Merge pull request #5 from salt-formulas/add-proxy-rewrite-option2
add-proxy-rewrite-option - only proxy
diff --git a/.gitignore b/.gitignore
index 1ae69ad..aa8e42a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
+.kitchen
tests/build/
*.swp
*.pyc
+.ropeproject
diff --git a/Makefile b/Makefile
index fc83783..1043fbe 100644
--- a/Makefile
+++ b/Makefile
@@ -1,12 +1,38 @@
DESTDIR=/
SALTENVDIR=/usr/share/salt-formulas/env
RECLASSDIR=/usr/share/salt-formulas/reclass
-FORMULANAME=$(shell grep name: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\-]*')
+FORMULANAME=$(shell grep name: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\-\_]*')
+VERSION=$(shell grep version: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\.\-\_]*')
+VERSION_MAJOR := $(shell echo $(VERSION)|cut -d . -f 1-2)
+VERSION_MINOR := $(shell echo $(VERSION)|cut -d . -f 3)
+
+NEW_MAJOR_VERSION ?= $(shell date +%Y.%m|sed 's,\.0,\.,g')
+NEW_MINOR_VERSION ?= $(shell /bin/bash -c 'echo $$[ $(VERSION_MINOR) + 1 ]')
+
+MAKE_PID := $(shell echo $$PPID)
+JOB_FLAG := $(filter -j%, $(subst -j ,-j,$(shell ps T | grep "^\s*$(MAKE_PID).*$(MAKE)")))
+
+ifneq ($(subst -j,,$(JOB_FLAG)),)
+JOBS := $(subst -j,,$(JOB_FLAG))
+else
+JOBS := 1
+endif
+
+KITCHEN_LOCAL_YAML?=.kitchen.yml
+KITCHEN_OPTS?="--concurrency=$(JOBS)"
+KITCHEN_OPTS_CREATE?=""
+KITCHEN_OPTS_CONVERGE?=""
+KITCHEN_OPTS_VERIFY?=""
+KITCHEN_OPTS_TEST?=""
all:
@echo "make install - Install into DESTDIR"
@echo "make test - Run tests"
+ @echo "make kitchen - Run Kitchen CI tests (create, converge, verify)"
@echo "make clean - Cleanup after tests run"
+ @echo "make release-major - Generate new major release"
+ @echo "make release-minor - Generate new minor release"
+ @echo "make changelog - Show changes since last release"
install:
# Formula
@@ -14,6 +40,7 @@
cp -a $(FORMULANAME) $(DESTDIR)/$(SALTENVDIR)/
[ ! -d _modules ] || cp -a _modules $(DESTDIR)/$(SALTENVDIR)/
[ ! -d _states ] || cp -a _states $(DESTDIR)/$(SALTENVDIR)/ || true
+ [ ! -d _grains ] || cp -a _grains $(DESTDIR)/$(SALTENVDIR)/ || true
# Metadata
[ -d $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME) ] || mkdir -p $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME)
cp -a metadata/service/* $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME)
@@ -21,6 +48,71 @@
test:
[ ! -d tests ] || (cd tests; ./run_tests.sh)
+release-major: check-changes
+ @echo "Current version is $(VERSION), new version is $(NEW_MAJOR_VERSION)"
+ @[ $(VERSION_MAJOR) != $(NEW_MAJOR_VERSION) ] || (echo "Major version $(NEW_MAJOR_VERSION) already released, nothing to do. Do you want release-minor?" && exit 1)
+ echo "$(NEW_MAJOR_VERSION)" > VERSION
+ sed -i 's,version: .*,version: "$(NEW_MAJOR_VERSION)",g' metadata.yml
+ [ ! -f debian/changelog ] || dch -v $(NEW_MAJOR_VERSION) -m --force-distribution -D `dpkg-parsechangelog -S Distribution` "New version"
+ make genchangelog-$(NEW_MAJOR_VERSION)
+ (git add -u; git commit -m "Version $(NEW_MAJOR_VERSION)")
+ git tag -s -m $(NEW_MAJOR_VERSION) $(NEW_MAJOR_VERSION)
+
+release-minor: check-changes
+ @echo "Current version is $(VERSION), new version is $(VERSION_MAJOR).$(NEW_MINOR_VERSION)"
