cookbook 'chef_nginx', '= 6.0.1'
The chef_nginx cookbook has been deprecated
Author provided reason for deprecation:
The chef_nginx cookbook has been deprecated and is no longer being maintained by its authors. Use of the chef_nginx cookbook is no longer recommended.
You may find that the nginx cookbook is a suitable alternative.
chef_nginx
(29) Versions
6.0.1
-
Follow43
Installs and configures nginx
cookbook 'chef_nginx', '= 6.0.1', :supermarket
knife supermarket install chef_nginx
knife supermarket download chef_nginx
nginx Cookbook
Installs nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts.
nginx vs. chef_nginx
This cookbook is a fork from the 2.7.x branch of the community nginx cookbook.
This fork will be actively supported by Chef Software and we will continue to migrate the cookbook to a more resource driven model, with incremental changes following the SemVer model.
Requirements
Cookbooks
The following cookbooks are direct dependencies because they're used for common "default" functionality.
-
build-essential
for source installations -
ohai
for setting up the ohai plugin -
compat_resource
for setting up the nginx.org repository on Chef 12.1 - 12.13 -
yum-epel
for setting up the EPEL repository on RHEL platforms -
zypper
for setting up the nginx.org repository on Suse platforms
Platforms
The following platforms are supported and tested with Test Kitchen:
- Ubuntu 12.04+
- CentOS 5+
- Debian 7+
- openSUSE 13.2+
- FreeBSD 9+
Other Debian and RHEL family distributions are assumed to work.
Chef
- Chef 12.1+
Attributes
Node attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe.
chef_nginx::auth_request
These attributes are used in the chef_nginx::auth_request
recipe.
-
node['nginx']['auth_request']['url']
- The url to the auth_request module tar.gz file -
node['nginx']['auth_request']['checksum']
- The checksum of the auth_request module tar.gz file
chef_nginx::default
Generally used attributes. Some have platform specific values. See attributes/default.rb
. "The Config" refers to "nginx.conf" the main config file.
-
node['nginx']['dir']
- Location for nginx configuration. -
node['nginx']['conf_template']
- Thesource
template to use when creating thenginx.conf
. -
node['nginx']['conf_cookbook']
- The cookbook wherenode['nginx']['conf_template']
resides. -
node['nginx']['log_dir']
- Location for nginx logs. -
node['nginx']['log_dir_perm']
- Permissions for nginx logs folder. -
node['nginx']['user']
- User that nginx will run as. -
node['nginx']['group']
- Group for nginx. -
node['nginx']['port']
- Port for nginx to listen on. -
node['nginx']['binary']
- Path to the nginx binary. -
node['nginx']['init_style']
- How to run nginx as a service when usingchef_nginx::source
. Values can be "upstart", "systemd", or "init". This attribute is not used in thepackage
recipe because the package manager's init script style for the platform is assumed. -
node['nginx']['upstart']['foreground']
- Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid. -
node['nginx']['upstart']['runlevels']
- String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving. -
node['nginx']['upstart']['respawn_limit']
- Respawn limit in upstart stanza format, count followed by space followed by interval in seconds. -
node['nginx']['keepalive']
- Whether to usekeepalive_timeout
, any value besides "on" will leave that option out of the config. -
node['nginx']['keepalive_requests']
- used for config value ofkeepalive_requests
. -
node['nginx']['keepalive_timeout']
- used for config value ofkeepalive_timeout
. -
node['nginx']['worker_processes']
- used for config value ofworker_processes
. -
node['nginx']['worker_connections']
- used for config value ofevents { worker_connections }
-
node['nginx']['worker_rlimit_nofile']
- used for config value ofworker_rlimit_nofile
. Can replace any "ulimit -n" command. The value depend on your usage (cache or not) but must always be superior than worker_connections. -
node['nginx']['worker_shutdown_timeout']
- used for config value ofworker_shutdown_timeout
. -
node['nginx']['worker_connections']
- used for config value ofevents { worker_connections }
-
node['nginx']['multi_accept']
- used for config value ofevents { multi_accept }
. Try to accept() as many connections as possible. Disable by default. -
node['nginx']['event']
- used for config value ofevents { use }
. Set the event-model. By default nginx looks for the most suitable method for your OS. -
node['nginx']['accept_mutex_delay']
- used for config value ofaccept_mutex_delay
-
node['nginx']['server_tokens']
- used for config value ofserver_tokens
. -
node['nginx']['server_names_hash_bucket_size']
- used for config value ofserver_names_hash_bucket_size
. -
node['nginx']['disable_access_log']
- set to true to disable the general access log, may be useful on high traffic sites. -
node['nginx']['access_log_options']
- Set to a string of additional options to be appended to the access log directive -
node['nginx']['error_log_options']
- Set to a string of additional options to be appended to the error log directive -
node['nginx']['default_site_enabled']
- enable the default site -
node['nginx']['sendfile']
- Whether to usesendfile
. Defaults to "on". -
node['nginx']['tcp_nopush']
- Whether to usetcp_nopush
. Defaults to "on". -
node['nginx']['tcp_nodelay']
- Whether to usetcp_nodelay
. Defaults to "on". -
node['nginx']['install_method']
- Whether nginx is installed from packages or from source. -
node['nginx']['types_hash_max_size']
- Used for thetypes_hash_max_size
configuration directive. -
node['nginx']['types_hash_bucket_size']
- Used for thetypes_hash_bucket_size
configuration directive. -
node['nginx']['proxy_read_timeout']
- defines a timeout (between two successive read operations) for reading a response from the proxied server. -
node['nginx']['client_body_buffer_size']
- used for config value ofclient_body_buffer_size
. -
node['nginx']['client_max_body_size']
- specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length. -
node['nginx']['repo_source']
- when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use theyum-epel
cookbook, 'nginx' will use thechef_nginx::repo
recipe, 'passenger' will use the 'chef_nginx::repo_passenger' recipe, and setting no value will not add any additional repositories. -
node['nginx']['sts_max_age']
- Enable Strict Transport Security for all apps (See: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). This attribute adds the following header: Strict-Transport-Security max-age=SECONDS to all incoming requests and takes an integer (in seconds) as its argument. -
node['nginx']['default']['modules']
- Array specifying which modules to enable via the conf-enabled config include function. Currently the only valid value is "socketproxy". -
node['nginx']['load_modules']
- Array of paths to modules to dynamically load on nginx startup using theload_module
directive. Default is[]
.
