# limitations under the License.
#
-package "nginx"
+include_recipe "apt"
+include_recipe "munin"
+include_recipe "prometheus"
+include_recipe "ssl"
-resolvers = node[:networking][:nameservers].map do |resolver|
- IPAddr.new(resolver).ipv6? ? "[#{resolver}]" : resolver
-end
+package "nginx"
template "/etc/nginx/nginx.conf" do
source "nginx.conf.erb"
owner "root"
group "root"
- mode 0o644
- variables :resolvers => resolvers
+ mode "644"
end
-directory "/var/cache/nginx/fastcgi-cache" do
+directory node[:nginx][:cache][:fastcgi][:directory] do
owner "www-data"
group "root"
- mode 0o755
+ mode "755"
+ recursive true
only_if { node[:nginx][:cache][:fastcgi][:enable] }
end
-directory "/var/cache/nginx/proxy-cache" do
+directory node[:nginx][:cache][:proxy][:directory] do
owner "www-data"
group "root"
- mode 0o755
- only_if { node[:nginx][:cache][:proxy][:enable] }
-end
-
-# Temporary Cleanup to remove old levels=1:2 cache after migration to 2:2:2
-execute "nginx-remove-old-fastcgi-cache" do
- command "/usr/bin/find /var/cache/nginx/fastcgi-cache/ -mindepth 3 -maxdepth 3 -type f -delete"
- ignore_failure true
- only_if { node[:nginx][:cache][:fastcgi][:enable] }
-end
-
-# Temporary Cleanup to remove old levels=1:2 cache after migration to 2:2:2
-execute "nginx-remove-old-proxy-cache" do
- command "/usr/bin/find /var/cache/nginx/proxy-cache/ -mindepth 3 -maxdepth 3 -type f -delete"
- ignore_failure true
+ mode "755"
+ recursive true
only_if { node[:nginx][:cache][:proxy][:enable] }
end
munin_plugin "nginx_request"
munin_plugin "nginx_status"
+
+prometheus_exporter "nginx" do
+ port 9113
+ options "--nginx.scrape-uri=http://localhost:8050/nginx_status"
+end
+
+template "/usr/local/bin/nginx-old-cache-cleanup" do
+ source "nginx-old-cache-cleanup.erb"
+ owner "root"
+ group "root"
+ mode "755"
+end
+
+cron_d "nginx-old-cache-cleanup" do
+ minute "15"
+ hour "23"
+ user "www-data"
+ command "/usr/bin/timeout 6h /usr/local/bin/nginx-old-cache-cleanup"
+end