Fix blog module.

3 files changed, 100 insertions, 101 deletions

diff --git a/manifests/init.pp b/manifests/init.pp
index 1ecce39..8d159d4 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,42 +1,41 @@
 class blog (
   String $blog_root,
+  String $certname,
+  String $domain,
   Hash[String,Hash] $blogs = {},
-  Optional[String] $domain = undef,
   Optional[Array[String]] $domain_aliases = undef,
+  String $blog_server_name = 'blog-server',
 ) {
-  create_resources(blog::instance, $blogs)
 
-  if $domain {
-    $default = {
-      access_log           => 'absent',
-      error_log            => 'absent',
-      ssl                  => true,
-      ssl_cert             => "/etc/letsencrypt/live/${certname}/fullchain.pem",
-      ssl_key              => "/etc/letsencrypt/live/${certname}/privkey.pem",
-      use_default_location => false,
-    }
-    $domain_conf = {
-      server_name => [ $domain, ],
-      index_files => [ 'index.php', 'index.html', 'index.htm', ],
-      www_root    => $blog::blog_root,
-    }
 
-    $main_conf = {
-      "${safe_title} - server" => $default + $domain_conf,
-    }
+  $default = {
+    access_log           => 'absent',
+    error_log            => 'absent',
+    ssl                  => true,
+    ssl_redirect         => true,
+    ssl_cert             => "/etc/letsencrypt/live/${certname}/fullchain.pem",
+    ssl_key              => "/etc/letsencrypt/live/${certname}/privkey.pem",
+    use_default_location => false,
+  }
 
-    create_resources(nginx::resource::server, $main_conf)
+  include ::nginx
 
-    if $domain_aliases {
-      $alias_conf = {
-        "${safe_title} - aliases" => $default + {
-          server_name => $domain_aliases,
-          server_cfg_append => {
-            'return' => '301 $scheme://blog.hornquist.se$request_uri',
-          },
-        },
-      }
-      create_resources(nginx::resource::server, $alias_conf)
+  nginx::resource::server { $blog_server_name:
+    *           => $default,
+    server_name => [ $domain, ],
+    index_files => [ 'index.php', 'index.html', 'index.htm', ],
+    www_root    => $blog::blog_root,
+  }
+
+  if $domain_aliases {
+    nginx::resource::server { "${blog_server_name}-aliases":
+      *                 => $default,
+      server_name       => $domain_aliases,
+      server_cfg_append => {
+        'return' => '301 $scheme://blog.hornquist.se$request_uri',
+      },
     }
   }
+
+  create_resources(blog::instance, $blogs)
 }
diff --git a/manifests/instance.pp b/manifests/instance.pp
index adaa30d..07db874 100644
--- a/manifests/instance.pp
+++ b/manifests/instance.pp
@@ -1,99 +1,99 @@
 define blog::instance (
-  String $blog_title = $name,
   String $author,
+  String $blog_title = $name,
   Boolean $has_comments = false,
+  String $engine_version = '8.0',
   String $subtitle = '',
-  Optional[String] $vcs_repo = undef,
+  Optional[Struct[{ url => String, ref => String}]] $vcs_repo = undef,
 ) {
 
   $root = "${blog::blog_root}/${title}"
   $safe_title = base64('encode', $blog_title)
 
+  # Download source
   vcsrepo { $root:
-    ensure => latest,
+    ensure   => latest,
     provider => git,
-    source => 'https://github.com/HugoNikanor/website-blog-2.git',
-    revision => 'master',
+    source   => 'https://github.com/HugoNikanor/website-blog-2.git',
+    revision => $engine_version,
+    group    => 'www-data',
     # keep_local_changes => true,
-    owner => 'hugo',
-    group => 'www-data',
   }
 
+  # Manage entries directory
   if $vcs_repo {
     vcsrepo { "${root}/entries":
-      ensure => latest,
+      ensure   => latest,
       provider => git,
-      source => $vcs_repo,
-      revision => 'master',
-      owner => 'hugo',
-      group => 'www-data',
-    }
-    } else {
-      file { "${root}/entries":
-        ensure => directory,
-      }
-    }
-
-    file { "${root}/settings.php":
-      ensure  => file,
-      content => epp('blog/settings.php.epp', {
-        author       => $author,
-        title        => $title,
-        subtitle     => $subtitle,
-        has_comments => $has_comments,
-        }),
+      source   => $vcs_repo['url'],
+      revision => $vcs_repo['ref'],
+      group    => 'www-data',
     }
-
-    file { "${root}/footnote":
+  } else {
+    file { "${root}/entries":
       ensure => directory,
-      recurse => true,
     }
+  }
 