authorized_ips module
-
node['nginx']['remote_ip_var']
- The remote ip variable name to use. -
node['nginx']['authorized_ips']
- IPs authorized by the module
gzip module
-
node['nginx']['gzip']
- Whether to use gzip, can be "on" or "off" -
node['nginx']['gzip_http_version']
- used for config value ofgzip_http_version
. -
node['nginx']['gzip_comp_level']
- used for config value ofgzip_comp_level
. -
node['nginx']['gzip_proxied']
- used for config value ofgzip_proxied
. -
node['nginx']['gzip_vary']
- used for config value ofgzip_vary
. -
node['nginx']['gzip_buffers']
- used for config value ofgzip_buffers
. -
node['nginx']['gzip_types']
- used for config value ofgzip_types
- must be an Array. -
node['nginx']['gzip_min_length']
- used for config value ofgzip_min_length
. -
node['nginx']['gzip_disable']
- used for config value ofgzip_disable
. -
node['nginx']['gzip_static']
- used for config value ofgzip_static
(http_gzip_static_module
must be enabled)
Other configurations
-
node['nginx']['extra_configs']
- a Hash of key/values to nginx configuration.
chef_nginx::echo
These attributes are used in the chef_nginx::http_echo_module
recipe.
-
node['nginx']['echo']['version']
- The version ofhttp_echo
you want (default: 0.59) -
node['nginx']['echo']['url']
- URL for the tarball. -
node['nginx']['echo']['checksum']
- Checksum of the tarball.
chef_nginx::devel
These attributes are used in the chef_nginx::ngx_devel_module
recipe.
-
node['nginx']['devel']['version']
- The version of the nginx devel module -
node['nginx']['devel']['url']
- The URL of the nginx devel module tar.gz file -
node['nginx']['devel']['checksum']
- The checksum of the nginx devel module tar.gz file
chef_nginx::geoip
These attributes are used in the chef_nginx::http_geoip_module
recipe. Please note that the country_dat_checksum
and city_dat_checksum
are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location.
Note The upstream, maxmind.com, may block access for repeated downloads of the data files. It is recommended that you download and host the data files, and change the URLs in the attributes.
-
node['nginx']['geoip']['path']
- Location where to install the geoip libraries. -
node['nginx']['geoip']['enable_city']
- Whether to enable City data -
node['nginx']['geoip']['country_dat_url']
- Country data tarball URL -
node['nginx']['geoip']['country_dat_checksum']
- Country data tarball checksum -
node['nginx']['geoip']['city_dat_url']
- City data tarball URL -
node['nginx']['geoip']['city_dat_checksum']
- City data tarball checksum -
node['nginx']['geoip']['lib_version']
- Version of the GeoIP library to install -
node['nginx']['geoip']['lib_url']
- (Versioned) Tarball URL of the GeoIP library -
node['nginx']['geoip']['lib_checksum']
- Checksum of the GeoIP library tarball
chef_nginx::http_realip_module
From: http://nginx.org/en/docs/http/ngx_http_realip_module.html
-
node['nginx']['realip']['header']
- Header to use for the RealIp Module; only accepts "X-Forwarded-For" or "X-Real-IP" -
node['nginx']['realip']['addresses']
- Addresses to use for thehttp_realip
configuration. -
node['nginx']['realip']['real_ip_recursive']
- If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default).
chef_nginx::passenger
These attributes are used in the chef_nginx::passenger
recipe.
-
node['nginx']['passenger']['version']
- passenger gem version -
node['nginx']['passenger']['root']
- passenger gem root path -
node['nginx']['passenger']['install_rake']
- set to false if rake already present on system -
node['nginx']['passenger']['max_pool_size']
- maximum passenger pool size (default=10) -
node['nginx']['passenger']['ruby']
- Ruby path for Passenger to use (default=$(which ruby)
) -
node['nginx']['passenger']['spawn_method']
- passenger spawn method to use (default=smart-lv2
) -
node['nginx']['passenger']['buffer_response']
- turns on or off response buffering (default=on
) -
node['nginx']['passenger']['max_pool_size']
- passenger maximum pool size (default=6
) -
node['nginx']['passenger']['min_instances']
- minimum instances (default=1
) -
node['nginx']['passenger']['max_instances_per_app']
- maximum instances per app (default=0
) -
node['nginx']['passenger']['pool_idle_time']
- passenger pool idle time (default=300
) -
node['nginx']['passenger']['max_requests']
- maximum requests (default=0
) -
node['nginx']['passenger']['nodejs']
- Nodejs path for Passenger to use (default=nil) -
node['nginx']['passenger']['show_version_in_header']
- Show passenger version in HTTP headers (default=on
)
Basic configuration to use the official Phusion Passenger repositories:
-
node['nginx']['repo_source']
- 'passenger' -
node['nginx']['package_name']
- 'nginx-extras' -
node['nginx']['passenger']['install_method']
- 'package'
chef_nginx::openssl_source
These attributes are used in the chef_nginx::openssl_source
recipe.
