-
-
Notifications
You must be signed in to change notification settings - Fork 881
/
redhat.pp
110 lines (101 loc) · 4.28 KB
/
redhat.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# @summary Manage NGINX package installation on RedHat based systems
# @api private
class nginx::package::redhat {
$package_name = $nginx::package_name
$package_source = $nginx::package_source
$package_ensure = $nginx::package_ensure
$package_flavor = $nginx::package_flavor
$passenger_package_ensure = $nginx::passenger_package_ensure
$passenger_package_name = $nginx::passenger_package_name
$manage_repo = $nginx::manage_repo
$purge_passenger_repo = $nginx::purge_passenger_repo
#Install the CentOS-specific packages on that OS, otherwise assume it's a RHEL
#clone and provide the Red Hat-specific package. This comes into play when not
#on RHEL or CentOS and $manage_repo is set manually to 'true'.
$_os = $facts['os']['name'] ? {
'centos' => 'centos',
'VirtuozzoLinux' => 'centos',
default => 'rhel'
}
$want_module_hotfixes = if versioncmp(fact('os.release.full'), '8.0') >= 0 {
'1'
} else {
'absent'
}
if $manage_repo {
case $package_source {
'nginx', 'nginx-stable': {
yumrepo { 'nginx-release':
baseurl => "https://nginx.org/packages/${_os}/${facts['os']['release']['major']}/\$basearch/",
descr => 'nginx repo',
enabled => '1',
gpgcheck => '1',
priority => '1',
gpgkey => 'https://nginx.org/keys/nginx_signing.key',
before => Package['nginx'],
module_hotfixes => $want_module_hotfixes,
}
if $purge_passenger_repo {
yumrepo { 'passenger':
ensure => absent,
before => Package['nginx'],
}
}
}
'nginx-mainline': {
yumrepo { 'nginx-release':
baseurl => "https://nginx.org/packages/mainline/${_os}/${facts['os']['release']['major']}/\$basearch/",
descr => 'nginx repo',
enabled => '1',
gpgcheck => '1',
priority => '1',
gpgkey => 'https://nginx.org/keys/nginx_signing.key',
before => Package['nginx'],
module_hotfixes => $want_module_hotfixes,
}
if $purge_passenger_repo {
yumrepo { 'passenger':
ensure => absent,
before => Package['nginx'],
}
}
}
'passenger': {
if ($facts['os']['name'] in ['RedHat', 'CentOS', 'VirtuozzoLinux', 'Rocky', 'AlmaLinux']) and ($facts['os']['release']['major'] in ['6', '7', '8', '9']) {
# 2019-11: Passenger changed their gpg key from: `https://packagecloud.io/phusion/passenger/gpgkey`
# to: `https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt`
# Find the latest key by opening: https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
# Also note: Since 6.0.5 there are no nginx packages in the phusion EL7 repository, and nginx packages are expected to come from epel instead
yumrepo { 'passenger':
baseurl => "https://oss-binaries.phusionpassenger.com/yum/passenger/el/${facts['os']['release']['major']}/\$basearch",
descr => 'passenger repo',
enabled => '1',
gpgcheck => '0',
repo_gpgcheck => '1',
priority => '1',
gpgkey => 'https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt',
before => Package['nginx'],
module_hotfixes => $want_module_hotfixes,
}
yumrepo { 'nginx-release':
ensure => absent,
before => Package['nginx'],
}
package { $passenger_package_name:
ensure => $passenger_package_ensure,
require => Yumrepo['passenger'],
}
} else {
fail("${facts['os']['name']} version ${facts['os']['release']['major']} is unsupported with \$package_source 'passenger'")
}
}
default: {
fail("\$package_source must be 'nginx-stable', 'nginx-mainline', or 'passenger'. It was set to '${package_source}'")
}
}
}
package { 'nginx':
ensure => $package_ensure,
name => $package_name,
}
}