key = $nginx::ssl_session_ticket_key
+ $ssl_stapling = $nginx::ssl_stapling
+ $ssl_stapling_file = $nginx::ssl_stapling_file
+ $ssl_stapling_responder = $nginx::ssl_stapling_responder
+ $ssl_stapling_verify = $nginx::ssl_stapling_verify
+ $ssl_trusted_certificate = $nginx::ssl_trusted_certificate
+ $ssl_password_file = $nginx::ssl_password_file
+ $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers
+ $ssl_protocols = $nginx::ssl_protocols
+ $ssl_verify_depth = $nginx::ssl_verify_depth
+ $types_hash_bucket_size = $nginx::types_hash_bucket_size
+ $types_hash_max_size = $nginx::types_hash_max_size
+ $worker_connections = $nginx::worker_connections
+ $worker_processes = $nginx::worker_processes
+ $worker_rlimit_nofile = $nginx::worker_rlimit_nofile
+ $pcre_jit = $nginx::pcre_jit
+ $include_modules_enabled = $nginx::include_modules_enabled
+ $variables_hash_bucket_size = $nginx::variables_hash_bucket_size
+ $variables_hash_max_size = $nginx::variables_hash_max_size
# Non-configurable settings
- $conf_template = 'nginx/conf.d/nginx.conf.erb'
- $mime_template = 'nginx/conf.d/mime.types.epp'
- $proxy_conf_template = undef
+ $conf_template = 'nginx/conf.d/nginx.conf.erb'
+ $mime_template = 'nginx/conf.d/mime.types.epp'
+ $proxy_conf_template = undef
File {
owner => $global_owner,
diff --git a/manifests/package.pp b/manifests/package.pp
index b429f67a2..18e1feced 100644
--- a/manifests/package.pp
+++ b/manifests/package.pp
@@ -1,12 +1,12 @@
# @summary Manage NGINX package installation
# @api private
class nginx::package {
- $package_name = $nginx::package_name
- $package_source = $nginx::package_source
- $package_ensure = $nginx::package_ensure
- $package_flavor = $nginx::package_flavor
+ $package_name = $nginx::package_name
+ $package_source = $nginx::package_source
+ $package_ensure = $nginx::package_ensure
+ $package_flavor = $nginx::package_flavor
$passenger_package_ensure = $nginx::passenger_package_ensure
- $manage_repo = $nginx::manage_repo
+ $manage_repo = $nginx::manage_repo
assert_private()
diff --git a/manifests/package/debian.pp b/manifests/package/debian.pp
index f725db403..4f0865a19 100644
--- a/manifests/package/debian.pp
+++ b/manifests/package/debian.pp
@@ -1,15 +1,15 @@
# @summary Manage NGINX package installation on debian based systems
# @api private
class nginx::package::debian {
- $package_name = $nginx::package_name
- $package_source = $nginx::package_source
- $package_ensure = $nginx::package_ensure
- $package_flavor = $nginx::package_flavor
+ $package_name = $nginx::package_name
+ $package_source = $nginx::package_source
+ $package_ensure = $nginx::package_ensure
+ $package_flavor = $nginx::package_flavor
$passenger_package_ensure = $nginx::passenger_package_ensure
- $passenger_package_name = $nginx::passenger_package_name
- $manage_repo = $nginx::manage_repo
- $release = $nginx::repo_release
- $repo_source = $nginx::repo_source
+ $passenger_package_name = $nginx::passenger_package_name
+ $manage_repo = $nginx::manage_repo
+ $release = $nginx::repo_release
+ $repo_source = $nginx::repo_source
$distro = downcase($facts['os']['name'])
diff --git a/manifests/package/redhat.pp b/manifests/package/redhat.pp
index 6ae1d7c0c..0bcebe2dd 100644
--- a/manifests/package/redhat.pp
+++ b/manifests/package/redhat.pp
@@ -1,14 +1,14 @@
# @summary Manage NGINX package installation on RedHat based systems
# @api private
class nginx::package::redhat {
- $package_name = $nginx::package_name
- $package_source = $nginx::package_source
- $package_ensure = $nginx::package_ensure
- $package_flavor = $nginx::package_flavor
+ $package_name = $nginx::package_name
+ $package_source = $nginx::package_source
+ $package_ensure = $nginx::package_ensure
+ $package_flavor = $nginx::package_flavor
$passenger_package_ensure = $nginx::passenger_package_ensure
- $passenger_package_name = $nginx::passenger_package_name
- $manage_repo = $nginx::manage_repo
- $purge_passenger_repo = $nginx::purge_passenger_repo
+ $passenger_package_name = $nginx::passenger_package_name
+ $manage_repo = $nginx::manage_repo
+ $purge_passenger_repo = $nginx::purge_passenger_repo
#Install the CentOS-specific packages on that OS, otherwise assume it's a RHEL
#clone and provide the Red Hat-specific package. This comes into play when not
diff --git a/manifests/params.pp b/manifests/params.pp
index feaf843e2..ba441d652 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -199,23 +199,23 @@
### END Operating System Configuration
### Referenced Variables
- $conf_dir = $_module_parameters['conf_dir']
- $snippets_dir = "${conf_dir}/snippets"
- $log_dir = $_module_parameters['log_dir']
- $log_user = $_module_parameters['log_user']
- $log_group = $_module_parameters['log_group']
- $log_mode = $_module_parameters['log_mode']
- $pid = $_module_parameters['pid']
+ $conf_dir = $_module_parameters['conf_dir']
+ $snippets_dir = "${conf_dir}/snippets"
+ $log_dir = $_module_parameters['log_dir']
+ $log_user = $_module_parameters['log_user']
+ $log_group = $_module_parameters['log_group']
+ $log_mode = $_module_parameters['log_mode']
+ $pid = $_module_parameters['pid']
$include_modules_enabled = $_module_parameters['include_modules_enabled']
- $daemon_user = $_module_parameters['daemon_user']
- $global_group = $_module_parameters['root_group']
- $manage_repo = $_module_parameters['manage_repo']
- $mime_types = $_module_parameters['mime_types']
- $root_group = $_module_parameters['root_group']
- $package_name = $_module_parameters['package_name']
- $passenger_package_name = $_module_parameters['passenger_package_name']
- $mail_package_name = $_module_parameters['mail_package_name']
- $sites_available_group = $_module_parameters['root_group']
+ $daemon_user = $_module_parameters['daemon_user']
+ $global_group = $_module_parameters['root_group']
+ $manage_repo = $_module_parameters['manage_repo']
+ $mime_types = $_module_parameters['mime_types']
+ $root_group = $_module_parameters['root_group']
+ $package_name = $_module_parameters['package_name']
+ $passenger_package_name = $_module_parameters['passenger_package_name']
+ $mail_package_name = $_module_parameters['mail_package_name']
+ $sites_available_group = $_module_parameters['root_group']
### END Referenced Variables
}
diff --git a/manifests/resource/geo.pp b/manifests/resource/geo.pp
index 6329969b4..ab5c59980 100644
--- a/manifests/resource/geo.pp
+++ b/manifests/resource/geo.pp
@@ -64,7 +64,7 @@
Optional[Array] $proxies = undef,
Optional[Boolean] $proxy_recursive = undef
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
diff --git a/manifests/resource/map.pp b/manifests/resource/map.pp
index de6a02476..4508f73a3 100644
--- a/manifests/resource/map.pp
+++ b/manifests/resource/map.pp
@@ -72,7 +72,7 @@
Boolean $hostnames = false,
Enum['http', 'stream'] $context = 'http',
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
diff --git a/manifests/resource/snippet.pp b/manifests/resource/snippet.pp
index 7b871e0bf..d9ce66a3e 100644
--- a/manifests/resource/snippet.pp
+++ b/manifests/resource/snippet.pp
@@ -18,7 +18,7 @@
String $group = $nginx::global_group,
Stdlib::Filemode $mode = $nginx::global_mode,
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp
index 4081ca565..36d9f0910 100644
--- a/manifests/resource/upstream.pp
+++ b/manifests/resource/upstream.pp
@@ -125,15 +125,15 @@
Nginx::UpstreamCustomParameters $cfg_append = {},
Nginx::UpstreamCustomParameters $cfg_prepend = {},
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
if $least_time {
- if $context == 'http' and ! ($least_time =~ Nginx::UpstreamLeastTimeHttp) {
+ if $context == 'http' and !($least_time =~ Nginx::UpstreamLeastTimeHttp) {
fail('The parameter "least_time" does not match the datatype "Nginx::UpstreamLeastTimeHttp"')
}
- if $context == 'stream' and ! ($least_time =~ Nginx::UpstreamLeastTimeStream) {
+ if $context == 'stream' and !($least_time =~ Nginx::UpstreamLeastTimeStream) {
fail('The parameter "least_time" does not match the datatype "Nginx::UpstreamLeastTimeStream"')
}
}
@@ -167,7 +167,7 @@
),
}
- if ! empty($members) {
+ if !empty($members) {
$members.each |$member, $values| {
$member_values = $member_defaults + $values + { 'upstream' => $name, 'context' => $context }
diff --git a/manifests/resource/upstream/member.pp b/manifests/resource/upstream/member.pp
index 12d8c26a2..36da9b55f 100644
--- a/manifests/resource/upstream/member.pp
+++ b/manifests/resource/upstream/member.pp
@@ -74,7 +74,7 @@
Optional[String[1]] $params_append = undef,
Optional[String[1]] $comment = undef,
) {
- if ! defined(Class['nginx']) {
+ if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}
From 90f90af58ec3847b1a01550f2d4bf335aaac650a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Wed, 22 Oct 2025 12:07:02 +0200
Subject: [PATCH 5/9] fix tests
---
templates/mailhost/mailhost.epp | 22 +++++++-------
templates/mailhost/mailhost_common.epp | 27 +++++++++---------
templates/mailhost/mailhost_ssl.epp | 18 ++++++------
templates/mailhost/mailhost_ssl_settings.epp | 30 ++++++++++----------
4 files changed, 48 insertions(+), 49 deletions(-)
diff --git a/templates/mailhost/mailhost.epp b/templates/mailhost/mailhost.epp
index 8a9c4fb58..c50f41d6c 100644
--- a/templates/mailhost/mailhost.epp
+++ b/templates/mailhost/mailhost.epp
@@ -1,15 +1,15 @@
<%- |
- Array[String] $ipv6_listen_ip,
- String $ipv6_listen_options,
- Stdlib::Port $ipv6_listen_port,
- Array[String] $listen_ip,
- Optional[String] $listen_options,
- Stdlib::Port $listen_port,
- String $mailhost_append,
