From e8e1246ef1b5e0004d5066bdf15398b8b1fddda1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Sat, 14 Jan 2023 21:31:12 +0100 Subject: Add nginx userdir module. --- manifests/nginx_userdir.pp | 69 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 manifests/nginx_userdir.pp (limited to 'manifests') diff --git a/manifests/nginx_userdir.pp b/manifests/nginx_userdir.pp new file mode 100644 index 0000000..39b6b9a --- /dev/null +++ b/manifests/nginx_userdir.pp @@ -0,0 +1,69 @@ +# Configures nginx locations for user specific directories, where the +# username is a subdomain. +class profiles::nginx_userdir ( + $servername = $::fqdn, +) { + include ::nginx + + # TODO wildcard certificate + $_servername = regsubst($servername, '[.]', '\.', 'G', 'N') + nginx::resource::server { "userdir ${servername}": + server_name => ["~^(?P[a-z][-a-z0-9]*)\\.${_servername}"], + use_default_location => false, + www_root => '/home/$uname/.public', + ssl => false, + # * => letsencrypt::conf::nginx($servername), + index_files => [ + 'index.cgi', + 'index.php', + 'index.html', + 'index.htm', + ], + } + + $nginx_defaults = { + server => "userdir ${servername}", + ssl => false, + ssl_only => false, + index_files => [], + } + + nginx::resource::location { "userdir.${servername} /": + location => '/', + autoindex => 'on', + try_files => [ + '$uri', + '$uri/', + '=404', + ], + * => $nginx_defaults, + } + + include ::profiles::fcgiwrap + nginx::resource::location { "userdir.${servername} cgi": + location => '~ \.cgi$', + fastcgi => 'unix:/run/fcgiwrap.socket', + # TODO isn't socket name os dependant + fastcgi_param => { + 'PATH_INFO' => '$fastcgi_script_name', + 'QUERY_STRING' => '$args', + }, + * => $nginx_defaults, + } + + include ::profiles::phpfpm + # TODO doesn't socket location depend on both os and php version + nginx::resource::location { "userdir.${servername} php": + location => '~ \.php$', + fastcgi => 'unix:/run/php/php-fpm.sock', + fastcgi_params => "${nginx::conf_dir}/snippets/fastcgi-php.conf", + * => $nginx_defaults, + } + + nginx::resource::location { "userdir.${servername} deny .ht": + location => '~ /\.ht', + location_deny => ['all'], + * => $nginx_defaults, + } + +} -- cgit v1.2.3