-
node['nginx']['openssl_source']['version']
- The version of OpenSSL you want to download and use (default: 1.0.1t) -
node['nginx']['openssl_source']['url']
- The url for the OpenSSL source
chef_nginx::rate_limiting
-
node['nginx']['enable_rate_limiting']
- set to true to enable rate limiting (limit_req_zone
in nginx.conf) -
node['nginx']['rate_limiting_zone_name']
- sets the zone inlimit_req_zone
. -
node['nginx']['rate_limiting_backoff']
- sets the backoff time forlimit_req_zone
. -
node['nginx']['rate_limit']
- set the rate limit amount forlimit_req_zone
.
chef_nginx::socketproxy
These attributes are used in the chef_nginx::socketproxy
recipe.
-
node['nginx']['socketproxy']['root']
- The directory (on your server) where socketproxy apps are deployed. -
node['nginx']['socketproxy']['default_app']
- Static assets directory for requests to "/" that don't meet any proxy_pass filter requirements. -
node['nginx']['socketproxy']['apps']['app_name']['prepend_slash']
- Prepend a slash to requests to app "app_name" before sending them to the socketproxy socket. -
node['nginx']['socketproxy']['apps']['app_name']['context_name']
- URI (e.g. "app_name" in order to achieve "http://mydomain.com/app_name") at which to host the application "app_name" -
node['nginx']['socketproxy']['apps']['app_name']['subdir']
- Directory (undernode['nginx']['socketproxy']['root']
) in which to find the application.
chef_nginx::source
These attributes are used in the chef_nginx::source
recipe. Some of them are dynamically modified during the run. See attributes/source.rb
for default values.
-
node['nginx']['source']['url']
- (versioned) URL for the nginx source code. By default this will use the version specified asnode['nginx']['version']
. -
node['nginx']['source']['prefix']
- (versioned) prefix for installing nginx from source -
node['nginx']['source']['conf_path']
- location of the main config file, innode['nginx']['dir']
by default. -
node['nginx']['source']['modules']
- Array of modules that should be compiled into nginx by including their recipes inchef_nginx::source
. -
node['nginx']['source']['default_configure_flags']
- The default flags passed to the configure script when building nginx. -
node['nginx']['configure_flags']
- Preserved for compatibility and dynamically generated from thenode['nginx']['source']['default_configure_flags']
in thechef_nginx::source
recipe. -
node['nginx']['source']['use_existing_user']
- set totrue
if you do not wantchef_nginx::source
recipe to create system user with namenode['nginx']['user']
.
chef_nginx::status
These attributes are used in the chef_nginx::http_stub_status_module
recipe.
-
node['nginx']['status']['port']
- The port on which nginx will serve the status info (default: 8090)
chef_nginx::syslog
These attributes are used in the chef_nginx::syslog_module
recipe.
-
node['nginx']['syslog']['git_repo']
- The git repository url to use for the syslog patches. -
node['nginx']['syslog']['git_revision']
- The revision on the git repository to checkout.
chef_nginx::upload_progress
These attributes are used in the chef_nginx::upload_progress_module
recipe.
-
node['nginx']['upload_progress']['url']
- URL for the tarball. -
node['nginx']['upload_progress']['checksum']
- Checksum of the tarball. -
node['nginx']['upload_progress']['javascript_output']
- Output in javascript. Default istrue
for backwards compatibility. -
node['nginx']['upload_progress']['zone_name']
- Zone name which will be used to store the per-connection tracking information. Default isproxied
. -
node['nginx']['upload_progress']['zone_size']
- Zone size in bytes. Default is1m
(1 megabyte).
Resources
nginx_site
Enable or disable a Server Block in #{node['nginx']['dir']}/sites-available
by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in #{node['nginx']['dir']}/sites-enabled
.
Actions
-
enable
- Enable the nginx site (default) -
disable
- Disable the nginx site
Properties:
-
name
- (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that. -
template
- (optional) Path to the source for thetemplate
resource. -
variables
- (optional) Variables to be used with thetemplate
resource
Ohai Plugin
The ohai_plugin
recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package):
-
node['nginx']['version']
- version of nginx -
node['nginx']['configure_arguments']
- options passed to./configure
when nginx was built -
node['nginx']['prefix']
- installation prefix -
node['nginx']['conf_path']
- configuration file path
In the source recipe, it is used to determine whether control attributes for building nginx have changed.
Usage
This cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the chef_nginx::default recipe.
Package installation using the nginx.org repositories
Nginx provides repositories for RHEL, Debian/Ubuntu, and Suse platforms with up to date packages available on older distributions. Due to the age of many nginx packages shipping with distros we believe this is the ideal installation method. With no attributes set the nginx.org repositories will be added to your system and nginx will be installed via package. This provides a solid out of the box install for most users.
Package installation using distro repositories
If you prefer to use the packages included in your distro or to roll your own packages you'll want to set node['nginx']['repo_source']
to nil
or distro
to skip the repository setup. The default recipe will still install nginx from packages, but you'll retain control over the package location.
