From b40a4a14dda1d17436374c09f7ab12177fd5578d Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Thu, 18 Apr 2019 15:33:33 +0300 Subject: [PATCH 01/29] Update streamhost.pp Updated listen_port data type from Integer to Variant[String, Integer] as newer versions of Nginx support port range at listen port. --- manifests/resource/streamhost.pp | 37 ++++++++++++++++---------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index 65ff3e883..bd1800588 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -8,7 +8,8 @@ # [*listen_ip*] - Default IP Address for NGINX to listen with this # streamhost on. Defaults to all interfaces (*) # [*listen_port*] - Default IP Port for NGINX to listen with this -# streamhost on. Defaults to TCP 80 +# streamhost on. Defaults to TCP 80. It can be a port or a port range +# (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like # 'default' to catchall. Undef by default. # [*ipv6_enable*] - BOOL value to enable/disable IPv6 support @@ -47,23 +48,23 @@ # ensure => present, # } define nginx::resource::streamhost ( - Enum['absent', 'present'] $ensure = 'present', - Variant[Array, String] $listen_ip = '*', - Integer $listen_port = 80, - Optional[String] $listen_options = undef, - Boolean $ipv6_enable = false, - Variant[Array, String] $ipv6_listen_ip = '::', - Integer $ipv6_listen_port = 80, - String $ipv6_listen_options = 'default ipv6only=on', - $proxy = undef, - String $proxy_read_timeout = $nginx::proxy_read_timeout, - $proxy_connect_timeout = $nginx::proxy_connect_timeout, - Array $resolver = [], - $raw_prepend = undef, - $raw_append = undef, - String $owner = $nginx::global_owner, - String $group = $nginx::global_group, - String $mode = $nginx::global_mode, + Enum['absent', 'present'] $ensure = 'present', + Variant[Array, String] $listen_ip = '*', + Variant[Integer, String] $listen_port = 80, + Optional[String] $listen_options = undef, + Boolean $ipv6_enable = false, + Variant[Array, String] $ipv6_listen_ip = '::', + Variant[Integer, String] $ipv6_listen_port = 80, + String $ipv6_listen_options = 'default ipv6only=on', + $proxy = undef, + String $proxy_read_timeout = $nginx::proxy_read_timeout, + $proxy_connect_timeout = $nginx::proxy_connect_timeout, + Array $resolver = [], + $raw_prepend = undef, + $raw_append = undef, + String $owner = $nginx::global_owner, + String $group = $nginx::global_group, + String $mode = $nginx::global_mode, ) { if ! defined(Class['nginx']) { From c00d5e272c474fc1a4ce5dfae3b4852b1bd3db78 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Thu, 18 Apr 2019 15:35:14 +0300 Subject: [PATCH 02/29] Update server.pp Updated listen_port data type from Integer to Variant[String, Integer] as newer versions of Nginx support port range at listen port. Please check the release notes from 26th of March: - http://nginx.org/en/CHANGES - https://www.nginx.com/blog/nginx-plus-r18-released#port-ranges --- manifests/resource/server.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index 654480b8b..d9249fae0 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -5,7 +5,7 @@ # Parameters: # [*ensure*] - Enables or disables the specified server (present|absent) # [*listen_ip*] - Default IP Address for NGINX to listen with this server on. Defaults to all interfaces (*) -# [*listen_port*] - Default IP Port for NGINX to listen with this server on. Defaults to TCP 80 +# [*listen_port*] - Default IP Port for NGINX to listen with this server on. Defaults to TCP 80. It can be a port or a port range (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like 'default_server' to catchall. Undef by default. # [*listen_unix_socket_enable*] - BOOL value to enable/disable UNIX socket listening support (false|true). # [*listen_unix_socket*] - Default unix socket for NGINX to listen with this server on. Defaults to UNIX /var/run/nginx.sock @@ -147,7 +147,7 @@ define nginx::resource::server ( Enum['absent', 'present'] $ensure = 'present', Variant[Array, String] $listen_ip = '*', - Integer $listen_port = 80, + Variant[Integer, String] $listen_port = 80, Optional[String] $listen_options = undef, Boolean $listen_unix_socket_enable = false, Variant[Array[Stdlib::Absolutepath], Stdlib::Absolutepath] $listen_unix_socket = '/var/run/nginx.sock', @@ -157,7 +157,7 @@ Array $location_deny = [], Boolean $ipv6_enable = false, Variant[Array, String] $ipv6_listen_ip = '::', - Integer $ipv6_listen_port = 80, + Variant[Integer, String] $ipv6_listen_port = 80, String $ipv6_listen_options = 'default ipv6only=on', Hash $add_header = {}, Boolean $ssl = false, @@ -442,7 +442,7 @@ } # Create SSL File Stubs if SSL is enabled - if $ssl { + if $ssl and $listen_port !