├── .gitignore ├── .kitchen.yml ├── .rubocop.yml ├── .ruby-gemset ├── .ruby-version ├── .travis.yml ├── Berksfile ├── CHANGELOG.md ├── Gemfile ├── Guardfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── attributes └── default.rb ├── chefignore ├── files └── default │ └── mime.types ├── libraries └── matchers.rb ├── metadata.rb ├── providers └── site.rb ├── recipes ├── configuration.rb ├── debug.rb ├── default.rb ├── enabledisablesite.rb ├── server.rb └── service.rb ├── resources └── site.rb ├── spec ├── configuration_spec.rb ├── debug_spec.rb ├── default_spec.rb ├── enabledisablesite_spec.rb ├── server_spec.rb ├── service_spec.rb └── spec_helper.rb ├── templates └── default │ ├── buffers.conf.erb │ ├── general.conf.erb │ ├── gzip.conf.erb │ ├── logs.conf.erb │ ├── nginx.conf.erb │ ├── nginx_status.conf.erb │ ├── nxendissite_completion.erb │ ├── nxensite.erb │ ├── performance.conf.erb │ ├── proxy.conf.erb │ ├── site.erb │ ├── ssl_session.conf.erb │ └── timeouts.conf.erb └── test ├── .chef └── knife.rb ├── integration └── server │ └── serverspec │ └── server_spec.rb └── support ├── keys ├── README.md ├── vagrant └── vagrant.pub └── rubocop ├── disabled.yml └── enabled.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *.tgz 2 | *.tar.gz 3 | vendor/bundle 4 | .bundle 5 | .DS_Store 6 | build/* 7 | tmp/ 8 | *.lock 9 | .kitchen/ 10 | .vagrant/ 11 | .vagrant.d/ 12 | Thorfile 13 | Vagrantfile 14 | -------------------------------------------------------------------------------- /.kitchen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: 3 | require_chef_omnibus: <%= ENV.fetch("CHEF_VERSION", "latest") %> 4 | ssh_key: <%= File.expand_path("./test/support/keys/vagrant") %> 5 | name: vagrant 6 | 7 | provisioner: 8 | name: chef_zero 9 | 10 | platforms: 11 | - name: ubuntu-12.04 12 | - name: ubuntu-14.04 13 | - name: debian-6.0.8 14 | - name: debian-7.4 15 | 16 | suites: 17 | - name: server 18 | run_list: 19 | - recipe[nginx::server] 20 | attributes: 21 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | LineLength: 2 | Max: 80 3 | Exclude: 4 | - "**/attributes/*.rb" 5 | - "**/metadata.rb" 6 | 7 | StringLiterals: 8 | EnforcedStyle: double_quotes 9 | 10 | StringLiteralsInInterpolation: 11 | EnforcedStyle: double_quotes 12 | 13 | PercentLiteralDelimiters: 14 | PreferredDelimiters: 15 | "%w": "[]" # Arrays use brackets 16 | 17 | SingleSpaceBeforeFirstArg: 18 | Enabled: false # too strict about metadata and certain formatting 19 | 20 | inherit_from: test/support/rubocop/enabled.yml 21 | inherit_from: test/support/rubocop/disabled.yml 22 | -------------------------------------------------------------------------------- /.ruby-gemset: -------------------------------------------------------------------------------- 1 | chef-nginx 2 | -------------------------------------------------------------------------------- /.ruby-version: -------------------------------------------------------------------------------- 1 | 2.1.5 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: ruby 2 | bundler_args: --jobs 4 --retry 3 --without integration 3 | rvm: 4 | - 2.0.0 5 | - 2.1.5 6 | script: 7 | - bundle exec rake rubocop 8 | - bundle exec rake foodcritic 9 | - bundle exec rake chefspec 10 | - bundle exec rake kitchen:all 11 | env: 12 | matrix: 13 | - CHEF_VERSION: "11.16" 14 | - CHEF_VERSION: "12.00" 15 | sudo: false 16 | cache: bundler 17 | -------------------------------------------------------------------------------- /Berksfile: -------------------------------------------------------------------------------- 1 | source "https://api.berkshelf.com" 2 | 3 | metadata 4 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # CHANGELOG for nginx 2 | 3 | This file is used to list changes made in each version of nginx. 4 | 5 | ## 0.6.0 (2015-01-17) 6 | 7 | * Add `nginx_site` LWRP 8 | * Add proper mime types for web fonts 9 | * Improve test coverage and CI configuration 10 | 11 | ## 0.5.5 (2013-12-21) 12 | 13 | * Fix `mime.types` file location 14 | * README updates 15 | * CI updates - only tested against 1.9.3 and 2.0.0 now 16 | 17 | ## 0.5.4 (2013-11-14) 18 | 19 | * Add `phusion` repository source option 20 | * Fix ensure log directory exists 21 | 22 | ## 0.5.3 (2013-11-13) 23 | 24 | * Delay service restart on config file updates 25 | * Fix template restart notifications 26 | * Add `mime.types` file 27 | * Fix service startup via chef 28 | 29 | ## 0.5.2 (2013-11-12) 30 | 31 | * Don't start, only enable the service since 1.4.x starts automatically and errors 32 | 33 | ## 0.5.1 (2013-11-12) 34 | 35 | * Add missed default attribute from `0.5.0` release 36 | 37 | ## 0.5.0 (2013-11-12) 38 | 39 | * Make installation package names configurable 40 | * Only start the service if not already running 41 | 42 | ## 0.4.6 (2013-08-09) 43 | 44 | * Add `skip_default_site` attribute 45 | 46 | ## 0.4.5 (2013-06-27) 47 | 48 | * Add option to use PPA repository 49 | 50 | ## 0.4.4 (2013-06-27) 51 | 52 | * Add attribute for nginx version 53 | * Cleanup development files 54 | 55 | ## 0.4.3 (2013-04-09) 56 | 57 | * Add attribute for nginx status port 58 | * Update executable bit for directories 59 | * Add missing LICENSE file 60 | 61 | ## 0.4.2 (2013-02-02) 62 | 63 | * Prevent unnecessary `apt-get update` run 64 | 65 | ## 0.4.1 (2013-02-01) 66 | 67 | * FC023: Prefer conditional attributes 68 | 69 | ## 0.4.0 (2013-02-01) 70 | 71 | * Make `stub_status` support optional 72 | 73 | ## 0.3.0 (2013-01-18) 74 | 75 | * Ensure `sites-available` and `sites-enabled` directories exist 76 | 77 | ## 0.2.0 (2013-01-18) 78 | 79 | * Replace `light` recipe with `server` and `debug` recipes. 80 | 81 | ## 0.1.0: 82 | 83 | * Initial release of nginx 84 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source "https://rubygems.org" 2 | 3 | chef_version = ENV.fetch("CHEF_VERSION", "11.16") 4 | 5 | gem "chef", "~> #{chef_version}" 6 | gem "chefspec", "~> 4.2.0" if chef_version =~ /^11/ 7 | 8 | gem "berkshelf", "~> 3.2.1" 9 | gem "foodcritic", "~> 4.0.0" 10 | gem "rake" 11 | gem "rubocop", "~> 0.28.0" 12 | gem "serverspec", "~> 2.7.1" 13 | 14 | group :integration do 15 | gem "busser-serverspec", "~> 0.5.3" 16 | gem "kitchen-vagrant", "~> 0.15.0" 17 | gem "test-kitchen", "~> 1.3.1" 18 | end 19 | -------------------------------------------------------------------------------- /Guardfile: -------------------------------------------------------------------------------- 1 | guard :rspec, cmd: "rspec --color", all_on_start: false do 2 | watch(/^spec\/(.+)_spec\.rb$/) 3 | watch(/^recipes\/(.+)\.rb$/) { |m| "spec/#{m[1]}_spec.rb" } 4 | watch("spec/spec_helper.rb") { "spec" } 5 | end 6 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2012-2013, Phil Cohen 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining 4 | a copy of this software and associated documentation files (the 5 | "Software"), to deal in the Software without restriction, including 6 | without limitation the rights to use, copy, modify, merge, publish, 7 | distribute, sublicense, and/or sell copies of the Software, and to 8 | permit persons to whom the Software is furnished to do so, subject to 9 | the following conditions: 10 | 11 | The above copyright notice and this permission notice shall be 12 | included in all copies or substantial portions of the Software. 13 | 14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 15 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 17 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 18 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 19 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 20 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # chef-nginx [![Build Status](http://img.shields.io/travis-ci/phlipper/chef-nginx.png)](https://travis-ci.org/phlipper/chef-nginx) 2 | 3 | ## Description 4 | 5 | Installs the [Nginx](http://nginx.org) web server. 6 | 7 | 8 | ## Requirements 9 | 10 | ### Supported Platforms 11 | 12 | The following platforms are supported by this cookbook, meaning that the 13 | recipes should run on these platforms without error: 14 | 15 | * Ubuntu 12.04+ 16 | * Debian 6.0.8+ 17 | 18 | ### Cookbooks 19 | 20 | * [apt](http://community.opscode.com/cookbooks/apt) Opscode LWRP Cookbook 21 | 22 | ### Chef 23 | 24 | * Chef 11+ 25 | 26 | ### Ruby 27 | 28 | This cookbook requires Ruby 1.9+ and is tested against: 29 | 30 | * 2.0.0 31 | * 2.1.2 32 | 33 | 34 | ## Recipes 35 | 36 | * `nginx` - The default recipe which sets up the repository. 37 | * `nginx::configuration` - Internal recipe to setup the configuration files. 38 | * `nginx::service` - Internal recipe to setup the service definition. 39 | * `nginx::server` - Install and configure the `nginx` package. 40 | * `nginx::debug` - Install and configure the `nginx-debug` package. 41 | * `nginx::enabledisablesite` - Install enable and disable scripts for nginx sites. 42 | 43 | 44 | ## Resources and Providers 45 | 46 | This cookbook provides one resource with a corresponding provider 47 | 48 | ### site.rb 49 | Manage virtual hosts - create, delete, enable and disable virtual host configurations 50 | 51 | Actions: 52 | 53 | * `create` - Create a virtual host configuration file. 54 | * `delete` - Delete a virtual host configuration file. 55 | * `enable` - Enable a virtual host configuration file. 56 | * `disable` - Disable a virtual host configuration file. 57 | 58 | Attribute Parameters (only used with the `create` action): 59 | 60 | * `listen` - the ip address and/or port to [listen](http://nginx.org/en/docs/http/ngx_http_core_module.html#listen) to, defaults to '80' 61 | * `host` - [server_name](http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name) for the virtualhost, defaults to 'localhost' 62 | * `root` - the path to the site [root](http://nginx.org/en/docs/http/ngx_http_core_module.html#root) folder, defaults to '/var/www' 63 | * `index` - the [index](http://nginx.org/en/docs/http/ngx_http_index_module.html) files, in order of use, defaults to 'index.html index.htm' 64 | * `location` - basic [location](http://nginx.org/en/docs/http/ngx_http_core_module.html#location) block configuration, defaults to 'try_files $uri $uri/' 65 | * `phpfpm` - inserts a basic php fpm handler for .php files if true, defaults to false 66 | * `access_log` - enable or disable the access log, defaults to true 67 | * `custom_data` - hash of extra data for any custom things you might throw into your override template, defaults to an empty hash 68 | * `template_cookbook` - allows you to override the template used with your own. Set this to your cookbook name and create a template named 'site.erb', defaults to 'nginx' 69 | * `template_source` - override for the name of the template from the default 'site.erb' 70 | 71 | 72 | ## Usage 73 | 74 | This cookbook installs the Nginx components if not present, and pulls updates if they are installed on the system. 75 | It also installs a nxensite and nxdissite script for enabling and disabling sites and provides a provider for creating and enabling/disabling nginx-sites. 76 | 77 | ### nginx_site 78 | 79 | Create a nginx virtual host configuration file in the sites-available folder 80 | 81 | ```ruby 82 | nginx_site "example.com" do 83 | host "example.com www.example.com" 84 | root "/var/www/example.com" 85 | end 86 | ``` 87 | 88 | This would create a configuration file for example.com and www.example.com that points to `/var/www/example.com` 89 | 90 | ```ruby 91 | nginx_site "example.com" do 92 | action :enable 93 | end 94 | ``` 95 | 96 | This would enable a previously created site named `example.com` 97 | 98 | ```ruby 99 | nginx_site "example.com" do 100 | host "example.com www.example.com" 101 | root "/var/www/example.com" 102 | index "index.php index.html index.htm" 103 | location "try_files $uri $uri/ /index.php?