Source installation to compile non-dynamic modules
If you need control over how nginx is built, or you need non-dynamic modules to be included you'll need to compile nginx from source. We highly recommend against using this method as it requires the installation of a full compilation toolchain and development dependencies on your nodes. Creating your own packages with nginx compiled as necessary is a preferred option. If that's not possible you can set node['nginx']['install_method']
to source
and provide a version in node['nginx']['version']
.
Specifying Modules to compile
The following recipes are used to build module support into nginx. To compile a module, add its recipe name to the array attribute node['nginx']['source']['modules']
.
-
ipv6.rb
- enables IPv6 support -
headers_more_module
- -
http_auth_request_module
` -
http_echo_module.rb
- downloads thehttp_echo_module
module and enables it as a module when compiling nginx. -
http_geoip_module.rb
- installs the GeoIP libraries and data files and enables the module for compilation. -
http_gzip_static_module.rb
- enables the module for compilation. Be sure to setnode['nginx']['gzip_static'] = 'yes'
. -
http_mp4_module
- -
http_perl_module.rb
- enables embedded Perl for compilation. -
http_realip_module.rb
- enables the module for compilation and creates the configuration. -
http_spdy_module
- -
http_ssl_module.rb
- enables SSL for compilation. -
http_stub_status_module.rb
- providesnginx_status
configuration and enables the module for compilation. http_v2_module
-
ipv6
- -
naxsi_module
- enables the naxsi module for the web application firewall for nginx. -
ngx_devel_module
- -
ngx_lua_module
- -
openssl_source.rb
- downloads and uses custom OpenSSL source when compiling nginx -
pagespeed_module
- -
passenger
- builds the passenger gem and configuration for "mod_passenger
". -
set_misc
- -
syslog_module
- enables syslog support for nginx. This only works with source builds. See https://github.com/yaoweibin/nginx_syslog_patch - -
upload_progress_module.rb
- builds theupload_progress
module and enables it as a module when compiling nginx.
Resources
nginx_site
Enable or disable a Server Block in #{node['nginx']['dir']}/sites-available
by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in #{node['nginx']['dir']}/sites-enabled
.
Actions
-
enable
- Enable the nginx site (default) -
disable
- Disable the nginx site
Properties:
-
name
- (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that. -
template
- (optional) Path to the source for thetemplate
resource. -
cookbook
- (optional) The cookbook that contains the template source. -
variables
- (optional) Variables to be used with thetemplate
resource
Adding New Modules
Previously we'd add each possible module to this cookbook itself. That's not necessary using wrapper cookbooks and we'd prefer to not add any addition module recipes at this time. Instead in your nginx wrapper cookbook setup any necessary packages and then include the follow code to add the module to the list of modules to compile:
node.run_state['nginx_configure_flags'] = node.run_state['nginx_configure_flags'] | ['--with-SOMETHING', "--with-SOME_OPT='things'"]
License & Authors
- Author:: Joshua Timberman (joshua@chef.io)
- Author:: Adam Jacob (adam@chef.io)
- Author:: AJ Christensen (aj@chef.io)
- Author:: Jamie Winsor (jamie@vialstudios.com)
- Author:: Mike Fiedler (miketheman@gmail.com)
Copyright 2008-2016, Chef Software, Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Dependent cookbooks
build-essential >= 0.0.0 |
ohai >= 4.1.0 |
yum-epel >= 0.0.0 |
compat_resource >= 12.16.3 |
zypper >= 0.0.0 |
Contingent cookbooks
nginx Cookbook CHANGELOG
This file is used to list changes made in each version of the nginx cookbook.
6.0.1 (2017-04-04)
- double quotes are unnecessary in lua configure flags
6.0.0 (2017-03-25)
Breaking change
- Support for Runit as an init system has been removed. If you require runit you will need to pin to the 5.X cookbook release. We highly recommend using either systemd or upstart instead of Runit.
Other changes
- Install nginx 1.10.3 for source based installs
- Remove freebsd cookbook from testing as it’s not necessary anymore
- Bump OpenSSL to 1.0.2k
5.1.3 (2017-03-24)
- Update apache2 license string
- Add image/svg+xml to gzip_files defaults
- support
worker_shutdown_timeout
released in 1.11.11
5.1.2 (2017-03-14)
- Setup LD options to include /usr/local/lib for libluajit in search path and bump the lua version
5.1.1 (2017-03-02)
- Add WantedBy to systemd service file so it starts at boot
- Avoid a warning in nginx_site by moving the template check outside the resource
- Allow nginx_site to specify template as an array of templates
5.1.0 (2017-03-01)
- Support the load_module directive
- Test with Local Delivery and not Rake
- Remove EOL platforms from the kitchen configs
5.0.7 (2017-02-12)
- Fix Opsworks compatibility
- Resolve a Chef 13 deprecation warning
5.0.6 (2017-01-16)
- Rebuild shared library cache after installing luajit
5.0.5 (2017-01-09)
- Fix typo in the pagespeed recipe
5.0.4 (2017-01-04)
- Avoid deprecation warnings by only defining nginx service once
5.0.3 (2017-01-03)
- Add ability to write passenger log to another location
- Properly disable the default site with nginx.org packages
5.0.2 (2016-12-22)
- Requite the latest compat_resource
5.0.1 (2016-12-13)
- Use multipackage in pagespeed module recipe to speed up installs
- Simplify the distro repo setup logic to ensure we're using the correct repos under all conditions. Previously the upstream repo was being missed on Suse systems
- Determine pidfile location correctly via a helper so we correctly set pidfiles when using Upstream packages on Ubuntu 14.04 / 16.04. This involved removing the attribute for the pidfile location, which may cause issues if you relied on that attribute.