~ String { # Access and error logs are named differently in ssl template File <| title == $ssl_cert or path == $ssl_cert or title == $ssl_key or path == $ssl_key |> From efc321ecba5817ad9f5ecb73a9095a8b861295e8 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:47:23 +0300 Subject: [PATCH 03/29] Update server.pp --- manifests/resource/server.pp | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index d9249fae0..165d78654 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -6,6 +6,7 @@ # [*ensure*] - Enables or disables the specified server (present|absent) # [*listen_ip*] - Default IP Address for NGINX to listen with this server on. Defaults to all interfaces (*) # [*listen_port*] - Default IP Port for NGINX to listen with this server on. Defaults to TCP 80. It can be a port or a port range (eg. '8081-8085'). +# [*listen_port_range*] - From Nginx 1.15.10, support for port ranges was added (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like 'default_server' to catchall. Undef by default. # [*listen_unix_socket_enable*] - BOOL value to enable/disable UNIX socket listening support (false|true). # [*listen_unix_socket*] - Default unix socket for NGINX to listen with this server on. Defaults to UNIX /var/run/nginx.sock @@ -17,6 +18,7 @@ # exists on your system before enabling. # [*ipv6_listen_ip*] - Default IPv6 Address for NGINX to listen with this server on. Defaults to all interfaces (::) # [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this server on. Defaults to TCP 80 +# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port ranges was added (eg. '8081-8085'). # [*ipv6_listen_options*] - Extra options for listen directive like 'default' to catchall. Template will allways add ipv6only=on. # While issue jfryman/puppet-nginx#30 is discussed, default value is 'default'. # [*add_header*] - Hash: Adds headers to the HTTP response when response code is equal to 200, 204, 301, 302 or 304. @@ -147,7 +149,8 @@ define nginx::resource::server ( Enum['absent', 'present'] $ensure = 'present', Variant[Array, String] $listen_ip = '*', - Variant[Integer, String] $listen_port = 80, + Integer $listen_port = 80, + Optional[Nginx::PortRange] $listen_port_range = undef, Optional[String] $listen_options = undef, Boolean $listen_unix_socket_enable = false, Variant[Array[Stdlib::Absolutepath], Stdlib::Absolutepath] $listen_unix_socket = '/var/run/nginx.sock', @@ -157,7 +160,8 @@ Array $location_deny = [], Boolean $ipv6_enable = false, Variant[Array, String] $ipv6_listen_ip = '::', - Variant[Integer, String] $ipv6_listen_port = 80, + Integer $ipv6_listen_port = 80, + Optional[Nginx::PortRange] $ipv6_listen_port_range = undef, String $ipv6_listen_options = 'default ipv6only=on', Hash $add_header = {}, Boolean $ssl = false, @@ -317,10 +321,27 @@ fail('nginx: ssl_key must be set to false or to a fully qualified path') } } + + # If port range is defined, ignore any other $listen_port defined + if $listen_port_range != undef { + $port = $listen_port_range + } + else{ + $port = $listen_port + } + + if $ipv6_enable == true{ + if $ipv6_listen_port_range != undef { + $ipv6_port = $ipv6_listen_port_range + } + else { + $ipv6_port = $ipv6_listen_port + } + } # Try to error in the case where the user sets ssl_port == listen_port but # doesn't set ssl = true - if !$ssl and $ssl_port == $listen_port { + if !$ssl and $ssl_port == $port { warning('nginx: ssl must be true if listen_port is the same as ssl_port') } @@ -343,7 +364,7 @@ # Suppress unneeded stuff in non-SSL location block when certain conditions are # met. - $ssl_only = ($ssl and $ssl_port == $listen_port) or $ssl_redirect + $ssl_only = ($ssl and $ssl_port == $port) or $ssl_redirect # If we're redirecting to SSL, the default location block is useless, *unless* # SSL is enabled for this server @@ -426,7 +447,7 @@ } } - if $listen_port != $ssl_port { + if $port != $ssl_port { concat::fragment { "${name_sanitized}-header": target => $config_file, content => template('nginx/server/server_header.erb'), @@ -442,7 +463,7 @@ } # Create SSL File Stubs if SSL is enabled - if $ssl and $listen_port !~ String { + if $ssl { # Access and error logs are named differently in ssl template File <| title == $ssl_cert or path == $ssl_cert or title == $ssl_key or path == $ssl_key |> From d61fb86759ffadd45e8ec9f08ed6c5cb0e6917a3 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:49:56 +0300 Subject: [PATCH 04/29] Create portrange.pp --- types/portrange.pp | 1 + 1 file changed, 1 insertion(+) create mode 100644 types/portrange.pp diff --git a/types/portrange.pp b/types/portrange.pp new file mode 100644 index 000000000..bd77c17f3 --- /dev/null +++ b/types/portrange.pp @@ -0,0 +1 @@ +type Nginx::PortRange = Pattern[/^\d+-\d+?