$query_string" 104 | phpfpm true 105 | action [:create, :enable] 106 | end 107 | ``` 108 | 109 | This would create a php-fpm enabled virtual host (provided you have php-fpm installed) with a default rewrite to index.php and enable it 110 | 111 | ```ruby 112 | my_data = { 'env' => 'production' } 113 | 114 | nginx_site "example.com" do 115 | host "example.com www.example.com" 116 | root "/var/www/example.com" 117 | custom_data my_data 118 | template_cookbook 'my_cookbook' 119 | template_source 'my.conf.erb' 120 | action [:create, :enable] 121 | end 122 | ``` 123 | 124 | This would create a virtual host using your own custom template ´my.conf.erb´ in the cookbook ´my_cookbook´. The contents of ´my_data´ will be available in the template, thus writing ´@custom_data['environment']´ in your template will yield ´production´ in this example. And as with the previous examples `:enable` will make the site enabled. 125 | 126 | 127 | ## Attributes 128 | 129 | ```ruby 130 | default["nginx"]["dir"] = "/etc/nginx" 131 | default["nginx"]["log_dir"] = "/var/log/nginx" 132 | default["nginx"]["user"] = "www-data" 133 | default['nginx']["bin_dir"] = "/usr/sbin" 134 | default["nginx"]["binary"] = "/usr/sbin/nginx" 135 | default["nginx"]["pid_file"] = "/var/run/nginx.pid" 136 | default["nginx"]["version"] = nil 137 | default["nginx"]["package_name"] = "nginx" # nginx[-light|full|extras] 138 | 139 | default["nginx"]["log_format"] = <<-FORMAT 140 | '$remote_addr $host $remote_user [$time_local] "$request" ' 141 | '$status $body_bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"' 142 | FORMAT 143 | 144 | default["nginx"]["daemon_disable"] = false 145 | 146 | default["nginx"]["use_poll"] = true 147 | 148 | default["nginx"]["gzip"] = "on" 149 | default["nginx"]["gzip_http_version"] = "1.0" 150 | default["nginx"]["gzip_buffers"] = "16 8k" 151 | default["nginx"]["gzip_comp_level"] = "2" 152 | default["nginx"]["gzip_proxied"] = "any" 153 | default["nginx"]["gzip_vary"] = "on" 154 | default["nginx"]["gzip_min_length"] = "0" 155 | default["nginx"]["gzip_disable"] = %q|"MSIE [1-6].(?!.*SV1)"| 156 | default["nginx"]["gzip_types"] = %w[ 157 | text/css text/javascript text/xml text/plain text/x-component 158 | application/x-javascript application/javascript application/json 159 | application/xml application/rss+xml image/svg+xml 160 | font/truetype font/opentype application/vnd.ms-fontobject 161 | ] 162 | 163 | default["nginx"]["ignore_invalid_headers"] = "on" 164 | default["nginx"]["recursive_error_pages"] = "on" 165 | default["nginx"]["sendfile"] = "on" 166 | default["nginx"]["server_name_in_redirect"] = "off" 167 | default["nginx"]["server_tokens"] = "off" 168 | 169 | default["nginx"]["buffers_enable"] = false 170 | default["nginx"]["client_body_temp_path"] = "/var/spool/nginx-client-body 1 2" 171 | default["nginx"]["client_body_buffer_size"] = "8k" 172 | default["nginx"]["client_header_buffer_size"] = "1k" 173 | default["nginx"]["client_max_body_size"] = "1m" 174 | default["nginx"]["large_client_header_buffers"] = "4 8k" 175 | 176 | default["nginx"]["tcp_nopush"] = "on" 177 | default["nginx"]["tcp_nodelay"] = "off" 178 | 179 | default["nginx"]["proxy_set_headers"] = [ 180 | "X-Real-IP $remote_addr", 181 | "X-Forwarded-For $proxy_add_x_forwarded_for", 182 | "Host $http_host" 183 | ] 184 | default["nginx"]["proxy_redirect"] = "off" 185 | default["nginx"]["proxy_max_temp_file_size"] = nil 186 | default["nginx"]["proxy_read_timeout"] = nil 187 | 188 | default["nginx"]["keepalive"] = "on" 189 | default["nginx"]["keepalive_timeout"] = 65 190 | default["nginx"]["send_timeout"] = 5 191 | default["nginx"]["client_header_timeout"] = 5 192 | default["nginx"]["client_body_timeout"] = 5 193 | 194 | default["nginx"]["worker_processes"] = node["cpu"]["total"] 195 | default["nginx"]["worker_connections"] = node["cpu"]["total"].to_i * 1024 196 | default["nginx"]["server_names_hash_bucket_size"] = 64 197 | 198 | default["nginx"]["conf_files"] = %w[ 199 | general buffers gzip logs performance proxy timeouts ssl_session 200 | ] 201 | 202 | default["nginx"]["ssl_session_cache_enable"] = true 203 | default["nginx"]["ssl_session_cache"] = "shared:SSL:10m" 204 | default["nginx"]["ssl_session_timeout"] = "10m" 205 | 206 | default["nginx"]["passenger_enable"] = false 207 | default["nginx"]["passenger_max_pool_size"] = 6 208 | default["nginx"]["passenger_pool_idle_time"] = 300 209 | 210 | default["nginx"]["enable_stub_status"] = true 211 | default["nginx"]["status_port"] = 80 212 | 213 | default["nginx"]["skip_default_site"] = false 214 | 215 | default["nginx"]["repository"] = "official" 216 | default["nginx"]["repository_sources"] = { 217 | "official" => { 218 | "uri" => "http://nginx.org/packages/#{node["platform"]}", 219 | "distribution" => node["lsb"]["codename"], 220 | "components" => ["nginx"], 221 | "keyserver" => nil, 222 | "key" => "http://nginx.org/keys/nginx_signing.key", 223 | "deb_src" => false 224 | }, 225 | 226 | "ppa" => { 227 | "uri" => "http://ppa.launchpad.net/nginx/stable/ubuntu", 228 | "distribution" => node["lsb"]["codename"], 229 | "components" => ["main"], 230 | "keyserver" => "keyserver.ubuntu.com", 231 | "key" => "C300EE8C", 232 | "deb_src" => true, 233 | }, 234 | 235 | "phusion" => { 236 | "uri" => "https://oss-binaries.phusionpassenger.com/apt/passenger", 237 | "distribution" => node["lsb"]["codename"], 238 | "components" => ["main"], 239 | "keyserver" => "keyserver.ubuntu.com", 240 | "key" => "561F9B9CAC40B2F7", 241 | "deb_src" => true 242 | } 243 | } 244 | ``` 245 | 246 | 247 | ## TODO 248 | 249 | Including, but not limited to ... 250 | 251 | * Fully support all of the standard Chef-supported distributions 252 | * Support additonal build configurations 253 | * Support additonal configuration file attributes 254 | 255 | 256 | ## Contributing 257 | 258 | 1. Fork it 259 | 2. Create your feature branch (`git checkout -b my-new-feature`) 260 | 3. Commit your changes (`git commit -am 'Added some feature'`) 261 | 4. Push to the branch (`git push origin my-new-feature`) 262 | 5. Create new Pull Request 263 | 264 | 265 | ## Contributors 266 | 267 | Many thanks go to the following [contributors](https://github.com/phlipper/chef-nginx/graphs/contributors) who have helped to make this cookbook even better: 268 | 269 | * **[@jtimberman](https://github.com/jtimberman)** 270 | * add license file 271 | * set executable bit for directories 272 | * **[@dwradcliffe](https://github.com/dwradcliffe)** 273 | * add attribute for nginx status port 274 | * add attribute for nginx version 275 | * add option to use PPA repository instead of official nginx repository 276 | * make sure log directory exists 277 | * use correct path for `mime.types` file 278 | * **[@0rca](https://github.com/0rca)** 279 | * add `skip_default_site` attribute 280 | * **[@RichardWigley](https://github.com/RichardWigley)** 281 | * add initial `test-kitchen` support 282 | * **[@arvidbjorkstrom](https://github.com/arvidbjorkstrom)** 283 | * Provider for creating/deleting hosts configurations, enabling and disabling them 284 | * add `custom_data` attribute to the `site` LWRP 285 | * **[@perusio](https://github.com/perusio)** 286 | * Script for enabling and disabling sites, added and renamed by [@arvidbjorkstrom](https://github.com/arvidbjorkstrom) 287 | * **[@morr](https://github.com/morr)** 288 | * update `mime.types` to support web fonts correctly 289 | 290 | 291 | ## License 292 | 293 | **chef-nginx** 294 | 295 | * Freely distributable and licensed under the [MIT license](http://phlipper.mit-license.org/2012-2014/license.html). 296 | * Copyright (c) 2012-2014 Phil Cohen (github@phlippers.net) [![endorse](http://api.coderwall.com/phlipper/endorsecount.png)](http://coderwall.com/phlipper) [![Gittip](http://img.shields.io/gittip/phlipper.png)](https://www.gittip.com/phlipper/) 297 | * http://phlippers.net/ 298 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | task default: "test" 2 | 3 | desc "Run all tests except `kitchen`" 4 | task test: [:rubocop, :foodcritic, :chefspec] 5 | 6 | desc "Run all tests" 7 | task all_tests: [:rubocop, :foodcritic, :chefspec, "kitchen:all"] 8 | 9 | # rubocop style checker 10 | require "rubocop/rake_task" 11 | RuboCop::RakeTask.new 12 | 13 | # foodcritic chef lint 14 | require "foodcritic" 15 | FoodCritic::Rake::LintTask.new do |t| 16 | t.options = { fail_tags: ["any"] } 17 | end 18 | 19 | # chefspec unit tests 20 | require "rspec/core/rake_task" 21 | RSpec::Core::RakeTask.new(:chefspec) do |t| 22 | t.rspec_opts = "--color --format progress" 23 | end 24 | 25 | # test-kitchen integration tests 26 | begin 27 | require "kitchen/rake_tasks" 28 | Kitchen::RakeTasks.new 29 | rescue LoadError 30 | task("kitchen:all") { puts "Unable to run `test-kitchen`" } 31 | end 32 | -------------------------------------------------------------------------------- /attributes/default.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Attributes:: default 4 | # 5 | # Author:: Phil Cohen 6 | # 7 | # Copyright 2013, Phil Cohen 8 | # 9 | 10 | default["nginx"]["dir"] = "/etc/nginx" 11 | default["nginx"]["log_dir"] = "/var/log/nginx" 12 | default["nginx"]["user"] = "www-data" 13 | default["nginx"]["bin_dir"] = "/usr/sbin" 14 | default["nginx"]["binary"] = "/usr/sbin/nginx" 15 | default["nginx"]["pid_file"] = "/var/run/nginx.pid" 16 | default["nginx"]["version"] = nil 17 | default["nginx"]["package_name"] = "nginx" # nginx[-light|full|extras] 18 | 19 | default["nginx"]["log_format"] = <<-FORMAT 20 | '$remote_addr $host $remote_user [$time_local] "$request" ' 21 | '$status $body_bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"' 22 | FORMAT 23 | 24 | default["nginx"]["daemon_disable"] = false 25 | 26 | default["nginx"]["use_poll"] = true 27 | 28 | default["nginx"]["gzip"] = "on" 29 | default["nginx"]["gzip_http_version"] = "1.0" 30 | default["nginx"]["gzip_buffers"] = "16 8k" 31 | default["nginx"]["gzip_comp_level"] = "2" 32 | default["nginx"]["gzip_proxied"] = "any" 33 | default["nginx"]["gzip_vary"] = "on" 34 | default["nginx"]["gzip_min_length"] = "0" 35 | default["nginx"]["gzip_disable"] = %|"MSIE [1-6].(?!.*SV1)"| 36 | default["nginx"]["gzip_types"] = %w[ 37 | text/css text/javascript text/xml text/plain text/x-component 38 | application/x-javascript application/javascript application/json 39 | application/xml application/rss+xml image/svg+xml 40 | font/truetype font/opentype application/vnd.ms-fontobject 41 | ] 42 | 43 | default["nginx"]["ignore_invalid_headers"] = "on" 44 | default["nginx"]["recursive_error_pages"] = "on" 45 | default["nginx"]["sendfile"] = "on" 46 | default["nginx"]["server_name_in_redirect"] = "off" 47 | default["nginx"]["server_tokens"] = "off" 48 | 49 | default["nginx"]["buffers_enable"] = false 50 | default["nginx"]["client_body_temp_path"] = "/var/spool/nginx-client-body 1 2" 51 | default["nginx"]["client_body_buffer_size"] = "8k" 52 | default["nginx"]["client_header_buffer_size"] = "1k" 53 | default["nginx"]["client_max_body_size"] = "1m" 54 | default["nginx"]["large_client_header_buffers"] = "4 8k" 55 | 56 | default["nginx"]["tcp_nopush"] = "on" 57 | default["nginx"]["tcp_nodelay"] = "off" 58 | 59 | default["nginx"]["proxy_set_headers"] = [ 60 | "X-Real-IP $remote_addr", 61 | "X-Forwarded-For $proxy_add_x_forwarded_for", 62 | "Host $http_host" 63 | ] 64 | default["nginx"]["proxy_redirect"] = "off" 65 | default["nginx"]["proxy_max_temp_file_size"] = nil 66 | default["nginx"]["proxy_read_timeout"] = nil 67 | 68 | default["nginx"]["keepalive"] = "on" 69 | default["nginx"]["keepalive_timeout"] = 65 70 | default["nginx"]["send_timeout"] = 5 71 | default["nginx"]["client_header_timeout"] = 5 72 | default["nginx"]["client_body_timeout"] = 5 73 | 74 | default["nginx"]["worker_processes"] = node["cpu"]["total"] 75 | default["nginx"]["worker_connections"] = node["cpu"]["total"].to_i * 1024 76 | default["nginx"]["server_names_hash_bucket_size"] = 64 77 | 78 | default["nginx"]["conf_files"] = %w[ 79 | buffers general gzip logs performance proxy ssl_session timeouts 80 | ] 81 | 82 | default["nginx"]["ssl_session_cache_enable"] = true 83 | default["nginx"]["ssl_session_cache"] = "shared:SSL:10m" 84 | default["nginx"]["ssl_session_timeout"] = "10m" 85 | 86 | default["nginx"]["passenger_enable"] = false 87 | default["nginx"]["passenger_max_pool_size"] = 6 88 | default["nginx"]["passenger_pool_idle_time"] = 300 89 | 90 | default["nginx"]["enable_stub_status"] = true 91 | default["nginx"]["status_port"] = 80 92 | 93 | default["nginx"]["skip_default_site"] = false 94 | 95 | default["nginx"]["repository"] = "official" 96 | default["nginx"]["repository_sources"] = { 97 | "official" => { 98 | "uri" => "http://nginx.org/packages/#{node["platform"]}", 99 | "distribution" => node["lsb"]["codename"], 100 | "components" => ["nginx"], 101 | "keyserver" => nil, 102 | "key" => "http://nginx.org/keys/nginx_signing.key", 103 | "deb_src" => false 104 | }, 105 | 106 | "ppa" => { 107 | "uri" => "http://ppa.launchpad.net/nginx/stable/ubuntu", 108 | "distribution" => node["lsb"]["codename"], 109 | "components" => ["main"], 110 | "keyserver" => "keyserver.ubuntu.com", 111 | "key" => "C300EE8C", 112 | "deb_src" => true 113 | }, 114 | 115 | "phusion" => { 116 | "uri" => "https://oss-binaries.phusionpassenger.com/apt/passenger", 117 | "distribution" => node["lsb"]["codename"], 118 | "components" => ["main"], 119 | "keyserver" => "keyserver.ubuntu.com", 120 | "key" => "561F9B9CAC40B2F7", 121 | "deb_src" => true 122 | } 123 | } 124 | -------------------------------------------------------------------------------- /chefignore: -------------------------------------------------------------------------------- 1 | # Put files/directories that should be ignored in this file when uploading 2 | # or sharing to the community site. 3 | # Lines that start with '# ' are comments. 4 | 5 | # OS generated files # 6 | ###################### 7 | .DS_Store 8 | Icon? 9 | nohup.out 10 | ehthumbs.db 11 | Thumbs.db 12 | 13 | # SASS # 14 | ######## 15 | .sass-cache 16 | 17 | # EDITORS # 18 | ########### 19 | \#* 20 | .#* 21 | *~ 22 | *.sw[a-z] 23 | *.bak 24 | REVISION 25 | TAGS* 26 | tmtags 27 | *_flymake.* 28 | *_flymake 29 | *.tmproj 30 | .project 31 | .settings 32 | mkmf.log 33 | 34 | ## COMPILED ## 35 | ############## 36 | a.out 37 | *.o 38 | *.pyc 39 | *.so 40 | *.com 41 | *.class 42 | *.dll 43 | *.exe 44 | */rdoc/ 45 | 46 | # Testing # 47 | ########### 48 | .watchr 49 | .rspec 50 | spec/* 51 | spec/fixtures/* 52 | test/* 53 | features/* 54 | Guardfile 55 | Procfile 56 | 57 | # SCM # 58 | ####### 59 | .git 60 | */.git 61 | .gitignore 62 | .gitmodules 63 | .gitconfig 64 | .gitattributes 65 | .svn 66 | */.bzr/* 67 | */.hg/* 68 | */.svn/* 69 | 70 | # Berkshelf # 71 | ############# 72 | cookbooks/* 73 | tmp 74 | 75 | # Cookbooks # 76 | ############# 77 | CONTRIBUTING 78 | CHANGELOG* 79 | 80 | # Strainer # 81 | ############ 82 | Colanderfile 83 | Strainerfile 84 | .colander 85 | .strainer 86 | 87 | # Vagrant # 88 | ########### 89 | .vagrant 90 | Vagrantfile 91 | 92 | # Travis # 93 | ########## 94 | .travis.yml 95 | -------------------------------------------------------------------------------- /files/default/mime.types: -------------------------------------------------------------------------------- 1 | types { 2 | text/html html htm shtml; 3 | text/css css; 4 | text/xml xml; 5 | image/gif gif; 6 | image/jpeg jpeg jpg; 7 | application/x-javascript js; 8 | application/atom+xml atom; 9 | application/rss+xml rss; 10 | 11 | text/mathml mml; 12 | text/plain txt; 13 | text/vnd.sun.j2me.app-descriptor jad; 14 | text/vnd.wap.wml wml; 15 | text/x-component htc; 16 | 17 | image/png png; 18 | image/tiff tif tiff; 19 | image/vnd.wap.wbmp wbmp; 20 | image/x-icon ico; 21 | image/x-jng jng; 22 | image/x-ms-bmp bmp; 23 | image/svg+xml svg svgz; 24 | image/webp webp; 25 | 26 | application/java-archive jar war ear; 27 | application/mac-binhex40 hqx; 28 | application/msword doc; 29 | application/pdf pdf; 30 | application/postscript ps eps ai; 31 | application/rtf rtf; 32 | application/vnd.ms-excel xls; 33 | application/vnd.ms-powerpoint ppt; 34 | application/vnd.wap.wmlc wmlc; 35 | application/vnd.google-earth.kml+xml kml; 36 | application/vnd.google-earth.kmz kmz; 37 | application/x-7z-compressed 7z; 38 | application/x-cocoa cco; 39 | application/x-java-archive-diff jardiff; 40 | application/x-java-jnlp-file jnlp; 41 | application/x-makeself run; 42 | application/x-perl pl pm; 43 | application/x-pilot prc pdb; 44 | application/x-rar-compressed rar; 45 | application/x-redhat-package-manager rpm; 46 | application/x-sea sea; 47 | application/x-shockwave-flash swf; 48 | application/x-stuffit sit; 49 | application/x-tcl tcl tk; 50 | application/x-x509-ca-cert der pem crt; 51 | application/x-xpinstall xpi; 52 | application/xhtml+xml xhtml; 53 | application/zip zip; 54 | 55 | application/octet-stream bin exe dll; 56 | application/octet-stream deb; 57 | application/octet-stream dmg; 58 | application/octet-stream iso img; 59 | application/octet-stream msi msp msm; 60 | 61 | font/ttf ttf; 62 | font/opentype otf; 63 | application/x-font-woff woff; 64 | application/vnd.ms-fontobject eot; 65 | 66 | audio/midi mid midi kar; 67 | audio/mpeg mp3; 68 | audio/ogg ogg; 69 | audio/x-m4a m4a; 70 | audio/x-realaudio ra; 71 | 72 | video/3gpp 3gpp 3gp; 73 | video/mp4 mp4; 74 | video/mpeg mpeg mpg; 75 | video/quicktime mov; 76 | video/webm webm; 77 | video/x-flv flv; 78 | video/x-m4v m4v; 79 | video/x-mng mng; 80 | video/x-ms-asf asx asf; 81 | video/x-ms-wmv wmv; 82 | video/x-msvideo avi; 83 | } 84 | -------------------------------------------------------------------------------- /libraries/matchers.rb: -------------------------------------------------------------------------------- 1 | if defined?(ChefSpec) 2 | def create_nginx_site(resource_name) 3 | ChefSpec::Matchers::ResourceMatcher.new( 4 | :nginx_site, :create, resource_name 5 | ) 6 | end 7 | 8 | def delete_nginx_site(resource_name) 9 | ChefSpec::Matchers::ResourceMatcher.new( 10 | :nginx_site, :delete, resource_name 11 | ) 12 | end 13 | 14 | def enable_nginx_site(resource_name) 15 | ChefSpec::Matchers::ResourceMatcher.new( 16 | :nginx_site, :enable, resource_name 17 | ) 18 | end 19 | 20 | def disable_nginx_site(resource_name) 21 | ChefSpec::Matchers::ResourceMatcher.new( 22 | :nginx_site, :disable, resource_name 23 | ) 24 | end 25 | end 26 | -------------------------------------------------------------------------------- /metadata.rb: -------------------------------------------------------------------------------- 1 | name "nginx" 2 | maintainer "Phil Cohen" 3 | maintainer_email "github@phlippers.net" 4 | license "MIT" 5 | description "Installs/configures nginx" 6 | long_description "Please refer to README.md" 7 | version "0.6.0" 8 | 9 | recipe "nginx", "The default recipe which sets up the repository." 10 | recipe "nginx::configuration", "Internal recipe to setup the configuration files." 11 | recipe "nginx::service", "Internal recipe to setup the service definition." 12 | recipe "nginx::server", "Install and configure the `nginx` package." 13 | recipe "nginx::debug", "Install and configure the `nginx-debug` package." 14 | 15 | depends "apt" 16 | 17 | supports "debian" 18 | supports "ubuntu" 19 | -------------------------------------------------------------------------------- /providers/site.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Provider:: site 4 | # 5 | 6 | def whyrun_supported? 7 | true 8 | end 9 | 10 | use_inline_resources 11 | 12 | action :create do 13 | template nginx_available_file do 14 | source new_resource.template_source 15 | cookbook new_resource.template_cookbook 16 | owner "root" 17 | group "root" 18 | mode "0644" 19 | variables( 20 | name: new_resource.name, 21 | listen: new_resource.listen, 22 | host: new_resource.host, 23 | root: new_resource.root, 24 | index: new_resource.index, 25 | location: new_resource.location, 26 | phpfpm: new_resource.phpfpm, 27 | access_log: new_resource.access_log, 28 | custom_data: new_resource.custom_data 29 | ) 30 | end 31 | end 32 | 33 | action :delete do 34 | if @current_resource.exists 35 | nginx_site new_resource.name do 36 | action :disable 37 | end 38 | 39 | file nginx_available_file do 40 | action :delete 41 | end 42 | else 43 | log_missing_resource 44 | end 45 | end 46 | 47 | action :enable do 48 | if @current_resource.exists 49 | execute "nxensite #{new_resource.name}" do 50 | command "#{node["nginx"]["bin_dir"]}/nxensite #{new_resource.name}" 51 | not_if { ::File.exist?(nginx_enabled_file) } 52 | end 53 | else 54 | log_missing_resource 55 | end 56 | end 57 | 58 | action :disable do 59 | if @current_resource.exists 60 | execute "nxdissite #{new_resource.name}" do 61 | command "#{node["nginx"]["bin_dir"]}/nxdissite #{new_resource.name}" 62 | only_if { ::File.exist?(nginx_enabled_file) } 63 | end 64 | else 65 | log_missing_resource 66 | end 67 | end 68 | 69 | def load_current_resource 70 | @current_resource = Chef::Resource::NginxSite.new(@new_resource.name) 71 | @current_resource.name(@new_resource.name) 72 | 73 | @current_resource.exists = ::File.exist?(nginx_available_file) 74 | end 75 | 76 | def nginx_available_file 77 | "#{node["nginx"]["dir"]}/sites-available/#{new_resource.name}" 78 | end 79 | 80 | def nginx_enabled_file 81 | "#{node["nginx"]["dir"]}/sites-enabled/#{new_resource.name}" 82 | end 83 | 84 | def log_missing_resource 85 | Chef::Log.info "#{@new_resource} doesn't exist - nothing to do." 86 | end 87 | -------------------------------------------------------------------------------- /recipes/configuration.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: configuration 4 | # 5 | 6 | [node["nginx"]["dir"], node["nginx"]["log_dir"]].each do |dir| 7 | directory dir do 8 | owner "root" 9 | group "root" 10 | mode "0755" 11 | recursive true 12 | end 13 | end 14 | 15 | cookbook_file "#{node["nginx"]["dir"]}/mime.types" do 16 | source "mime.types" 17 | owner "root" 18 | group "root" 19 | mode "0644" 20 | notifies :restart, "service[nginx]" 21 | end 22 | 23 | template "nginx.conf" do 24 | path "#{node["nginx"]["dir"]}/nginx.conf" 25 | source "nginx.conf.erb" 26 | owner "root" 27 | group "root" 28 | mode "0644" 29 | notifies :restart, "service[nginx]" 30 | end 31 | 32 | %w[sites-available sites-enabled].each do |vhost_dir| 33 | directory "#{node["nginx"]["dir"]}/#{vhost_dir}" do 34 | owner "root" 35 | group "root" 36 | mode "0755" 37 | action :create 38 | end 39 | end 40 | 41 | nginx_site "default" do 42 | host node["hostname"] 43 | root "/var/www/nginx-default" 44 | not_if { node["nginx"]["skip_default_site"] } 45 | end 46 | 47 | # ensure default site is removed if necessary 48 | %w[enabled available].each do |dir| 49 | file "#{node["nginx"]["dir"]}/sites-#{dir}/default" do 50 | action :delete 51 | only_if { node["nginx"]["skip_default_site"] } 52 | notifies :restart, "service[nginx]" 53 | end 54 | end 55 | 56 | node["nginx"]["conf_files"].each do |config_file| 57 | template config_file do 58 | path "#{node["nginx"]["dir"]}/conf.d/#{config_file}.conf" 59 | source "#{config_file}.conf.erb" 60 | owner "root" 61 | group "root" 62 | mode "0644" 63 | notifies :restart, "service[nginx]" 64 | end 65 | end 66 | 67 | template "#{node["nginx"]["dir"]}/conf.d/nginx_status.conf" do 68 | source "nginx_status.conf.erb" 69 | owner "root" 70 | group "root" 71 | mode "0644" 72 | notifies :restart, "service[nginx]" 73 | variables(port: node["nginx"]["status_port"]) 74 | only_if { node["nginx"]["enable_stub_status"] } 75 | end 76 | -------------------------------------------------------------------------------- /recipes/debug.