- Testing improvements to make sure all suites run and the suites are testing the correct conditions
5.0.0 (2016-12-07)
Breaking changes
- Default to the upstream nginx.org repo for package installs. The official nginx repo gives an improved experience over outdated distro releases. This can be disabled via attribute if you'd like to remain on the distro packages.
Other changes
- Add a deprecation warning when using runit
- Rewrite the readme usage section
- Better document how to compile modules
4.0.2 (2016-12-01)
- Default to openssl 1.0.2j with source installs
- Add cookbook property to the nginx_site resource to allow using templates defined in other cookbooks
- Prevent default docroot index.html on bad url in status
- Readme improvements
4.0.1 (2016-10-31)
- Fix a version check in the realip recipe
- Align the config with the default config a bit
- Fix the ChefSpec matchers now that nginx_site is a custom resource
4.0.0 (2016-10-31)
Breaking changes
The nginx_site definition is now a custom_resource. This improves the overall experience and allows for notifications and reporting on resource updates. It does change the behavior in some circumstances however. Previously to disable a site you would set 'enable false' on your definition. This will still function, but will result in a deprecation warning. Instead you should use 'action :disable' since this is a real resource now.
Other changes
- Avoid splitting on compile params in the ohai plugin, which resulted in some source installs attempting to install on every Chef run.
- Expanded testing and improved kitchen suite setup
- Improved documentation of attributes and cookbook usage
3.2.0 (2016-10-28)
- Reload nginx on site change
3.1.2 (2016-10-24)
- [GH-26] Remove guard on package[nginx] resource
- Fix pcre packages on RHEL that prevented pagespeed module compilation
3.1.1 (2016-09-21)
- Raise on error vs. Chef::Appliation.fatal
- Require compat_resource with notification fixes
3.1.0 (2016-09-14)
- Resolve FC023 warnings
- FreeBSD fixes
- Fail hard on unsupported platforms in the source recipe
- Install 'ca-certificates' packages with passenger
- Add
passenger_show_version_in_header
config - Remove chef 11 compatibility
- Replace apt/yum deps with compat_resource
- Fix specs for freebsd source installs
- Remove apt recipe from the repo_passenger recipe
- Switch to += operator as << also incorrectly replaces text in root.
3.0.0 (2016-08-18)
Breaking changes
Ideally we'd offer perfect backwards compatibility forever, but in order to maintain the cookbook going forward we've evaluated the current scope of the cookbook and removed lesser used functionality that added code complexity.
- The minimum chef-client version is now 12.1 or later, which will enables support for Ohai 7+ plugins, the ohai_plugin custom resource, and automatic init system discovery.
- Support for Gentoo has been removed. Gentoo lacks an official Chef package and there is no Bento image to use for Test Kitchen integration tests.
- Support for the bluepill init system has been removed. Usage of this init system has declined, and supporting it added a cookbook dependency as well as code complexity.
- Ubuntu source installs will no longer default to runit, and will instead use either Upstart or Systemd depending on the release of Ubuntu. You can still force the use of runit by setting default['nginx']['init_style'] to 'runit'. Runit was used historically before reliable init systems were shipped with Ubuntu. Both Upstart and Systemd have the concept of restarting on failure, which was the main reason for choosing Runit over sys-v init.
Other changes
- Don't setup the YUM EPEL repo on Fedora as it's not needed
- Systemd based platforms will now use systemd by default for source installs
- Retry downloads of the nginx source file as the mirror sometimes fails to load
- Download the nginx source from the secure nginx.org site
- Updated the Ohai plugin to avoid deprecation notices and function better on non us-en locale systems
- Install source install pre-reqs using multi-package which speeds up Chef runs
- Add testing in Travis with Kitchen Dokken for full integration testing of each PR
- Add integration test on Chef 12.1 as well as the latest Chef to ensure compatibility with the oldest release we support
- Remove installation of apt-transport-https and instead increase the apt dependency to >= 2.9.1 which includes the installation of apt-transport-https
- Don't try to setup the nginx.org repo on Fedora as this will fail
- Better log when trying to setup repositories on unsupported platforms
- Fixed source_url and issue_url in the metadata to point to the correct URLs
- Removed Chef 10 compatibility code
- Chefspec platform updates and minor fixes
- Replace all usage of node.set with node.normal to avoid deprecation notices
- Remove the suse init script that isn't used anymore
- Speed up the specs with caching
- Move test attributes and runlists out the kitchen.yml files and into a test cookbook
2.9.0 (2016-08-12)
- Add support for Suse Nginx.org packages
v2.8.0 (2016-08-12)
This is the first release of the nginx codebase under the chef_nginx namespace. We've chosen to bring this cookbook under the direction of the Community Cookbook Team, in order to ship a working 2.X release. The cookbook name has been changed, but all attributes are the same and compatibility has been maintained. After this 2.8.0 release we will release 3.0 as a Chef 12+ version of the cookbook and then work to add additional custom resources for managing nginx with wrapper cookbooks. Expect regular releases as we march towards a resource driven model.