$/] From b727650e50659adde6c18055f35b44bfc3954ea7 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:53:07 +0300 Subject: [PATCH 05/29] Updated variable name listen_port -> port --- templates/server/server_header.erb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/server/server_header.erb b/templates/server/server_header.erb index ca58dd6f8..759d0ed4a 100644 --- a/templates/server/server_header.erb +++ b/templates/server/server_header.erb @@ -4,10 +4,10 @@ server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> - listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> - listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- if @listen_unix_socket_enable -%> <%- if @listen_unix_socket.is_a?(Array) then -%> @@ -32,10 +32,10 @@ server { server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> - listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> - listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- if @listen_unix_socket_enable -%> <%- if @listen_unix_socket.is_a?(Array) then -%> From b416b8b49dfe6198c9384ff4af7015338ae4900a Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:54:24 +0300 Subject: [PATCH 06/29] Updated variable name port -> ipv6_port --- templates/server/server_ipv6_listen.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/server/server_ipv6_listen.erb b/templates/server/server_ipv6_listen.erb index 640d2f8b8..f3d43ebea 100644 --- a/templates/server/server_ipv6_listen.erb +++ b/templates/server/server_ipv6_listen.erb @@ -2,9 +2,9 @@ <%- if @ipv6_enable -%> <%- if @ipv6_listen_ip.is_a?(Array) then -%> <%- @ipv6_listen_ip.each do |ipv6| -%> - listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; + listen [<%= ipv6 %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; <%- end -%> <%- else -%> - listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; + listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; <%- end -%> <%- end -%> From 9dbf0a6261fd254935b5c16722593354f5e517e7 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:56:44 +0300 Subject: [PATCH 07/29] Changed variable name from listen_port -> port --- templates/streamhost/streamhost.erb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/streamhost/streamhost.erb b/templates/streamhost/streamhost.erb index a8ce85bd9..ac40ffccf 100644 --- a/templates/streamhost/streamhost.erb +++ b/templates/streamhost/streamhost.erb @@ -2,20 +2,20 @@ server { <%- if @listen_ip.is_a?(Array) then -%> <%- @listen_ip.each do |ip| -%> - listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%- else -%> - listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>; + listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>; <%- end -%> <%# check to see if ipv6 support exists in the kernel before applying -%> <%# FIXME this logic is duplicated all over the place -%> <%- if @ipv6_enable && (defined? @ipaddress6) -%> <%- if @ipv6_listen_ip.is_a?(Array) then -%> <%- @ipv6_listen_ip.each do |ipv6| -%> - listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; + listen [<%= ipv6 %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; <%- end -%> <%- else -%> - listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; + listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>; <%- end -%> <%- end -%> From be02ef88085674ef9edcd2fe726d52c5876f8e2b Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 14:58:55 +0300 Subject: [PATCH 08/29] added support for port range --- manifests/resource/streamhost.pp | 52 +++++++++++++++++++++----------- 1 file changed, 35 insertions(+), 17 deletions(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index bd1800588..113893ac9 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -10,6 +10,8 @@ # [*listen_port*] - Default IP Port for NGINX to listen with this # streamhost on. Defaults to TCP 80. It can be a port or a port range # (eg. '8081-8085'). +# [*listen_port_range*] - From Nginx 1.15.10, support for port +# ranges was added (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like # 'default' to catchall. Undef by default. # [*ipv6_enable*] - BOOL value to enable/disable IPv6 support @@ -48,28 +50,44 @@ # ensure => present, # } define nginx::resource::streamhost ( - Enum['absent', 'present'] $ensure = 'present', - Variant[Array, String] $listen_ip = '*', - Variant[Integer, String] $listen_port = 80, - Optional[String] $listen_options = undef, - Boolean $ipv6_enable = false, - Variant[Array, String] $ipv6_listen_ip = '::', - Variant[Integer, String] $ipv6_listen_port = 80, - String $ipv6_listen_options = 'default ipv6only=on', - $proxy = undef, - String $proxy_read_timeout = $nginx::proxy_read_timeout, - $proxy_connect_timeout = $nginx::proxy_connect_timeout, - Array $resolver = [], - $raw_prepend = undef, - $raw_append = undef, - String $owner = $nginx::global_owner, - String $group = $nginx::global_group, - String $mode = $nginx::global_mode, + Enum['absent', 'present'] $ensure = 'present', + Variant[Array, String] $listen_ip = '*', + Integer $listen_port = 80, + Optional[Nginx::PortRange] $listen_port_range = undef, + Optional[String] $listen_options = undef, + Boolean $ipv6_enable = false, + Variant[Array, String] $ipv6_listen_ip = '::', + Integer $ipv6_listen_port = 80, + String $ipv6_listen_options = 'default ipv6only=on', + $proxy = undef, + String $proxy_read_timeout = $nginx::proxy_read_timeout, + $proxy_connect_timeout = $nginx::proxy_connect_timeout, + Array $resolver = [], + $raw_prepend = undef, + $raw_append = undef, + String $owner = $nginx::global_owner, + String $group = $nginx::global_group, + String $mode = $nginx::global_mode, ) { if ! defined(Class['nginx']) { fail('You must include the nginx base class before using any defined resources') } + + if $listen_port_range != undef { + $port = $listen_port_range + } + else { + $port = $listen_port + } + if $ipv6_enable == true{ + if $ipv6_listen_port_range != undef { + $ipv6_port = $ipv6_listen_port_range + } + else { + $ipv6_port = $ipv6_listen_port + } + } # Variables if $nginx::confd_only { From dd1afc4bd5a9a305cde266c1191c49b2307e5018 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:01:44 +0300 Subject: [PATCH 09/29] Added listen_port_range to spec attributes --- spec/defines/resource_server_spec.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index 47323991e..214cc3c89 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -125,6 +125,18 @@ value: 45, match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;} }, + { + title: 'should set the IPv6 listen port', + attr: 'ipv6_listen_port_range', + value: 45-50, + match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;} + }, + { + title: 'should set the IPv4 listen port range', + attr: 'listen_port_range', + value: 45-50, + match: %r{\s+listen\s+\*:45-50;} + }, { title: 'should set the IPv6 listen options', attr: 'ipv6_listen_options', From 513d75dc1e2a994fdf63b837aa2d6ac5d36ea82f Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:02:28 +0300 Subject: [PATCH 10/29] Added listen_port_range and ipv6_port_range --- spec/defines/resource_stream_spec.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 76dbe4a33..3c863d7c6 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -65,6 +65,12 @@ value: 45, match: %r{\s+listen\s+\*:45;} }, + { + title: 'should set the IPv4 listen port', + attr: 'listen_port_range', + value: 45-50, + match: %r{\s+listen\s+\*:45-50;} + }, { title: 'should set the IPv4 listen options', attr: 'listen_options', @@ -95,6 +101,12 @@ value: 45, match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;} }, + { + title: 'should set the IPv6 listen port', + attr: 'ipv6_listen_port_range', + value: 45-50, + match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;} + }, { title: 'should set the IPv6 listen options', attr: 'ipv6_listen_options', From d0df89cda524e18efad181ff6f469a4a6cf86d6b Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:06:05 +0300 Subject: [PATCH 11/29] Added support for port ranges and ipv6 port ranges From fe09594c5ab79cb7de9762588d606ff92f137102 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:14:07 +0300 Subject: [PATCH 12/29] fixed value type --- spec/defines/resource_server_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index 214cc3c89..9ff5a6241 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -128,13 +128,13 @@ { title: 'should set the IPv6 listen port', attr: 'ipv6_listen_port_range', - value: 45-50, + value: '45-50', match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;} }, { title: 'should set the IPv4 listen port range', attr: 'listen_port_range', - value: 45-50, + value: '45-50', match: %r{\s+listen\s+\*:45-50;} }, { From ec6a20134f4286ed442035778c0390bed9d74895 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:14:53 +0300 Subject: [PATCH 13/29] fixed value type --- spec/defines/resource_stream_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 3c863d7c6..07d3cd019 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -68,7 +68,7 @@ { title: 'should set the IPv4 listen port', attr: 'listen_port_range', - value: 45-50, + value: '45-50', match: %r{\s+listen\s+\*:45-50;} }, { @@ -104,7 +104,7 @@ { title: 'should set the IPv6 listen port', attr: 'ipv6_listen_port_range', - value: 45-50, + value: '45-50', match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;} }, { From e09f5b4167d2a22e0ab4d90a5f654e448ad998a5 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:19:40 +0300 Subject: [PATCH 14/29] removed new line trailing spaces --- manifests/resource/streamhost.