+ echo "$(VERSION_MAJOR).$(NEW_MINOR_VERSION)" > VERSION
+ sed -i 's,version: .*,version: "$(VERSION_MAJOR).$(NEW_MINOR_VERSION)",g' metadata.yml
+ [ ! -f debian/changelog ] || dch -v $(VERSION_MAJOR).$(NEW_MINOR_VERSION) -m --force-distribution -D `dpkg-parsechangelog -S Distribution` "New version"
+ make genchangelog-$(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+ (git add -u; git commit -m "Version $(VERSION_MAJOR).$(NEW_MINOR_VERSION)")
+ git tag -s -m $(NEW_MAJOR_VERSION) $(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+
+check-changes:
+ @git log --pretty=oneline --decorate $(VERSION)..HEAD | grep -Eqc '.*' || (echo "No new changes since version $(VERSION)"; exit 1)
+
+changelog:
+ git log --pretty=short --invert-grep --grep="Merge pull request" --decorate $(VERSION)..HEAD
+
+genchangelog: genchangelog-$(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+
+genchangelog-%:
+ $(eval NEW_VERSION := $(patsubst genchangelog-%,%,$@))
+ (echo "=========\nChangelog\n=========\n"; \
+ (echo $(NEW_VERSION);git tag) | sort -r | grep -E '^[0-9\.]+' | while read i; do \
+ cur=$$i; \
+ test $$i = $(NEW_VERSION) && i=HEAD; \
+ prev=`(echo $(NEW_VERSION);git tag)|sort|grep -E '^[0-9\.]+'|grep -B1 "$$cur\$$"|head -1`; \
+ echo "Version $$cur\n=============================\n"; \
+ git log --pretty=short --invert-grep --grep="Merge pull request" --decorate $$prev..$$i; \
+ echo; \
+ done) > CHANGELOG.rst
+
+kitchen-check:
+ @[ -e $(KITCHEN_LOCAL_YAML) ] || (echo "Kitchen tests not available, there's no $(KITCHEN_LOCAL_YAML)." && exit 1)
+
+kitchen: kitchen-check kitchen-create kitchen-converge kitchen-verify kitchen-list
+
+kitchen-create: kitchen-check
+ kitchen create ${KITCHEN_OPTS} ${KITCHEN_OPTS_CREATE}
+ [ "$(shell echo $(KITCHEN_LOCAL_YAML)|grep -Eo docker)" = "docker" ] || sleep 120
+
+kitchen-converge: kitchen-check
+ kitchen converge ${KITCHEN_OPTS} ${KITCHEN_OPTS_CONVERGE} &&\
+ kitchen converge ${KITCHEN_OPTS} ${KITCHEN_OPTS_CONVERGE}
+
+kitchen-verify: kitchen-check
+ [ ! -d tests/integration ] || kitchen verify -t tests/integration ${KITCHEN_OPTS} ${KITCHEN_OPTS_VERIFY}
+ [ -d tests/integration ] || kitchen verify ${KITCHEN_OPTS} ${KITCHEN_OPTS_VERIFY}
+
+kitchen-test: kitchen-check
+ [ ! -d tests/integration ] || kitchen test -t tests/integration ${KITCHEN_OPTS} ${KITCHEN_OPTS_TEST}
+ [ -d tests/integration ] || kitchen test ${KITCHEN_OPTS} ${KITCHEN_OPTS_TEST}
+
+kitchen-list: kitchen-check
+ kitchen list
+
clean:
+ [ ! -x "$(shell which kitchen)" ] || kitchen destroy
+ [ ! -d .kitchen ] || rm -rf .kitchen
[ ! -d tests/build ] || rm -rf tests/build
[ ! -d build ] || rm -rf build
diff --git a/README.rst b/README.rst
index d11cbfa..7147f9d 100644
--- a/README.rst
+++ b/README.rst
@@ -1,11 +1,11 @@
-=====
-Nginx
-=====
+=============
+Nginx Formula
+=============
Nginx is an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols, as well as a load balancer, HTTP cache, and a web server (origin server). The nginx project started with a strong focus on high concurrency, high performance and low memory usage.
