diff options
Diffstat (limited to 'manifests/nginx.pp')
-rw-r--r-- | manifests/nginx.pp | 37 |
1 files changed, 17 insertions, 20 deletions
diff --git a/manifests/nginx.pp b/manifests/nginx.pp index 23e6874..b3af3f5 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -1,25 +1,24 @@ # @summary Manages nginx resources for cgit # @api private class cgit::nginx { - if ($cgit::certname == undef) { nginx::resource::server { 'cgit': - server_name => [ $cgit::server_name, ], + server_name => [$cgit::server_name], access_log => 'absent', error_log => 'absent', index_files => [], - try_files => [ '$uri', '@cgit' ], + try_files => ['$uri', '@cgit'], ssl => false, use_default_location => true, www_root => $cgit::root, } } else { nginx::resource::server { 'cgit': - server_name => [ $cgit::server_name, ], + server_name => [$cgit::server_name], access_log => 'absent', error_log => 'absent', index_files => [], - try_files => [ '$uri', '@cgit' ], + try_files => ['$uri', '@cgit'], ssl => true, ssl_cert => "/etc/letsencrypt/live/${cgit::certname}/fullchain.pem", ssl_key => "/etc/letsencrypt/live/${cgit::certname}/privkey.pem", @@ -47,27 +46,26 @@ class cgit::nginx { ensure => file, content => $cgit::users.map |$user| { [$user['name'], $user['pass']].join(':') - }.join("\n") + }.join("\n"), } # TODO each repo name should be regex-escaped $re = $cgit::public_repos.join('|') nginx::resource::location { "~ ^(/(${re})\\.git/.*)" : - server => 'cgit', - ssl_only => $cgit::certname != undef, - priority => 450, - fastcgi => 'unix:/run/fcgiwrap.socket', - fastcgi_params => 'fastcgi_params', - fastcgi_param => { - 'SCRIPT_FILENAME' => '/usr/lib/git-core/git-http-backend', - 'GIT_PROJECT_ROOT' => $cgit::scan_path, - 'GIT_HTTP_EXPORT_ALL' => '""', - 'PATH_INFO' => '$1', - } + server => 'cgit', + ssl_only => $cgit::certname != undef, + priority => 450, + fastcgi => 'unix:/run/fcgiwrap.socket', + fastcgi_params => 'fastcgi_params', + fastcgi_param => { + 'SCRIPT_FILENAME' => '/usr/lib/git-core/git-http-backend', + 'GIT_PROJECT_ROOT' => $cgit::scan_path, + 'GIT_HTTP_EXPORT_ALL' => '""', + 'PATH_INFO' => '$1', + }, } - nginx::resource::location { '~ (.*\.git/.*)': server => 'cgit', ssl_only => $cgit::certname != undef, @@ -82,7 +80,6 @@ class cgit::nginx { 'GIT_PROJECT_ROOT' => $cgit::scan_path, 'GIT_HTTP_EXPORT_ALL' => '""', 'PATH_INFO' => '$1', - } + }, } - } |