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index 113893ac9..092a8e720 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -73,7 +73,7 @@ if ! defined(Class['nginx']) { fail('You must include the nginx base class before using any defined resources') } - + if $listen_port_range != undef { $port = $listen_port_range } From 366bc45e925bfc612576b09c85b56fcbb6bbb405 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:21:17 +0300 Subject: [PATCH 15/29] removed new line trailing spaces --- manifests/resource/server.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index 165d78654..32b975ccc 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -321,7 +321,7 @@ fail('nginx: ssl_key must be set to false or to a fully qualified path') } } - + # If port range is defined, ignore any other $listen_port defined if $listen_port_range != undef { $port = $listen_port_range @@ -329,7 +329,7 @@ else{ $port = $listen_port } - + if $ipv6_enable == true{ if $ipv6_listen_port_range != undef { $ipv6_port = $ipv6_listen_port_range From dc8b14a8d202e6d066eac2882de4ae3a6cb26224 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:29:53 +0300 Subject: [PATCH 16/29] remove whitespace --- manifests/resource/server.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index 32b975ccc..038f750c1 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -326,7 +326,7 @@ if $listen_port_range != undef { $port = $listen_port_range } - else{ + else { $port = $listen_port } From 6a02424406a39ec302387fb9a0aeb971ba92e070 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 15:41:56 +0300 Subject: [PATCH 17/29] fixed missing declared resource variable --- manifests/resource/streamhost.pp | 39 +++++++++++++++++--------------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index 092a8e720..d8d90270e 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -21,6 +21,8 @@ # this streamhost on. Defaults to all interfaces (::) # [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this # streamhost on. Defaults to TCP 80 +# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port +# ranges was added (eg. '8081-8085'). # [*ipv6_listen_options*] - Extra options for listen directive like 'default' # to catchall. Template will allways add ipv6only=on. While issue # jfryman/puppet-nginx#30 is discussed, default value is 'default'. @@ -50,24 +52,25 @@ # ensure => present, # } define nginx::resource::streamhost ( - Enum['absent', 'present'] $ensure = 'present', - Variant[Array, String] $listen_ip = '*', - Integer $listen_port = 80, - Optional[Nginx::PortRange] $listen_port_range = undef, - Optional[String] $listen_options = undef, - Boolean $ipv6_enable = false, - Variant[Array, String] $ipv6_listen_ip = '::', - Integer $ipv6_listen_port = 80, - String $ipv6_listen_options = 'default ipv6only=on', - $proxy = undef, - String $proxy_read_timeout = $nginx::proxy_read_timeout, - $proxy_connect_timeout = $nginx::proxy_connect_timeout, - Array $resolver = [], - $raw_prepend = undef, - $raw_append = undef, - String $owner = $nginx::global_owner, - String $group = $nginx::global_group, - String $mode = $nginx::global_mode, + Enum['absent', 'present'] $ensure = 'present', + Variant[Array, String] $listen_ip = '*', + Integer $listen_port = 80, + Optional[Nginx::PortRange] $listen_port_range = undef, + Optional[String] $listen_options = undef, + Boolean $ipv6_enable = false, + Variant[Array, String] $ipv6_listen_ip = '::', + Integer $ipv6_listen_port = 80, + Optional[Nginx::PortRange] $ipv6_listen_port_range = undef, + String $ipv6_listen_options = 'default ipv6only=on', + $proxy = undef, + String $proxy_read_timeout = $nginx::proxy_read_timeout, + $proxy_connect_timeout = $nginx::proxy_connect_timeout, + Array $resolver = [], + $raw_prepend = undef, + $raw_append = undef, + String $owner = $nginx::global_owner, + String $group = $nginx::global_group, + String $mode = $nginx::global_mode, ) { if ! defined(Class['nginx']) { From addd3c6a07c7d3e1758846d605fda2947032f63e Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 29 May 2019 21:48:00 +0300 Subject: [PATCH 18/29] Updated variable description --- manifests/resource/streamhost.