diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 04:00:50 +0100 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-12 05:34:56 +0100 |
commit | d3a87ab7b3dbf2cf4ec364558f1b97c72565f946 (patch) | |
tree | f664bed9bdc29d9baf42a606a1be2861a91600a5 | |
parent | Move remaining out of site.pp. (diff) | |
download | website_blog_2-d3a87ab7b3dbf2cf4ec364558f1b97c72565f946.tar.gz website_blog_2-d3a87ab7b3dbf2cf4ec364558f1b97c72565f946.tar.xz |
Fix blog module.
-rw-r--r-- | manifests/init.pp | 59 | ||||
-rw-r--r-- | manifests/instance.pp | 140 | ||||
-rw-r--r-- | templates/special-files.ini.epp | 2 |
3 files changed, 100 insertions, 101 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 1ecce39..8d159d4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,42 +1,41 @@ class blog ( String $blog_root, + String $certname, + String $domain, Hash[String,Hash] $blogs = {}, - Optional[String] $domain = undef, Optional[Array[String]] $domain_aliases = undef, + String $blog_server_name = 'blog-server', ) { - create_resources(blog::instance, $blogs) - if $domain { - $default = { - access_log => 'absent', - error_log => 'absent', - ssl => true, - ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem", - ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", - use_default_location => false, - } - $domain_conf = { - server_name => [ $domain, ], - index_files => [ 'index.php', 'index.html', 'index.htm', ], - www_root => $blog::blog_root, - } - $main_conf = { - "${safe_title} - server" => $default + $domain_conf, - } + $default = { + access_log => 'absent', + error_log => 'absent', + ssl => true, + ssl_redirect => true, + ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem", + ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", + use_default_location => false, + } - create_resources(nginx::resource::server, $main_conf) + include ::nginx - if $domain_aliases { - $alias_conf = { - "${safe_title} - aliases" => $default + { - server_name => $domain_aliases, - server_cfg_append => { - 'return' => '301 $scheme://blog.hornquist.se$request_uri', - }, - }, - } - create_resources(nginx::resource::server, $alias_conf) + nginx::resource::server { $blog_server_name: + * => $default, + server_name => [ $domain, ], + index_files => [ 'index.php', 'index.html', 'index.htm', ], + www_root => $blog::blog_root, + } + + if $domain_aliases { + nginx::resource::server { "${blog_server_name}-aliases": + * => $default, + server_name => $domain_aliases, + server_cfg_append => { + 'return' => '301 $scheme://blog.hornquist.se$request_uri', + }, } } + + create_resources(blog::instance, $blogs) } diff --git a/manifests/instance.pp b/manifests/instance.pp index adaa30d..07db874 100644 --- a/manifests/instance.pp +++ b/manifests/instance.pp @@ -1,99 +1,99 @@ define blog::instance ( - String $blog_title = $name, String $author, + String $blog_title = $name, Boolean $has_comments = false, + String $engine_version = '8.0', String $subtitle = '', - Optional[String] $vcs_repo = undef, + Optional[Struct[{ url => String, ref => String}]] $vcs_repo = undef, ) { $root = "${blog::blog_root}/${title}" $safe_title = base64('encode', $blog_title) + # Download source vcsrepo { $root: - ensure => latest, + ensure => latest, provider => git, - source => 'https://github.com/HugoNikanor/website-blog-2.git', - revision => 'master', + source => 'https://github.com/HugoNikanor/website-blog-2.git', + revision => $engine_version, + group => 'www-data', # keep_local_changes => true, - owner => 'hugo', - group => 'www-data', } + # Manage entries directory if $vcs_repo { vcsrepo { "${root}/entries": - ensure => latest, + ensure => latest, provider => git, - source => $vcs_repo, - revision => 'master', - owner => 'hugo', - group => 'www-data', - } - } else { - file { "${root}/entries": - ensure => directory, - } - } - - file { "${root}/settings.php": - ensure => file, - content => epp('blog/settings.php.epp', { - author => $author, - title => $title, - subtitle => $subtitle, - has_comments => $has_comments, - }), + source => $vcs_repo['url'], + revision => $vcs_repo['ref'], + group => 'www-data', } - - file { "${root}/footnote": + } else { + file { "${root}/entries": ensure => directory, - recurse => true, } + } - $foot_files = [ - ['about.md', 'About'], - ['contact.md', 'Contact'], - ['legal.md', 'Legal'], - ['qna.md', '"Q&A"'], - ] + file { "${root}/settings.php": + ensure => file, + content => epp('blog/settings.php.epp', { + author => $author, + title => $blog_title, + subtitle => $subtitle, + has_comments => $has_comments, + }), + } - $foot_files.each |$item| { - file { "${root}/footnote/${item[0]}": - source => "puppet:///modules/blog/footers/${item[0]}", - } - } + file { "${root}/footnote": + ensure => directory, + recurse => true, + } - file { "${root}/special-files.ini": - ensure => file, - content => $foot_files, - } + $foot_files = [ + ['about.md', 'About'], + ['contact.md', 'Contact'], + ['legal.md', 'Legal'], + ['qna.md', '"Q&A"'], + ] - $certname = lookup('certname') + $foot_files.each |$item| { + file { "${root}/footnote/${item[0]}": + source => "puppet:///modules/blog/footers/${item[0]}", + } + } - if $blog::domain { + file { "${root}/special-files.ini": + ensure => file, + content => epp( + 'blog/special-files.ini.epp', + { foot_files => $foot_files, }), + } - nginx::resource::location { "${safe_title} - server - /": - location => '/', - try_files => ['$uri', '$uri/', '=404'], - index_files => [], - ssl => true, - autoindex => on, - server => [ "${safe_title} - server", ] - } + nginx::resource::location { "${safe_title} - /": + location => '/', + try_files => ['$uri', '$uri/', '=404'], + index_files => [], + ssl => true, + ssl_only => true, + autoindex => on, + server => $blog::blog_server_name, + } - nginx::resource::location { "${safe_title} - server - php": - location => '~ \.php$', - fastcgi_params => 'snippets/fastcgi-php.conf', - fastcgi => 'unix:/run/php/php-fpm.sock', - ssl => true, - server => [ "${safe_title} - server", ], - } + nginx::resource::location { "${safe_title} - php": + location => '~ \.php$', + fastcgi_params => 'snippets/fastcgi-php.conf', + fastcgi => 'unix:/run/php/php-fpm.sock', + ssl => true, + ssl_only => true, + server => $blog::blog_server_name, + } - nginx::resource::location { "${safe_title} - server - ht": - location => '~ /\.ht', - location_cfg_append => { deny => 'all' }, - index_files => [], - ssl => true, - server => [ "${safe_title} - server", ], - } - } + nginx::resource::location { "${safe_title} - ht": + location => '~ /\.ht', + location_cfg_append => { deny => 'all' }, + index_files => [], + ssl => true, + server => $blog::blog_server_name, + } } diff --git a/templates/special-files.ini.epp b/templates/special-files.ini.epp index 66b779a..7defd98 100644 --- a/templates/special-files.ini.epp +++ b/templates/special-files.ini.epp @@ -5,7 +5,7 @@ ; Which files on the website that are "special" ; This basicly means that they shouldnt have comments [footnote] -<%- for $foot_files.each |$item| { -%> +<%- $foot_files.each |$item| { -%> files[] = <%= $item[0] %> title[] = <%= $item[1] %> <%- } -%> |