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: debug 4 | # 5 | 6 | include_recipe "nginx" 7 | 8 | package "nginx-debug" 9 | 10 | include_recipe "nginx::configuration" 11 | include_recipe "nginx::service" 12 | -------------------------------------------------------------------------------- /recipes/default.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: default 4 | # 5 | 6 | repo = node["nginx"]["repository_sources"].fetch(node["nginx"]["repository"]) 7 | 8 | apt_repository "nginx" do 9 | uri repo["uri"] 10 | distribution repo["distribution"] 11 | components repo["components"] 12 | key repo["key"] 13 | keyserver repo["keyserver"] if repo["keyserver"] 14 | deb_src repo["deb_src"] 15 | action :add 16 | end 17 | -------------------------------------------------------------------------------- /recipes/enabledisablesite.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: enabledisablesite 4 | # 5 | 6 | template "#{node["nginx"]["bin_dir"]}/nxensite" do 7 | source "nxensite.erb" 8 | owner "root" 9 | group "root" 10 | mode "0755" 11 | end 12 | 13 | link "#{node["nginx"]["bin_dir"]}/nxdissite" do 14 | to "#{node["nginx"]["bin_dir"]}/nxensite" 15 | only_if { ::File.exist?("#{node["nginx"]["bin_dir"]}/nxensite") } 16 | end 17 | 18 | template "/etc/bash_completion.d/nxendissite" do 19 | source "nxendissite_completion.erb" 20 | owner "root" 21 | group "root" 22 | mode "0644" 23 | end 24 | -------------------------------------------------------------------------------- /recipes/server.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: server 4 | # 5 | 6 | include_recipe "nginx" 7 | 8 | # ensure config files don't get trampled by chef 9 | package "nginx-common" do 10 | options %(-o Dpkg::Options::="--force-confdef") 11 | only_if { %w[ppa phusion].include?(node["nginx"]["repository"]) } 12 | end 13 | 14 | package node["nginx"]["package_name"] do 15 | version node["nginx"]["version"] 16 | end 17 | 18 | include_recipe "nginx::service" 19 | include_recipe "nginx::configuration" 20 | include_recipe "nginx::enabledisablesite" 21 | -------------------------------------------------------------------------------- /recipes/service.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Recipe:: service 4 | # 5 | 6 | service "nginx" do 7 | supports status: true, restart: true, reload: true 8 | action [:enable, :start] 9 | end 10 | -------------------------------------------------------------------------------- /resources/site.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: nginx 3 | # Resource:: site 4 | # 5 | 6 | actions :create, :delete, :enable, :disable 7 | 8 | default_action :create 9 | 10 | attribute :name, kind_of: String, name_attribute: true 11 | attribute :listen, kind_of: String, default: "80" 12 | attribute :host, kind_of: String, default: "localhost" 13 | attribute :root, kind_of: String, default: "/var/www" 14 | attribute :index, kind_of: String, default: "index.html index.htm" 15 | attribute :location, kind_of: String, default: "try_files $uri $uri/" 16 | attribute :phpfpm, kind_of: [TrueClass, FalseClass], default: false 17 | attribute :access_log, kind_of: [TrueClass, FalseClass], default: true 18 | attribute :custom_data, kind_of: Hash, default: {} 19 | attribute :template_cookbook, kind_of: String, default: "nginx" 20 | attribute :template_source, kind_of: String, default: "site.erb" 21 | 22 | attr_accessor :exists 23 | -------------------------------------------------------------------------------- /spec/configuration_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::configuration" do 4 | let(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge(described_recipe, "nginx::service") 6 | end 7 | 8 | it "creates the configuration directory" do 9 | expect(chef_run).to create_directory("/etc/nginx").with( 10 | owner: "root", 11 | group: "root", 12 | recursive: true 13 | ) 14 | end 15 | 16 | it "creates the `mime.types` file" do 17 | expect(chef_run).to create_cookbook_file("/etc/nginx/mime.types").with( 18 | source: "mime.types", 19 | owner: "root", 20 | group: "root", 21 | mode: "0644" 22 | ) 23 | 24 | file = chef_run.cookbook_file("/etc/nginx/mime.types") 25 | expect(file).to notify("service[nginx]").to(:restart) 26 | end 27 | 28 | it "creates the log directory" do 29 | expect(chef_run).to create_directory("/var/log/nginx").with( 30 | owner: "root", 31 | group: "root", 32 | recursive: true 33 | ) 34 | end 35 | 36 | it "creates the `nginx.conf` template" do 37 | expect(chef_run).to create_template("/etc/nginx/nginx.conf").with( 38 | source: "nginx.conf.erb", 39 | owner: "root", 40 | group: "root", 41 | mode: "0644" 42 | ) 43 | 44 | file = chef_run.template("/etc/nginx/nginx.conf") 45 | expect(file).to notify("service[nginx]").to(:restart) 46 | end 47 | 48 | %w[sites-available sites-enabled].each do |vhost_dir| 49 | it "creates the `#{vhost_dir}` directory" do 50 | expect(chef_run).to create_directory("/etc/nginx/#{vhost_dir}").with( 51 | owner: "root", 52 | group: "root", 53 | mode: "0755" 54 | ) 55 | end 56 | end 57 | 58 | context "default site" do 59 | let(:default_site) do 60 | "default" 61 | end 62 | 63 | context "when `skip_default_site` is false" do 64 | let(:chef_run) do 65 | ChefSpec::SoloRunner.new do |node| 66 | node.automatic_attrs["hostname"] = "chefspechostname" 67 | end.converge(described_recipe, "nginx::service") 68 | end 69 | 70 | it "creates the `default` template" do 71 | expect(chef_run).to create_nginx_site(default_site).with( 72 | host: "chefspechostname", 73 | root: "/var/www/nginx-default" 74 | ) 75 | end 76 | 77 | it "does not remove the default site configuration" do 78 | expect(chef_run).to_not delete_file( 79 | "/etc/nginx/sites-available/default" 80 | ) 81 | expect(chef_run).to_not delete_file("/etc/nginx/sites-enabled/default") 82 | end 83 | end 84 | 85 | context "when `skip_default_site` is true" do 86 | let(:chef_run) do 87 | ChefSpec::SoloRunner.new do |node| 88 | node.set["nginx"]["skip_default_site"] = true 89 | end.converge(described_recipe, "nginx::service") 90 | end 91 | 92 | it "does not create the `default` template" do 93 | expect(chef_run).to_not create_template(default_site) 94 | end 95 | 96 | it "removes the default site configuration" do 97 | expect(chef_run).to delete_file("/etc/nginx/sites-available/default") 98 | expect(chef_run).to delete_file("/etc/nginx/sites-enabled/default") 99 | end 100 | end 101 | end 102 | 103 | context "conf.d entries" do 104 | let(:custom_entries) do 105 | %w[foo bar baz] 106 | end 107 | 108 | let(:default_entries) do 109 | %w[buffers general gzip logs performance proxy ssl_session timeouts] 110 | end 111 | 112 | context "cookbook defaults" do 113 | it "creates the default templates" do 114 | default_entries.each do |entry| 115 | conf_file = "/etc/nginx/conf.d/#{entry}.conf" 116 | 117 | expect(chef_run).to create_template(conf_file).with( 118 | source: "#{entry}.conf.erb", 119 | owner: "root", 120 | group: "root", 121 | mode: "0644" 122 | ) 123 | 124 | tmpl = chef_run.template(conf_file) 125 | expect(tmpl).to notify("service[nginx]").to(:restart) 126 | end 127 | end 128 | end 129 | 130 | context "custom attributes" do 131 | let(:chef_run) do 132 | ChefSpec::SoloRunner.new do |node| 133 | node.set["nginx"]["conf_files"] = %w[foo bar baz] 134 | end.converge(described_recipe, "nginx::service") 135 | end 136 | 137 | it "creates the custom templates" do 138 | custom_entries.each do |entry| 139 | conf_file = "/etc/nginx/conf.d/#{entry}.conf" 140 | 141 | expect(chef_run).to create_template(conf_file).with( 142 | source: "#{entry}.conf.erb", 143 | owner: "root", 144 | group: "root", 145 | mode: "0644" 146 | ) 147 | 148 | tmpl = chef_run.template(conf_file) 149 | expect(tmpl).to notify("service[nginx]").to(:restart) 150 | end 151 | end 152 | 153 | it "does not create the default templates" do 154 | default_entries.each do |entry| 155 | conf_file = "/etc/nginx/conf.d/#{entry}.conf" 156 | 157 | expect(chef_run).to_not create_template(conf_file) 158 | end 159 | end 160 | end 161 | end 162 | 163 | context "nginx status" do 164 | let(:status_conf) do 165 | "/etc/nginx/conf.d/nginx_status.conf" 166 | end 167 | 168 | context "when `enable_stub_status` is true" do 169 | it "creates the `nginx_status.conf` template" do 170 | expect(chef_run).to create_template(status_conf).with( 171 | source: "nginx_status.conf.erb", 172 | owner: "root", 173 | group: "root", 174 | mode: "0644", 175 | variables: { port: 80 } 176 | ) 177 | 178 | tmpl = chef_run.template(status_conf) 179 | expect(tmpl).to notify("service[nginx]").to(:restart) 180 | end 181 | end 182 | 183 | context "when `enable_stub_status` is false" do 184 | let(:chef_run) do 185 | ChefSpec::SoloRunner.new do |node| 186 | node.set["nginx"]["enable_stub_status"] = false 187 | end.converge(described_recipe, "nginx::service") 188 | end 189 | 190 | it "does not create the `nginx_status.conf` template" do 191 | expect(chef_run).to_not create_template(status_conf) 192 | end 193 | end 194 | end 195 | end 196 | -------------------------------------------------------------------------------- /spec/debug_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::debug" do 4 | let(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge(described_recipe) 6 | end 7 | 8 | it { expect(chef_run).to include_recipe("nginx::default") } 9 | 10 | it { expect(chef_run).to install_package("nginx-debug") } 11 | 12 | it { expect(chef_run).to include_recipe("nginx::configuration") } 13 | it { expect(chef_run).to include_recipe("nginx::service") } 14 | end 15 | -------------------------------------------------------------------------------- /spec/default_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::default" do 4 | let(:apt_source) do 5 | "/etc/apt/sources.list.d/nginx.list" 6 | end 7 | 8 | context "official source" do 9 | let(:chef_run) do 10 | ChefSpec::SoloRunner.new.converge(described_recipe) 11 | end 12 | 13 | it "sets up the 'official' repository" do 14 | expect(chef_run).to add_apt_repository("nginx") 15 | 16 | # expect(chef_run).to( 17 | # render_file(apt_source).with_content( 18 | # %r(http://nginx.org/packages) 19 | # ) 20 | # ) 21 | end 22 | end 23 | 24 | context "ppa source" do 25 | let(:chef_run) do 26 | ChefSpec::SoloRunner.new do |node| 27 | node.set["nginx"]["repository"] = "ppa" 28 | end.converge(described_recipe) 29 | end 30 | 31 | it "sets up the 'ppa' repository" do 32 | expect(chef_run).to add_apt_repository("nginx") 33 | 34 | # expect(chef_run).to( 35 | # render_file(apt_source).with_content( 36 | # %r(http://ppa.launchpad.net/nginx/stable/ubuntu) 37 | # ) 38 | # ) 39 | end 40 | end 41 | 42 | context "phusion source" do 43 | let(:chef_run) do 44 | ChefSpec::SoloRunner.new do |node| 45 | node.set["nginx"]["repository"] = "phusion" 46 | end.converge(described_recipe) 47 | end 48 | 49 | it "sets up the 'phusion' repository" do 50 | expect(chef_run).to add_apt_repository("nginx") 51 | 52 | # expect(chef_run).to( 53 | # render_file(apt_source).with_content( 54 | # %r(https://oss-binaries.phusionpassenger.com/apt/passenger) 