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index d8d90270e..c06cf6baa 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -8,8 +8,7 @@ # [*listen_ip*] - Default IP Address for NGINX to listen with this # streamhost on. Defaults to all interfaces (*) # [*listen_port*] - Default IP Port for NGINX to listen with this -# streamhost on. Defaults to TCP 80. It can be a port or a port range -# (eg. '8081-8085'). +# streamhost on. Defaults to TCP 80. # [*listen_port_range*] - From Nginx 1.15.10, support for port # ranges was added (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like From bcad22d70b949886d452bc4dca36289954125069 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Mon, 3 Jun 2019 17:23:01 +0300 Subject: [PATCH 19/29] Update streamhost.pp --- manifests/resource/streamhost.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index c06cf6baa..4b93e585d 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -20,7 +20,7 @@ # this streamhost on. Defaults to all interfaces (::) # [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this # streamhost on. Defaults to TCP 80 -# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port +# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port # ranges was added (eg. '8081-8085'). # [*ipv6_listen_options*] - Extra options for listen directive like 'default' # to catchall. Template will allways add ipv6only=on. While issue From ffaa0063f889c42866e342465adc023944317ca7 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 11:33:13 +0300 Subject: [PATCH 20/29] Added nginx version checks for port range support --- manifests/resource/server.pp | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index 1f3dd5a97..42b571e6f 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -321,17 +321,30 @@ } # If port range is defined, ignore any other $listen_port defined - if $listen_port_range != undef { + if versioncmp(fact('nginx_version'), '1.15.10') < 0 { + $port_range_support = false + } + else{ + $port_range_support = true + } + + if ($listen_port_range != undef) and ($port_range_support == true) { $port = $listen_port_range } - else { + elsif ($listen_port_range != undef) and ($port_range_support == false) { + fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') + } + else{ $port = $listen_port } if $ipv6_enable == true{ - if $ipv6_listen_port_range != undef { + if ($ipv6_listen_port_range != undef) and ($port_range_support == true) { $ipv6_port = $ipv6_listen_port_range } + elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) { + fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') + } else { $ipv6_port = $ipv6_listen_port } From d9292c64fbeeecb6c8e185911269e9fedf888d01 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 11:33:52 +0300 Subject: [PATCH 21/29] Added nginx version checks for port range support --- manifests/resource/streamhost.pp | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index 4b93e585d..de21baba0 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -76,16 +76,31 @@ fail('You must include the nginx base class before using any defined resources') } - if $listen_port_range != undef { + # If port range is defined, ignore any other $listen_port defined + if versioncmp(fact('nginx_version'), '1.15.10') < 0 { + $port_range_support = false + } + else{ + $port_range_support = true + } + + if ($listen_port_range != undef) and ($port_range_support == true) { $port = $listen_port_range } + elsif ($listen_port_range != undef) and ($port_range_support == false) { + fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') + } else { $port = $listen_port } + if $ipv6_enable == true{ - if $ipv6_listen_port_range != undef { + if ($ipv6_listen_port_range != undef) and ($port_range_support == true) { $ipv6_port = $ipv6_listen_port_range } + elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) { + fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') + } else { $ipv6_port = $ipv6_listen_port } From f36f469f36ba7fa275b93e30ce7fe3741c66bf0f Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 14:37:24 +0300 Subject: [PATCH 22/29] Updated specs for port range using nginx_version fact --- spec/defines/resource_server_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index 9ff5a6241..d2c3e3d11 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -365,6 +365,7 @@ ].each do |param| context "when #{param[:attr]} is #{param[:value]}" do let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) } + let(:facts) { facts.merge(nginx_version: '1.15.0') } it { is_expected.to contain_concat__fragment("#{title}-header") } it param[:title] do From 01692cf8394b6897117f4693d26510164d78b89e Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 