Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for new feature: port ranges #1325

Open
wants to merge 30 commits into
base: master
Choose a base branch
from
+100 −42
Open

Add support for new feature: port ranges #1325

Show file tree
Hide file tree
Changes from 24 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
b40a4a1
Update streamhost.pp
00ssh Apr 18, 2019
c00d5e2
Update server.pp
00ssh Apr 18, 2019
efc321e
Update server.pp
00ssh May 29, 2019
d61fb86
Create portrange.pp
00ssh May 29, 2019
b727650
Updated variable name listen_port -> port
00ssh May 29, 2019
b416b8b
Updated variable name port -> ipv6_port
00ssh May 29, 2019
9dbf0a6
Changed variable name from listen_port -> port
00ssh May 29, 2019
be02ef8
added support for port range
00ssh May 29, 2019
dd1afc4
Added listen_port_range to spec attributes
00ssh May 29, 2019
513d75d
Added listen_port_range and ipv6_port_range
00ssh May 29, 2019
d0df89c
Added support for port ranges and ipv6 port ranges
00ssh May 29, 2019
fe09594
fixed value type
00ssh May 29, 2019
ec6a201
fixed value type
00ssh May 29, 2019
e09f5b4
removed new line trailing spaces
00ssh May 29, 2019
366bc45
removed new line trailing spaces
00ssh May 29, 2019
dc8b14a
remove whitespace
00ssh May 29, 2019
6a02424
fixed missing declared resource variable
00ssh May 29, 2019
addd3c6
Updated variable description
00ssh May 29, 2019
d4021eb
Merge pull request #1 from voxpupuli/master
00ssh May 30, 2019
bcad22d
Update streamhost.pp
00ssh Jun 3, 2019
ffaa006
Added nginx version checks for port range support
00ssh Jun 5, 2019
d9292c6
Added nginx version checks for port range support
00ssh Jun 5, 2019
f36f469
Updated specs for port range using nginx_version fact
00ssh Jun 5, 2019
01692cf
Updated spec for stream for port range support with nginx_version fact
00ssh Jun 5, 2019
558b32b
simplified code, updated spec, changed from fact function to $fact
Jun 5, 2019
8907ee4
updated specs for nginx_version in server resource
Jun 5, 2019
bf23d6b
updated specs for nginx_version in server resource
Jun 5, 2019
4045958
Added nginx_version fact to streamhost spec
00ssh Jun 5, 2019
f96006a
removed context "without a value for nginx_version fact"
00ssh Jun 5, 2019
0c7e28a
updated specs with correct titles
Jun 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 38 additions & 4 deletions manifests/resource/server.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
# Parameters:
# [*ensure*] - Enables or disables the specified server (present|absent)
# [*listen_ip*] - Default IP Address for NGINX to listen with this server on. Defaults to all interfaces (*)
# [*listen_port*] - Default IP Port for NGINX to listen with this server on. Defaults to TCP 80
# [*listen_port*] - Default IP Port for NGINX to listen with this server on. Defaults to TCP 80. It can be a port or a port range (eg. '8081-8085').
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The comment here is incorrect. It's forced to be an integer so it can't be a range. Can't we change listen_port to a type Variant[Stdlib::Port, Nginx::PortRange] and handle that in the code? I dislike having two parameters for the same thing.

