diff --git a/examples/init.pp b/examples/init.pp index 14a3957..78ecb5c 100644 --- a/examples/init.pp +++ b/examples/init.pp @@ -12,15 +12,14 @@ include caddy - -file {'/var/www': +file { '/var/www': ensure => directory, } -caddy::vhost {'example1': - source => 'puppet:///modules/caddy/etc/caddy/config/example1.conf', +caddy::vhost { 'example1': + content => file('caddy/examples/example1.conf'), } -caddy::vhost {'example2': - source => 'puppet:///modules/caddy/etc/caddy/config/example2.conf', +caddy::vhost { 'example2': + content => file('caddy/examples/example2.conf'), } diff --git a/files/etc/caddy/Caddyfile b/files/Caddyfile similarity index 100% rename from files/etc/caddy/Caddyfile rename to files/Caddyfile diff --git a/files/etc/caddy/config/example1.conf b/files/examples/example1.conf similarity index 100% rename from files/etc/caddy/config/example1.conf rename to files/examples/example1.conf diff --git a/files/etc/caddy/config/example2.conf b/files/examples/example2.conf similarity index 100% rename from files/etc/caddy/config/example2.conf rename to files/examples/example2.conf diff --git a/manifests/config.pp b/manifests/config.pp deleted file mode 100644 index 61f6b05..0000000 --- a/manifests/config.pp +++ /dev/null @@ -1,46 +0,0 @@ -# @summary -# This class handles the Caddy config. -# -# @api private -# -class caddy::config ( - $caddy_user = $caddy::caddy_user, - $caddy_group = $caddy::caddy_group, - $caddy_log_dir = $caddy::caddy_log_dir, - $caddy_tmp_dir = $caddy::caddy_tmp_dir, - $caddy_home = $caddy::caddy_home, - $caddy_ssl_dir = $caddy::caddy_ssl_dir, -) { - - assert_private() - - file { - default: - ensure => directory, - owner => $caddy_user, - group => $caddy_group, - mode => '0755', - ; - [ $caddy_home, - $caddy_ssl_dir, - $caddy_log_dir, - ]: - ; - [ '/etc/caddy' ]: - owner => 'root', - group => 'root', - ; - - [ '/etc/caddy/Caddyfile' ]: - ensure => file, - mode => '0444', - source => 'puppet:///modules/caddy/etc/caddy/Caddyfile', - require => File['/etc/caddy'], - ; - - [ '/etc/caddy/config' ]: - purge => true, - recurse => true, - ; - } -} diff --git a/manifests/init.pp b/manifests/init.pp index 4a12319..b7e884e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -109,6 +109,9 @@ Optional[String[1]] $systemd_ambient_capabilities = undef, Optional[Boolean] $systemd_no_new_privileges = undef, ) { + + include file_capability + case $caddy_architecture { 'x86_64', 'amd64': { $arch = 'amd64'} 'x86' : { $arch = '386' } @@ -118,6 +121,19 @@ } } + case $install_method { + 'github': { + $caddy_url = 'https://github.com/caddyserver/caddy/releases/download' + $caddy_dl_url = "${caddy_url}/v${version}/caddy_v${version}_linux_${arch}.tar.gz" + $caddy_dl_dir = "${caddy_tmp_dir}/caddy_v${version}_linux_${$arch}.tar.gz" + } + default: { + $caddy_url = 'https://caddyserver.com/download/linux' + $caddy_dl_url = "${caddy_url}/${arch}?plugins=${caddy_features}&license=${caddy_license}&telemetry=${caddy_telemetry}" + $caddy_dl_dir = "${caddy_tmp_dir}/caddy_linux_${$arch}_custom.tar.gz" + } + } + group { $caddy_group: ensure => present, system => true, @@ -131,11 +147,138 @@ home => $caddy_home, } - contain caddy::install - contain caddy::config - contain caddy::service + file { $install_path: + ensure => directory, + owner => $caddy_user, + group => $caddy_group, + mode => '0755', + } + + archive { $caddy_dl_dir: + ensure => present, + extract => true, + extract_path => $install_path, + source => $caddy_dl_url, + username => $caddy_account_id, + password => $caddy_api_key, + user => 'root', + group => 'root', + creates => "${install_path}/caddy", + cleanup => true, + notify => File_capability["${install_path}/caddy"], + require => File[$install_path], + } + + file_capability { "${install_path}/caddy": + ensure => present, + capability => 'cap_net_bind_service=ep', + require => Archive[$caddy_dl_dir], + } + + file { $caddy_home: + ensure => directory, + owner => $caddy_user, + group => $caddy_group, + mode => '0755', + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } + + file { $caddy_ssl_dir: + ensure => directory, + owner => $caddy_user, + group => $caddy_group, + mode => '0755', + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } + + file { $caddy_log_dir: + ensure => directory, + owner => $caddy_user, + group => $caddy_group, + mode => '0755', + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } + + file { '/etc/caddy': + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } + + file { '/etc/caddy/Caddyfile': + ensure => file, + owner => $caddy_user, + group => $caddy_group, + mode => '0444', + content => file('caddy/Caddyfile'), + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } + + file { '/etc/caddy/config': + ensure => directory, + purge => true, + recurse => true, + owner => $caddy_user, + group => $caddy_group, + mode => '0755', + require => Archive[$caddy_dl_dir], + notify => Service['caddy'], + } - Class['caddy::install'] - -> Class['caddy::config'] - ~> Class['caddy::service'] + case $facts['service_provider'] { + default: { + fail("service provider ${$facts['service_provider']} is not supported.") + } + 'systemd': { + systemd::unit_file { 'caddy.service': + content => epp('caddy/caddy.service.epp', + { + install_path => $install_path, + caddy_user => $caddy_user, + caddy_group => $caddy_group, + caddy_log_dir => $caddy_log_dir, + caddy_ssl_dir => $caddy_ssl_dir, + caddy_home => $caddy_home, + caddy_http_port => $caddy_http_port, + caddy_https_port => $caddy_https_port, + systemd_limit_processes => $systemd_limit_processes, + systemd_private_devices => $systemd_private_devices, + systemd_capability_bounding_set => $systemd_capability_bounding_set, + systemd_ambient_capabilities => $systemd_ambient_capabilities, + systemd_no_new_privileges => $systemd_no_new_privileges, + } + ), + notify => Service['caddy'], + } + } + 'redhat': { + file { '/etc/init.d/caddy': + ensure => file, + content => epp('caddy/caddy.epp', + { + caddy_user => $caddy_user, + caddy_log_dir => $caddy_log_dir, + caddy_ssl_dir => $caddy_ssl_dir, + caddy_home => $caddy_home, + } + ), + owner => 'root', + group => 'root', + mode => '0755', + notify => Service['caddy'], + } + } + } + + service { 'caddy': + ensure => running, + enable => true, + } } diff --git a/manifests/install.pp b/manifests/install.pp deleted file mode 100644 index 7533416..0000000 --- a/manifests/install.pp +++ /dev/null @@ -1,64 +0,0 @@ -# @summary -# This class handles the Caddy archive. -# -# @api private -# -class caddy::install ( - $arch = $caddy::arch, - $version = $caddy::version, - $install_method = $caddy::install_method, - $install_path = $caddy::install_path, - $caddy_user = $caddy::caddy_user, - $caddy_group = $caddy::caddy_group, - $caddy_tmp_dir = $caddy::caddy_tmp_dir, - $caddy_license = $caddy::caddy_license, - $caddy_account_id = $caddy::caddy_account_id, - $caddy_api_key = $caddy::caddy_api_key, - $caddy_telemetry = $caddy::caddy_telemetry, - $caddy_features = $caddy::caddy_features, -) { - - assert_private() - - case $install_method { - 'github': { - $caddy_url = 'https://github.com/caddyserver/caddy/releases/download' - $caddy_dl_url = "${caddy_url}/v${version}/caddy_v${version}_linux_${arch}.tar.gz" - $caddy_dl_dir = "${caddy_tmp_dir}/caddy_v${version}_linux_${$arch}.tar.gz" - } - default: { - $caddy_url = 'https://caddyserver.com/download/linux' - $caddy_dl_url = "${caddy_url}/${arch}?plugins=${caddy_features}&license=${caddy_license}&telemetry=${caddy_telemetry}" - $caddy_dl_dir = "${caddy_tmp_dir}/caddy_linux_${$arch}_custom.tar.gz" - } - } - - file { $install_path: - ensure => directory, - owner => $caddy_user, - group => $caddy_group, - mode => '0755', - } - - archive { $caddy_dl_dir: - ensure => present, - extract => true, - extract_path => $install_path, - source => $caddy_dl_url, - username => $caddy_account_id, - password => $caddy_api_key, - user => 'root', - group => 'root', - creates => "${install_path}/caddy", - cleanup => true, - notify => File_capability["${install_path}/caddy"], - require => File[$install_path], - } - - include file_capability - file_capability { "${install_path}/caddy": - ensure => present, - capability => 'cap_net_bind_service=ep', - require => Archive[$caddy_dl_dir], - } -} diff --git a/manifests/service.pp b/manifests/service.pp deleted file mode 100644 index e69004b..0000000 --- a/manifests/service.pp +++ /dev/null @@ -1,72 +0,0 @@ -# @summary -# This class handles the Caddy service. -# -# @api private -# -class caddy::service ( - $install_path = $caddy::install_path, - $caddy_user = $caddy::caddy_user, - $caddy_group = $caddy::caddy_group, - $caddy_log_dir = $caddy::caddy_log_dir, - $caddy_ssl_dir = $caddy::caddy_ssl_dir, - $caddy_home = $caddy::caddy_home, - $caddy_http_port = $caddy::caddy_http_port, - $caddy_https_port = $caddy::caddy_https_port, - $systemd_limit_processes = $caddy::systemd_limit_processes, - $systemd_private_devices = $caddy::systemd_private_devices, - $systemd_capability_bounding_set = $caddy::systemd_capability_bounding_set, - $systemd_ambient_capabilities = $caddy::systemd_ambient_capabilities, - $systemd_no_new_privileges = $caddy::systemd_no_new_privileges, -) { - - assert_private() - - case $facts['service_provider'] { - 'systemd': { - systemd::unit_file { 'caddy.service': - content => epp('caddy/etc/systemd/system/caddy.service.epp', - { - install_path => $install_path, - caddy_user => $caddy_user, - caddy_group => $caddy_group, - caddy_log_dir => $caddy_log_dir, - caddy_ssl_dir => $caddy_ssl_dir, - caddy_home => $caddy_home, - caddy_http_port => $caddy_http_port, - caddy_https_port => $caddy_https_port, - systemd_limit_processes => $systemd_limit_processes, - systemd_private_devices => $systemd_private_devices, - systemd_capability_bounding_set => $systemd_capability_bounding_set, - systemd_ambient_capabilities => $systemd_ambient_capabilities, - systemd_no_new_privileges => $systemd_no_new_privileges, - } - ), - } - ~> Service['caddy'] - } - 'redhat': { - file { '/etc/init.d/caddy': - ensure => file, - mode => '0755', - owner => 'root', - group => 'root', - content => epp('caddy/etc/init.d/caddy.epp', - { - caddy_user => $caddy_user, - caddy_log_dir => $caddy_log_dir, - caddy_ssl_dir => $caddy_ssl_dir, - caddy_home => $caddy_home, - } - ), - } - } - default: { - fail("service provider ${$facts['service_provider']} is not supported.") - } - } - - service{ 'caddy': - ensure => running, - enable => true, - } -} diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 9e17a95..75a5e6f 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -17,12 +17,15 @@ ) { include caddy + file { "/etc/caddy/config/${title}.conf": ensure => file, content => $content, source => $source, + owner => $caddy::caddy_user, + group => $caddy::caddy_group, mode => '0444', - require => Class['caddy::config'], - notify => Class['caddy::service'], + require => File['/etc/caddy/Caddyfile'], + notify => Service['caddy'], } } diff --git a/spec/acceptance/init_spec.rb b/spec/acceptance/init_spec.rb index 2547811..f273cdd 100644 --- a/spec/acceptance/init_spec.rb +++ b/spec/acceptance/init_spec.rb @@ -17,11 +17,11 @@ end context 'with vhosts' do pp = "include caddy - caddy::vhost {'example1': - source => 'puppet:///modules/caddy/etc/caddy/config/example1.conf', + caddy::vhost { 'example1': + content => file('caddy/examples/example1.conf'), } - caddy::vhost {'example2': - source => 'puppet:///modules/caddy/etc/caddy/config/example2.conf', + caddy::vhost { 'example2': + content => file('caddy/examples/example2.conf'), }" it 'runs successfully' do apply_manifest(pp, catch_failures: true) do |r| diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 1b00308..cb283e8 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -17,9 +17,6 @@ context 'with defaults for all parameters' do it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('caddy') } - it { is_expected.to contain_class('caddy::install').that_comes_before('Class[caddy::config]') } - it { is_expected.to contain_class('caddy::config').that_notifies('Class[caddy::service]') } - it { is_expected.to contain_class('caddy::service') } it do is_expected.to contain_group('caddy').with( 'ensure' => 'present', @@ -103,9 +100,7 @@ 'ensure' => 'file', 'owner' => 'caddy', 'group' => 'caddy', - 'mode' => '0444', - 'source' => 'puppet:///modules/caddy/etc/caddy/Caddyfile', - 'require' => 'File[/etc/caddy]' + 'mode' => '0444' ) end it do diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 92a6745..a91e821 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -19,9 +19,11 @@ is_expected.to contain_file('/etc/caddy/config/example1.conf').with( 'ensure' => 'file', 'source' => 'puppet:///modules/caddy/etc/caddy/config/example1.conf', + 'owner' => 'caddy', + 'group' => 'caddy', 'mode' => '0444', - 'require' => 'Class[Caddy::Config]', - 'notify' => 'Class[Caddy::Service]' + 'require' => 'File[/etc/caddy/Caddyfile]', + 'notify' => 'Service[caddy]' ) end end @@ -38,9 +40,11 @@ is_expected.to contain_file('/etc/caddy/config/example2.conf').with( 'ensure' => 'file', 'content' => 'localhost:2015', + 'owner' => 'caddy', + 'group' => 'caddy', 'mode' => '0444', - 'require' => 'Class[Caddy::Config]', - 'notify' => 'Class[Caddy::Service]' + 'require' => 'File[/etc/caddy/Caddyfile]', + 'notify' => 'Service[caddy]' ) end end diff --git a/templates/etc/init.d/caddy.epp b/templates/caddy.epp similarity index 100% rename from templates/etc/init.d/caddy.epp rename to templates/caddy.epp diff --git a/templates/etc/systemd/system/caddy.service.epp b/templates/caddy.service.epp similarity index 100% rename from templates/etc/systemd/system/caddy.service.epp rename to templates/caddy.service.epp