14:38:38 +0300 Subject: [PATCH 23/29] Updated spec for stream for port range support with nginx_version fact --- spec/defines/resource_stream_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 07d3cd019..0ffa7e416 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -136,6 +136,7 @@ ].each do |param| context "when #{param[:attr]} is #{param[:value]}" do let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) } + let(:facts) { facts.merge(nginx_version: '1.15.0') } it { is_expected.to contain_concat__fragment("#{title}-header") } it param[:title] do From 558b32bd761ad2d1d89734acc190f414f1ef792e Mon Sep 17 00:00:00 2001 From: ay61su Date: Wed, 5 Jun 2019 16:38:30 +0300 Subject: [PATCH 24/29] simplified code, updated spec, changed from fact function to $fact --- manifests/resource/server.pp | 31 +++++++----------------- manifests/resource/streamhost.pp | 35 ++++++++-------------------- spec/defines/resource_server_spec.rb | 1 - spec/defines/resource_stream_spec.rb | 1 - 4 files changed, 18 insertions(+), 50 deletions(-) diff --git a/manifests/resource/server.pp b/manifests/resource/server.pp index 42b571e6f..79ed4302c 100644 --- a/manifests/resource/server.pp +++ b/manifests/resource/server.pp @@ -321,33 +321,18 @@ } # If port range is defined, ignore any other $listen_port defined - if versioncmp(fact('nginx_version'), '1.15.10') < 0 { - $port_range_support = false - } - else{ - $port_range_support = true - } - - if ($listen_port_range != undef) and ($port_range_support == true) { - $port = $listen_port_range - } - elsif ($listen_port_range != undef) and ($port_range_support == false) { - fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') - } - else{ + if versioncmp($facts['nginx_version'], '1.15.10') < 0 { $port = $listen_port - } - if $ipv6_enable == true{ - if ($ipv6_listen_port_range != undef) and ($port_range_support == true) { - $ipv6_port = $ipv6_listen_port_range - } - elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) { - fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') - } - else { + if $ipv6_enable == true { $ipv6_port = $ipv6_listen_port } + } else { + $port = pick_default($listen_port_range, $listen_port) + + if $ipv6_enable == true { + $ipv6_port = pick_default($ipv6_listen_port_range, $ipv6_listen_port) + } } # Try to error in the case where the user sets ssl_port == listen_port but diff --git a/manifests/resource/streamhost.pp b/manifests/resource/streamhost.pp index de21baba0..024b99b37 100644 --- a/manifests/resource/streamhost.pp +++ b/manifests/resource/streamhost.pp @@ -9,7 +9,7 @@ # streamhost on. Defaults to all interfaces (*) # [*listen_port*] - Default IP Port for NGINX to listen with this # streamhost on. Defaults to TCP 80. -# [*listen_port_range*] - From Nginx 1.15.10, support for port +# [*listen_port_range*] - From Nginx 1.15.10, support for port # ranges was added (eg. '8081-8085'). # [*listen_options*] - Extra options for listen directive like # 'default' to catchall. Undef by default. @@ -20,7 +20,7 @@ # this streamhost on. Defaults to all interfaces (::) # [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this # streamhost on. Defaults to TCP 80 -# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port +# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port # ranges was added (eg. '8081-8085'). # [*ipv6_listen_options*] - Extra options for listen directive like 'default' # to catchall. Template will allways add ipv6only=on. While issue @@ -77,33 +77,18 @@ } # If port range is defined, ignore any other $listen_port defined - if versioncmp(fact('nginx_version'), '1.15.10') < 0 { - $port_range_support = false - } - else{ - $port_range_support = true - } - - if ($listen_port_range != undef) and ($port_range_support == true) { - $port = $listen_port_range - } - elsif ($listen_port_range != undef) and ($port_range_support == false) { - fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') - } - else { + if versioncmp($facts['nginx_version'], '1.15.10') < 0 { $port = $listen_port - } - if $ipv6_enable == true{ - if ($ipv6_listen_port_range != undef) and ($port_range_support == true) { - $ipv6_port = $ipv6_listen_port_range - } - elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) { - fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)') - } - else { + if $ipv6_enable == true { $ipv6_port = $ipv6_listen_port } + } else { + $port = pick_default($listen_port_range, $listen_port) + + if $ipv6_enable == true { + $ipv6_port = pick_default($ipv6_listen_port_range, $ipv6_listen_port) + } } # Variables diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index d2c3e3d11..9ff5a6241 