- Removed the restrictive version constraints for cookbook dependencies that prevented users from utilizing new functionality. Ohai has been pinned to < 4.0 to allow for Chef 11 compatibility, but other cookbooks have no upper limit
- Updated all modules in the source install to their latest releases
- Removed the GeoIP database checksums as these files are constantly updates and this causes Chef run failures
- Updated OpenSSL for source installs to 1.0.1t
- Updated the source install of Nginx to version 1.10.1
- Updated the ohai recipe to install a Ohai 7+ compatible plugin on systems running Ohai 7+
- Fixed installation of Passenger version 5.X+
- Added a http_v2_module recipe
- Replaced node.set usage with node.normal to avoid deprecation warnings
- Removed the apt version pin in the Berkfile that wasn't necessary and constrained the apt version
- Removed the lua-devel package install from the lua recipe that failed chef runs and wasn't necessary
- Removed duplicate packages from the source module installs
- Added a dependency on the yum cookbook which was missing from the metadata
- Updated the mime.types file and added the charset_types configuration option to the nginx config
- Added source_url, issue_url, and chef_version metadata
- Fixed the pid file attribute logic for Ubuntu 16.04
- Removed the Contributing doc that was for contributing to Opscode cookbooks
- Updated all test dependencies in the Gemfile
- Removed default user/group/mode declarations from resources for simplicity
- Updated documentation for dependencies in the README
- Added a chefignore file to limit the cookbook files that are uploaded to the chef server and speed up cookbook syncs to nodes
- Added additional platforms to the Test Kitchen config and removed the .kitchen.cloud.yml file
- Switched integration tests to Inspec and fixed several non-functional tests
- Switched from Rubocop to Cookstyle and resolved all warnings
- Added the standard Chef Rakefile for simplified testing
- Updated Chefspecs to avoid constant deprecation warnings and converge using chef-zero on a newer Debian 8 system
- Switch Travis CI testing to use ChefDK instead of RVM/Gem installs
- Removed testing dependencies from the Gemfile as testing should be performed via ChefDK. Release gems are still in the Gemfile as they are not shipped with ChefDK
- Added a maintainers.md doc and updated the contributing/testing docs to point to the Chef docs
- Removed Guard as guard-foodcritic doesn't support the latest release which makes guard incompatible with ChefDK
v2.7.6 (2015-03-17)
- Bugfix sites do not need a .conf suffix anymore, #338
v2.7.5 (2015-03-17)
NOTE As of this release, this cookbook in its current format is deprecated, and only critical bugs and fixes will be added. A complete rewrite is in progress, so we appreciate your patience while we sort things out. The amount of change included here
- Fix nginx 1.4.4 archive checksum to prevent redownload, #305
- Allow setting an empty string to prevent additional repos, #243
- Use correct
mime.types
for javascript, #259 - Fix
headers_more
module for source installs, #279, @josh-padnick & @miketheman - Remove
libtool
fromgeoip
and update download paths & checksums, @miketheman - Fix unquoted URL with params failing geoip module build (and tests!), #294 & @miketheman
- Fix typo in
source.rb
, #205 - Test updates: ChefSpec, test-kitchen. Lots of help by @jujugrrr
- Toolchain updates for testing
- Adds support for
tcp_nopush
,tcp_nodelay
@shtouff
After merging a ton of pull requests, here's a brief changelog. Click each to read more.
- Merge pull request #335 from @stevenolen
- Merge pull request #332 from @monsterstrike
- Merge pull request #331 from @jalberto
- Merge pull request #327 from @nkadel-skyhook
- Merge pull request #326 from @bchrobot
- Merge pull request #325 from @CanOfSpam3bug324
- Merge pull request #321 from @jalberto
- Merge pull request #318 from @evertrue
- Merge pull request #314 from @bkw
- Merge pull request #312 from @thomasmeeus
- Merge pull request #310 from @morr
- Merge pull request #305 from @irontoby
- Merge pull request #302 from @auth0
- Merge pull request #298 from @Mytho
- Merge pull request #269 from @yveslaroche
- Merge pull request #259 from @dwradcliffe
- Merge pull request #254 from @evertrue
- Merge pull request #252 from @gkra
- Merge pull request #249 from @whatcould
- Merge pull request #240 from @jcoleman
- Merge pull request #236 from @adepue
- Merge pull request #230 from @n1koo
- Merge pull request #225 from @thommay
- Merge pull request #223 from @firmhouse
- Merge pull request #220 from @evertrue
- Merge pull request #219 from @evertrue
- Merge pull request #204 from @usertesting
- Merge pull request #200 from @ffuenf
- Merge pull request #188 from @larkin
- Merge pull request #184 from @tvdinner
- Merge pull request #183 from @jenssegers
- Merge pull request #174 from @9minutesnooze
https://github.com/miketheman/nginx/compare/v2.7.4...v2.7.5
v2.7.4 (2014-06-06)
- [COOK-4703] Default openssl version to 1.0.1h to address CVE-2014-0224
