diff options
Diffstat (limited to 'manifests/nginx.pp')
-rw-r--r-- | manifests/nginx.pp | 40 |
1 files changed, 12 insertions, 28 deletions
diff --git a/manifests/nginx.pp b/manifests/nginx.pp index b3af3f5..b94fff0 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -1,31 +1,15 @@ # @summary Manages nginx resources for cgit # @api private class cgit::nginx { - if ($cgit::certname == undef) { - nginx::resource::server { 'cgit': - server_name => [$cgit::server_name], - access_log => 'absent', - error_log => 'absent', - index_files => [], - try_files => ['$uri', '@cgit'], - ssl => false, - use_default_location => true, - www_root => $cgit::root, - } - } else { - nginx::resource::server { 'cgit': - server_name => [$cgit::server_name], - access_log => 'absent', - error_log => 'absent', - index_files => [], - try_files => ['$uri', '@cgit'], - ssl => true, - ssl_cert => "/etc/letsencrypt/live/${cgit::certname}/fullchain.pem", - ssl_key => "/etc/letsencrypt/live/${cgit::certname}/privkey.pem", - use_default_location => true, - www_root => $cgit::root, - ssl_redirect => true, - } + nginx::resource::server { 'cgit': + server_name => [$cgit::server_name], + access_log => 'absent', + error_log => 'absent', + index_files => [], + try_files => ['$uri', '@cgit'], + use_default_location => true, + www_root => $cgit::root, + * => letsencrypt::conf::nginx($cgit::server_name), } nginx::resource::location { '@cgit': @@ -35,7 +19,7 @@ class cgit::nginx { 'PATH_INFO' => '$fastcgi_script_name', 'QUERY_STRING' => '$args', }, - ssl_only => $cgit::certname != undef, + * => letsencrypt::conf::nginx::location($cgit::server_name), fastcgi => 'unix:/run/fcgiwrap.socket', server => [ 'cgit', @@ -53,8 +37,8 @@ class cgit::nginx { $re = $cgit::public_repos.join('|') nginx::resource::location { "~ ^(/(${re})\\.git/.*)" : + * => letsencrypt::conf::nginx::location($cgit::server_name), server => 'cgit', - ssl_only => $cgit::certname != undef, priority => 450, fastcgi => 'unix:/run/fcgiwrap.socket', fastcgi_params => 'fastcgi_params', @@ -67,8 +51,8 @@ class cgit::nginx { } nginx::resource::location { '~ (.*\.git/.*)': + * => letsencrypt::conf::nginx::location($cgit::server_name), server => 'cgit', - ssl_only => $cgit::certname != undef, location_cfg_append => { auth_basic => '"CGit login"', auth_basic_user_file => $cgit::htpasswd, |