# [*listen_port_range*] - From Nginx 1.15.10, support for port ranges was added (eg. '8081-8085').
# [*listen_options*] - Extra options for listen directive like 'default_server' to catchall. Undef by default.
# [*listen_unix_socket_enable*] - BOOL value to enable/disable UNIX socket listening support (false|true).
# [*listen_unix_socket*] - Default unix socket for NGINX to listen with this server on. Defaults to UNIX /var/run/nginx.sock
Expand All @@ -17,6 +18,7 @@
# exists on your system before enabling.
# [*ipv6_listen_ip*] - Default IPv6 Address for NGINX to listen with this server on. Defaults to all interfaces (::)
# [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this server on. Defaults to TCP 80
# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port ranges was added (eg. '8081-8085').
# [*ipv6_listen_options*] - Extra options for listen directive like 'default' to catchall. Template will allways add ipv6only=on.
# While issue jfryman/puppet-nginx#30 is discussed, default value is 'default'.
# [*add_header*] - Hash: Adds headers to the HTTP response when response code is equal to 200, 204, 301, 302 or 304.
Expand Down Expand Up @@ -147,6 +149,7 @@
Enum['absent', 'present'] $ensure = 'present',
Variant[Array, String] $listen_ip = '*',
Integer $listen_port = 80,
Optional[Nginx::PortRange] $listen_port_range = undef,
Optional[String] $listen_options = undef,
Boolean $listen_unix_socket_enable = false,
Variant[Array[Stdlib::Absolutepath], Stdlib::Absolutepath] $listen_unix_socket = '/var/run/nginx.sock',
Expand All @@ -157,6 +160,7 @@
Boolean $ipv6_enable = false,
Variant[Array, String] $ipv6_listen_ip = '::',
Integer $ipv6_listen_port = 80,
Optional[Nginx::PortRange] $ipv6_listen_port_range = undef,
String $ipv6_listen_options = 'default ipv6only=on',
Hash $add_header = {},
Boolean $ssl = false,
Expand Down Expand Up @@ -316,9 +320,39 @@
}
}

# If port range is defined, ignore any other $listen_port defined
if versioncmp(fact('nginx_version'), '1.15.10') < 0 {
$port_range_support = false
}
else{
$port_range_support = true
}

if ($listen_port_range != undef) and ($port_range_support == true) {
$port = $listen_port_range
}
elsif ($listen_port_range != undef) and ($port_range_support == false) {
fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)')
}
else{
$port = $listen_port
}

if $ipv6_enable == true{
if ($ipv6_listen_port_range != undef) and ($port_range_support == true) {
$ipv6_port = $ipv6_listen_port_range
}
elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) {
fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)')
}
else {
$ipv6_port = $ipv6_listen_port
}
}

Copy link
Member

@dhoppe dhoppe Jun 5, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@00ssh I think your code is to complicated and does not need to throw an error message. Maybe something like this could work:

  # If port range is defined, ignore any other $listen_port defined
  if versioncmp($facts['nginx_version'], '1.15.10') < 0 {
    $port = $listen_port

    if $ipv6_enable == true {
      $ipv6_port = $ipv6_listen_port
    }
  } else {
    $port = pick_default($listen_port_range, $listen_port)

    if $ipv6_enable == true {
      $ipv6_port = pick_default($ipv6_listen_port_range, $ipv6_listen_port)
    }
  }

https://github.com/puppetlabs/puppetlabs-stdlib/blob/master/REFERENCE.md#pick_default

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dhoppe Hi, Thanks for your suggestions. I've just tested with pick_default and it works just fine. However, I still have to figure out why the travis pipeline is failing (I don't have an environment connected to the internet right now). It looks like "fact('nginx_version')" doesn't return anything.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@00ssh Maybe, for that reason I used $facts['nginx_version'] at the example from above.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dhoppe Thanks. I've updated accordingly. Waiting for tests to pass this time!

# Try to error in the case where the user sets ssl_port == listen_port but
# doesn't set ssl = true
if !$ssl and $ssl_port == $listen_port {
if !$ssl and $ssl_port == $port {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be an issue when port is an array. This repeats below.

warning('nginx: ssl must be true if listen_port is the same as ssl_port')
}

Expand All @@ -341,7 +375,7 @@

# Suppress unneeded stuff in non-SSL location block when certain conditions are
# met.
$ssl_only = ($ssl and $ssl_port == $listen_port) or $ssl_redirect
$ssl_only = ($ssl and $ssl_port == $port) or $ssl_redirect

