Commit c289763e authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Rafael Monnerat

apache-frontend: Fix Ngnix main configuration

jinja2 template is required, as some paramters might come from the network.

/reviewed-on !345
parent 438bfe91
...@@ -18,7 +18,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e ...@@ -18,7 +18,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg filename = instance-apache-frontend.cfg
md5sum = b6a2c860ea1cd4bc9d185c7108c52d0a md5sum = d6570c7a7e3c48efa7305677fe7c7ceb
[template-apache-replicate] [template-apache-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
...@@ -82,7 +82,7 @@ md5sum = 117238225b3fc3c5b5be381815f44c67 ...@@ -82,7 +82,7 @@ md5sum = 117238225b3fc3c5b5be381815f44c67
[template-nginx-configuration] [template-nginx-configuration]
filename = templates/nginx.cfg.in filename = templates/nginx.cfg.in
md5sum = 18633ce55e53340efa1ba7693aac4152 md5sum = f334ef32234771aee69c06f843da1980
[template-nginx-eventsource-slave-virtualhost] [template-nginx-eventsource-slave-virtualhost]
filename = templates/nginx-eventsource-slave.conf.in filename = templates/nginx-eventsource-slave.conf.in
......
...@@ -676,14 +676,31 @@ curl_path = ${curl:location}/bin/curl ...@@ -676,14 +676,31 @@ curl_path = ${curl:location}/bin/curl
# #
[nginx-frontend] [nginx-frontend]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = ${nginx-push-stream:location}/sbin/nginx -c $${nginx-configuration:output} command-line = ${nginx-push-stream:location}/sbin/nginx -c $${dynamic-nginx-frontend-template:rendered}
wrapper-path = $${directory:service}/frontend_nginx wrapper-path = $${directory:service}/frontend_nginx
[nginx-configuration] [dynamic-nginx-frontend-template]
recipe = slapos.recipe.template < = jinja2-template-base
url = ${template-nginx-configuration:output} template = ${template-nginx-configuration:output}
output = $${directory:etc}/nginx.cfg rendered = $${directory:etc}/nginx.cfg
mode = 0600 mode = 0600
extra-context =
key ip nginx-configuration:ip
key local_ip nginx-configuration:local_ip
key port nginx-configuration:port
key plain_port nginx-configuration:plain_port
key worker_processes nginx-configuration:worker_processes
key pidfile nginx-configuration:pid-file
key worker_connections nginx-configuration:worker_connections
key error_log nginx-configuration:error_log
key access_log nginx-configuration:access_log
key ssl_certificate ca-frontend:cert-file
key ssl_key ca-frontend:key-file
key varnginx directory:varnginx
key slave_configuration_directory nginx-configuration:slave-configuration-directory
key document_root apache-directory:document-root
[nginx-configuration]
access_log = $${directory:log}/nginx-access.log access_log = $${directory:log}/nginx-access.log
error_log = $${directory:log}/nginx-error.log error_log = $${directory:log}/nginx-error.log
ip = $${slap-network-information:global-ipv6} ip = $${slap-network-information:global-ipv6}
...@@ -695,7 +712,7 @@ worker_connections = 1024 ...@@ -695,7 +712,7 @@ worker_connections = 1024
slave-configuration-directory = $${apache-directory:nginx-slave-configuration} slave-configuration-directory = $${apache-directory:nginx-slave-configuration}
pid-file = $${directory:run}/nginx.pid pid-file = $${directory:run}/nginx.pid
nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi
nginx-configuration-verification = ${nginx-push-stream:location}/sbin/nginx -t -c $${nginx-configuration:output} nginx-configuration-verification = ${nginx-push-stream:location}/sbin/nginx -t -c $${dynamic-nginx-frontend-template:rendered}
[frontend-nginx-graceful] [frontend-nginx-graceful]
< = jinja2-template-base < = jinja2-template-base
......
daemon off; # run in the foreground so supervisord can look after it daemon off; # run in the foreground so supervisord can look after it
worker_processes $${nginx-configuration:worker_processes}; worker_processes {{ worker_processes }};
pid $${nginx-configuration:pid-file}; pid {{ pidfile }};
events { events {
worker_connections $${nginx-configuration:worker_connections}; worker_connections {{ worker_connections }};
# multi_accept on; # multi_accept on;
} }
error_log $${nginx-configuration:error_log}; error_log {{ error_log }};
http { http {
...@@ -23,17 +23,17 @@ http { ...@@ -23,17 +23,17 @@ http {
types_hash_max_size 2048; types_hash_max_size 2048;
server_tokens off; server_tokens off;
error_log $${nginx-configuration:error_log}; error_log {{ error_log }};
log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time'; log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
access_log $${nginx-configuration:access_log} custom; access_log {{ access_log }} custom;
# server_names_hash_bucket_size 64; # server_names_hash_bucket_size 64;
# server_name_in_redirect off; # server_name_in_redirect off;
default_type application/octet-stream; default_type application/octet-stream;
ssl_certificate $${ca-frontend:cert-file}; ssl_certificate {{ ssl_certificate }};
ssl_certificate_key $${ca-frontend:key-file}; ssl_certificate_key {{ ssl_key }};
## ##
# Gzip Settings # Gzip Settings
...@@ -53,18 +53,18 @@ http { ...@@ -53,18 +53,18 @@ http {
## ##
push_stream_shared_memory_size 32m; push_stream_shared_memory_size 32m;
fastcgi_temp_path $${directory:varnginx} 1 2; fastcgi_temp_path {{ varnginx }} 1 2;
uwsgi_temp_path $${directory:varnginx} 1 2; uwsgi_temp_path {{ varnginx }} 1 2;
scgi_temp_path $${directory:varnginx} 1 2; scgi_temp_path {{ varnginx }} 1 2;
client_body_temp_path $${directory:varnginx} 1 2; client_body_temp_path {{ varnginx }} 1 2;
proxy_temp_path $${directory:varnginx} 1 2; proxy_temp_path {{ varnginx }} 1 2;
include $${nginx-configuration:slave-configuration-directory}/*.conf; include {{ slave_configuration_directory }}/*.conf;
server { server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:plain_port}; listen [{{ ip }}]:{{ plain_port }};
listen $${nginx-configuration:local_ip}:$${nginx-configuration:plain_port}; listen {{ local_ip }}:{{ plain_port }};
## Serve an error 204 (No Content) for favicon.ico ## Serve an error 204 (No Content) for favicon.ico
...@@ -73,14 +73,14 @@ http { ...@@ -73,14 +73,14 @@ http {
} }
location / { location / {
root $${apache-directory:document-root}; root {{ document_root }};
index notfound.html; index notfound.html;
} }
} }
server { server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl; listen [{{ ip }}]:{{ port }} ssl;
listen $${nginx-configuration:local_ip}:$${nginx-configuration:port} ssl; listen {{ local_ip }}:{{ port }} ssl;
ssl on; ssl on;
...@@ -96,7 +96,7 @@ http { ...@@ -96,7 +96,7 @@ http {
} }
location / { location / {
root $${apache-directory:document-root}; root {{ document_root }};
index notfound.html; index notfound.html;
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment