modules/blog/manifests/instance.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

define blog::instance (
  String $blog_title = $name,
  String $author,
  Boolean $has_comments = false,
  String $subtitle = '',
  Optional[String] $vcs_repo = undef,
  Optional[String] $domain = undef,
  Optional[String] $domain_aliases = undef,
) {

  $root = "${blog::blog_root}/${title}"

  vcsrepo { $root:
    ensure => latest,
    provider => git,
    source => 'https://github.com/HugoNikanor/website-blog-2.git',
    revision => 'master',
    # keep_local_changes => true,
    owner => 'hugo',
    group => 'www-data',
  }

  if $vcs_repo {
    vcsrepo { "${root}/entries":
      ensure => latest,
      provider => git,
      source => $vcs_repo,
      revision => 'master',
      owner => 'hugo',
      group => 'www-data',
    }
    } else {
      file { "${root}/entries":
        ensure => directory,
      }
    }

    file { "${root}/settings.php":
      ensure  => file,
      content => epp('blog/settings.php.epp', {
        author       => $author,
        title        => $title,
        subtitle     => $subtitle,
        has_comments => $has_comments,
        }),
    }

    file { "${root}/footnote":
      ensure => directory,
      recurse => true,
    }

    $foot_files = [
      ['about.md',   'About'],
      ['contact.md', 'Contact'],
      ['legal.md',   'Legal'],
      ['qna.md',     '"Q&amp;A"'],
    ]

    $foot_files.each |$item| {
      file { "${root}/footnote/${item[0]}":
        source => "puppet:///modules/blog/footers/${item[0]}",
      }
    }

    file { "${root}/special-files.ini":
      ensure => file,
      content => $foot_files,
    }

    if $domain {
      $default = {
        access_log           => 'absent',
        error_log            => 'absent',
        ssl                  => true,
        ssl_cert             => "/etc/letsencrypt/live/${certname}/fullchain.pem",
        ssl_key              => "/etc/letsencrypt/live/${certname}/privkey.pem",
        use_default_location => false,
      }
      $domain_conf = {
        server_name => [ $domain, ],
        index_files => [ 'index.php', 'index.html', 'index.htm', ],
        www_root    => $blog::blog_root,
      }

      $main_conf = {
        "${blog_title} - server" => $default + $domain_conf,
      }

      create_resources(nginx::resource::server, $main_conf)

      if $domain_aliases {
        $alias_conf = {
          "${blog_title} - aliases" => $default + {
            server_name => [ $domain_aliases ],
            server_cfg_append => {
              'return' => '301 $scheme://blog.hornquist.se$request_uri',
            },
          },
        }
        create_resources(nginx::resource::server, $alias_conf)
      }

      nginx::resource::location { "${blog_title} - server - /":
        location    => '/',
        try_files   => ['$uri', '$uri/', '=404'],
        index_files => [],
        ssl         => true,
        autoindex   => on,
        server      => [ "${blog_title} - server", ]
      }

      nginx::resource::location { "${blog_title} - server - php":
        location       => '~ \.php$',
        fastcgi_params => 'snippets/fastcgi-php.conf',
        fastcgi        => 'unix:/run/php/php-fpm.sock',
        ssl            => true,
        server         => [ "${blog_title} - server", ],
      }

      nginx::resource::location { "${blog_title} - server - ht":
        location            => '~ /\.ht',
        location_cfg_append => { deny => 'all' },
        index_files         => [],
        ssl                 => true,
        server              => [ "${blog_title} - server", ],
      }
    }
}