-Sample pillars
+Sample Pillars
==============
Gitlab server setup
@@ -224,9 +224,24 @@
name: gitlab.domain.com
port: 443
+SSL using already deployed key and cert file.
+Note that cert file should already contain CA cert and complete chain.
+
+.. code-block:: yaml
+
+ nginx:
+ server:
+ enabled: true
+ site:
+ mysite:
+ ssl:
+ enabled: true
+ key_file: /etc/ssl/private/mykey.key
+ cert_file: /etc/ssl/cert/mycert.crt
+
Nginx stats server (required by collectd nginx plugin)
-.. code-block::
+.. code-block:: yaml
nginx:
server:
@@ -240,10 +255,45 @@
name: 127.0.0.1
port: 8888
-Read more
-=========
+
+More Information
+================
* http://wiki.nginx.org/Main
* https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
* http://nginx.com/resources/admin-guide/reverse-proxy/
* https://mozilla.github.io/server-side-tls/ssl-config-generator/
+
+
+Documentation and Bugs
+======================
+
+To learn how to install and update salt-formulas, consult the documentation
+available online at:
+
+ http://salt-formulas.readthedocs.io/
+
+In the unfortunate event that bugs are discovered, they should be reported to
+the appropriate issue tracker. Use Github issue tracker for specific salt
+formula:
+
+ https://github.com/salt-formulas/salt-formula-nginx/issues
+
+For feature requests, bug reports or blueprints affecting entire ecosystem,
+use Launchpad salt-formulas project:
+
+ https://launchpad.net/salt-formulas
+
+You can also join salt-formulas-users team and subscribe to mailing list:
+
+ https://launchpad.net/~salt-formulas-users
+
+Developers wishing to work on the salt-formulas projects should always base
+their work on master branch and submit pull request against specific formula.
+
+ https://github.com/salt-formulas/salt-formula-nginx
+
+Any questions or feedback is always welcome so feel free to join our IRC
+channel:
+
+ #salt-formulas @ irc.freenode.net
diff --git a/metadata/service/support.yml b/metadata/service/support.yml
index 54d08d7..d9b8ab1 100644
--- a/metadata/service/support.yml
+++ b/metadata/service/support.yml
@@ -9,3 +9,5 @@
enabled: true
sphinx:
enabled: true
+ grafana:
+ enabled: true
diff --git a/nginx/files/_ssl.conf b/nginx/files/_ssl.conf
index a30ea4a..2914885 100644
--- a/nginx/files/_ssl.conf
+++ b/nginx/files/_ssl.conf
@@ -7,12 +7,17 @@
{%- if site.ssl.engine is not defined %}
+ {%- if site.ssl.key_file is defined %}
+ ssl_certificate_key {{ site.ssl.key_file }};
+ ssl_certificate {{ site.ssl.cert_file }};
+ {%- else %}
ssl_certificate_key /etc/ssl/private/{{ site.host.name }}.key;
{%- if site.ssl.chain is defined or site.ssl.authority is defined %}
ssl_certificate /etc/ssl/certs/{{ site.host.name }}-with-chain.crt;
{%- else %}
ssl_certificate /etc/ssl/certs/{{ site.host.name }}.crt;
{%- endif %}
+ {%- endif %}
{%- elif site.ssl.engine == 'letsencrypt' %}
diff --git a/nginx/files/_ssl_normal.conf b/nginx/files/_ssl_normal.conf
index 0412c32..ff0b71b 100644
--- a/nginx/files/_ssl_normal.conf
+++ b/nginx/files/_ssl_normal.conf
@@ -1,6 +1,6 @@
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
+ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp521r1;
diff --git a/nginx/files/_ssl_secure.conf b/nginx/files/_ssl_secure.conf
index ca24272..cc1ae6e 100644
--- a/nginx/files/_ssl_secure.conf
+++ b/nginx/files/_ssl_secure.conf
@@ -1,6 +1,11 @@
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;
+#https://mozilla.github.io/server-side-tls/ssl-config-generator/
+ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp521r1;
ssl_dhparam /etc/ssl/dhparams.pem;
+
+ssl_session_cache shared:SSL:10m;
+ssl_stapling on;
+ssl_stapling_verify on;
diff --git a/nginx/files/collectd.conf b/nginx/files/collectd.conf
deleted file mode 100644
index e69de29..0000000
--- a/nginx/files/collectd.conf
+++ /dev/null
diff --git a/nginx/files/collectd_nginx.conf b/nginx/files/collectd_nginx.conf
new file mode 100644
index 0000000..2c55706
--- /dev/null
+++ b/nginx/files/collectd_nginx.conf