- String[1] $mailhost_common,
- String $mailhost_prepend,
- String[1] $mailhost_ssl_settings,
- String[1] $nginx_version,
+ Array[String] $ipv6_listen_ip,
+ String $ipv6_listen_options,
+ Stdlib::Port $ipv6_listen_port,
+ Array[String] $listen_ip,
+ Optional[String] $listen_options,
+ Stdlib::Port $listen_port,
+ String $mailhost_append,
+ String[1] $mailhost_common,
+ String $mailhost_prepend,
+ String[1] $mailhost_ssl_settings,
+ String[1] $nginx_version,
Enum['on', 'off', 'only'] $starttls,
| -%>
# MANAGED BY PUPPET
diff --git a/templates/mailhost/mailhost_common.epp b/templates/mailhost/mailhost_common.epp
index 7422c8800..01061ea03 100644
--- a/templates/mailhost/mailhost_common.epp
+++ b/templates/mailhost/mailhost_common.epp
@@ -1,21 +1,20 @@
<%- |
- Optional[String] $auth_http,
- Optional[String] $auth_http_header,
- Optional[String] $imap_auth,
- Optional[Array] $imap_capabilities,
- Optional[String] $imap_client_buffer,
- Optional[String] $pop3_auth,
- Optional[Array] $pop3_capabilities,
- Optional[Enum['imap', 'pop3', 'sieve', 'smtp']]
- $protocol,
- String $proxy_pass_error_message,
+ Optional[String] $auth_http,
+ Optional[String] $auth_http_header,
+ Optional[String] $imap_auth,
+ Optional[Array] $imap_capabilities,
+ Optional[String] $imap_client_buffer,
+ Optional[String] $pop3_auth,
+ Optional[Array] $pop3_capabilities,
+ Optional[Enum['imap', 'pop3', 'sieve', 'smtp']] $protocol,
+ String $proxy_pass_error_message,
Enum['on', 'off'] $proxy_protocol,
Enum['on', 'off'] $proxy_smtp_auth,
- Array $server_name,
- Optional[String] $smtp_auth,
- Optional[Array] $smtp_capabilities,
+ Array $server_name,
+ Optional[String] $smtp_auth,
+ Optional[Array] $smtp_capabilities,
Enum['on', 'off'] $xclient,
- String $nginx_version,
+ String $nginx_version,
| -%>
server_name <%= $server_name.join(" ") %>;
<%- if $protocol { -%>
diff --git a/templates/mailhost/mailhost_ssl.epp b/templates/mailhost/mailhost_ssl.epp
index 82ffb157b..7b06ba51a 100644
--- a/templates/mailhost/mailhost_ssl.epp
+++ b/templates/mailhost/mailhost_ssl.epp
@@ -1,13 +1,13 @@
<%- |
- Array[String] $ipv6_listen_ip,
- String $ipv6_listen_options,
- Stdlib::Port $ipv6_listen_port,
- Array[String] $listen_ip,
- String $mailhost_append,
- String[1] $mailhost_common,
- String $mailhost_prepend,
- String[1] $mailhost_ssl_settings,
- String[1] $nginx_version,
+ Array[String] $ipv6_listen_ip,
+ String $ipv6_listen_options,
+ Stdlib::Port $ipv6_listen_port,
+ Array[String] $listen_ip,
+ String $mailhost_append,
+ String[1] $mailhost_common,
+ String $mailhost_prepend,
+ String[1] $mailhost_ssl_settings,
+ String[1] $nginx_version,
Optional[Stdlib::Port] $ssl_port,
| -%>
# MANAGED BY PUPPET
diff --git a/templates/mailhost/mailhost_ssl_settings.epp b/templates/mailhost/mailhost_ssl_settings.epp
index 06acb0a1b..6ef554726 100644
--- a/templates/mailhost/mailhost_ssl_settings.epp
+++ b/templates/mailhost/mailhost_ssl_settings.epp
@@ -1,19 +1,19 @@
<%- |
- Optional[String] $ssl_cert,
- String $ssl_ciphers,
- Optional[String] $ssl_client_cert,
- Optional[String] $ssl_crl,
- Optional[String] $ssl_dhparam,
- Optional[String] $ssl_ecdh_curve,
- Optional[String] $ssl_key,
- Optional[String] $ssl_password_file,
- Enum['on', 'off'] $ssl_prefer_server_ciphers,
- String $ssl_protocols,
- Optional[String] $ssl_session_cache,
- Optional[String] $ssl_session_ticket_key,
- Optional[String] $ssl_session_tickets,
- String $ssl_session_timeout,
- Optional[String] $ssl_trusted_cert,
+ Optional[String] $ssl_cert,
+ Optional[String] $ssl_ciphers,
+ Optional[String] $ssl_client_cert,
+ Optional[String] $ssl_crl,
+ Optional[String] $ssl_dhparam,
+ Optional[String] $ssl_ecdh_curve,
+ Optional[String] $ssl_key,
+ Optional[String] $ssl_password_file,
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers,
+ Optional[String] $ssl_protocols,
+ Optional[String] $ssl_session_cache,
+ Optional[String] $ssl_session_ticket_key,
+ Optional[String] $ssl_session_tickets,
+ Optional[Nginx::Time] $ssl_session_timeout,
+ Optional[String] $ssl_trusted_cert,
Optional[Integer] $ssl_verify_depth,
| -%>
From 404ec65e1bdab53ccff74e8238f62bef388c5c10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Wed, 22 Oct 2025 13:40:53 +0200
Subject: [PATCH 6/9] fix some more tests
---
templates/mailhost/mailhost_ssl_settings.epp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/templates/mailhost/mailhost_ssl_settings.epp b/templates/mailhost/mailhost_ssl_settings.epp
index 6ef554726..50d4a5b41 100644
--- a/templates/mailhost/mailhost_ssl_settings.epp
+++ b/templates/mailhost/mailhost_ssl_settings.epp
@@ -17,8 +17,12 @@
Optional[Integer] $ssl_verify_depth,
| -%>
+<%- if $ssl_cert { -%>
ssl_certificate <%= $ssl_cert %>;
+<%- } -%>
+<%- if $ssl_key { -%>
ssl_certificate_key <%= $ssl_key %>;
+<%- } -%>
<%- if $ssl_ciphers { -%>
ssl_ciphers <%= $ssl_ciphers %>;
<%- } -%>
@@ -41,8 +45,12 @@
<%- if $ssl_password_file { -%>
ssl_password_file <%= $ssl_password_file %>;
<%- } -%>
+<% if $ssl_prefer_server_ciphers { -%>
ssl_prefer_server_ciphers <%= $ssl_prefer_server_ciphers %>;
+<%- } -%>
+<% if $ssl_protocols { -%>
ssl_protocols <%= $ssl_protocols %>;
+<%- } -%>
<%- if $ssl_session_cache { -%>
ssl_session_cache <%= $ssl_session_cache %>;
<%- } -%>
From 452267a6878afce5992f83141e6f6fda4803ee6a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Wed, 22 Oct 2025 16:05:53 +0200
Subject: [PATCH 7/9] fix even more tests
---
spec/classes/nginx_spec.rb | 30 --------------------------
spec/defines/resource_location_spec.rb | 8 +++----
templates/conf.d/nginx.conf.erb | 4 ++--
3 files changed, 6 insertions(+), 36 deletions(-)
diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb
index 7bf2a3c3d..78156f3f3 100644
--- a/spec/classes/nginx_spec.rb
+++ b/spec/classes/nginx_spec.rb
@@ -1498,41 +1498,11 @@
)
end
- it do
- is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
- %r{ gzip_comp_level 1;}
- )
- end
-
it do
is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
%r{ gzip_disable msie6;}
)
end
-
- it do
- is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
- %r{ gzip_min_length 20;}
- )
- end
-
- it do
- is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
- %r{ gzip_http_version 1.1;}
- )
- end
-
- it do
- is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
- %r{ gzip_vary off;}
- )
- end
-
- it do
- is_expected.to contain_file('/etc/nginx/nginx.conf').with_content(
- %r{ gzip_proxied off;}
- )
- end
end
context 'when gzip is non-default (on) set gzip_types (array)' do
diff --git a/spec/defines/resource_location_spec.rb b/spec/defines/resource_location_spec.rb
index ddde4e105..050cb3b57 100644
--- a/spec/defines/resource_location_spec.rb
+++ b/spec/defines/resource_location_spec.rb
@@ -1046,14 +1046,14 @@
{
title: 'should set proxy_read_timeout',
attr: 'proxy_read_timeout',
- value: 'value',
- match: %r{\s+proxy_read_timeout\s+value;}
+ value: '20m',
+ match: %r{\s+proxy_read_timeout\s+20m;}
},
{
title: 'should set proxy_connect_timeout',
attr: 'proxy_connect_timeout',
- value: 'value',
- match: %r{\s+proxy_connect_timeout\s+value;}
+ value: 10,
+ match: %r{\s+proxy_connect_timeout\s+10;}
},
{
title: 'should set proxy headers',
diff --git a/templates/conf.d/nginx.conf.erb b/templates/conf.d/nginx.conf.erb
index 2e9d7203c..5a82cf61b 100644
--- a/templates/conf.d/nginx.conf.erb
+++ b/templates/conf.d/nginx.conf.erb
@@ -119,9 +119,9 @@ http {
<% if @sendfile == 'on' -%>
sendfile on;
- <%- if @http_tcp_nopush == 'on' -%>
+<% end -%>
+<% if @http_tcp_nopush == 'on' -%>
tcp_nopush on;
- <%- end -%>
<% end -%>
<% if @server_tokens -%>
server_tokens <%= @server_tokens %>;
From 21119af28fb2ccab8230b2c2b2c25fa24ad70b38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Fri, 24 Oct 2025 10:46:24 +0200
Subject: [PATCH 8/9] fix formatting as discussed, removed Optional where not
optional
---
REFERENCE.md | 2 +-
manifests/init.pp | 358 +++++++++++++-------------
manifests/resource/geo.pp | 12 +-
manifests/resource/location.pp | 154 +++++------
manifests/resource/mailhost.pp | 88 +++----
manifests/resource/map.pp | 10 +-
manifests/resource/server.pp | 262 +++++++++----------
manifests/resource/snippet.pp | 6 +-
manifests/resource/streamhost.pp | 32 +--
manifests/resource/upstream.pp | 38 +--
manifests/resource/upstream/member.pp | 34 +--
11 files changed, 498 insertions(+), 498 deletions(-)
diff --git a/REFERENCE.md b/REFERENCE.md
index d18d0213f..5eb01b0ef 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -5127,7 +5127,7 @@ Default value: `'http'`
##### `server`
-Data type: `Optional[Nginx::UpstreamMemberServer]`
+Data type: `Nginx::UpstreamMemberServer`
Hostname or IP of the upstream member server
diff --git a/manifests/init.pp b/manifests/init.pp
index fe0b99656..8ff0ac6b1 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -222,113 +222,113 @@
class nginx (
### START Nginx Configuration ###
Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $client_body_temp_path = undef,
- Boolean $confd_only = false,
- Boolean $confd_purge = false,
- Stdlib::Absolutepath $conf_dir = $nginx::params::conf_dir,
- Optional[Enum['on', 'off']] $daemon = undef,
- String[1] $daemon_user = $nginx::params::daemon_user,
- Optional[String[1]] $daemon_group = undef,
- Array[String] $dynamic_modules = [],
- String[1] $global_owner = 'root',
- String[1] $global_group = $nginx::params::global_group,
- Stdlib::Filemode $global_mode = '0644',
- Optional[Variant[String[1], Array[String[1]]]] $limit_req_zone = undef,
- Stdlib::Absolutepath $log_dir = $nginx::params::log_dir,
