1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
define website_blog_2::instance (
String $author,
String $blog_title = $name,
Boolean $has_comments = false,
String $subtitle = '',
Optional[Struct[{ url => String, ref => String}]] $vcs_repo = undef,
) {
$root = "${website_blog_2::blog_root}/${title}"
$safe_title = base64('encode', $blog_title)
$upperdir = "/var/website-blog-2/${title}"
$workdir = "/var/website-blog-2/.workdirs/${title}"
file { [ $upperdir, $workdir ]:
ensure => directory,
}
mount { $root:
ensure => mounted,
atboot => true,
device => 'overlay',
fstype => 'overlay',
options => [
'lowerdir=/usr/share/website-blog-2',
"upperdir=${upperdir}",
"workdir=${workdir}",
].join(',')
}
# Manage entries directory
if $vcs_repo {
vcsrepo { "${root}/entries":
ensure => latest,
provider => git,
source => $vcs_repo['url'],
revision => $vcs_repo['ref'],
group => 'www-data',
}
} else {
file { "${root}/entries":
ensure => directory,
}
}
file { "${root}/settings.php":
ensure => file,
content => epp("${module_name}/settings.php.epp", {
author => $author,
title => $blog_title,
subtitle => $subtitle,
has_comments => $has_comments,
}),
}
file { "${root}/footnote":
ensure => directory,
recurse => true,
}
$foot_files = [
['about.md', 'About'],
['contact.md', 'Contact'],
['legal.md', 'Legal'],
['qna.md', '"Q&A"'],
]
$foot_files.each |$item| {
file { "${root}/footnote/${item[0]}":
source => "puppet:///modules/${module_name}/footers/${item[0]}",
}
}
file { "${root}/special-files.ini":
ensure => file,
content => epp(
"${module_name}/special-files.ini.epp",
{ foot_files => $foot_files, }),
}
nginx::resource::location { "${safe_title} - /":
location => '/',
try_files => ['$uri', '$uri/', '=404'],
index_files => [],
ssl => true,
ssl_only => true,
autoindex => on,
server => $website_blog_2::blog_server_name,
add_header => {
'Cache-Control' => "no-cache",
},
}
nginx::resource::location { "${safe_title} - css":
location => '~ \.css$',
try_files => [ '$uri', '=404' ],
ssl => true,
ssl_only => true,
server => $website_blog_2::blog_server_name,
expires => '1h',
add_header => {
'Cache-Control' => "no-cache",
},
}
nginx::resource::location { "${safe_title} - php":
location => '~ \.php$',
fastcgi_params => 'snippets/fastcgi-php.conf',
fastcgi => 'unix:/run/php/php-fpm.sock',
ssl => true,
ssl_only => true,
server => $website_blog_2::blog_server_name,
}
nginx::resource::location { "${safe_title} - ht":
location => '~ /\.ht',
location_cfg_append => { deny => 'all' },
index_files => [],
ssl => true,
server => $website_blog_2::blog_server_name,
}
}
|