-    $foot_files = [
-      ['about.md',   'About'],
-      ['contact.md', 'Contact'],
-      ['legal.md',   'Legal'],
-      ['qna.md',     '"Q&A"'],
-    ]
+  file { "${root}/settings.php":
+    ensure  => file,
+    content => epp('blog/settings.php.epp', {
+      author       => $author,
+      title        => $blog_title,
+      subtitle     => $subtitle,
+      has_comments => $has_comments,
+      }),
+  }
 
-    $foot_files.each |$item| {
-      file { "${root}/footnote/${item[0]}":
-        source => "puppet:///modules/blog/footers/${item[0]}",
-      }
-    }
+  file { "${root}/footnote":
+    ensure => directory,
+    recurse => true,
+  }
 
-    file { "${root}/special-files.ini":
-      ensure => file,
-      content => $foot_files,
-    }
+  $foot_files = [
+    ['about.md',   'About'],
+    ['contact.md', 'Contact'],
+    ['legal.md',   'Legal'],
+    ['qna.md',     '"Q&A"'],
+  ]
 
-    $certname = lookup('certname')
+  $foot_files.each |$item| {
+    file { "${root}/footnote/${item[0]}":
+      source => "puppet:///modules/blog/footers/${item[0]}",
+    }
+  }
 
-    if $blog::domain {
+  file { "${root}/special-files.ini":
+    ensure       => file,
+    content      => epp(
+      'blog/special-files.ini.epp',
+      { foot_files => $foot_files, }),
+  }
 
-      nginx::resource::location { "${safe_title} - server - /":
-        location    => '/',
-        try_files   => ['$uri', '$uri/', '=404'],
-        index_files => [],
-        ssl         => true,
-        autoindex   => on,
-        server      => [ "${safe_title} - server", ]
-      }
+  nginx::resource::location { "${safe_title} - /":
+    location    => '/',
+    try_files   => ['$uri', '$uri/', '=404'],
+    index_files => [],
+    ssl         => true,
+    ssl_only    => true,
+    autoindex   => on,
+    server      => $blog::blog_server_name,
+  }
 
-      nginx::resource::location { "${safe_title} - server - php":
-        location       => '~ \.php$',
-        fastcgi_params => 'snippets/fastcgi-php.conf',
-        fastcgi        => 'unix:/run/php/php-fpm.sock',
-        ssl            => true,
-        server         => [ "${safe_title} - server", ],
-      }
+  nginx::resource::location { "${safe_title} - php":
+    location       => '~ \.php$',
+    fastcgi_params => 'snippets/fastcgi-php.conf',
+    fastcgi        => 'unix:/run/php/php-fpm.sock',
+    ssl            => true,
+    ssl_only       => true,
+    server         => $blog::blog_server_name,
+  }
 
-      nginx::resource::location { "${safe_title} - server - ht":
-        location            => '~ /\.ht',
-        location_cfg_append => { deny => 'all' },
-        index_files         => [],
-        ssl                 => true,
-        server              => [ "${safe_title} - server", ],
-      }
-    }
+  nginx::resource::location { "${safe_title} - ht":
+    location            => '~ /\.ht',
+    location_cfg_append => { deny => 'all' },
+    index_files         => [],
+    ssl                 => true,
+    server              => $blog::blog_server_name,
+  }
 }
diff --git a/templates/special-files.ini.epp b/templates/special-files.ini.epp
index 66b779a..7defd98 100644
--- a/templates/special-files.ini.epp
+++ b/templates/special-files.ini.epp
@@ -5,7 +5,7 @@
 ; Which files on the website that are "special"
 ; This basicly means that they shouldnt have comments
 [footnote]
-<%- for $foot_files.each |$item| { -%>
+<%- $foot_files.each |$item| { -%>
 files[] = <%= $item[0] %>
 title[] = <%= $item[1] %>
 <%- } -%>