- Boolean $manage_log_dir = true,
- String[1] $log_user = $nginx::params::log_user,
- String[1] $log_group = $nginx::params::log_group,
- Stdlib::Filemode $log_mode = $nginx::params::log_mode,
- Variant[String, Array[String]] $http_access_log = "${log_dir}/access.log",
- Optional[String] $http_format_log = undef,
- Variant[String, Array[String]] $stream_access_log = "${log_dir}/stream-access.log",
- Optional[String] $stream_custom_format_log = undef,
- Variant[String, Array[String]] $nginx_error_log = "${log_dir}/error.log",
- Nginx::ErrorLogSeverity $nginx_error_log_severity = 'error',
- Variant[Stdlib::Absolutepath, Boolean] $pid = $nginx::params::pid,
- Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $proxy_temp_path = undef,
- String[1] $root_group = $nginx::params::root_group,
- String[1] $sites_available_owner = 'root',
- String[1] $sites_available_group = $nginx::params::sites_available_group,
- Stdlib::Filemode $sites_available_mode = '0644',
- Boolean $super_user = true,
- Stdlib::Absolutepath $temp_dir = '/tmp',
- Boolean $server_purge = false,
- Boolean $include_modules_enabled = $nginx::params::include_modules_enabled,
+ Boolean $confd_only = false,
+ Boolean $confd_purge = false,
+ Stdlib::Absolutepath $conf_dir = $nginx::params::conf_dir,
+ Optional[Enum['on', 'off']] $daemon = undef,
+ String[1] $daemon_user = $nginx::params::daemon_user,
+ Optional[String[1]] $daemon_group = undef,
+ Array[String] $dynamic_modules = [],
+ String[1] $global_owner = 'root',
+ String[1] $global_group = $nginx::params::global_group,
+ Stdlib::Filemode $global_mode = '0644',
+ Optional[Variant[String[1], Array[String[1]]]] $limit_req_zone = undef,
+ Stdlib::Absolutepath $log_dir = $nginx::params::log_dir,
+ Boolean $manage_log_dir = true,
+ String[1] $log_user = $nginx::params::log_user,
+ String[1] $log_group = $nginx::params::log_group,
+ Stdlib::Filemode $log_mode = $nginx::params::log_mode,
+ Variant[String, Array[String]] $http_access_log = "${log_dir}/access.log",
+ Optional[String] $http_format_log = undef,
+ Variant[String, Array[String]] $stream_access_log = "${log_dir}/stream-access.log",
+ Optional[String] $stream_custom_format_log = undef,
+ Variant[String, Array[String]] $nginx_error_log = "${log_dir}/error.log",
+ Nginx::ErrorLogSeverity $nginx_error_log_severity = 'error',
+ Variant[Stdlib::Absolutepath, Boolean] $pid = $nginx::params::pid,
+ Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $proxy_temp_path = undef,
+ String[1] $root_group = $nginx::params::root_group,
+ String[1] $sites_available_owner = 'root',
+ String[1] $sites_available_group = $nginx::params::sites_available_group,
+ Stdlib::Filemode $sites_available_mode = '0644',
+ Boolean $super_user = true,
+ Stdlib::Absolutepath $temp_dir = '/tmp',
+ Boolean $server_purge = false,
+ Boolean $include_modules_enabled = $nginx::params::include_modules_enabled,
# Primary Templates
- String[1] $conf_template = 'nginx/conf.d/nginx.conf.erb',
- String[1] $fastcgi_conf_template = 'nginx/server/fastcgi.conf.erb',
- String[1] $uwsgi_params_template = 'nginx/server/uwsgi_params.erb',
+ String[1] $conf_template = 'nginx/conf.d/nginx.conf.erb',
+ String[1] $fastcgi_conf_template = 'nginx/server/fastcgi.conf.erb',
+ String[1] $uwsgi_params_template = 'nginx/server/uwsgi_params.erb',
### START Nginx Configuration ###
- Optional[Enum['on', 'off']] $absolute_redirect = undef,
- Optional[Enum['on', 'off']] $accept_mutex = undef, # nginx default is 'off'
- Optional[Nginx::Time] $accept_mutex_delay = undef,
- Optional[Nginx::Size] $client_body_buffer_size = undef, # nginx default is 2 memory pages
- Optional[Nginx::Size] $client_max_body_size = undef, # nginx default is '1m'
- Optional[Nginx::Time] $client_body_timeout = undef,
- Optional[Nginx::Time] $send_timeout = undef,
- Optional[Nginx::Time] $lingering_timeout = undef,
- Optional[Enum['on', 'off', 'always']] $lingering_close = undef,
- Optional[String[1]] $lingering_time = undef,
- Optional[Enum['on', 'off']] $etag = undef,
- Optional[String] $events_use = undef,
- Array[Nginx::DebugConnection] $debug_connections = [],
- Nginx::Time $fastcgi_cache_inactive = '20m',
- Optional[String] $fastcgi_cache_key = undef,
- String $fastcgi_cache_keys_zone = 'd3:100m',
- String $fastcgi_cache_levels = '1',
- Nginx::Size $fastcgi_cache_max_size = '500m',
- Optional[String] $fastcgi_cache_path = undef,
- Optional[String] $fastcgi_cache_use_stale = undef,
- Optional[Enum['on', 'off']] $gzip = undef,
- Optional[String] $gzip_buffers = undef,
- Optional[Integer] $gzip_comp_level = undef,
- String $gzip_disable = 'msie6',
- Optional[Integer] $gzip_min_length = undef,
- Optional[Enum['1.0', '1.1']] $gzip_http_version = undef,
- Optional[Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]]] $gzip_proxied = undef,
- Optional[Variant[String[1], Array[String[1]]]] $gzip_types = undef,
- Optional[Enum['on', 'off']] $gzip_vary = undef,
- Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
- Optional[Variant[Hash, Array]] $http_cfg_prepend = undef,
- Optional[Variant[Hash, Array]] $http_cfg_append = undef,
- Optional[Variant[Array[String], String]] $http_raw_prepend = undef,
- Optional[Variant[Array[String], String]] $http_raw_append = undef,
- Optional[Enum['on', 'off']] $http_tcp_nodelay = undef,
- Optional[Enum['on', 'off']] $http_tcp_nopush = undef,
- Optional[Nginx::Time] $keepalive_timeout = undef, # nginx default is '75s'
- Optional[Integer] $keepalive_requests = undef, # nginx default is 1000
- Hash[String[1], Nginx::LogFormat] $log_format = {},
- Hash[String[1], Nginx::LogFormat] $stream_log_format = {},
- Boolean $mail = false,
- Optional[Integer] $map_hash_bucket_size = undef,
- Optional[Integer] $map_hash_max_size = undef,
- Variant[String, Boolean] $mime_types_path = 'mime.types',
- Boolean $stream = false,
- Optional[Enum['on', 'off']] $multi_accept = undef,
- Optional[Integer] $names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
- Optional[Integer] $names_hash_max_size = undef,
- Variant[Boolean, Array, Hash] $nginx_cfg_prepend = false,
- Optional[String] $proxy_buffers = undef, # nginx defaults to 1 memory page
- Optional[Nginx::Size] $proxy_buffer_size = undef, # nginx default is 1 memory page
- Nginx::Time $proxy_cache_inactive = '20m',
- String $proxy_cache_keys_zone = 'd2:100m',
- String $proxy_cache_levels = '1',
- Nginx::Size $proxy_cache_max_size = '500m',
- Optional[Variant[Hash, String]] $proxy_cache_path = undef,
- Optional[Integer] $proxy_cache_loader_files = undef,
- Optional[String] $proxy_cache_loader_sleep = undef,
- Optional[String] $proxy_cache_loader_threshold = undef,
- Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
- Optional[Nginx::Time] $proxy_connect_timeout = undef, # nginx default is '60s'
- Optional[Integer] $proxy_headers_hash_bucket_size = undef,
- Optional[Integer] $proxy_headers_hash_max_size = undef,
- Optional[String] $proxy_http_version = undef,
- Optional[Nginx::Time] $proxy_read_timeout = undef, # nginx default is '60s'
- Optional[Variant[Array[String], String]] $proxy_redirect = undef,
- Optional[Nginx::Time] $proxy_send_timeout = undef, # nginx default is '60s'
- Array $proxy_set_header = [
+ Optional[Enum['on', 'off']] $absolute_redirect = undef,
+ Optional[Enum['on', 'off']] $accept_mutex = undef, # nginx default is 'off'
+ Optional[Nginx::Time] $accept_mutex_delay = undef,
+ Optional[Nginx::Size] $client_body_buffer_size = undef, # nginx default is 2 memory pages
+ Optional[Nginx::Size] $client_max_body_size = undef, # nginx default is '1m'
+ Optional[Nginx::Time] $client_body_timeout = undef,
+ Optional[Nginx::Time] $send_timeout = undef,
+ Optional[Nginx::Time] $lingering_timeout = undef,
+ Optional[Enum['on', 'off', 'always']] $lingering_close = undef,
+ Optional[String[1]] $lingering_time = undef,
+ Optional[Enum['on', 'off']] $etag = undef,
+ Optional[String] $events_use = undef,
+ Array[Nginx::DebugConnection] $debug_connections = [],
+ Nginx::Time $fastcgi_cache_inactive = '20m',
+ Optional[String] $fastcgi_cache_key = undef,
+ String $fastcgi_cache_keys_zone = 'd3:100m',
+ String $fastcgi_cache_levels = '1',
+ Nginx::Size $fastcgi_cache_max_size = '500m',
+ Optional[String] $fastcgi_cache_path = undef,
+ Optional[String] $fastcgi_cache_use_stale = undef,
+ Optional[Enum['on', 'off']] $gzip = undef,
+ Optional[String] $gzip_buffers = undef,
+ Optional[Integer] $gzip_comp_level = undef,
+ String $gzip_disable = 'msie6',
+ Optional[Integer] $gzip_min_length = undef,
+ Optional[Enum['1.0', '1.1']] $gzip_http_version = undef,
+ Optional[Variant[Nginx::GzipProxied, Array[Nginx::GzipProxied]]] $gzip_proxied = undef,
+ Optional[Variant[String[1], Array[String[1]]]] $gzip_types = undef,
+ Optional[Enum['on', 'off']] $gzip_vary = undef,
+ Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
+ Optional[Variant[Hash, Array]] $http_cfg_prepend = undef,
+ Optional[Variant[Hash, Array]] $http_cfg_append = undef,
+ Optional[Variant[Array[String], String]] $http_raw_prepend = undef,
+ Optional[Variant[Array[String], String]] $http_raw_append = undef,
+ Optional[Enum['on', 'off']] $http_tcp_nodelay = undef,
+ Optional[Enum['on', 'off']] $http_tcp_nopush = undef,
+ Optional[Nginx::Time] $keepalive_timeout = undef, # nginx default is '75s'
+ Optional[Integer] $keepalive_requests = undef, # nginx default is 1000
+ Hash[String[1], Nginx::LogFormat] $log_format = {},
+ Hash[String[1], Nginx::LogFormat] $stream_log_format = {},
+ Boolean $mail = false,