55 | # ) 56 | # ) 57 | end 58 | end 59 | 60 | context "invalid source" do 61 | let(:chef_run) do 62 | ChefSpec::SoloRunner.new do |node| 63 | node.set["nginx"]["repository"] = "invalid" 64 | end.converge(described_recipe) 65 | end 66 | 67 | it "raises an exception" do 68 | expect(-> { chef_run }).to raise_error(KeyError) 69 | end 70 | end 71 | end 72 | -------------------------------------------------------------------------------- /spec/enabledisablesite_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::enabledisablesite" do 4 | let(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge(described_recipe) 6 | end 7 | 8 | it "creates the `nxensite` script" do 9 | allow(File).to receive(:exist?).with(anything).and_call_original 10 | allow(File).to receive(:exist?).with("/usr/sbin/nxensite").and_return(false) 11 | 12 | expect(chef_run).to create_template("/usr/sbin/nxensite").with( 13 | source: "nxensite.erb", 14 | owner: "root", 15 | group: "root", 16 | mode: "0755" 17 | ) 18 | end 19 | 20 | it "creates the `nxdissite` link" do 21 | allow(File).to receive(:exist?).with(anything).and_call_original 22 | allow(File).to receive(:exist?).with("/usr/sbin/nxensite").and_return(true) 23 | allow(File).to receive(:symlink?).with("/usr/sbin/nxdissite") 24 | .and_return(false) 25 | 26 | expect(chef_run).to create_link("/usr/sbin/nxdissite").with( 27 | to: "/usr/sbin/nxensite" 28 | ) 29 | end 30 | 31 | it "creates bash completion `nxendissite`" do 32 | completion_file = "/etc/bash_completion.d/nxendissite" 33 | 34 | allow(File).to receive(:exist?).with(anything).and_call_original 35 | allow(File).to receive(:exist?).with(completion_file).and_return(false) 36 | 37 | expect(chef_run).to create_template(completion_file).with( 38 | source: "nxendissite_completion.erb", 39 | owner: "root", 40 | group: "root", 41 | mode: "0644" 42 | ) 43 | end 44 | end 45 | -------------------------------------------------------------------------------- /spec/server_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::server" do 4 | let(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge(described_recipe) 6 | end 7 | 8 | specify do 9 | expect(chef_run).to include_recipe("nginx::default") 10 | 11 | expect(chef_run).to install_package("nginx") 12 | expect(chef_run).to_not install_package("nginx-common") 13 | 14 | expect(chef_run).to include_recipe("nginx::configuration") 15 | expect(chef_run).to include_recipe("nginx::service") 16 | expect(chef_run).to include_recipe("nginx::enabledisablesite") 17 | end 18 | 19 | context "with a specific `package_name` and `version`" do 20 | let(:chef_run) do 21 | ChefSpec::SoloRunner.new do |node| 22 | node.set["nginx"]["package_name"] = "nginx-chefspec" 23 | node.set["nginx"]["version"] = "1.2.3" 24 | end.converge(described_recipe) 25 | end 26 | 27 | it "installs the specified package and version" do 28 | expect(chef_run).to( 29 | install_package("nginx-chefspec").with_version("1.2.3") 30 | ) 31 | end 32 | end 33 | 34 | context "with `ppa` or `phusion` repository sources" do 35 | context "ppa" do 36 | let(:chef_run) do 37 | ChefSpec::SoloRunner.new do |node| 38 | node.set["nginx"]["repository"] = "ppa" 39 | end.converge(described_recipe) 40 | end 41 | 42 | specify do 43 | expect(chef_run).to install_package "nginx-common" 44 | end 45 | end 46 | 47 | context "phusion" do 48 | let(:chef_run) do 49 | ChefSpec::SoloRunner.new do |node| 50 | node.set["nginx"]["repository"] = "phusion" 51 | end.converge(described_recipe) 52 | end 53 | 54 | specify do 55 | expect(chef_run).to install_package "nginx-common" 56 | end 57 | end 58 | end 59 | end 60 | -------------------------------------------------------------------------------- /spec/service_spec.rb: -------------------------------------------------------------------------------- 1 | require "spec_helper" 2 | 3 | describe "nginx::server" do 4 | let(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge(described_recipe) 6 | end 7 | 8 | it { expect(chef_run).to enable_service("nginx") } 9 | it { expect(chef_run).to start_service("nginx") } 10 | end 11 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | begin 2 | require "rspec/expectations" 3 | require "chefspec" 4 | require "chefspec/berkshelf" 5 | rescue LoadError 6 | puts "Unable to run `chefspec`" 7 | exit 8 | end 9 | 10 | RSpec.configure do |config| 11 | config.platform = "ubuntu" 12 | config.version = "12.04" 13 | config.log_level = :error 14 | end 15 | 16 | def add_apt_repository(resource_name) 17 | ChefSpec::Matchers::ResourceMatcher.new(:apt_repository, :add, resource_name) 18 | end 19 | 20 | at_exit { ChefSpec::Coverage.report! } 21 | -------------------------------------------------------------------------------- /templates/default/buffers.conf.erb: -------------------------------------------------------------------------------- 1 | <% if node["nginx"]["buffers_enable"] %> 2 | 3 | # Where to store the body of large client requests on disk 4 | # NGINX will stream this to disk before posting it to your Mongrels, 5 | # preventing slow clients tying up your app. 6 | client_body_temp_path <%= node["nginx"]["client_body_temp_path"] %>; 7 | 8 | # Max size of a request from a client (usually a POST). This will limit 9 | # the size of file uploads to your app 10 | client_body_buffer_size <%= node["nginx"]["client_body_buffer_size"] %>; 11 | client_header_buffer_size <%= node["nginx"]["client_header_buffer_size"] %>; 12 | client_max_body_size <%= node["nginx"]["client_max_body_size"] %>; 13 | large_client_header_buffers <%= node["nginx"]["large_client_header_buffers"] %>; 14 | 15 | <% end %> 16 | -------------------------------------------------------------------------------- /templates/default/general.conf.erb: -------------------------------------------------------------------------------- 1 | ## General Options 2 | ignore_invalid_headers <%= node["nginx"]["ignore_invalid_headers"] %>; 3 | recursive_error_pages <%= node["nginx"]["recursive_error_pages"] %>; 4 | sendfile <%= node["nginx"]["sendfile"] %>; 5 | server_name_in_redirect <%= node["nginx"]["server_name_in_redirect"] %>; 6 | server_tokens <%= node["nginx"]["server_tokens"] %>; 7 | -------------------------------------------------------------------------------- /templates/default/gzip.conf.erb: -------------------------------------------------------------------------------- 1 | ## Compression 2 | gzip <%= node["nginx"]["gzip"] %>; 3 | 4 | <% if node["nginx"]["gzip"] == "on" %> 5 | 6 | gzip_buffers <%= node["nginx"]["gzip_buffers"] %>; 7 | 8 | # compression level between 1 and 9 9 | gzip_comp_level <%= node["nginx"]["gzip_comp_level"] %>; 10 | gzip_http_version <%= node["nginx"]["gzip_http_version"] %>; 11 | gzip_min_length <%= node["nginx"]["gzip_min_length"] %>; 12 | gzip_types <%= node["nginx"]["gzip_types"].join(" ") %>; 13 | gzip_vary <%= node["nginx"]["gzip_vary"] %>; 14 | gzip_proxied <%= node["nginx"]["gzip_proxied"] %>; 15 | 16 | # Some version of IE 6 don't handle compression well on some mime-types, so just disable them 17 | gzip_disable <%= node["nginx"]["gzip_disable"] %>; 18 | 19 | <% end %> 20 | -------------------------------------------------------------------------------- /templates/default/logs.conf.erb: -------------------------------------------------------------------------------- 1 | <% if node["nginx"]["log_format"] %> 2 | ## Log Format 3 | log_format main <%= node["nginx"]["log_format"] %>; 4 | <% end %> 5 | 6 | access_log <%= node["nginx"]["log_dir"] %>/access.log main; 7 | -------------------------------------------------------------------------------- /templates/default/nginx.conf.erb: -------------------------------------------------------------------------------- 1 | user <%= node["nginx"]["user"] %>; 2 | worker_processes <%= node["nginx"]["worker_processes"] %>; 3 | 4 | <% if node["nginx"]["daemon_disable"] -%> 5 | daemon off; 6 | <% end -%> 7 | 8 | error_log <%= node["nginx"]["log_dir"] %>/error.log; 9 | pid <%= node["nginx"]["pid_file"] %>; 10 | 11 | events { 12 | worker_connections <%= node["nginx"]["worker_connections"] %>; 13 | accept_mutex <%= node["nginx"]["worker_processes"].to_i > 1 ? "on" : "off" %>; 14 | <% if node["nginx"]["use_poll"] %> 15 | use epoll; 16 | <% end %> 17 | } 18 | 19 | http { 20 | server_names_hash_bucket_size <%= node["nginx"]["server_names_hash_bucket_size"] %>; 21 | 22 | include <%= node["nginx"]["dir"] %>/mime.types; 23 | default_type application/octet-stream; 24 | 25 | # additional config 26 | include <%= node["nginx"]["dir"] %>/conf.d/*.conf; 27 | 28 | # virtual hosting 29 | include <%= node["nginx"]["dir"] %>/sites-enabled/*; 30 | } 31 | -------------------------------------------------------------------------------- /templates/default/nginx_status.conf.erb: -------------------------------------------------------------------------------- 1 | # Nginx status 2 | server { 3 | listen 127.0.0.1:<%= @port %>; 4 | server_name localhost; 5 | location /nginx_status { 6 | stub_status on; 7 | access_log off; 8 | allow 127.0.0.1; 9 | deny all; 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /templates/default/nxendissite_completion.erb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # nginx-ensite --- Bash completion function for nginx_ensite/nginx_dissite. 4 | 5 | # Copyright (C) 2010 António P. P. Almeida 6 | 7 | # Author: António P. P. Almeida 8 | 9 | # Permission is hereby granted, free of charge, to any person obtaining a 10 | # copy of this software and associated documentation files (the "Software"), 11 | # to deal in the Software without restriction, including without limitation 12 | # the rights to use, copy, modify, merge, publish, distribute, sublicense, 13 | # and/or sell copies of the Software, and to permit persons to whom the 14 | # Software is furnished to do so, subject to the following conditions: 15 | 16 | # The above copyright notice and this permission notice shall be included in 17 | # all copies or substantial portions of the Software. 18 | 19 | # Except as contained in this notice, the name(s) of the above copyright 20 | # holders shall not be used in advertising or otherwise to promote the sale, 21 | # use or other dealings in this Software without prior written authorization. 22 | 23 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 24 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 25 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 26 | # THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 27 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 28 | # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 29 | # DEALINGS IN THE SOFTWARE. 30 | 31 | 32 | ## Handling of both enabled and available sites. 33 | _nxsites() { 34 | # Get the available or enabled sites for nginx. 35 | COMPREPLY=( $( compgen -W '$( command find <%= node["nginx"]["dir"] -%>/$1 -type f -printf "%P " 2>/dev/null | sed 's/[.]conf$//' )' -- $cur ) ) 36 | } 37 | 38 | # Autocomplete from available sites 39 | _nxensite() 40 | { 41 | local cur 42 | 43 | COMPREPLY=() 44 | cur=${COMP_WORDS[COMP_CWORD]} 45 | 46 | _nxsites sites-available 47 | } 48 | complete -F _nxensite nxensite 49 | 50 | # Autocomplete from enabled sites 51 | _nxdissite() 52 | { 53 | local cur 54 | 55 | COMPREPLY=() 56 | cur=${COMP_WORDS[COMP_CWORD]} 57 | 58 | _nxsites sites-enabled 59 | } 60 | complete -F _nxdissite nxdissite 61 | -------------------------------------------------------------------------------- /templates/default/nxensite.erb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ### nginx_ensite --- Bash script to enable or disable a site in nginx. 