Delta Between Two Patch Sets: modules/nginx/manifests/init.pp
Issue 29321355:
Issue 2600 - Normalize ownership and priviliges for Nginx logs (Closed)
Left Patch Set: A more elegant solution
Created July 10, 2015, 10:11 a.m.
Right Patch Set: Apply 80 character line length formatting
Created July 13, 2015, 1:23 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with change/comment
|
« no previous file
|
no next file »
|
no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| LEFT | RIGHT |
|---|---|
| 1 class nginx ( | 1 class nginx ( |
| 2 $worker_processes = $nginx::params::worker_processes, | 2 $worker_processes = $nginx::params::worker_processes, |
| 3 $worker_connections = $nginx::params::worker_connections, | 3 $worker_connections = $nginx::params::worker_connections, |
| 4 $ssl_session_cache = $nginx::params::ssl_session_cache | 4 $ssl_session_cache = $nginx::params::ssl_session_cache |
| 5 ) inherits nginx::params { | 5 ) inherits nginx::params { |
| 6 | 6 |
| 7 apt::source {'nginx': | 7 apt::source {'nginx': |
| 8 location => "http://nginx.org/packages/ubuntu", | 8 location => "http://nginx.org/packages/ubuntu", |
| 9 repos => "nginx", | 9 repos => "nginx", |
| 10 key => "7BD9BF62", | 10 key => "7BD9BF62", |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 118 require => File["/etc/nginx/sites-available/${domain}"], | 118 require => File["/etc/nginx/sites-available/${domain}"], |
| 119 content => template('nginx/logrotate.erb') | 119 content => template('nginx/logrotate.erb') |
| 120 } | 120 } |
| 121 } | 121 } |
| 122 | 122 |
| 123 file {'/etc/logrotate.d/nginx': | 123 file {'/etc/logrotate.d/nginx': |
| 124 source => 'puppet:///modules/nginx/logrotate', | 124 source => 'puppet:///modules/nginx/logrotate', |
| 125 require => Package['nginx'] | 125 require => Package['nginx'] |
| 126 } | 126 } |
| 127 | 127 |
| 128 $log_path = '/var/log/nginx' | 128 $find_cmd_base = [ |
|
mathias
2015/07/10 10:57:46
Just used once and not an nginx::param anyway? The
Fred
2015/07/13 12:53:01
Done.
| |
| 129 $user_quoted = shellquote($nginx::params::user) | 129 'find', '/var/log/nginx', |
|
mathias
2015/07/10 10:57:46
As far as I can see, there is no need to explicitl
Fred
2015/07/13 12:53:00
Done.
| |
| 130 $find_cmd_base = ['find', $log_path, '-mindepth', '1', '-maxdepth', '1', '-typ e', 'f'] | 130 '-mindepth', '1', '-maxdepth', '1', '-type', 'f', |
| 131 $find_kill_exec = ['-exec', 'sh', '-c', 'ps -p $$ -o ppid= | xargs kill -TERM' , ';'] | 131 ] |
|
mathias
2015/07/10 10:57:46
This definitely needs an explaining comment! ;-)
Fred
2015/07/13 12:53:00
Done.
| |
| 132 | 132 |
| 133 $find_chown_base = [$find_cmd_base, '-not', '(', '-user', $user_quoted, '-and' , '-group', 'adm', ')'] | 133 # Kill the find process to force an exit status != 0 by finding the parent pid |
| 134 $find_chown_exec = ['-ls', '-exec', 'chown', "${user_quoted}.adm", '{}', ';'] | 134 # of the exec's sh process |
| 135 $find_kill_exec = [ | |
| 136 '-exec', 'sh', '-c', | |
| 137 'ps -p $$ -o ppid= | xargs kill -TERM', | |
| 138 ';', | |
| 139 ] | |
| 140 | |
| 141 $find_chown_base = [ | |
| 142 $find_cmd_base, | |
| 143 '-not', '(', '-user', $nginx::params::user, '-and', '-group', 'adm', ')', | |
| 144 ] | |
| 145 $find_chown_exec = [ | |
| 146 '-ls', '-exec', 'chown', | |
| 147 "${nginx::params::user}.adm", '{}', ';', | |
| 148 ] | |
| 135 | 149 |
| 136 exec {"set_logfiles_owner": | 150 exec {"set_logfiles_owner": |
| 137 command => shellquote($find_chown_base, $find_chown_exec), | 151 command => shellquote($find_chown_base, $find_chown_exec), |
| 138 unless => shellquote($find_chown_base, $find_kill_exec), | 152 unless => shellquote($find_chown_base, $find_kill_exec), |
| 139 require => Package['nginx'], | |
|
mathias
2015/07/10 10:57:46
With the subscription to Service['nginx'] the requ
Fred
2015/07/13 12:53:01
Done.
| |
| 140 subscribe => Service['nginx'], | 153 subscribe => Service['nginx'], |
| 141 } | 154 } |
| 142 | 155 |
| 143 $find_chmod_base = [$find_cmd_base, '-not', '-perm', '0640'] | 156 $find_chmod_base = [$find_cmd_base, '-not', '-perm', '0640'] |
| 144 $find_chmod_exec = ['-ls', '-exec', 'chmod', '0640', '{}', ';'] | 157 $find_chmod_exec = ['-ls', '-exec', 'chmod', '0640', '{}', ';'] |
| 145 | 158 |
| 146 exec {"set_logfiles_permissions": | 159 exec {"set_logfiles_permissions": |
| 147 command => shellquote($find_chmod_base, $find_chmod_exec), | 160 command => shellquote($find_chmod_base, $find_chmod_exec), |
| 148 unless => shellquote($find_chmod_base, $find_kill_exec), | 161 unless => shellquote($find_chmod_base, $find_kill_exec), |
| 149 require => Package['nginx'], | |
| 150 subscribe => Service['nginx'], | 162 subscribe => Service['nginx'], |
| 151 } | 163 } |
| 152 | 164 |
| 153 service {'nginx': | 165 service {'nginx': |
| 154 ensure => running, | 166 ensure => running, |
| 155 enable => true, | 167 enable => true, |
| 156 restart => '/etc/init.d/nginx reload', | 168 restart => '/etc/init.d/nginx reload', |
| 157 hasstatus => true, | 169 hasstatus => true, |
| 158 require => File['/etc/nginx/nginx.conf'] | 170 require => File['/etc/nginx/nginx.conf'] |
| 159 } | 171 } |
| 160 } | 172 } |
| LEFT | RIGHT |
« no previous file
|
no next file »
|
Toggle Intra-line Diffs ('i')
|
Expand Comments ('e')
|
Collapse Comments ('c')
|
Toggle Comments ('s')