+ Optional[Integer] $map_hash_bucket_size = undef,
+ Optional[Integer] $map_hash_max_size = undef,
+ Variant[String, Boolean] $mime_types_path = 'mime.types',
+ Boolean $stream = false,
+ Optional[Enum['on', 'off']] $multi_accept = undef,
+ Optional[Integer] $names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
+ Optional[Integer] $names_hash_max_size = undef,
+ Variant[Boolean, Array, Hash] $nginx_cfg_prepend = false,
+ Optional[String] $proxy_buffers = undef, # nginx defaults to 1 memory page
+ Optional[Nginx::Size] $proxy_buffer_size = undef, # nginx default is 1 memory page
+ Nginx::Time $proxy_cache_inactive = '20m',
+ String $proxy_cache_keys_zone = 'd2:100m',
+ String $proxy_cache_levels = '1',
+ Nginx::Size $proxy_cache_max_size = '500m',
+ Optional[Variant[Hash, String]] $proxy_cache_path = undef,
+ Optional[Integer] $proxy_cache_loader_files = undef,
+ Optional[String] $proxy_cache_loader_sleep = undef,
+ Optional[String] $proxy_cache_loader_threshold = undef,
+ Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
+ Optional[Nginx::Time] $proxy_connect_timeout = undef, # nginx default is '60s'
+ Optional[Integer] $proxy_headers_hash_bucket_size = undef,
+ Optional[Integer] $proxy_headers_hash_max_size = undef,
+ Optional[String] $proxy_http_version = undef,
+ Optional[Nginx::Time] $proxy_read_timeout = undef, # nginx default is '60s'
+ Optional[Variant[Array[String], String]] $proxy_redirect = undef,
+ Optional[Nginx::Time] $proxy_send_timeout = undef, # nginx default is '60s'
+ Array $proxy_set_header = [
'Host $host',
'X-Real-IP $remote_addr',
'X-Forwarded-For $proxy_add_x_forwarded_for',
@@ -336,91 +336,91 @@
'X-Forwarded-Proto $scheme',
'Proxy ""',
],
- Array $proxy_hide_header = [],
- Array $proxy_pass_header = [],
- Array $proxy_ignore_header = [],
- Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
- Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
- Optional[Enum['on', 'off']] $sendfile = undef, # nginx default is 'off'
- Optional[Enum['on', 'off']] $server_tokens = undef,
- Enum['on', 'off'] $spdy = 'off',
- Enum['on', 'off'] $http2 = 'off',
- Optional[Enum['on', 'off']] $ssl_stapling = undef,
- Optional[Enum['on', 'off']] $ssl_stapling_verify = undef,
- Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
- Boolean $manage_snippets_dir = true,
- Optional[Integer] $types_hash_bucket_size = undef, # nginx default is 64
- Optional[Integer] $types_hash_max_size = undef,
- Optional[Integer] $worker_connections = undef, # nginx default is 512
- Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef, # nginx default is 'off'
- Optional[Variant[Integer, Enum['auto']]] $worker_processes = undef, # nginx default is 1
- Integer $worker_rlimit_nofile = 1024,
- Optional[Enum['on', 'off']] $pcre_jit = undef,
- Optional[String] $ssl_protocols = undef, # nginx default is 'TLSv1.2 TLSv1.3'
- Optional[String] $ssl_ciphers = undef, # nginx default is 'HIGH:!aNULL:!MD5'
- Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
- Optional[String] $ssl_ecdh_curve = undef,
- Optional[String] $ssl_session_cache = undef, # nginx default is 'none'
- Optional[Nginx::Time] $ssl_session_timeout = undef,
- Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
- Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,
- Optional[String] $ssl_buffer_size = undef,
- Optional[Stdlib::Absolutepath] $ssl_crl = undef,
- Optional[Stdlib::Absolutepath] $ssl_stapling_file = undef,
- Optional[String] $ssl_stapling_responder = undef,
- Optional[Stdlib::Absolutepath] $ssl_trusted_certificate = undef,
- Optional[Integer] $ssl_verify_depth = undef,
- Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
- Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
- Optional[Integer] $variables_hash_bucket_size = undef,
- Optional[Integer] $variables_hash_max_size = undef,
+ Array $proxy_hide_header = [],
+ Array $proxy_pass_header = [],
+ Array $proxy_ignore_header = [],
+ Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
+ Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
+ Optional[Enum['on', 'off']] $sendfile = undef, # nginx default is 'off'
+ Optional[Enum['on', 'off']] $server_tokens = undef,
+ Enum['on', 'off'] $spdy = 'off',
+ Enum['on', 'off'] $http2 = 'off',
+ Optional[Enum['on', 'off']] $ssl_stapling = undef,
+ Optional[Enum['on', 'off']] $ssl_stapling_verify = undef,
+ Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
+ Boolean $manage_snippets_dir = true,
+ Optional[Integer] $types_hash_bucket_size = undef, # nginx default is 64
+ Optional[Integer] $types_hash_max_size = undef,
+ Optional[Integer] $worker_connections = undef, # nginx default is 512
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef, # nginx default is 'off'
+ Optional[Variant[Integer, Enum['auto']]] $worker_processes = undef, # nginx default is 1
+ Integer $worker_rlimit_nofile = 1024,
+ Optional[Enum['on', 'off']] $pcre_jit = undef,
+ Optional[String] $ssl_protocols = undef, # nginx default is 'TLSv1.2 TLSv1.3'
+ Optional[String] $ssl_ciphers = undef, # nginx default is 'HIGH:!aNULL:!MD5'
+ Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
+ Optional[String] $ssl_ecdh_curve = undef,
+ Optional[String] $ssl_session_cache = undef, # nginx default is 'none'
+ Optional[Nginx::Time] $ssl_session_timeout = undef,
+ Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
+ Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,
+ Optional[String] $ssl_buffer_size = undef,
+ Optional[Stdlib::Absolutepath] $ssl_crl = undef,
+ Optional[Stdlib::Absolutepath] $ssl_stapling_file = undef,
+ Optional[String] $ssl_stapling_responder = undef,
+ Optional[Stdlib::Absolutepath] $ssl_trusted_certificate = undef,
+ Optional[Integer] $ssl_verify_depth = undef,
+ Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
+ Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
+ Optional[Integer] $variables_hash_bucket_size = undef,
+ Optional[Integer] $variables_hash_max_size = undef,
### START Package Configuration ###
- String $package_ensure = installed,
- String $package_name = $nginx::params::package_name,
- Nginx::Package_source $package_source = 'nginx',
- Optional[String] $package_flavor = undef,
- Boolean $manage_repo = $nginx::params::manage_repo,
- Hash[String[1], String[1]] $mime_types = $nginx::params::mime_types,
- Boolean $mime_types_preserve_defaults = false,
- Optional[String] $repo_release = undef,
- String $passenger_package_ensure = installed,
- String[1] $passenger_package_name = $nginx::params::passenger_package_name,
+ String $package_ensure = installed,
+ String $package_name = $nginx::params::package_name,
+ Nginx::Package_source $package_source = 'nginx',
+ Optional[String] $package_flavor = undef,
+ Boolean $manage_repo = $nginx::params::manage_repo,
+ Hash[String[1], String[1]] $mime_types = $nginx::params::mime_types,
+ Boolean $mime_types_preserve_defaults = false,
+ Optional[String] $repo_release = undef,
+ String $passenger_package_ensure = installed,
+ String[1] $passenger_package_name = $nginx::params::passenger_package_name,
# This is optional, to allow it to be set to undef for systems that install it with nginx always
- Optional[String[1]] $mail_package_name = $nginx::params::mail_package_name,
- Optional[Stdlib::HTTPUrl] $repo_source = undef,
+ Optional[String[1]] $mail_package_name = $nginx::params::mail_package_name,
+ Optional[Stdlib::HTTPUrl] $repo_source = undef,
### END Package Configuration ###
### START Service Configuation ###
- Stdlib::Ensure::Service $service_ensure = 'running',
- Boolean $service_enable = true,
- Optional[String] $service_flags = undef,
- Optional[String] $service_restart = undef,
- String $service_name = 'nginx',
- Boolean $service_manage = true,
- Boolean $service_config_check = false,
- String $service_config_check_command = 'nginx -t',
+ Stdlib::Ensure::Service $service_ensure = 'running',
+ Boolean $service_enable = true,
+ Optional[String] $service_flags = undef,
+ Optional[String] $service_restart = undef,
+ String $service_name = 'nginx',
+ Boolean $service_manage = true,
+ Boolean $service_config_check = false,
+ String $service_config_check_command = 'nginx -t',
### END Service Configuration ###
### START Hiera Lookups ###
- Hash $geo_mappings = {},
- Hash $geo_mappings_defaults = {},
- Hash $string_mappings = {},
- Hash $string_mappings_defaults = {},
- Hash $nginx_snippets = {},
- Hash $nginx_snippets_defaults = {},
- Hash $nginx_locations = {},
- Hash $nginx_locations_defaults = {},
- Hash $nginx_mailhosts = {},
- Hash $nginx_mailhosts_defaults = {},
- Hash $nginx_servers = {},
- Hash $nginx_servers_defaults = {},
- Hash $nginx_streamhosts = {},
- Hash $nginx_streamhosts_defaults = {},
- Hash $nginx_upstreams = {},
- Nginx::UpstreamDefaults $nginx_upstreams_defaults = {},
- Boolean $purge_passenger_repo = true,
- String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'),
+ Hash $geo_mappings = {},
+ Hash $geo_mappings_defaults = {},
+ Hash $string_mappings = {},
+ Hash $string_mappings_defaults = {},
+ Hash $nginx_snippets = {},
+ Hash $nginx_snippets_defaults = {},
+ Hash $nginx_locations = {},
+ Hash $nginx_locations_defaults = {},
+ Hash $nginx_mailhosts = {},
+ Hash $nginx_mailhosts_defaults = {},
+ Hash $nginx_servers = {},
+ Hash $nginx_servers_defaults = {},
+ Hash $nginx_streamhosts = {},
+ Hash $nginx_streamhosts_defaults = {},
+ Hash $nginx_upstreams = {},
+ Nginx::UpstreamDefaults $nginx_upstreams_defaults = {},
+ Boolean $purge_passenger_repo = true,
+ String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'),
### END Hiera Lookups ###
) inherits nginx::params {
diff --git a/manifests/resource/geo.pp b/manifests/resource/geo.pp
index ab5c59980..817d70bc7 100644
--- a/manifests/resource/geo.pp
+++ b/manifests/resource/geo.pp
@@ -56,12 +56,12 @@
# '192.168.0.0/16': 'intra'
define nginx::resource::geo (
Hash $networks,
- Optional[String] $default = undef,
- Enum['present', 'absent'] $ensure = 'present',
- Boolean $ranges = false,
- Optional[String] $address = undef,
- Optional[String] $delete = undef,
- Optional[Array] $proxies = undef,
+ Optional[String] $default = undef,
+ Enum['present', 'absent'] $ensure = 'present',
+ Boolean $ranges = false,
+ Optional[String] $address = undef,
+ Optional[String] $delete = undef,
+ Optional[Array] $proxies = undef,
Optional[Boolean] $proxy_recursive = undef
) {
if !defined(Class['nginx']) {
diff --git a/manifests/resource/location.pp b/manifests/resource/location.pp
index 653e212a4..d5324cd75 100644
--- a/manifests/resource/location.pp
+++ b/manifests/resource/location.pp
@@ -249,88 +249,88 @@
# }
#
define nginx::resource::location (
- Enum['present', 'absent'] $ensure = 'present',
- Boolean $internal = false,
- String $location = $name,
- Optional[Variant[String[1], Array[String[1], 1]]] $server = undef,
- Optional[String] $www_root = undef,
- Optional[String] $autoindex = undef,
- Optional[Enum['on', 'off']] $autoindex_exact_size = undef,
+ Enum['present', 'absent'] $ensure = 'present',
+ Boolean $internal = false,
+ String $location = $name,
+ Optional[Variant[String[1], Array[String[1], 1]]] $server = undef,
+ Optional[String] $www_root = undef,
+ Optional[String] $autoindex = undef,
+ Optional[Enum['on', 'off']] $autoindex_exact_size = undef,
Optional[Enum['html', 'xml', 'json', 'jsonp']] $autoindex_format = undef,
- Optional[Enum['on', 'off']] $autoindex_localtime = undef,
- Array $index_files = [
+ Optional[Enum['on', 'off']] $autoindex_localtime = undef,
+ Array $index_files = [
'index.html',
'index.htm',
'index.php',
],
- Optional[String] $proxy = undef,
- Optional[Variant[Array[String], String]] $proxy_redirect = $nginx::proxy_redirect,
- Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
- Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
- Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
- Array $proxy_set_header = $nginx::proxy_set_header,
- Array $proxy_hide_header = $nginx::proxy_hide_header,
- Array $proxy_pass_header = $nginx::proxy_pass_header,
- Array $proxy_ignore_header = $nginx::proxy_ignore_header,
- Optional[String] $proxy_next_upstream = undef,
- Optional[String] $fastcgi = undef,
- Optional[String] $fastcgi_index = undef,
- Optional[Hash] $fastcgi_param = undef,
- String $fastcgi_params = "${nginx::conf_dir}/fastcgi.conf",
- Optional[String] $fastcgi_script = undef,
- Optional[String] $fastcgi_split_path = undef,
- Optional[String] $uwsgi = undef,
- Optional[Hash] $uwsgi_param = undef,
- String $uwsgi_params = "${nginx::config::conf_dir}/uwsgi_params",
- Optional[String] $uwsgi_read_timeout = undef,
- Boolean $ssl = false,
- Boolean $ssl_only = false,
- Optional[String] $location_alias = undef,
- Optional[Variant[String[1], Array[String[1], 1]]] $limit_zone = undef,
- Optional[Enum['any', 'all']] $location_satisfy = undef,
- Optional[Array] $location_allow = undef,
- Optional[Array] $location_deny = undef,
- Optional[Boolean] $stub_status = undef,
- Optional[Variant[String, Array]] $raw_prepend = undef,
- Optional[Variant[String, Array]] $raw_append = undef,
- Optional[Hash] $location_custom_cfg = undef,
- Optional[Hash] $location_cfg_prepend = undef,
- Optional[Hash] $location_cfg_append = undef,
- Optional[Hash] $location_custom_cfg_prepend = undef,
- Optional[Hash] $location_custom_cfg_append = undef,
- Optional[Array] $include = undef,
- Optional[Array] $try_files = undef,
- Optional[String] $proxy_cache = undef,
- Optional[String] $proxy_cache_key = undef,
- Optional[String] $proxy_cache_use_stale = undef,
- Optional[Enum['on', 'off']] $proxy_cache_lock = undef,
- Optional[Enum['on', 'off']] $proxy_cache_background_update = undef,
- Optional[Enum['on', 'off']] $proxy_cache_convert_head = undef,
- Optional[Variant[Array, String]] $proxy_cache_valid = undef,
- Optional[Variant[Array, String]] $proxy_cache_bypass = undef,
- Optional[String] $proxy_method = undef,
- Optional[String] $proxy_http_version = undef,
- Optional[String] $proxy_set_body = undef,
- Optional[Enum['on', 'off']] $proxy_buffering = undef,
- Optional[Enum['on', 'off']] $proxy_request_buffering = undef,
- Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
- Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
- Optional[Enum['on', 'off']] $absolute_redirect = undef,
- Optional[String] $auth_basic = undef,
- Optional[String] $auth_basic_user_file = undef,
- Optional[String] $auth_request = undef,
- Array $rewrite_rules = [],
- Integer[401, 599] $priority = 500,
- Boolean $mp4 = false,
- Boolean $flv = false,
- Optional[String] $expires = undef,
- Hash $add_header = {},
- Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
- Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
- Optional[Variant[Array[String[1], 1], String[1]]] $access_log = undef,
- Optional[Variant[Array[String[1], 1], String[1]]] $error_log = undef,
- Optional[String[1]] $format_log = $nginx::http_format_log,
- Optional[Enum['on', 'off']] $log_not_found = undef,
+ Optional[String] $proxy = undef,
+ Optional[Variant[Array[String], String]] $proxy_redirect = $nginx::proxy_redirect,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
+ Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
+ Array $proxy_set_header = $nginx::proxy_set_header,
+ Array $proxy_hide_header = $nginx::proxy_hide_header,
+ Array $proxy_pass_header = $nginx::proxy_pass_header,
+ Array $proxy_ignore_header = $nginx::proxy_ignore_header,
+ Optional[String] $proxy_next_upstream = undef,
+ Optional[String] $fastcgi = undef,
+ Optional[String] $fastcgi_index = undef,
+ Optional[Hash] $fastcgi_param = undef,
+ String $fastcgi_params = "${nginx::conf_dir}/fastcgi.conf",
+ Optional[String] $fastcgi_script = undef,
+ Optional[String] $fastcgi_split_path = undef,
+ Optional[String] $uwsgi = undef,
+ Optional[Hash] $uwsgi_param = undef,
+ String $uwsgi_params = "${nginx::config::conf_dir}/uwsgi_params",
+ Optional[String] $uwsgi_read_timeout = undef,
+ Boolean $ssl = false,
+ Boolean $ssl_only = false,
+ Optional[String] $location_alias = undef,
+ Optional[Variant[String[1], Array[String[1], 1]]] $limit_zone = undef,
+ Optional[Enum['any', 'all']] $location_satisfy = undef,
+ Optional[Array] $location_allow = undef,
+ Optional[Array] $location_deny = undef,
+ Optional[Boolean] $stub_status = undef,
+ Optional[Variant[String, Array]] $raw_prepend = undef,
+ Optional[Variant[String, Array]] $raw_append = undef,
+ Optional[Hash] $location_custom_cfg = undef,
+ Optional[Hash] $location_cfg_prepend = undef,
+ Optional[Hash] $location_cfg_append = undef,
+ Optional[Hash] $location_custom_cfg_prepend = undef,
+ Optional[Hash] $location_custom_cfg_append = undef,
+ Optional[Array] $include = undef,
+ Optional[Array] $try_files = undef,
+ Optional[String] $proxy_cache = undef,
+ Optional[String] $proxy_cache_key = undef,
+ Optional[String] $proxy_cache_use_stale = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_lock = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_background_update = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_convert_head = undef,
+ Optional[Variant[Array, String]] $proxy_cache_valid = undef,
+ Optional[Variant[Array, String]] $proxy_cache_bypass = undef,
+ Optional[String] $proxy_method = undef,
+ Optional[String] $proxy_http_version = undef,
+ Optional[String] $proxy_set_body = undef,
+ Optional[Enum['on', 'off']] $proxy_buffering = undef,
+ Optional[Enum['on', 'off']] $proxy_request_buffering = undef,
+ Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
+ Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
+ Optional[Enum['on', 'off']] $absolute_redirect = undef,
+ Optional[String] $auth_basic = undef,
+ Optional[String] $auth_basic_user_file = undef,
+ Optional[String] $auth_request = undef,
+ Array $rewrite_rules = [],
+ Integer[401, 599] $priority = 500,
+ Boolean $mp4 = false,
+ Boolean $flv = false,
+ Optional[String] $expires = undef,
+ Hash $add_header = {},
+ Optional[Enum['on', 'off', 'always']] $gzip_static = undef,
+ Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
+ Optional[Variant[Array[String[1], 1], String[1]]] $access_log = undef,
+ Optional[Variant[Array[String[1], 1], String[1]]] $error_log = undef,
+ Optional[String[1]] $format_log = $nginx::http_format_log,
+ Optional[Enum['on', 'off']] $log_not_found = undef,
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/mailhost.pp b/manifests/resource/mailhost.pp
index bbc76e266..d712615f1 100644
--- a/manifests/resource/mailhost.pp
+++ b/manifests/resource/mailhost.pp
@@ -131,63 +131,63 @@
#
define nginx::resource::mailhost (
Stdlib::Port $listen_port,
- Enum['absent', 'present'] $ensure = 'present',
- Variant[Array[String], String] $listen_ip = '*',
- Optional[String] $listen_options = undef,
- Boolean $ipv6_enable = false,
- Variant[Array[String], String] $ipv6_listen_ip = '::',
- Stdlib::Port $ipv6_listen_port = $listen_port,
- String $ipv6_listen_options = 'default ipv6only=on',
- Boolean $ssl = false,
- Optional[String] $ssl_cert = undef,
- Optional[String] $ssl_ciphers = $nginx::ssl_ciphers,
- Optional[String] $ssl_client_cert = undef,