v2.7.2 (2014-05-27)
- [COOK-4658] - Nginx::socketproxy if the context is blank or nonexistent, the location in the config file has a double slash at the beginning
- [COOK-4644] - add support to nginx::repo for Amazon Linux
- Allow .kitchen.cloud.yml to use an environment variable for the EC2 Availability Zone
v2.7.0 (2014-05-15)
- [COOK-4643] - Update metadata lock on ohai
- [COOK-4588] - Give more love to FreeBSD
- [COOK-4601] - Add proxy type: Socket
v2.6.2 (2014-04-09)
[COOK-4527] - set default openssl source version to 1.0.1g to address CVE-2014-0160 aka Heartbleed
v2.6.0 (2014-04-08)
- Reverting COOK-4323
v2.5.0 (2014-03-27)
- [COOK-4323] - Need a resource to easily configure available sites (vhosts)
v2.4.4 (2014-03-13)
- Updating for build-essential 2.0
v2.4.2 (2014-02-28)
Fixing bad commit from COOK-4330
v2.4.1 (2014-02-27)
- [COOK-4345] - nginx default recipe include install type recipe directly
v2.4.0 (2014-02-27)
- [COOK-4380] - kitchen.yml platform listings for ubuntu-10.04 and ubuntu-12.04 are missing the dot
- [COOK-4330] - Bump nginx version for security issues (CVE-2013-0337, CVE-2013-4547)
v2.3.0 (2014-02-25)
- COOK-4293 - Update testing Gems in nginx and fix a rubocop warnings
- **[COOK-4237] - Nginx version incorrectly parsed on Ubuntu 13
- **[COOK-3866] - Nginx default site folder
v2.2.2 (2014-01-23)
[COOK-3672] - Add gzip_static option
v2.2.0
No changes. Version bump for toolchain
v2.1.0
[COOK-3923] - Enable the list of packages installed by nginx::passenger to be configurable [COOK-3672] - Nginx should support the gzip_static option Updating for yum ~> 3.0 Fixing up style for rubocop Updating test-kitchen harness
v2.0.8
fixing metadata version error. locking to 3.0
v2.0.6
Locking yum dependency to '< 3'
v2.0.4
Bug
- COOK-3808 - nginx::passenger run fails because of broken installation of package dependencies
- COOK-3779 - Build in master fails due to rubocop error
v2.0.2
Bug
- COOK-3808 - nginx::passenger run fails because of broken installation of package dependencies
- COOK-3779 - Build in master fails due to rubocop error
v2.0.0
Improvement
- COOK-3733 - Add RPM key names and GPG checking
-
COOK-3687 - Add support for
http_perl
- COOK-3603 - Add a recipe for using custom openssl
- COOK-3602 - Use an attribute for the status module port
- COOK-3549 - Refactor custom modules support
-
COOK-3521 - Add support for
http_auth_request
-
COOK-3520 - Add support for
spdy
-
COOK-3185 - Add
gzip_*
attributes -
COOK-2712 - Update
upload_progress
version to 0.9.0
Bug
- COOK-3686 - Remove deprecated 'passenger_use_global_queue' directive
- COOK-3626 - Parameterize hardcoded path to helper scripts
- COOK-3571 - Reloda ohai plugin after installation
-
COOK-3428 - Fix an issue where access logs are not disabled when the
disable_access_log
attribute is set totrue
-
COOK-3322 - Fix an issue where
nginx::ohai_plugin
fails when using source recipe -
COOK-3241 - Fix an issue where
nginx::ohai_plugin
fails unless using source recipe
New Feature
- COOK-3605 - Add Lua module
v1.8.0
Bug
- COOK-3397 - Fix user from nginx package on Gentoo
- COOK-2968 - Fix foodcritic failure
-
COOK-2723 - Remove duplicate passenger
max_pool_size
Improvement
-
COOK-3186 - Add
client_body_buffer_size
andserver_tokens attributes
- COOK-3080 - Add rate-limiting support
-
COOK-2927 - Add support for
real_ip_recursive
directive - COOK-2925 - Fix ChefSpec converge
- COOK-2724 - Automatically create directory for PID file
- COOK-2472 - Bump nginx version to 1.2.9
-
COOK-2312 - Add additional
mine_types
to thegzip_types
value
New Feature
- COOK-3183 - Allow inclusion in extra-cookbook modules
v1.7.0
Improvement
- [COOK-3030]: The repo_source attribute should allow you to not add any additional repositories to your node
Sub-task
- [COOK-2738]: move nginx::passenger attributes to
nginx/attributes/passenger.rb
v1.6.0
Task
- [COOK-2409]: update nginx::source recipe for new
runit_service
resource - [COOK-2877]: update nginx cookbook test-kitchen support to 1.0 (alpha)
Improvement
- [COOK-1976]: nginx source should be able to configure binary path
- [COOK-2622]: nginx: add upstart support
- [COOK-2725]: add "configtest" subcommand in initscript
Bug
- [COOK-2398]: nginx_site definition cannot be used to manage the default site
- [COOK-2493]: Resources in nginx::source recipe always use 1.2.6 version, even overriding version attribute
- [COOK-2531]: Remove usage of non-existant attribute "description" for
apt_repository
- [COOK-2665]: nginx::source install with custom sbin_path breaks ohai data
v1.4.0
- [COOK-2183] - Install nginx package from nginxyum repo
- [COOK-2311] - headers-more should be updated to the latest version
- [COOK-2455] - Support sendfile option (nginx.conf)
v1.3.0
- [COOK-1979] - Passenger module requires curl-dev(el)
- [COOK-2219] - Support
proxy_read_timeout
(in nginx.conf) - [COOK-2220] - Support
client_max_body_size
(in nginx.conf) - [COOK-2280] - Allow custom timing of nginx_site's reload notification
- [COOK-2304] - nginx cookbook should install 1.2.6 not 1.2.3 for source installs