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -365,7 +365,6 @@ ].each do |param| context "when #{param[:attr]} is #{param[:value]}" do let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) } - let(:facts) { facts.merge(nginx_version: '1.15.0') } it { is_expected.to contain_concat__fragment("#{title}-header") } it param[:title] do diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 0ffa7e416..07d3cd019 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -136,7 +136,6 @@ ].each do |param| context "when #{param[:attr]} is #{param[:value]}" do let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) } - let(:facts) { facts.merge(nginx_version: '1.15.0') } it { is_expected.to contain_concat__fragment("#{title}-header") } it param[:title] do From 8907ee4df947619ded4d1308dfea8bc641b3897a Mon Sep 17 00:00:00 2001 From: ay61su Date: Wed, 5 Jun 2019 18:20:13 +0300 Subject: [PATCH 25/29] updated specs for nginx_version in server resource --- spec/defines/resource_server_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index 9ff5a6241..e04686589 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -4,7 +4,7 @@ on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do - facts + facts.merge(nginx_version: '1.15.10') end let :title do 'www.rspec.example.com' From bf23d6b18a81f8634b2c3d889cc91623486bc13f Mon Sep 17 00:00:00 2001 From: ay61su Date: Wed, 5 Jun 2019 18:50:43 +0300 Subject: [PATCH 26/29] updated specs for nginx_version in server resource --- spec/classes/nginx_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb index 65c23d384..aca1c048b 100644 --- a/spec/classes/nginx_spec.rb +++ b/spec/classes/nginx_spec.rb @@ -4,7 +4,7 @@ on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do - facts + facts.merge(nginx_version: '1.15.10') end let :params do From 4045958929b8314e86a58d6b15cc81a605fa0df8 Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 19:55:15 +0300 Subject: [PATCH 27/29] Added nginx_version fact to streamhost spec --- spec/defines/resource_stream_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 07d3cd019..80b9ff153 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -4,7 +4,7 @@ on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do - facts + facts.merge(nginx_version: '1.15.10') end let :title do 'www.rspec.example.com' From f96006ab3041d329fd1ec60cbf26c3022b1eff4c Mon Sep 17 00:00:00 2001 From: 00ssh <42207435+00ssh@users.noreply.github.com> Date: Wed, 5 Jun 2019 21:20:43 +0300 Subject: [PATCH 28/29] removed context "without a value for nginx_version fact" --- spec/defines/resource_server_spec.rb | 7 ------- 1 file changed, 7 deletions(-) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index e04686589..b6e5dd5d8 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -458,13 +458,6 @@ ) end - context 'without a value for the nginx_version fact do' do - let :facts do - facts[:nginx_version] ? facts.delete(:nginx_version) : facts - end - - it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{ ssl on;}) } - end context 'with fact nginx_version=1.14.1' do let(:facts) { facts.merge(nginx_version: '1.14.1') } From 0c7e28af51205d8873634c27c9cbdf5e46ada1ff Mon Sep 17 00:00:00 2001 From: ay61su Date: Thu, 6 Jun 2019 10:46:57 +0300 Subject: [PATCH 29/29] updated specs with correct titles --- spec/defines/resource_server_spec.rb | 2 +- spec/defines/resource_stream_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/defines/resource_server_spec.rb b/spec/defines/resource_server_spec.rb index b6e5dd5d8..77a823364 100644 --- a/spec/defines/resource_server_spec.rb +++ b/spec/defines/resource_server_spec.rb @@ -126,7 +126,7 @@ match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;} }, { - title: 'should set the IPv6 listen port', + title: 'should set the IPv6 listen port range', attr: 'ipv6_listen_port_range', value: '45-50', match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;} diff --git a/spec/defines/resource_stream_spec.rb b/spec/defines/resource_stream_spec.rb index 80b9ff153..d4bd46bc3 100644 --- a/spec/defines/resource_stream_spec.rb +++ b/spec/defines/resource_stream_spec.rb @@ -66,7 +66,7 @@ match: %r{\s+listen\s+\*:45;} }, { - title: 'should set the IPv4 listen port', + title: 'should set the IPv4 listen port range', attr: 'listen_port_range', value: '45-50', match: %r{\s+listen\s+\*:45-50;} @@ -102,7 +102,7 @@ match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;} }, { - title: 'should set the IPv6 listen port', + title: 'should set the IPv6 listen port range', attr: 'ipv6_listen_port_range', value: '45-50', match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;}