from bundlewrap.metadata import atomic defaults = { 'apt': { 'repos': { 'nginx': { 'items': { 'deb http://nginx.org/packages/{os} {os_release} nginx', }, }, }, }, 'backups': { 'paths': { '/var/www', }, }, 'nginx': { 'worker_connections': 768, }, 'monit': { 'services': { 'nginx': { 'bin': '/usr/sbin/nginx', }, }, }, } @metadata_reactor.provides( 'nginx/worker_processes', ) def worker_processes(metadata): return { 'nginx': { 'worker_processes': metadata.get('vm/cpu', 2), }, } @metadata_reactor.provides( 'letsencrypt/domains', 'letsencrypt/reload_after', 'nginx/vhosts', ) def letsencrypt(metadata): if not node.has_bundle('letsencrypt'): raise DoNotRunAgain domains = {} vhosts = {} for vhost, config in metadata.get('nginx/vhosts', {}).items(): if config.get('ssl', 'letsencrypt') == 'letsencrypt': domain = config.get('domain', vhost) domains[domain] = config.get('domain_aliases', set()) vhosts[vhost] = { 'ssl': 'letsencrypt', } return { 'letsencrypt': { 'domains': domains, 'reload_after': { 'nginx', }, }, 'nginx': { 'vhosts': vhosts, }, } @metadata_reactor.provides( 'nginx/vhosts', ) def index_files(metadata): vhosts = {} for vhost, config in metadata.get('nginx/vhosts', {}).items(): vhosts[vhost] = { 'index': [ 'index.html', 'index.htm', ], } if config.get('php', False): # If we're using PHP, make sure index.php is tried first vhosts[vhost]['index'].insert(0, 'index.php') return { 'nginx': { 'vhosts': vhosts, }, } @metadata_reactor.provides( 'monit/services/nginx/http', ) def monithttp(metadata): http = {} for vname, vconfig in metadata.get('nginx/vhosts', {}).items(): domain = vconfig.get('domain', vname) if vconfig['ssl']: scheme = 'https' else: scheme = 'http' http[domain] = { 'scheme': scheme, } return { 'monit': { 'services': { 'nginx': { 'http': http, }, }, }, } @metadata_reactor.provides( 'firewall/port_rules/80', 'firewall/port_rules/443', ) def firewall(metadata): return { 'firewall': { 'port_rules': { '80': atomic(metadata.get('nginx/restrict-to', {'*'})), '443': atomic(metadata.get('nginx/restrict-to', {'*'})), }, }, }