- [COOK-2309] - checksums for geoip files need to be updated in nginx
- [COOK-2310] - Checksum in the
nginx::upload_progress
recipe is not correct - [COOK-2314] - nginx::passenger: Install the latest version of passenger
- [COOK-2327] - nginx: passenger recipe should find ruby via Ohai
- [COOK-2328] - nginx: Update mime.types file to the latest
- [COOK-2329] - nginx: Update naxsi rules to the current
v1.2.0
- [COOK-1752] - Add headers more module to the nginx cookbook
- [COOK-2209] - nginx source recipe should create web user before creating directories
- [COOK-2221] - make nginx::source compatible with gentoo
- [COOK-2267] - add version for runit recommends
v1.1.4
- [COOK-2168] - specify package name as an attribute
v1.1.2
- [COOK-1766] - Nginx Source Recipe Rebuilding Source at Every Run
- [COOK-1910] - Add IPv6 module
- [COOK-1966] - nginx cookbook should let you set
gzip_vary
andgzip_buffers
in nginx.conf - [COOK-1969]- - nginx::passenger module not included due to use of symbolized
:nginx_configure_flags
- [COOK-1971] - Template passenger.conf.erb configures key
passenger_max_pool_size
2 times - [COOK-1972] - nginx::source compile_nginx_source reports success in spite of failed compilation
- [COOK-1975] - nginx::passenger requires rake gem
- [COOK-1979] - Passenger module requires curl-dev(el)
- [COOK-2080] - Restart nginx on source compilation
v1.1.0
- [COOK-1263] - Nginx log (and possibly other) directory creations should be recursive
- [COOK-1515] - move creation of
node['nginx']['dir']
out of commons.rb - [COOK-1523] - nginx
http_geoip_module
requires libtoolize - [COOK-1524] - nginx checksums are md5
- [COOK-1641] - add "use", "
multi_accept
" and "worker_rlimit_nofile
" to nginx cookbook - [COOK-1683] - Nginx fails Windows nodes just by being required in metadata
- [COOK-1735] - Support Amazon Linux in nginx::source recipe
- [COOK-1753] - Add ability for nginx::passenger recipe to configure more Passenger global settings
- [COOK-1754] - Allow group to be set in nginx.conf file
- [COOK-1770] - nginx cookbook fails on servers that don't have a "cpu" attribute
- [COOK-1781] - Use 'sv' to reload nginx when using runit
- [COOK-1789] - stop depending on bluepill, runit and yum. they are not required by nginx cookbook
- [COOK-1791] - add name attribute to metadata
- [COOK-1837] - nginx::passenger doesn't work on debian family
- [COOK-1956] - update naxsi version due to incompatibility with newer nginx
v1.0.2
- [COOK-1636] - relax the version constraint on ohai
v1.0.0
- [COOK-913] - defaults for gzip cause warning on service restart
- [COOK-1020] - duplicate MIME type
- [COOK-1269] - add passenger module support through new recipe
- [COOK-1306] - increment nginx version to 1.2 (now 1.2.3)
- [COOK-1316] - default site should not always be enabled
- [COOK-1417] - resolve errors preventing build from source
- [COOK-1483] - source prefix attribute has no effect
- [COOK-1484] - source relies on /etc/sysconfig
- [COOK-1511] - add support for naxsi module
- [COOK-1525] - nginx source is downloaded every time
- [COOK-1526] - nginx_site does not remove sites
- [COOK-1527] - add
http_echo_module
recipe
v0.101.6
Erroneous cookbook upload due to timeout.
Version #'s are cheap.
v0.101.4
- [COOK-1280] - Improve RHEL family support and fix ohai_plugins recipe bug
- [COOK-1194] - allow installation method via attribute
- [COOK-458] - fix duplicate nginx processes
v0.101.2
- [COOK-1211] - include the default attributes explicitly so version is available.
v0.101.0
Attribute Change: node['nginx']['url']
-> node['nginx']['source']['url']
; see the README.md.
- [COOK-1115] - daemonize when using init script
- [COOK-477] - module compilation support in nginx::source
v0.100.4
- [COOK-1126] - source version bump to 1.0.14
v0.100.2
- [COOK-1053] - Add :url attribute to nginx cookbook
v0.100.0
- [COOK-818] - add "application/json" per RFC.
- [COOK-870] - bluepill init style support
- [COOK-957] - Compress application/javascript.
- [COOK-981] - Add reload support to NGINX service
v0.99.2
- [COOK-809] - attribute to disable access logging
- [COOK-772] - update nginx download source location
Collaborator Number Metric
6.0.1 passed this metric
Contributing File Metric
6.0.1 passed this metric
Foodcritic Metric
6.0.1 passed this metric
License Metric
6.0.1 passed this metric
No Binaries Metric
6.0.1 passed this metric
Testing File Metric
6.0.1 passed this metric
Version Tag Metric
6.0.1 passed this metric
6.0.1 passed this metric
6.0.1 passed this metric
Foodcritic Metric
6.0.1 passed this metric
License Metric
6.0.1 passed this metric
No Binaries Metric
6.0.1 passed this metric
Testing File Metric
6.0.1 passed this metric
Version Tag Metric
6.0.1 passed this metric
6.0.1 passed this metric
6.0.1 passed this metric
No Binaries Metric
6.0.1 passed this metric
Testing File Metric
6.0.1 passed this metric
Version Tag Metric
6.0.1 passed this metric
6.0.1 passed this metric
6.0.1 passed this metric
Version Tag Metric
6.0.1 passed this metric
6.0.1 passed this metric