itamae/cookbooks/nginx/setup.rb

71 lines
1.2 KiB
Ruby
Raw Permalink Normal View History

2019-03-03 08:50:49 +00:00
# Log rotation setting:
remote_file '/etc/logrotate.d/nginx' do
owner 'root'
group 'root'
mode '644'
end
# Deploy the systemd file:
remote_file '/lib/systemd/system/nginx.service' do
owner 'root'
group 'root'
mode '644'
end
# Firewall Setting:
2023-06-24 12:24:54 +00:00
%w( 80/tcp 443/tcp 443/udp ).each do |port|
2019-03-03 08:50:49 +00:00
execute "ufw allow #{port}" do
user 'root'
not_if "LANG=c ufw status | grep #{port}"
notifies :run, 'execute[ufw reload-or-enable]'
end
end
execute 'ufw reload-or-enable' do
user 'root'
command 'LANG=C ufw reload | grep skipping && ufw --force enable || exit 0'
action :nothing
end
# Service setting:
service 'nginx' do
action [ :enable, :start ]
end
2023-06-24 12:24:54 +00:00
# Deploy `vector` config:
remote_file '/etc/vector/nginx-access.toml' do
owner 'root'
group 'root'
mode '644'
end
2023-06-24 12:24:54 +00:00
remote_file '/etc/systemd/system/vector-nginx-access.service' do
owner 'root'
group 'root'
mode '644'
2023-06-24 12:24:54 +00:00
end
2023-06-24 12:24:54 +00:00
service 'vector-nginx-access' do
action [ :enable, :start ]
end
2023-06-24 12:24:54 +00:00
remote_file '/etc/vector/nginx-error.toml' do
owner 'root'
group 'root'
mode '644'
end
2023-06-24 12:24:54 +00:00
remote_file '/etc/systemd/system/vector-nginx-error.service' do
owner 'root'
group 'root'
mode '644'
end
2023-06-24 12:24:54 +00:00
service 'vector-nginx-error' do
action [ :enable, :start ]
end