4 | 5 | ### Copyright (C) 2010 António P. P. Almeida 6 | 7 | ### Author: António P. P. Almeida 8 | 9 | ### Permission is hereby granted, free of charge, to any person obtaining a 10 | ### copy of this software and associated documentation files (the "Software"), 11 | ### to deal in the Software without restriction, including without limitation 12 | ### the rights to use, copy, modify, merge, publish, distribute, sublicense, 13 | ### and/or sell copies of the Software, and to permit persons to whom the 14 | ### Software is furnished to do so, subject to the following conditions: 15 | 16 | ### The above copyright notice and this permission notice shall be included in 17 | ### all copies or substantial portions of the Software. 18 | 19 | ### Except as contained in this notice, the name(s) of the above copyright 20 | ### holders shall not be used in advertising or otherwise to promote the sale, 21 | ### use or other dealings in this Software without prior written authorization. 22 | 23 | ### THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 24 | ### IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 25 | ### FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 26 | ### THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 27 | ### LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 28 | ### FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 29 | ### DEALINGS IN THE SOFTWARE. 30 | 31 | ## The nginx binary. 32 | NGINX=$(which nginx) 33 | [ -x $NGINX ] || exit 0 34 | 35 | ## The paths for both nginx configuration files and the sites 36 | ## configuration files and symbolic link destinations. 37 | NGINX_CONF_DIR=<%= node["nginx"]["dir"] %> 38 | AVAILABLE_SITES_PATH="$NGINX_CONF_DIR/sites-available" 39 | ENABLED_SITES_PATH="$NGINX_CONF_DIR/sites-enabled" 40 | AVAILABLE_SITES_DIR="sites-available" 41 | SCRIPTNAME=${0##*/} 42 | 43 | ## Checking the type of action we will perform. Enabling or disabling. 44 | ACTION=$(echo $SCRIPTNAME | awk '$0 ~ /dissite/ {print "DISABLE"} $0 ~ /ensite/ {print "ENABLE"} $0 !~ /(dis|en)site/ {print "UNKNOWN"}') 45 | 46 | if [ "$ACTION" == "UNKNOWN" ]; then 47 | echo "$SCRIPTNAME: Unknown action!" 48 | print_usage 49 | exit 4 50 | fi 51 | 52 | function print_usage() { 53 | echo "$SCRIPTNAME " 54 | } 55 | 56 | make_relative_path() { 57 | printf ../%.0s $(eval echo {0..`expr length "${1//[^\/]/}"`}) 58 | echo "$AVAILABLE_SITES_DIR/$1" 59 | } 60 | 61 | ## Check the number of arguments. 62 | if [ $# -ne 1 ]; then 63 | print_usage 64 | exit 1 65 | else 66 | SITE_AVAILABLE=`make_relative_path "$1"` 67 | 68 | # If enabling the 'default' site then make sure that it's teh 69 | # first to be loaded. 70 | if [ $1 == "default" ]; then 71 | SITE_ENABLED="$ENABLED_SITES_PATH/000-default" 72 | else 73 | SITE_ENABLED="$ENABLED_SITES_PATH/$1" 74 | fi 75 | 76 | # Check if the directory where we will place the symlink exists. If not create it. 77 | [ -d ${SITE_ENABLED%/*} ] || mkdir -p ${SITE_ENABLED%/*} 78 | fi 79 | 80 | ## Check that the file corresponding to site exists if enabling or 81 | ## that the symbolic link exists if disabling. Perform the desired 82 | ## action if possible. If not signal an error and exit. 83 | case $ACTION in 84 | ENABLE) 85 | # Change to the directory where we will place the symlink so that we 86 | # see the relative path correctly. 87 | cd "${SITE_ENABLED%/*}"; 88 | 89 | if [ -r $SITE_AVAILABLE ]; then 90 | if [ -h $SITE_ENABLED ]; then 91 | ## If already enabled say it and exit. 92 | echo "$1 is already enabled." 93 | exit 0 94 | else # symlink if not yet enabled 95 | ln -s $SITE_AVAILABLE $SITE_ENABLED 96 | fi 97 | ## Test for a well formed configuration. 98 | echo "Testing nginx configuration..." 99 | $NGINX -t && STATUS=0 100 | if [ $STATUS ]; then 101 | echo -n "Site $1 has been enabled. " 102 | echo "Run /etc/init.d/nginx reload to apply the changes." 103 | exit 0 104 | else 105 | exit 2 106 | fi 107 | else 108 | echo "Site configuration file $1 not found." 109 | exit 3 110 | fi 111 | ;; 112 | DISABLE) 113 | if [ -h $SITE_ENABLED ]; then 114 | rm $SITE_ENABLED 115 | echo -n "Site $1 has been disabled. " 116 | echo "Run /etc/init.d/nginx reload to apply the changes." 117 | exit 0 118 | else 119 | echo "Site $1 doesn't exist." 120 | exit 3 121 | fi 122 | ;; 123 | esac 124 | -------------------------------------------------------------------------------- /templates/default/performance.conf.erb: -------------------------------------------------------------------------------- 1 | # More Linux performance awesomeness 2 | tcp_nopush <%= node["nginx"]["tcp_nopush"] %>; 3 | tcp_nodelay <%= node["nginx"]["tcp_nodelay"] %>; 4 | -------------------------------------------------------------------------------- /templates/default/proxy.conf.erb: -------------------------------------------------------------------------------- 1 | <% for header in node["nginx"]["proxy_set_headers"] || [] %> 2 | proxy_set_header <%= header %>; 3 | <% end %> 4 | 5 | <% if node["nginx"]["proxy_read_timeout"] %> 6 | proxy_read_timeout <%= node["nginx"]["proxy_read_timeout"] %>; 7 | <% end %> 8 | 9 | proxy_redirect <%= node["nginx"]["proxy_redirect"] %>; 10 | 11 | <% if node["nginx"]["proxy_max_temp_file_size"] %> 12 | proxy_max_temp_file_size <%= node["nginx"]["proxy_max_temp_file_size"] %>; 13 | <% end %> 14 | -------------------------------------------------------------------------------- /templates/default/site.erb: -------------------------------------------------------------------------------- 1 | server { 2 | listen <%= @listen %>; 3 | server_name <%= @host %>; 4 | root <%= @root %>; 5 | 6 | index <%= @index %>; 7 | 8 | location / { 9 | <%= @location %>; 10 | } 11 | 12 | <% if @phpfpm -%> 13 | location ~ \.php$ { 14 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 15 | 16 | fastcgi_pass unix:/var/run/php5-fpm.sock; 17 | fastcgi_index index.php; 18 | include fastcgi_params; 19 | 20 | fastcgi_param QUERY_STRING $query_string; 21 | fastcgi_param REQUEST_METHOD $request_method; 22 | fastcgi_param CONTENT_TYPE $content_type; 23 | fastcgi_param CONTENT_LENGTH $content_length; 24 | 25 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 26 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 27 | fastcgi_param REQUEST_URI $request_uri; 28 | fastcgi_param DOCUMENT_URI $document_uri; 29 | fastcgi_param DOCUMENT_ROOT $document_root; 30 | fastcgi_param SERVER_PROTOCOL $server_protocol; 31 | 32 | fastcgi_param GATEWAY_INTERFACE CGI/1.1; 33 | fastcgi_param SERVER_SOFTWARE nginx; 34 | 35 | fastcgi_param REMOTE_ADDR $remote_addr; 36 | fastcgi_param REMOTE_PORT $remote_port; 37 | fastcgi_param SERVER_ADDR $server_addr; 38 | fastcgi_param SERVER_PORT $server_port; 39 | fastcgi_param SERVER_NAME $server_name; 40 | } 41 | <% end -%> 42 | 43 | # Deny access to .htaccess & .htpasswd files 44 | location ~ /\.ht { 45 | deny all; 46 | } 47 | 48 | <% if @access_log -%> 49 | access_log <%= node["nginx"]["log_dir"] %>/<%= @host %>.access.log; 50 | <% else -%> 51 | access_log off; 52 | <% end -%> 53 | error_log <%= node["nginx"]["log_dir"] %>/<%= @host %>.error.log error; 54 | } 55 | -------------------------------------------------------------------------------- /templates/default/ssl_session.conf.erb: -------------------------------------------------------------------------------- 1 | <% if node["nginx"]["ssl_session_cache_enable"] %> 2 | ssl_session_cache <%= node["nginx"]["ssl_session_cache"] %>; 3 | ssl_session_timeout <%= node["nginx"]["ssl_session_timeout"] %>; 4 | <% end %> 5 | -------------------------------------------------------------------------------- /templates/default/timeouts.conf.erb: -------------------------------------------------------------------------------- 1 | ## Timeouts 2 | client_body_timeout <%= node["nginx"]["client_body_timeout"] %>; 3 | client_header_timeout <%= node["nginx"]["client_header_timeout"] %>; 4 | keepalive_timeout <%= node["nginx"]["keepalive_timeout"] %>; 5 | send_timeout <%= node["nginx"]["send_timeout"] %>; 6 | -------------------------------------------------------------------------------- /test/.chef/knife.rb: -------------------------------------------------------------------------------- 1 | cache_type "BasicFile" 2 | cache_options(:path => "#{ENV["HOME"]}/.chef/checksums") 3 | -------------------------------------------------------------------------------- /test/integration/server/serverspec/server_spec.rb: -------------------------------------------------------------------------------- 1 | require "serverspec" 2 | 3 | set :backend, :exec 4 | 5 | describe "nginx::server" do 6 | describe package("nginx") do 7 | it { should be_installed } 8 | end 9 | end 10 | 11 | describe "nginx::configuration" do 12 | describe file("/etc/nginx/mime.types") do 13 | it { should be_a_file } 14 | it { should be_owned_by "root" } 15 | it { should be_grouped_into "root" } 16 | it { should be_mode "644" } 17 | end 18 | 19 | describe file("/etc/nginx/nginx.conf") do 20 | it { should be_a_file } 21 | it { should be_owned_by "root" } 22 | it { should be_grouped_into "root" } 23 | it { should be_mode "644" } 24 | end 25 | 26 | describe file("/etc/nginx/conf.d/nginx_status.conf") do 27 | it { should be_a_file } 28 | it { should be_owned_by "root" } 29 | it { should be_grouped_into "root" } 30 | it { should be_mode "644" } 31 | end 32 | 33 | describe "default conf.d templates" do 34 | describe file("/etc/nginx/conf.d/buffers.conf") do 35 | it { should be_a_file } 36 | it { should be_owned_by "root" } 37 | it { should be_grouped_into "root" } 38 | it { should be_mode "644" } 39 | end 40 | 41 | describe file("/etc/nginx/conf.d/general.conf") do 42 | it { should be_a_file } 43 | it { should be_owned_by "root" } 44 | it { should be_grouped_into "root" } 45 | it { should be_mode "644" } 46 | end 47 | 48 | describe file("/etc/nginx/conf.d/gzip.conf") do 49 | it { should be_a_file } 50 | it { should be_owned_by "root" } 51 | it { should be_grouped_into "root" } 52 | it { should be_mode "644" } 53 | end 54 | 55 | describe file("/etc/nginx/conf.d/logs.conf") do 56 | it { should be_a_file } 57 | it { should be_owned_by "root" } 58 | it { should be_grouped_into "root" } 59 | it { should be_mode "644" } 60 | end 61 | 62 | describe file("/etc/nginx/conf.d/performance.conf") do 63 | it { should be_a_file } 64 | it { should be_owned_by "root" } 65 | it { should be_grouped_into "root" } 66 | it { should be_mode "644" } 67 | end 68 | 69 | describe file("/etc/nginx/conf.d/proxy.conf") do 70 | it { should be_a_file } 71 | it { should be_owned_by "root" } 72 | it { should be_grouped_into "root" } 73 | it { should be_mode "644" } 74 | end 75 | 76 | describe file("/etc/nginx/conf.d/ssl_session.conf") do 77 | it { should be_a_file } 78 | it { should be_owned_by "root" } 79 | it { should be_grouped_into "root" } 80 | it { should be_mode "644" } 81 | end 82 | 83 | describe file("/etc/nginx/conf.d/timeouts.conf") do 84 | it { should be_a_file } 85 | it { should be_owned_by "root" } 86 | it { should be_grouped_into "root" } 87 | it { should be_mode "644" } 88 | end 89 | end 90 | 91 | describe "directories" do 92 | describe file("/var/log/nginx") do 93 | it { should be_directory } 94 | it { should be_owned_by "root" } 95 | it { should be_grouped_into "root" } 96 | it { should be_mode "755" } 97 | end 98 | 99 | describe file("/etc/nginx/sites-available") do 100 | it { should be_directory } 101 | it { should be_owned_by "root" } 102 | it { should be_grouped_into "root" } 103 | it { should be_mode "755" } 104 | end 105 | 106 | describe file("/etc/nginx/sites-enabled") do 107 | it { should be_directory } 108 | it { should be_owned_by "root" } 109 | it { should be_grouped_into "root" } 110 | it { should be_mode "755" } 111 | end 112 | end 113 | 114 | describe file("/etc/nginx/sites-available/default") do 115 | it { should be_a_file } 116 | it { should be_owned_by "root" } 117 | it { should be_grouped_into "root" } 118 | it { should be_mode "644" } 119 | end 120 | end 121 | 122 | describe "nginx::service" do 123 | describe service("nginx") do 124 | it { should be_enabled } 125 | it { should be_running } 126 | end 127 | 128 | describe port(80) do 129 | it { should be_listening } 130 | end 131 | end 132 | 133 | describe "nginx::enabledisablesite" do 134 | describe file("/usr/sbin/nxensite") do 135 | it { should be_a_file } 136 | it { should be_owned_by "root" } 137 | it { should be_grouped_into "root" } 138 | it { should be_mode "755" } 139 | end 140 | 141 | describe file("/usr/sbin/nxdissite") do 142 | it { should be_linked_to "/usr/sbin/nxensite" } 143 | end 144 | 145 | describe file("/etc/bash_completion.d/nxendissite") do 146 | it { should be_a_file } 147 | it { should be_owned_by "root" } 148 | it { should be_grouped_into "root" } 149 | it { should be_mode "644" } 150 | end 151 | end 152 | -------------------------------------------------------------------------------- /test/support/keys/README.md: -------------------------------------------------------------------------------- 1 | # Insecure Keypair 2 | 3 | These keys are the "insecure" public/private keypair we offer to 4 | [base box creators](http://docs.vagrantup.com/v1/docs/base_boxes.html) for use in their base boxes so that 5 | vagrant installations can automatically SSH into the boxes. 