feat: configure edgecache for postgresql

- add fact to record system resolvers
- add resolvers feature in /etc/nginx/conf.d/resolvers.conf
- add rewrite rules for postgres/yum/repodata
This commit is contained in:
2024-05-19 16:19:23 +10:00
parent 2971018b7e
commit 6f9a606549
4 changed files with 53 additions and 1 deletions
+11 -1
View File
@@ -10,6 +10,8 @@ class profiles::edgecache::nginx {
$nginx_ssl_port = $profiles::edgecache::params::nginx_ssl_port
$nginx_listen_mode = $profiles::edgecache::params::nginx_listen_mode
$nginx_cert_type = $profiles::edgecache::params::nginx_cert_type
$nginx_resolvers_enable = $profiles::edgecache::params::nginx_resolvers_enable
$nginx_resolvers_ipv4only = $profiles::edgecache::params::nginx_resolvers_ipv4only
# select the certificates to use based on cert type
case $nginx_cert_type {
@@ -61,13 +63,21 @@ class profiles::edgecache::nginx {
}
}
if $nginx_resolvers_ipv4only and $nginx_resolvers_enable {
$resolvers = $facts['nameservers'].join(' ')
file { '/etc/nginx/conf.d/resolvers.conf':
ensure => file,
content => "resolver ${resolvers} ipv4=on;\n",
}
}
# set the server_names
$server_names = unique([$facts['networking']['fqdn'], $nginx_vhost] + $nginx_aliases)
# define the default parameters for the nginx server
$defaults = {
'listen_port' => $listen_port,
'server_name' => $server_names,
'server_name' => $server_names,
'use_default_location' => true,
'access_log' => "/var/log/nginx/${nginx_vhost}_access.log",
'error_log' => "/var/log/nginx/${nginx_vhost}_error.log",
@@ -7,6 +7,8 @@ class profiles::edgecache::params (
Stdlib::Port $nginx_ssl_port = 443,
Enum['http','https','both'] $nginx_listen_mode = 'http',
Enum['puppet', 'vault'] $nginx_cert_type = 'vault',
Boolean $nginx_resolvers_enable = false,
Boolean $nginx_resolvers_ipv4only = false,
Hash $directories = {},
Hash $mirrors = {},
){