@@ -0,0 +1,7 @@
+<LoadPlugin nginx>
+ Globals false
+</LoadPlugin>
+
+<Plugin nginx>
+ URL "{{ plugin.url }}"
+</Plugin>
diff --git a/nginx/files/collectd_nginx_check.conf b/nginx/files/collectd_nginx_check.conf
new file mode 100644
index 0000000..325c5e4
--- /dev/null
+++ b/nginx/files/collectd_nginx_check.conf
@@ -0,0 +1,6 @@
+Import "collectd_nginx_check"
+
+<Module "collectd_nginx_check">
+ Url "{{ plugin.url }}"
+</Module>
+
diff --git a/nginx/files/grafana_dashboards/nginx_influxdb.json b/nginx/files/grafana_dashboards/nginx_influxdb.json
new file mode 100644
index 0000000..1839d83
--- /dev/null
+++ b/nginx/files/grafana_dashboards/nginx_influxdb.json
@@ -0,0 +1,1040 @@
+{
+ "annotations": {
+ "list": [
+ {
+ "datasource": "lma",
+ "enable": true,
+ "iconColor": "#C0C6BE",
+ "iconSize": 13,
+ "lineColor": "rgba(255, 96, 96, 0.592157)",
+ "name": "Status",
+ "query": "select title,tags,text from annotations where $timeFilter and cluster = 'nginx'",
+ "showLine": true,
+ "tagsColumn": "tags",
+ "textColumn": "text",
+ "titleColumn": "title"
+ }
+ ]
+ },
+ "editable": true,
+ "gnetId": null,
+ "hideControls": false,
+ "id": null,
+ "links": [],
+ "refresh": "1m",
+ "rows": [
+ {
+ "collapse": false,
+ "editable": true,
+ "height": "250px",
+ "panels": [
+ {
+ "cacheTimeout": null,
+ "colorBackground": true,
+ "colorValue": false,
+ "colors": [
+ "rgba(71, 212, 59, 0.4)",
+ "rgba(241, 181, 37, 0.73)",
+ "rgba(225, 40, 40, 0.59)"
+ ],
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "id": 11,
+ "interval": "> 60s",
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "targets": [
+ {
+ "column": "value",
+ "condition": "",
+ "dsType": "influxdb",
+ "fill": "",
+ "function": "last",
+ "groupBy": [],
+ "groupByTags": [],
+ "groupby_field": "",
+ "interval": "",
+ "measurement": "cluster_status",
+ "policy": "default",
+ "query": "SELECT last(\"value\") FROM \"nginx\" WHERE \"environment_label\" = '$environment' AND $timeFilter GROUP BY time($interval) fill(null)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "last"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ },
+ {
+ "condition": "AND",
+ "key": "cluster_name",
+ "operator": "=",
+ "value": "nginx"
+ }
+ ]
+ }
+ ],
+ "thresholds": "1,3",
+ "title": "",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "no data",
+ "value": "null"
+ },
+ {
+ "op": "=",
+ "text": "OKAY",
+ "value": "0"
+ },
+ {
+ "op": "=",
+ "text": "WARN",
+ "value": "1"
+ },
+ {
+ "op": "=",
+ "text": "UNKW",
+ "value": "2"
+ },
+ {
+ "op": "=",
+ "text": "CRIT",
+ "value": "3"
+ },
+ {
+ "op": "=",
+ "text": "DOWN",
+ "value": "4"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "fill": 1,
+ "grid": {
+ "threshold1": null,
+ "threshold1Color": "rgba(216, 200, 27, 0.27)",
+ "threshold2": null,
+ "threshold2Color": "rgba(234, 112, 112, 0.22)"
+ },
+ "id": 9,
+ "interval": "> 60s",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": false,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "connected",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "span": 5,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "mean",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "0"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_requests",
+ "policy": "default",
+ "query": "SELECT mean(\"value\") FROM \"apache_requests\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(0)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "mean"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Number of requests",
+ "tooltip": {
+ "msResolution": false,
+ "shared": false,
+ "sort": 0,
+ "value_type": "cumulative"
+ },
+ "type": "graph",
+ "xaxis": {
+ "show": true
+ },
+ "yaxes": [
+ {
+ "format": "none",
+ "label": "per second",
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "fill": 1,
+ "grid": {
+ "threshold1": null,
+ "threshold1Color": "rgba(216, 200, 27, 0.27)",
+ "threshold2": null,
+ "threshold2Color": "rgba(234, 112, 112, 0.22)"
+ },
+ "id": 10,