# If we're redirecting to SSL, the default location block is useless, *unless*
# SSL is enabled for this server
Expand Down Expand Up @@ -424,7 +458,7 @@
}
}

if $listen_port != $ssl_port {
if $port != $ssl_port {
concat::fragment { "${name_sanitized}-header":
target => $config_file,
content => template('nginx/server/server_header.erb'),
Expand Down
72 changes: 54 additions & 18 deletions manifests/resource/streamhost.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@
# [*listen_ip*] - Default IP Address for NGINX to listen with this
# streamhost on. Defaults to all interfaces (*)
# [*listen_port*] - Default IP Port for NGINX to listen with this
# streamhost on. Defaults to TCP 80
# streamhost on. Defaults to TCP 80.
# [*listen_port_range*] - From Nginx 1.15.10, support for port
# ranges was added (eg. '8081-8085').
# [*listen_options*] - Extra options for listen directive like
# 'default' to catchall. Undef by default.
# [*ipv6_enable*] - BOOL value to enable/disable IPv6 support
Expand All @@ -18,6 +20,8 @@
# this streamhost on. Defaults to all interfaces (::)
# [*ipv6_listen_port*] - Default IPv6 Port for NGINX to listen with this
# streamhost on. Defaults to TCP 80
# [*ipv6_listen_port_range*] - From Nginx 1.15.10, support for port
# ranges was added (eg. '8081-8085').
# [*ipv6_listen_options*] - Extra options for listen directive like 'default'
# to catchall. Template will allways add ipv6only=on. While issue
# jfryman/puppet-nginx#30 is discussed, default value is 'default'.
Expand Down Expand Up @@ -47,29 +51,61 @@
# ensure => present,
# }
define nginx::resource::streamhost (
Enum['absent', 'present'] $ensure = 'present',
Variant[Array, String] $listen_ip = '*',
Integer $listen_port = 80,
Optional[String] $listen_options = undef,
Boolean $ipv6_enable = false,
Variant[Array, String] $ipv6_listen_ip = '::',
Integer $ipv6_listen_port = 80,
String $ipv6_listen_options = 'default ipv6only=on',
$proxy = undef,
String $proxy_read_timeout = $nginx::proxy_read_timeout,
$proxy_connect_timeout = $nginx::proxy_connect_timeout,
Array $resolver = [],
$raw_prepend = undef,
$raw_append = undef,
String $owner = $nginx::global_owner,
String $group = $nginx::global_group,
String $mode = $nginx::global_mode,
Enum['absent', 'present'] $ensure = 'present',
Variant[Array, String] $listen_ip = '*',
Integer $listen_port = 80,
Optional[Nginx::PortRange] $listen_port_range = undef,
Optional[String] $listen_options = undef,
Boolean $ipv6_enable = false,
Variant[Array, String] $ipv6_listen_ip = '::',
Integer $ipv6_listen_port = 80,
Optional[Nginx::PortRange] $ipv6_listen_port_range = undef,
String $ipv6_listen_options = 'default ipv6only=on',
$proxy = undef,
String $proxy_read_timeout = $nginx::proxy_read_timeout,
$proxy_connect_timeout = $nginx::proxy_connect_timeout,
Array $resolver = [],
$raw_prepend = undef,
$raw_append = undef,
String $owner = $nginx::global_owner,
String $group = $nginx::global_group,
String $mode = $nginx::global_mode,
) {

if ! defined(Class['nginx']) {
fail('You must include the nginx base class before using any defined resources')
}

# If port range is defined, ignore any other $listen_port defined
if versioncmp(fact('nginx_version'), '1.15.10') < 0 {
$port_range_support = false
}
else{
$port_range_support = true
}

if ($listen_port_range != undef) and ($port_range_support == true) {
$port = $listen_port_range
}
elsif ($listen_port_range != undef) and ($port_range_support == false) {
fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)')
}
else {
$port = $listen_port
}

if $ipv6_enable == true{
if ($ipv6_listen_port_range != undef) and ($port_range_support == true) {
$ipv6_port = $ipv6_listen_port_range
}
elsif ($ipv6_listen_port_range != undef) and ($port_range_support == false) {
fail('nginx: this version of nginx does not support port ranges (must be >= 1.15.10)')
}
else {
$ipv6_port = $ipv6_listen_port
}
}

# Variables
if $nginx::confd_only {
$streamhost_dir = "${nginx::conf_dir}/conf.stream.d"
Expand Down
13 changes: 13 additions & 0 deletions spec/defines/resource_server_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,18 @@
value: 45,
match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;}
},
{
title: 'should set the IPv6 listen port',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You might want to change the title to 'should set the IPv6 listen port range'.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated. Thanks for pointing it out!