- Optional[String] $ssl_crl = undef,
- Optional[String] $ssl_dhparam = $nginx::ssl_dhparam,
- Optional[String] $ssl_ecdh_curve = undef,
- Optional[String] $ssl_key = undef,
- Optional[String] $ssl_password_file = undef,
- Optional[Stdlib::Port] $ssl_port = undef,
- Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers,
- Optional[String] $ssl_protocols = $nginx::ssl_protocols,
- Optional[String] $ssl_session_cache = undef,
- Optional[String] $ssl_session_ticket_key = undef,
- Optional[String] $ssl_session_tickets = undef,
- String $ssl_session_timeout = '5m',
- Optional[String] $ssl_trusted_cert = undef,
- Optional[Integer] $ssl_verify_depth = undef,
- Enum['on', 'off', 'only'] $starttls = 'off',
+ Enum['absent', 'present'] $ensure = 'present',
+ Variant[Array[String], String] $listen_ip = '*',
+ Optional[String] $listen_options = undef,
+ Boolean $ipv6_enable = false,
+ Variant[Array[String], String] $ipv6_listen_ip = '::',
+ Stdlib::Port $ipv6_listen_port = $listen_port,
+ String $ipv6_listen_options = 'default ipv6only=on',
+ Boolean $ssl = false,
+ Optional[String] $ssl_cert = undef,
+ Optional[String] $ssl_ciphers = $nginx::ssl_ciphers,
+ Optional[String] $ssl_client_cert = undef,
+ Optional[String] $ssl_crl = undef,
+ Optional[String] $ssl_dhparam = $nginx::ssl_dhparam,
+ Optional[String] $ssl_ecdh_curve = undef,
+ Optional[String] $ssl_key = undef,
+ Optional[String] $ssl_password_file = undef,
+ Optional[Stdlib::Port] $ssl_port = undef,
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = $nginx::ssl_prefer_server_ciphers,
+ Optional[String] $ssl_protocols = $nginx::ssl_protocols,
+ Optional[String] $ssl_session_cache = undef,
+ Optional[String] $ssl_session_ticket_key = undef,
+ Optional[String] $ssl_session_tickets = undef,
+ String $ssl_session_timeout = '5m',
+ Optional[String] $ssl_trusted_cert = undef,
+ Optional[Integer] $ssl_verify_depth = undef,
+ Enum['on', 'off', 'only'] $starttls = 'off',
Optional[Enum['imap', 'pop3', 'sieve', 'smtp']] $protocol = undef,
- Optional[String] $auth_http = undef,
- Optional[String] $auth_http_header = undef,
- Enum['on', 'off'] $xclient = 'on',
- Enum['on', 'off'] $proxy_protocol = 'off',
- Enum['on', 'off'] $proxy_smtp_auth = 'off',
- Optional[String] $imap_auth = undef,
- Optional[Array] $imap_capabilities = undef,
- Optional[String] $imap_client_buffer = undef,
- Optional[String] $pop3_auth = undef,
- Optional[Array] $pop3_capabilities = undef,
- Optional[String] $smtp_auth = undef,
- Optional[Array] $smtp_capabilities = undef,
- String $proxy_pass_error_message = 'off',
- Array $server_name = [$name],
- Variant[Array[String], String] $raw_prepend = [],
- Variant[Array[String], String] $raw_append = [],
+ Optional[String] $auth_http = undef,
+ Optional[String] $auth_http_header = undef,
+ Enum['on', 'off'] $xclient = 'on',
+ Enum['on', 'off'] $proxy_protocol = 'off',
+ Enum['on', 'off'] $proxy_smtp_auth = 'off',
+ Optional[String] $imap_auth = undef,
+ Optional[Array] $imap_capabilities = undef,
+ Optional[String] $imap_client_buffer = undef,
+ Optional[String] $pop3_auth = undef,
+ Optional[Array] $pop3_capabilities = undef,
+ Optional[String] $smtp_auth = undef,
+ Optional[Array] $smtp_capabilities = undef,
+ String $proxy_pass_error_message = 'off',
+ Array $server_name = [$name],
+ Variant[Array[String], String] $raw_prepend = [],
+ Variant[Array[String], String] $raw_append = [],
Hash[String,
Variant[
String,
Array[String],
Hash[String, Variant[String, Array[String]]],
]
- ] $mailhost_cfg_prepend = {},
+ ] $mailhost_cfg_prepend = {},
Hash[String,
Variant[
String,
Array[String],
Hash[String, Variant[String, Array[String]]],
]
- ] $mailhost_cfg_append = {},
+ ] $mailhost_cfg_append = {},
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/map.pp b/manifests/resource/map.pp
index 4508f73a3..a4f9ffe4b 100644
--- a/manifests/resource/map.pp
+++ b/manifests/resource/map.pp
@@ -65,12 +65,12 @@
#
define nginx::resource::map (
String[2] $string,
- Nginx::StringMappings $mappings = [],
- Optional[String] $default = undef,
+ Nginx::StringMappings $mappings = [],
+ Optional[String] $default = undef,
Enum['absent', 'present'] $ensure = 'present',
- Array[String] $include_files = [],
- Boolean $hostnames = false,
- Enum['http', 'stream'] $context = 'http',
+ Array[String] $include_files = [],
+ Boolean $hostnames = false,
+ Enum['http', 'stream'] $context = 'http',
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp
index 2806ef57b..9291752fe 100644
--- a/manifests/resource/server.pp
+++ b/manifests/resource/server.pp
@@ -286,142 +286,142 @@
# }
#
define nginx::resource::server (
- Enum['absent', 'present'] $ensure = 'present',
- Variant[Array, String] $listen_ip = '*',
- Stdlib::Port $listen_port = 80,
- Optional[String] $listen_options = undef,
- Boolean $listen_unix_socket_enable = false,
+ Enum['absent', 'present'] $ensure = 'present',
+ Variant[Array, String] $listen_ip = '*',
+ Stdlib::Port $listen_port = 80,
+ Optional[String] $listen_options = undef,
+ Boolean $listen_unix_socket_enable = false,
Variant[Array[Stdlib::Absolutepath], Stdlib::Absolutepath] $listen_unix_socket = '/var/run/nginx.sock',
- Optional[String] $listen_unix_socket_options = undef,
- Optional[Enum['any', 'all']] $location_satisfy = undef,
- Array $location_allow = [],
- Array $location_deny = [],
- Boolean $ipv6_enable = false,
- Variant[Array, String] $ipv6_listen_ip = '::',
- Stdlib::Port $ipv6_listen_port = $listen_port,
- String $ipv6_listen_options = 'default ipv6only=on',
- Hash $add_header = {},
- Boolean $ssl = false,
- Boolean $ssl_listen_option = true,
- Optional[Variant[String, Boolean, Array[String]]] $ssl_cert = undef,
- Optional[String] $ssl_client_cert = undef,
- Optional[String] $ssl_verify_client = undef,
- Optional[String] $ssl_dhparam = undef,
- Optional[String] $ssl_ecdh_curve = undef,
- Boolean $ssl_redirect = false,
- Optional[Integer] $ssl_redirect_port = undef,
- Optional[Variant[String, Boolean, Array[String]]] $ssl_key = undef,
- Integer $ssl_port = 443,
- Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef,
- Optional[String] $ssl_protocols = undef,
- Optional[String] $ssl_buffer_size = undef,
- Optional[String] $ssl_ciphers = undef,
- Optional[String] $ssl_cache = undef,
- Optional[String] $ssl_crl = undef,
- Boolean $ssl_stapling = false,
- Optional[String] $ssl_stapling_file = undef,
- Optional[String] $ssl_stapling_responder = undef,
- Boolean $ssl_stapling_verify = false,
- Optional[String] $ssl_session_timeout = undef,
- Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
- Optional[String] $ssl_session_ticket_key = undef,
- Optional[String] $ssl_trusted_cert = undef,
- Optional[Integer] $ssl_verify_depth = undef,
- Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
- Enum['on', 'off'] $spdy = $nginx::spdy,
- Enum['on', 'off'] $http2 = $nginx::http2,
- Optional[String] $proxy = undef,
- Optional[Variant[Array[String], String]] $proxy_redirect = undef,
- Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
- Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
- Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
- Array[String] $proxy_set_header = $nginx::proxy_set_header,
- Array[String] $proxy_hide_header = $nginx::proxy_hide_header,
- Array[String] $proxy_pass_header = $nginx::proxy_pass_header,
- Optional[String] $proxy_cache = undef,
- Optional[String] $proxy_cache_key = undef,
- Optional[String] $proxy_cache_use_stale = undef,
- Optional[Variant[Array[String], String]] $proxy_cache_valid = undef,
- Optional[Enum['on', 'off']] $proxy_cache_lock = undef,
- Optional[Enum['on', 'off']] $proxy_cache_background_update = undef,
- Optional[Enum['on', 'off']] $proxy_cache_convert_head = undef,
- Optional[Variant[Array[String], String]] $proxy_cache_bypass = undef,
- Optional[String] $proxy_method = undef,
- Optional[String] $proxy_http_version = undef,
- Optional[String] $proxy_set_body = undef,
- Optional[String] $proxy_buffering = undef,
- Optional[String] $proxy_request_buffering = undef,
- Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
- Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
- Array $resolver = [],
- Optional[String] $fastcgi = undef,
- Optional[String] $fastcgi_index = undef,
- $fastcgi_param = undef,
- String $fastcgi_params = "${nginx::conf_dir}/fastcgi.conf",
- Optional[String] $fastcgi_script = undef,
- Optional[String] $uwsgi = undef,
- String $uwsgi_params = "${nginx::config::conf_dir}/uwsgi_params",
- Optional[String] $uwsgi_read_timeout = undef,
- Array $index_files = [
+ Optional[String] $listen_unix_socket_options = undef,
+ Optional[Enum['any', 'all']] $location_satisfy = undef,
+ Array $location_allow = [],
+ Array $location_deny = [],
+ Boolean $ipv6_enable = false,
+ Variant[Array, String] $ipv6_listen_ip = '::',
+ Stdlib::Port $ipv6_listen_port = $listen_port,
+ String $ipv6_listen_options = 'default ipv6only=on',
+ Hash $add_header = {},
+ Boolean $ssl = false,
+ Boolean $ssl_listen_option = true,
+ Optional[Variant[String, Boolean, Array[String]]] $ssl_cert = undef,
+ Optional[String] $ssl_client_cert = undef,
+ Optional[String] $ssl_verify_client = undef,
+ Optional[String] $ssl_dhparam = undef,
+ Optional[String] $ssl_ecdh_curve = undef,
+ Boolean $ssl_redirect = false,
+ Optional[Integer] $ssl_redirect_port = undef,
+ Optional[Variant[String, Boolean, Array[String]]] $ssl_key = undef,
+ Integer $ssl_port = 443,
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef,
+ Optional[String] $ssl_protocols = undef,
+ Optional[String] $ssl_buffer_size = undef,