6 | 7 | If you're working with a team or company or with a custom box and 8 | you want more secure SSH, you should create your own keypair 9 | and configure the private key in the Vagrantfile with 10 | `config.ssh.private_key_path` 11 | 12 | # Putty 13 | 14 | If you are using Vagrant on windows, the .ppk file contained here, in the keys directory, 15 | has been generated from the private key and should be used to connect Putty to any VMs that 16 | are leveraging the default key pair. See [guide](http://docs.vagrantup.com/v1/docs/getting-started/ssh.html) 17 | in the documentation for more details on using Putty with Vagrant. 18 | -------------------------------------------------------------------------------- /test/support/keys/vagrant: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI 3 | w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP 4 | kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2 5 | hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO 6 | Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW 7 | yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd 8 | ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1 9 | Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf 10 | TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK 11 | iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A 12 | sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf 13 | 4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP 14 | cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk 15 | EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN 16 | CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX 17 | 3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG 18 | YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj 19 | 3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+ 20 | dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz 21 | 6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC 22 | P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF 23 | llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ 24 | kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH 25 | +vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ 26 | NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s= 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /test/support/keys/vagrant.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key 2 | -------------------------------------------------------------------------------- /test/support/rubocop/disabled.yml: -------------------------------------------------------------------------------- 1 | Encoding: 2 | Description: 'Use UTF-8 as the source file encoding.' 3 | Enabled: false 4 | 5 | SymbolArray: 6 | Description: 'Use %i or %I for arrays of symbols.' 7 | Enabled: false 8 | 9 | ##################### Rails ################################## 10 | 11 | DefaultScope: 12 | Description: 'Checks if the argument passed to default_scope is a block.' 13 | Enabled: false 14 | 15 | HasAndBelongsToMany: 16 | Description: 'Prefer has_many :through to has_and_belongs_to_many.' 17 | Enabled: false 18 | 19 | Output: 20 | Description: 'Checks for calls to puts, print, etc.' 21 | Enabled: false 22 | 23 | Validation: 24 | Description: 'Use sexy validations.' 25 | Enabled: false 26 | -------------------------------------------------------------------------------- /test/support/rubocop/enabled.yml: -------------------------------------------------------------------------------- 1 | # These are all the cops that are enabled in the default configuration. 2 | 3 | AccessModifierIndentation: 4 | Description: Check indentation of private/protected visibility modifiers. 5 | Enabled: true 6 | 7 | AccessorMethodName: 8 | Description: Check the naming of accessor methods for get_/set_. 9 | Enabled: true 10 | 11 | Alias: 12 | Description: 'Use alias_method instead of alias.' 13 | Enabled: true 14 | 15 | AlignArray: 16 | Description: >- 17 | Align the elements of an array literal if they span more than 18 | one line. 19 | Enabled: true 20 | 21 | AlignHash: 22 | Description: >- 23 | Align the elements of a hash literal if they span more than 24 | one line. 25 | Enabled: true 26 | 27 | AlignParameters: 28 | Description: >- 29 | Align the parameters of a method call if they span more 30 | than one line. 31 | Enabled: true 32 | 33 | AndOr: 34 | Description: 'Use &&/|| instead of and/or.' 35 | Enabled: true 36 | 37 | AsciiComments: 38 | Description: 'Use only ascii symbols in comments.' 39 | Enabled: true 40 | 41 | AsciiIdentifiers: 42 | Description: 'Use only ascii symbols in identifiers.' 43 | Enabled: true 44 | 45 | Attr: 46 | Description: 'Checks for uses of Module#attr.' 47 | Enabled: true 48 | 49 | BeginBlock: 50 | Description: 'Avoid the use of BEGIN blocks.' 51 | Enabled: true 52 | 53 | BlockComments: 54 | Description: 'Do not use block comments.' 55 | Enabled: true 56 | 57 | BlockNesting: 58 | Description: 'Avoid excessive block nesting' 59 | Enabled: true 60 | 61 | Blocks: 62 | Description: >- 63 | Avoid using {...} for multi-line blocks (multiline chaining is 64 | always ugly). 65 | Prefer {...} over do...end for single-line blocks. 66 | Enabled: true 67 | 68 | BracesAroundHashParameters: 69 | Description: 'Enforce braces style inside hash parameters.' 70 | Enabled: true 71 | 72 | CaseEquality: 73 | Description: 'Avoid explicit use of the case equality operator(===).' 74 | Enabled: true 75 | 76 | CaseIndentation: 77 | Description: 'Indentation of when in a case/when/[else/]end.' 78 | Enabled: true 79 | 80 | CharacterLiteral: 81 | Description: 'Checks for uses of character literals.' 82 | Enabled: true 83 | 84 | ClassAndModuleCamelCase: 85 | Description: 'Use CamelCase for classes and modules.' 86 | Enabled: true 87 | 88 | ClassLength: 89 | Description: 'Avoid classes longer than 100 lines of code.' 90 | Enabled: true 91 | 92 | ClassMethods: 93 | Description: 'Use self when defining module/class methods.' 94 | Enabled: true 95 | 96 | ClassVars: 97 | Description: 'Avoid the use of class variables.' 98 | Enabled: true 99 | 100 | CollectionMethods: 101 | Description: 'Preferred collection methods.' 102 | Enabled: true 103 | 104 | ColonMethodCall: 105 | Description: 'Do not use :: for method call.' 106 | Enabled: true 107 | 108 | CommentAnnotation: 109 | Description: >- 110 | Checks formatting of special comments 111 | (TODO, FIXME, OPTIMIZE, HACK, REVIEW). 112 | Enabled: true 113 | 114 | ConstantName: 115 | Description: 'Constants should use SCREAMING_SNAKE_CASE.' 116 | Enabled: true 117 | 118 | CyclomaticComplexity: 119 | Description: 'Avoid complex methods.' 120 | Enabled: true 121 | 122 | DefWithParentheses: 123 | Description: 'Use def with parentheses when there are arguments.' 124 | Enabled: true 125 | 126 | Documentation: 127 | Description: 'Document classes and non-namespace modules.' 128 | Enabled: true 129 | 130 | DotPosition: 131 | Description: 'Checks the position of the dot in multi-line method calls.' 132 | Enabled: true 133 | 134 | EmptyLineBetweenDefs: 135 | Description: 'Use empty lines between defs.' 136 | Enabled: true 137 | 138 | EmptyLines: 139 | Description: "Don't use several empty lines in a row." 140 | Enabled: true 141 | 142 | EmptyLinesAroundAccessModifier: 143 | Description: "Keep blank lines around access modifiers." 144 | Enabled: true 145 | 146 | EmptyLinesAroundBody: 147 | Description: "Keeps track of empty lines around expression bodies." 148 | Enabled: true 149 | 150 | EmptyLiteral: 151 | Description: 'Prefer literals to Array.new/Hash.new/String.new.' 152 | Enabled: true 153 | 154 | EndBlock: 155 | Description: 'Avoid the use of END blocks.' 156 | Enabled: true 157 | 158 | EndOfLine: 159 | Description: 'Use Unix-style line endings.' 160 | Enabled: true 161 | 162 | EvenOdd: 163 | Description: 'Favor the use of Fixnum#even? && Fixnum#odd?' 164 | Enabled: true 165 | 166 | FavorJoin: 167 | Description: 'Use Array#join instead of Array#*.' 168 | Enabled: true 169 | 170 | FavorUnlessOverNegatedIf: 171 | Description: >- 172 | Favor unless over if for negative conditions 173 | (or control flow or). 174 | Enabled: true 175 | 176 | FavorUntilOverNegatedWhile: 177 | Description: 'Favor until over while for negative conditions.' 178 | Enabled: true 179 | 180 | FileName: 181 | Description: 'Use snake_case for source file names.' 182 | Enabled: true 183 | 184 | FinalNewline: 185 | Description: 'Checks for a final newline in a source file.' 186 | Enabled: true 187 | 188 | FlipFlop: 189 | Description: 'Checks for flip flops' 190 | Enabled: true 191 | 192 | For: 193 | Description: 'Checks use of for or each in multiline loops.' 194 | Enabled: true 195 | 196 | FormatString: 197 | Description: 'Enforce the use of Kernel#sprintf, Kernel#format or String#%.' 198 | Enabled: true 199 | 200 | GlobalVars: 201 | Description: 'Do not introduce global variables.' 202 | Enabled: true 203 | 204 | HashMethods: 205 | Description: 'Checks for use of deprecated Hash methods.' 206 | Enabled: true 207 | 208 | HashSyntax: 209 | Description: >- 210 | Prefer Ruby 1.9 hash syntax { a: 1, b: 2 } over 1.8 syntax 211 | { :a => 1, :b => 2 }. 212 | Enabled: true 213 | 214 | IfUnlessModifier: 215 | Description: >- 216 | Favor modifier if/unless usage when you have a 217 | single-line body. 218 | Enabled: true 219 | 220 | IfWithSemicolon: 221 | Description: 'Never use if x; .... Use the ternary operator instead.' 222 | Enabled: true 223 | 224 | IndentationConsistency: 225 | Description: 'Keep indentation straight.' 226 | Enabled: true 227 | 228 | IndentationWidth: 229 | Description: 'Use 2 spaces for indentation.' 230 | Enabled: true 231 | 232 | IndentArray: 233 | Description: >- 234 | Checks the indentation of the first element in an array 235 | literal. 236 | Enabled: true 237 | 238 | IndentHash: 239 | Description: 'Checks the indentation of the first key in a hash literal.' 240 | Enabled: true 241 | 242 | Lambda: 243 | Description: 'Use the new lambda literal syntax for single-line blocks.' 