attr: 'ipv6_listen_port_range',
value: '45-50',
match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;}
},
{
title: 'should set the IPv4 listen port range',
attr: 'listen_port_range',
value: '45-50',
match: %r{\s+listen\s+\*:45-50;}
},
{
title: 'should set the IPv6 listen options',
attr: 'ipv6_listen_options',
Expand Down Expand Up @@ -353,6 +365,7 @@
].each do |param|
context "when #{param[:attr]} is #{param[:value]}" do
let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) }
let(:facts) { facts.merge(nginx_version: '1.15.0') }

it { is_expected.to contain_concat__fragment("#{title}-header") }
it param[:title] do
Expand Down
13 changes: 13 additions & 0 deletions spec/defines/resource_stream_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,12 @@
value: 45,
match: %r{\s+listen\s+\*:45;}
},
{
title: 'should set the IPv4 listen port',
attr: 'listen_port_range',
value: '45-50',
match: %r{\s+listen\s+\*:45-50;}
},
{
title: 'should set the IPv4 listen options',
attr: 'listen_options',
Expand Down Expand Up @@ -95,6 +101,12 @@
value: 45,
match: %r{\s+listen\s+\[::\]:45 default ipv6only=on;}
},
{
title: 'should set the IPv6 listen port',
attr: 'ipv6_listen_port_range',
value: '45-50',
match: %r{\s+listen\s+\[::\]:45-50 default ipv6only=on;}
},
{
title: 'should set the IPv6 listen options',
attr: 'ipv6_listen_options',
Expand Down Expand Up @@ -124,6 +136,7 @@
].each do |param|
context "when #{param[:attr]} is #{param[:value]}" do
let(:params) { default_params.merge(param[:attr].to_sym => param[:value]) }
let(:facts) { facts.merge(nginx_version: '1.15.0') }

it { is_expected.to contain_concat__fragment("#{title}-header") }
it param[:title] do
Expand Down
8 changes: 4 additions & 4 deletions templates/server/server_header.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
server {
<%- if @listen_ip.is_a?(Array) then -%>
<%- @listen_ip.each do |ip| -%>
listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%- if @listen_unix_socket_enable -%>
<%- if @listen_unix_socket.is_a?(Array) then -%>
Expand All @@ -32,10 +32,10 @@ server {
server {
<%- if @listen_ip.is_a?(Array) then -%>
<%- @listen_ip.each do |ip| -%>
listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%- if @listen_unix_socket_enable -%>
<%- if @listen_unix_socket.is_a?(Array) then -%>
Expand Down
4 changes: 2 additions & 2 deletions templates/server/server_ipv6_listen.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
<%- if @ipv6_enable -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
listen [<%= ipv6 %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>
8 changes: 4 additions & 4 deletions templates/streamhost/streamhost.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,20 @@
server {
<%- if @listen_ip.is_a?(Array) then -%>
<%- @listen_ip.each do |ip| -%>
listen <%= ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen <%= @listen_ip %>:<%= @listen_port %><% if @listen_options %> <%= @listen_options %><% end %>;
listen <%= @listen_ip %>:<%= @port %><% if @listen_options %> <%= @listen_options %><% end %>;
<%- end -%>
<%# check to see if ipv6 support exists in the kernel before applying -%>
<%# FIXME this logic is duplicated all over the place -%>
<%- if @ipv6_enable && (defined? @ipaddress6) -%>
<%- if @ipv6_listen_ip.is_a?(Array) then -%>
<%- @ipv6_listen_ip.each do |ipv6| -%>
listen [<%= ipv6 %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
listen [<%= ipv6 %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- else -%>
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %>;
<%- end -%>
<%- end -%>

Expand Down
1 change: 1 addition & 0 deletions types/portrange.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
type Nginx::PortRange = Pattern[/^\d+-\d+?$/]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the question mark at the end? Could you add some tests for the type alias? See https://rspec-puppet.com/documentation/type_aliases/ as well.