+ Optional[String] $ssl_ciphers = undef,
+ Optional[String] $ssl_cache = undef,
+ Optional[String] $ssl_crl = undef,
+ Boolean $ssl_stapling = false,
+ Optional[String] $ssl_stapling_file = undef,
+ Optional[String] $ssl_stapling_responder = undef,
+ Boolean $ssl_stapling_verify = false,
+ Optional[String] $ssl_session_timeout = undef,
+ Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
+ Optional[String] $ssl_session_ticket_key = undef,
+ Optional[String] $ssl_trusted_cert = undef,
+ Optional[Integer] $ssl_verify_depth = undef,
+ Optional[Stdlib::Absolutepath] $ssl_password_file = undef,
+ Enum['on', 'off'] $spdy = $nginx::spdy,
+ Enum['on', 'off'] $http2 = $nginx::http2,
+ Optional[String] $proxy = undef,
+ Optional[Variant[Array[String], String]] $proxy_redirect = undef,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Optional[Nginx::Time] $proxy_send_timeout = $nginx::proxy_send_timeout,
+ Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
+ Array[String] $proxy_set_header = $nginx::proxy_set_header,
+ Array[String] $proxy_hide_header = $nginx::proxy_hide_header,
+ Array[String] $proxy_pass_header = $nginx::proxy_pass_header,
+ Optional[String] $proxy_cache = undef,
+ Optional[String] $proxy_cache_key = undef,
+ Optional[String] $proxy_cache_use_stale = undef,
+ Optional[Variant[Array[String], String]] $proxy_cache_valid = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_lock = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_background_update = undef,
+ Optional[Enum['on', 'off']] $proxy_cache_convert_head = undef,
+ Optional[Variant[Array[String], String]] $proxy_cache_bypass = undef,
+ Optional[String] $proxy_method = undef,
+ Optional[String] $proxy_http_version = undef,
+ Optional[String] $proxy_set_body = undef,
+ Optional[String] $proxy_buffering = undef,
+ Optional[String] $proxy_request_buffering = undef,
+ Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
+ Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
+ Array $resolver = [],
+ Optional[String] $fastcgi = undef,
+ Optional[String] $fastcgi_index = undef,
+ $fastcgi_param = undef,
+ String $fastcgi_params = "${nginx::conf_dir}/fastcgi.conf",
+ Optional[String] $fastcgi_script = undef,
+ Optional[String] $uwsgi = undef,
+ String $uwsgi_params = "${nginx::config::conf_dir}/uwsgi_params",
+ Optional[String] $uwsgi_read_timeout = undef,
+ Array $index_files = [
'index.html',
'index.htm',
'index.php',
],
- Optional[String] $autoindex = undef,
- Optional[Enum['on', 'off']] $autoindex_exact_size = undef,
- Optional[Enum['html', 'xml', 'json', 'jsonp']] $autoindex_format = undef,
- Optional[Enum['on', 'off']] $autoindex_localtime = undef,
- Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
- Array[String] $server_name = [$name],
- Optional[String] $www_root = undef,
- Boolean $rewrite_www_to_non_www = false,
- Boolean $rewrite_non_www_to_www = false,
- Optional[Hash] $location_custom_cfg = undef,
- Optional[Hash] $location_cfg_prepend = undef,
- Optional[Hash] $location_cfg_append = undef,
- Optional[Hash] $location_custom_cfg_prepend = undef,
- Optional[Hash] $location_custom_cfg_append = undef,
- Optional[Array[String]] $try_files = undef,
- Optional[Enum['on', 'off']] $absolute_redirect = undef,
- Optional[String] $auth_basic = undef,
- Optional[String] $auth_basic_user_file = undef,
- Optional[String] $auth_request = undef,
- Optional[String] $client_body_timeout = undef,
- Optional[String] $client_header_timeout = undef,
- $client_max_body_size = undef,
- Optional[Variant[Array[String], String]] $raw_prepend = undef,
- Optional[Variant[Array[String], String]] $raw_append = undef,
- Optional[Variant[Array[String], String]] $location_raw_prepend = undef,
- Optional[Variant[Array[String], String]] $location_raw_append = undef,
- Optional[Hash] $server_cfg_prepend = undef,
- Optional[Hash] $server_cfg_append = undef,
- Optional[Hash] $server_cfg_ssl_prepend = undef,
- Optional[Hash] $server_cfg_ssl_append = undef,
- Optional[Array[String]] $include_files = undef,
- Optional[Variant[String, Array]] $access_log = undef,
- Optional[Variant[String, Array]] $error_log = undef,
- Optional[Nginx::ErrorLogSeverity] $error_log_severity = undef,
- Optional[String] $format_log = $nginx::http_format_log,
- Optional[Hash] $passenger_cgi_param = undef,
- Optional[Hash] $passenger_set_header = undef,
- Optional[Hash] $passenger_env_var = undef,
- Optional[Variant[Array[String], String]] $passenger_pre_start = undef,
- Optional[String] $log_by_lua = undef,
- Optional[String] $log_by_lua_file = undef,
- $use_default_location = true,
- $rewrite_rules = [],
- $string_mappings = {},
- $geo_mappings = {},
- Optional[String] $gzip_types = undef,
- Optional[String] $gzip_static = undef,
- String $owner = $nginx::global_owner,
- String $group = $nginx::global_group,
- String $mode = $nginx::global_mode,
- Boolean $maintenance = false,
- String $maintenance_value = 'return 503',
- $error_pages = undef,
- Hash $locations = {},
- Hash $locations_defaults = {},
+ Optional[String] $autoindex = undef,
+ Optional[Enum['on', 'off']] $autoindex_exact_size = undef,
+ Optional[Enum['html', 'xml', 'json', 'jsonp']] $autoindex_format = undef,
+ Optional[Enum['on', 'off']] $autoindex_localtime = undef,
+ Optional[Enum['on', 'off']] $reset_timedout_connection = undef,
+ Array[String] $server_name = [$name],
+ Optional[String] $www_root = undef,
+ Boolean $rewrite_www_to_non_www = false,
+ Boolean $rewrite_non_www_to_www = false,
+ Optional[Hash] $location_custom_cfg = undef,
+ Optional[Hash] $location_cfg_prepend = undef,
+ Optional[Hash] $location_cfg_append = undef,
+ Optional[Hash] $location_custom_cfg_prepend = undef,
+ Optional[Hash] $location_custom_cfg_append = undef,
+ Optional[Array[String]] $try_files = undef,
+ Optional[Enum['on', 'off']] $absolute_redirect = undef,
+ Optional[String] $auth_basic = undef,
+ Optional[String] $auth_basic_user_file = undef,
+ Optional[String] $auth_request = undef,
+ Optional[String] $client_body_timeout = undef,
+ Optional[String] $client_header_timeout = undef,
+ $client_max_body_size = undef,
+ Optional[Variant[Array[String], String]] $raw_prepend = undef,
+ Optional[Variant[Array[String], String]] $raw_append = undef,
+ Optional[Variant[Array[String], String]] $location_raw_prepend = undef,
+ Optional[Variant[Array[String], String]] $location_raw_append = undef,
+ Optional[Hash] $server_cfg_prepend = undef,
+ Optional[Hash] $server_cfg_append = undef,
+ Optional[Hash] $server_cfg_ssl_prepend = undef,
+ Optional[Hash] $server_cfg_ssl_append = undef,
+ Optional[Array[String]] $include_files = undef,
+ Optional[Variant[String, Array]] $access_log = undef,
+ Optional[Variant[String, Array]] $error_log = undef,
+ Optional[Nginx::ErrorLogSeverity] $error_log_severity = undef,
+ Optional[String] $format_log = $nginx::http_format_log,
+ Optional[Hash] $passenger_cgi_param = undef,
+ Optional[Hash] $passenger_set_header = undef,
+ Optional[Hash] $passenger_env_var = undef,
+ Optional[Variant[Array[String], String]] $passenger_pre_start = undef,
+ Optional[String] $log_by_lua = undef,
+ Optional[String] $log_by_lua_file = undef,
+ $use_default_location = true,
+ $rewrite_rules = [],
+ $string_mappings = {},
+ $geo_mappings = {},
+ Optional[String] $gzip_types = undef,
+ Optional[String] $gzip_static = undef,
+ String $owner = $nginx::global_owner,
+ String $group = $nginx::global_group,
+ String $mode = $nginx::global_mode,
+ Boolean $maintenance = false,
+ String $maintenance_value = 'return 503',
+ $error_pages = undef,
+ Hash $locations = {},
+ Hash $locations_defaults = {},
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/snippet.pp b/manifests/resource/snippet.pp
index d9ce66a3e..ee58416fe 100644
--- a/manifests/resource/snippet.pp
+++ b/manifests/resource/snippet.pp
@@ -14,9 +14,9 @@
define nginx::resource::snippet (
String[1] $raw_content,
Enum['absent', 'present'] $ensure = 'present',
- String $owner = $nginx::global_owner,
- String $group = $nginx::global_group,
- Stdlib::Filemode $mode = $nginx::global_mode,
+ String $owner = $nginx::global_owner,
+ String $group = $nginx::global_group,
+ Stdlib::Filemode $mode = $nginx::global_mode,
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp
index 3903075b7..cdc93ee99 100644
--- a/manifests/resource/streamhost.pp
+++ b/manifests/resource/streamhost.pp
@@ -49,23 +49,23 @@
# }
#
define nginx::resource::streamhost (
- Enum['absent', 'present'] $ensure = 'present',
- Variant[Array, String] $listen_ip = '*',
- Integer $listen_port = 80,
- Optional[String] $listen_options = undef,
- Boolean $ipv6_enable = false,
- Variant[Array, String] $ipv6_listen_ip = '::',
- Integer $ipv6_listen_port = $listen_port,
- String $ipv6_listen_options = 'default ipv6only=on',
- $proxy = undef,
- Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
+ Enum['absent', 'present'] $ensure = 'present',
+ Variant[Array, String] $listen_ip = '*',
+ Integer $listen_port = 80,
+ Optional[String] $listen_options = undef,
+ Boolean $ipv6_enable = false,
+ Variant[Array, String] $ipv6_listen_ip = '::',
+ Integer $ipv6_listen_port = $listen_port,
+ String $ipv6_listen_options = 'default ipv6only=on',
+ $proxy = undef,
+ Optional[Nginx::Time] $proxy_read_timeout = $nginx::proxy_read_timeout,
Optional[Nginx::Time] $proxy_connect_timeout = $nginx::proxy_connect_timeout,
- Array $resolver = [],
- Variant[Array[String], String] $raw_prepend = [],
- Variant[Array[String], String] $raw_append = [],