244 | Enabled: true 245 | 246 | LambdaCall: 247 | Description: 'Use lambda.call(...) instead of lambda.(...).' 248 | Enabled: true 249 | 250 | LeadingCommentSpace: 251 | Description: 'Comments should start with a space.' 252 | Enabled: true 253 | 254 | LineEndConcatenation: 255 | Description: 'Use \\ instead of + to concatenate two string literals at line end.' 256 | Enabled: true 257 | 258 | LineLength: 259 | Description: 'Limit lines to 79 characters.' 260 | Enabled: true 261 | 262 | MethodCalledOnDoEndBlock: 263 | Description: 'Avoid chaining a method call on a do...end block.' 264 | Enabled: true 265 | 266 | MethodCallParentheses: 267 | Description: 'Do not use parentheses for method calls with no arguments.' 268 | Enabled: true 269 | 270 | MethodDefParentheses: 271 | Description: >- 272 | Checks if the method definitions have or don't have 273 | parentheses. 274 | Enabled: true 275 | 276 | MethodLength: 277 | Description: 'Avoid methods longer than 10 lines of code.' 278 | Enabled: true 279 | 280 | MethodName: 281 | Description: 'Use the configured style when naming methods.' 282 | Enabled: true 283 | 284 | ModuleFunction: 285 | Description: 'Checks for usage of `extend self` in modules.' 286 | Enabled: true 287 | 288 | MultilineBlockChain: 289 | Description: 'Avoid multi-line chains of blocks.' 290 | Enabled: true 291 | 292 | MultilineIfThen: 293 | Description: 'Never use then for multi-line if/unless.' 294 | Enabled: true 295 | 296 | MultilineTernaryOperator: 297 | Description: >- 298 | Avoid multi-line ?: (the ternary operator); 299 | use if/unless instead. 300 | Enabled: true 301 | 302 | NestedTernaryOperator: 303 | Description: 'Use one expression per branch in a ternary operator.' 304 | Enabled: true 305 | 306 | NilComparison: 307 | Description: 'Prefer x.nil? to x == nil.' 308 | Enabled: true 309 | 310 | Not: 311 | Description: 'Use ! instead of not.' 312 | Enabled: true 313 | 314 | NumericLiterals: 315 | Description: >- 316 | Add underscores to large numeric literals to improve their 317 | readability. 318 | Enabled: true 319 | 320 | OneLineConditional: 321 | Description: >- 322 | Favor the ternary operator(?:) over 323 | if/then/else/end constructs. 324 | Enabled: true 325 | 326 | OpMethod: 327 | Description: 'When defining binary operators, name the argument other.' 328 | Enabled: true 329 | 330 | ParameterLists: 331 | Description: 'Avoid parameter lists longer than three or four parameters.' 332 | Enabled: true 333 | 334 | ParenthesesAroundCondition: 335 | Description: >- 336 | Don't use parentheses around the condition of an 337 | if/unless/while. 338 | Enabled: true 339 | 340 | PerlBackrefs: 341 | Description: 'Avoid Perl-style regex back references.' 342 | Enabled: true 343 | 344 | PredicateName: 345 | Description: 'Check the names of predicate methods.' 346 | Enabled: true 347 | 348 | Proc: 349 | Description: 'Use proc instead of Proc.new.' 350 | Enabled: true 351 | 352 | RaiseArgs: 353 | Description: 'Checks the arguments passed to raise/fail.' 354 | Enabled: true 355 | 356 | RedundantBegin: 357 | Description: "Don't use begin blocks when they are not needed." 358 | Enabled: true 359 | 360 | RedundantException: 361 | Description: "Checks for an obsolete RuntimeException argument in raise/fail." 362 | Enabled: true 363 | 364 | RedundantReturn: 365 | Description: "Don't use return where it's not required." 366 | Enabled: true 367 | 368 | RedundantSelf: 369 | Description: "Don't use self where it's not needed." 370 | Enabled: true 371 | 372 | RegexpLiteral: 373 | Description: >- 374 | Use %r for regular expressions matching more than 375 | `MaxSlashes` '/' characters. 376 | Use %r only for regular expressions matching more than 377 | `MaxSlashes` '/' character. 378 | Enabled: true 379 | 380 | RescueModifier: 381 | Description: 'Avoid using rescue in its modifier form.' 382 | Enabled: true 383 | 384 | Semicolon: 385 | Description: "Don't use semicolons to terminate expressions." 386 | Enabled: true 387 | 388 | SignalException: 389 | Description: 'Checks for proper usage of fail and raise.' 390 | Enabled: true 391 | 392 | SingleLineBlockParams: 393 | Description: 'Enforces the names of some block params.' 394 | Enabled: true 395 | 396 | SingleLineMethods: 397 | Description: 'Avoid single-line methods.' 398 | Enabled: true 399 | 400 | SpaceAfterColon: 401 | Description: 'Use spaces after colons.' 402 | Enabled: true 403 | 404 | SpaceAfterComma: 405 | Description: 'Use spaces after commas.' 406 | Enabled: true 407 | 408 | SpaceAfterControlKeyword: 409 | Description: 'Use spaces after if/elsif/unless/while/until/case/when.' 410 | Enabled: true 411 | 412 | SpaceAfterMethodName: 413 | Description: >- 414 | Never put a space between a method name and the opening 415 | parenthesis. 416 | Enabled: true 417 | 418 | SpaceAfterNot: 419 | Description: Tracks redundant space after the ! operator. 420 | Enabled: true 421 | 422 | SpaceAfterSemicolon: 423 | Description: 'Use spaces after semicolons.' 424 | Enabled: true 425 | 426 | SpaceAroundBlockBraces: 427 | Description: >- 428 | Checks that block braces have or don't have surrounding space. 429 | For blocks taking parameters, checks that the left brace has 430 | or doesn't have trailing space. 431 | Enabled: true 432 | 433 | SpaceAroundEqualsInParameterDefault: 434 | Description: >- 435 | Use spaces around the = operator when assigning default 436 | values in def params. 437 | Enabled: true 438 | 439 | SpaceAroundOperators: 440 | Description: 'Use spaces around operators.' 441 | Enabled: true 442 | 443 | SpaceBeforeModifierKeyword: 444 | Description: 'Put a space before the modifier keyword.' 445 | Enabled: true 446 | 447 | SpaceInsideBrackets: 448 | Description: 'No spaces after [ or before ].' 449 | Enabled: true 450 | 451 | SpaceInsideHashLiteralBraces: 452 | Description: "Use spaces inside hash literal braces - or don't." 453 | Enabled: true 454 | 455 | SpaceInsideParens: 456 | Description: 'No spaces after ( or before ).' 457 | Enabled: true 458 | 459 | SpecialGlobalVars: 460 | Description: 'Avoid Perl-style global variables.' 461 | Enabled: true 462 | 463 | StringLiterals: 464 | Description: 'Checks if uses of quotes match the configured preference.' 465 | Enabled: true 466 | 467 | Tab: 468 | Description: 'No hard tabs.' 469 | Enabled: true 470 | 471 | TrailingBlankLines: 472 | Description: 'Checks for superfluous trailing blank lines.' 473 | Enabled: true 474 | 475 | TrailingComma: 476 | Description: 'Checks for trailing comma in parameter lists and literals.' 477 | Enabled: true 478 | 479 | TrailingWhitespace: 480 | Description: 'Avoid trailing whitespace.' 481 | Enabled: true 482 | 483 | TrivialAccessors: 484 | Description: 'Prefer attr_* methods to trivial readers/writers.' 485 | Enabled: true 486 | 487 | UnlessElse: 488 | Description: >- 489 | Never use unless with else. Rewrite these with the positive 490 | case first. 491 | Enabled: true 492 | 493 | VariableInterpolation: 494 | Description: >- 495 | Don't interpolate global, instance and class variables 496 | directly in strings. 497 | Enabled: true 498 | 499 | VariableName: 500 | Description: 'Use the configured style when naming variables.' 501 | Enabled: true 502 | 503 | WhenThen: 504 | Description: 'Use when x then ... for one-line cases.' 505 | Enabled: true 506 | 507 | WhileUntilDo: 508 | Description: 'Checks for redundant do after while or until.' 509 | Enabled: true 510 | 511 | WhileUntilModifier: 512 | Description: >- 513 | Favor modifier while/until usage when you have a 514 | single-line body. 515 | Enabled: true 516 | 517 | WordArray: 518 | Description: 'Use %w or %W for arrays of words.' 519 | Enabled: true 520 | 521 | #################### Lint ################################ 522 | ### Warnings 523 | 524 | AmbiguousOperator: 525 | Description: >- 526 | Checks for ambiguous operators in the first argument of a 527 | method invocation without parentheses. 528 | Enabled: true 529 | 530 | AmbiguousRegexpLiteral: 531 | Description: >- 532 | Checks for ambiguous regexp literals in the first argument of 533 | a method invocation without parenthesis. 534 | Enabled: true 535 | 536 | AssignmentInCondition: 537 | Description: "Don't use assignment in conditions." 538 | Enabled: true 539 | 540 | BlockAlignment: 541 | Description: 'Align block ends correctly.' 542 | Enabled: true 543 | 544 | ConditionPosition: 545 | Description: 'Checks for condition placed in a confusing position relative to the keyword.' 546 | Enabled: true 547 | 548 | Debugger: 549 | Description: 'Check for debugger calls.' 550 | Enabled: true 551 | 552 | DeprecatedClassMethods: 553 | Description: 'Check for deprecated class method calls.' 554 | Enabled: true 555 | 556 | ElseLayout: 557 | Description: 'Check for odd code arrangement in an else block.' 558 | Enabled: true 559 | 560 | EmptyEnsure: 561 | Description: 'Checks for empty ensure block.' 562 | Enabled: true 563 | 564 | EndAlignment: 565 | Description: 'Align ends correctly.' 566 | Enabled: true 567 | 568 | EndInMethod: 569 | Description: 'END blocks should not be placed inside method definitions.' 570 | Enabled: true 571 | 572 | EnsureReturn: 573 | Description: 'Never use return in an ensure block.' 574 | Enabled: true 575 | 576 | Eval: 577 | Description: 'The use of eval represents a serious security risk.' 578 | Enabled: true 579 | 580 | HandleExceptions: 581 | Description: "Don't suppress exception." 582 | Enabled: true 583 | 584 | InvalidCharacterLiteral: 585 | Description: >- 586 | Checks for invalid character literals with a non-escaped 587 | whitespace character. 588 | Enabled: true 589 | 590 | LiteralInCondition: 591 | Description: 'Checks of literals used in conditions.' 592 | Enabled: true 593 | 594 | LiteralInInterpolation: 595 | Description: 'Checks for literals used in interpolation.' 596 | Enabled: true 597 | 598 | Loop: 599 | Description: >- 600 | Use Kernel#loop with break rather than begin/end/until or 601 | begin/end/while for post-loop tests. 602 | Enabled: true 603 | 604 | ParenthesesAsGroupedExpression: 605 | Description: >- 606 | Checks for method calls with a space before the opening 607 | parenthesis. 608 | Enabled: true 609 | 610 | RequireParentheses: 611 | Description: >- 612 | Use parentheses in the method call to avoid confusion 613 | about precedence. 614 | Enabled: true 615 | 616 | RescueException: 617 | Description: 'Avoid rescuing the Exception class.' 618 | Enabled: true 619 | 620 | ShadowingOuterLocalVariable: 621 | Description: >- 622 | Do not use the same name as outer local variable 623 | for block arguments or block local variables. 624 | Enabled: true 625 | 626 | StringConversionInInterpolation: 627 | Description: 'Checks for Object#to_s usage in string interpolation.' 628 | Enabled: true 629 | 630 | UnreachableCode: 631 | Description: 'Unreachable code.' 632 | Enabled: true 633 | 634 | UselessAssignment: 635 | Description: 'Checks for useless assignment to a local variable.' 636 | Enabled: true 637 | 638 | UselessComparison: 639 | Description: 'Checks for comparison of something with itself.' 640 | Enabled: true 641 | 642 | UselessElseWithoutRescue: 643 | Description: 'Checks for useless `else` in `begin..end` without `rescue`.' 644 | Enabled: true 645 | 646 | UselessSetterCall: 647 | Description: 'Checks for useless setter call to a local variable.' 648 | Enabled: true 649 | 650 | Void: 651 | Description: 'Possible use of operator/literal/variable in void context.' 652 | Enabled: true 653 | --------------------------------------------------------------------------------