- String $owner = $nginx::global_owner,
- String $group = $nginx::global_group,
- String $mode = $nginx::global_mode,
+ Array $resolver = [],
+ Variant[Array[String], String] $raw_prepend = [],
+ Variant[Array[String], String] $raw_append = [],
+ String $owner = $nginx::global_owner,
+ String $group = $nginx::global_group,
+ String $mode = $nginx::global_mode,
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp
index 36d9f0910..3949aa00c 100644
--- a/manifests/resource/upstream.pp
+++ b/manifests/resource/upstream.pp
@@ -103,27 +103,27 @@
# }
#
define nginx::resource::upstream (
- Enum['present', 'absent'] $ensure = 'present',
- Enum['http', 'stream'] $context = 'http',
- Nginx::UpstreamMembers $members = {},
- Optional[String[1]] $members_tag = undef,
+ Enum['present', 'absent'] $ensure = 'present',
+ Enum['http', 'stream'] $context = 'http',
+ Nginx::UpstreamMembers $members = {},
+ Optional[String[1]] $members_tag = undef,
Nginx::UpstreamMemberDefaults $member_defaults = {},
- Optional[String[1]] $hash = undef,
- Boolean $ip_hash = false,
- Optional[Integer[1]] $keepalive = undef,
- Optional[Integer[1]] $keepalive_requests = undef,
- Optional[Nginx::Time] $keepalive_timeout = undef,
- Boolean $least_conn = false,
+ Optional[String[1]] $hash = undef,
+ Boolean $ip_hash = false,
+ Optional[Integer[1]] $keepalive = undef,
+ Optional[Integer[1]] $keepalive_requests = undef,
+ Optional[Nginx::Time] $keepalive_timeout = undef,
+ Boolean $least_conn = false,
Optional[Nginx::UpstreamLeastTime] $least_time = undef,
- Boolean $ntlm = false,
- Optional[Integer] $queue_max = undef,
- Optional[Nginx::Time] $queue_timeout = undef,
- Optional[String[1]] $random = undef,
- Optional[Stdlib::Unixpath] $statefile = undef,
- Optional[Nginx::UpstreamSticky] $sticky = undef,
- Optional[Nginx::UpstreamZone] $zone = undef,
- Nginx::UpstreamCustomParameters $cfg_append = {},
- Nginx::UpstreamCustomParameters $cfg_prepend = {},
+ Boolean $ntlm = false,
+ Optional[Integer] $queue_max = undef,
+ Optional[Nginx::Time] $queue_timeout = undef,
+ Optional[String[1]] $random = undef,
+ Optional[Stdlib::Unixpath] $statefile = undef,
+ Optional[Nginx::UpstreamSticky] $sticky = undef,
+ Optional[Nginx::UpstreamZone] $zone = undef,
+ Nginx::UpstreamCustomParameters $cfg_append = {},
+ Nginx::UpstreamCustomParameters $cfg_prepend = {},
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
diff --git a/manifests/resource/upstream/member.pp b/manifests/resource/upstream/member.pp
index 36da9b55f..d72a2ea90 100644
--- a/manifests/resource/upstream/member.pp
+++ b/manifests/resource/upstream/member.pp
@@ -56,23 +56,23 @@
#
define nginx::resource::upstream::member (
String[1] $upstream,
- Enum['present', 'absent'] $ensure = 'present',
- Enum['http', 'stream'] $context = 'http',
- Optional[Nginx::UpstreamMemberServer] $server = $name,
- Stdlib::Port $port = 80,
- Optional[Integer[1]] $weight = undef,
- Optional[Integer[1]] $max_conns = undef,
- Optional[Integer[0]] $max_fails = undef,
- Optional[Nginx::Time] $fail_timeout = undef,
- Boolean $backup = false,
- Boolean $resolve = false,
- Optional[String[1]] $route = undef,
- Optional[String[1]] $service = undef,
- Optional[Nginx::Time] $slow_start = undef,
- Optional[Enum['drain', 'down']] $state = undef,
- Optional[String[1]] $params_prepend = undef,
- Optional[String[1]] $params_append = undef,
- Optional[String[1]] $comment = undef,
+ Enum['present', 'absent'] $ensure = 'present',
+ Enum['http', 'stream'] $context = 'http',
+ Nginx::UpstreamMemberServer $server = $name,
+ Stdlib::Port $port = 80,
+ Optional[Integer[1]] $weight = undef,
+ Optional[Integer[1]] $max_conns = undef,
+ Optional[Integer[0]] $max_fails = undef,
+ Optional[Nginx::Time] $fail_timeout = undef,
+ Boolean $backup = false,
+ Boolean $resolve = false,
+ Optional[String[1]] $route = undef,
+ Optional[String[1]] $service = undef,
+ Optional[Nginx::Time] $slow_start = undef,
+ Optional[Enum['drain', 'down']] $state = undef,
+ Optional[String[1]] $params_prepend = undef,
+ Optional[String[1]] $params_append = undef,
+ Optional[String[1]] $comment = undef,
) {
if !defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
From 447cc639c8b04093a13c7cda95cc383887c03f6d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?=
<9578115+Enrice@users.noreply.github.com>
Date: Mon, 27 Oct 2025 20:02:17 +0100
Subject: [PATCH 9/9] remove comments referring current nginx defaults
---
manifests/init.pp | 38 +++++++++++++++++++-------------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 8ff0ac6b1..97f0bcc36 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -262,10 +262,10 @@
### START Nginx Configuration ###
Optional[Enum['on', 'off']] $absolute_redirect = undef,
- Optional[Enum['on', 'off']] $accept_mutex = undef, # nginx default is 'off'
+ Optional[Enum['on', 'off']] $accept_mutex = undef,
Optional[Nginx::Time] $accept_mutex_delay = undef,
- Optional[Nginx::Size] $client_body_buffer_size = undef, # nginx default is 2 memory pages
- Optional[Nginx::Size] $client_max_body_size = undef, # nginx default is '1m'
+ Optional[Nginx::Size] $client_body_buffer_size = undef,
+ Optional[Nginx::Size] $client_max_body_size = undef,
Optional[Nginx::Time] $client_body_timeout = undef,
Optional[Nginx::Time] $send_timeout = undef,
Optional[Nginx::Time] $lingering_timeout = undef,
@@ -297,8 +297,8 @@
Optional[Variant[Array[String], String]] $http_raw_append = undef,
Optional[Enum['on', 'off']] $http_tcp_nodelay = undef,
Optional[Enum['on', 'off']] $http_tcp_nopush = undef,
- Optional[Nginx::Time] $keepalive_timeout = undef, # nginx default is '75s'
- Optional[Integer] $keepalive_requests = undef, # nginx default is 1000
+ Optional[Nginx::Time] $keepalive_timeout = undef,
+ Optional[Integer] $keepalive_requests = undef,
Hash[String[1], Nginx::LogFormat] $log_format = {},
Hash[String[1], Nginx::LogFormat] $stream_log_format = {},
Boolean $mail = false,
@@ -307,11 +307,11 @@
Variant[String, Boolean] $mime_types_path = 'mime.types',
Boolean $stream = false,
Optional[Enum['on', 'off']] $multi_accept = undef,
- Optional[Integer] $names_hash_bucket_size = undef, # nginx default depends on the size of the processor's cache line
+ Optional[Integer] $names_hash_bucket_size = undef,
Optional[Integer] $names_hash_max_size = undef,
Variant[Boolean, Array, Hash] $nginx_cfg_prepend = false,
- Optional[String] $proxy_buffers = undef, # nginx defaults to 1 memory page
- Optional[Nginx::Size] $proxy_buffer_size = undef, # nginx default is 1 memory page
+ Optional[String] $proxy_buffers = undef,
+ Optional[Nginx::Size] $proxy_buffer_size = undef,
Nginx::Time $proxy_cache_inactive = '20m',
String $proxy_cache_keys_zone = 'd2:100m',
String $proxy_cache_levels = '1',
@@ -321,13 +321,13 @@
Optional[String] $proxy_cache_loader_sleep = undef,
Optional[String] $proxy_cache_loader_threshold = undef,
Optional[Enum['on', 'off']] $proxy_use_temp_path = undef,
- Optional[Nginx::Time] $proxy_connect_timeout = undef, # nginx default is '60s'
+ Optional[Nginx::Time] $proxy_connect_timeout = undef,
Optional[Integer] $proxy_headers_hash_bucket_size = undef,
Optional[Integer] $proxy_headers_hash_max_size = undef,
Optional[String] $proxy_http_version = undef,
- Optional[Nginx::Time] $proxy_read_timeout = undef, # nginx default is '60s'
+ Optional[Nginx::Time] $proxy_read_timeout = undef,
Optional[Variant[Array[String], String]] $proxy_redirect = undef,
- Optional[Nginx::Time] $proxy_send_timeout = undef, # nginx default is '60s'
+ Optional[Nginx::Time] $proxy_send_timeout = undef,
Array $proxy_set_header = [
'Host $host',
'X-Real-IP $remote_addr',
@@ -341,7 +341,7 @@
Array $proxy_ignore_header = [],
Optional[Nginx::Size] $proxy_max_temp_file_size = undef,
Optional[Nginx::Size] $proxy_busy_buffers_size = undef,
- Optional[Enum['on', 'off']] $sendfile = undef, # nginx default is 'off'
+ Optional[Enum['on', 'off']] $sendfile = undef,
Optional[Enum['on', 'off']] $server_tokens = undef,
Enum['on', 'off'] $spdy = 'off',
Enum['on', 'off'] $http2 = 'off',
@@ -349,18 +349,18 @@
Optional[Enum['on', 'off']] $ssl_stapling_verify = undef,
Stdlib::Absolutepath $snippets_dir = $nginx::params::snippets_dir,
Boolean $manage_snippets_dir = true,
- Optional[Integer] $types_hash_bucket_size = undef, # nginx default is 64
+ Optional[Integer] $types_hash_bucket_size = undef,
Optional[Integer] $types_hash_max_size = undef,
- Optional[Integer] $worker_connections = undef, # nginx default is 512
- Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef, # nginx default is 'off'
- Optional[Variant[Integer, Enum['auto']]] $worker_processes = undef, # nginx default is 1
+ Optional[Integer] $worker_connections = undef,
+ Optional[Enum['on', 'off']] $ssl_prefer_server_ciphers = undef,
+ Optional[Variant[Integer, Enum['auto']]] $worker_processes = undef,
Integer $worker_rlimit_nofile = 1024,
Optional[Enum['on', 'off']] $pcre_jit = undef,
- Optional[String] $ssl_protocols = undef, # nginx default is 'TLSv1.2 TLSv1.3'
- Optional[String] $ssl_ciphers = undef, # nginx default is 'HIGH:!aNULL:!MD5'
+ Optional[String] $ssl_protocols = undef,
+ Optional[String] $ssl_ciphers = undef,
Optional[Stdlib::Unixpath] $ssl_dhparam = undef,
Optional[String] $ssl_ecdh_curve = undef,
- Optional[String] $ssl_session_cache = undef, # nginx default is 'none'
+ Optional[String] $ssl_session_cache = undef,
Optional[Nginx::Time] $ssl_session_timeout = undef,
Optional[Enum['on', 'off']] $ssl_session_tickets = undef,
Optional[Stdlib::Absolutepath] $ssl_session_ticket_key = undef,