+ "interval": "> 60s",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "connected",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "span": 5,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "alias": "accepted",
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "mean",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "0"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_accepted",
+ "policy": "default",
+ "query": "SELECT mean(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(0)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "mean"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ },
+ {
+ "alias": "handled",
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "mean",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "0"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_handled",
+ "policy": "default",
+ "query": "SELECT mean(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(0)",
+ "rawQuery": false,
+ "refId": "B",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "mean"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Number of connections",
+ "tooltip": {
+ "msResolution": false,
+ "shared": true,
+ "sort": 0,
+ "value_type": "cumulative"
+ },
+ "type": "graph",
+ "xaxis": {
+ "show": true
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": "per second",
+ "logBase": 1,
+ "max": null,
+ "min": 0,
+ "show": true
+ },
+ {
+ "format": "short",
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "id": 6,
+ "interval": "> 60s",
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 3,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "targets": [
+ {
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "last",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "null"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_active",
+ "policy": "default",
+ "query": "SELECT last(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(null)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "last"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "thresholds": "",
+ "title": "Active connections",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "id": 12,
+ "interval": "> 60s",
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 3,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "targets": [
+ {
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "last",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "null"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_reading",
+ "policy": "default",
+ "query": "SELECT last(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(null)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "last"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "thresholds": "",
+ "title": "Reading connections",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "id": 13,
+ "interval": "> 60s",
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 3,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "targets": [
+ {
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "last",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "null"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_writing",
+ "policy": "default",
+ "query": "SELECT last(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(null)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "last"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "thresholds": "",
+ "title": "Writing connections",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": null,
+ "editable": true,
+ "error": false,
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "id": 14,
+ "interval": "> 60s",
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 3,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "targets": [
+ {
+ "column": "value",
+ "dsType": "influxdb",
+ "function": "last",
+ "groupBy": [
+ {
+ "params": [
+ "$interval"
+ ],
+ "type": "time"
+ },
+ {
+ "params": [
+ "null"
+ ],
+ "type": "fill"
+ }
+ ],
+ "groupByTags": [],
+ "measurement": "nginx_connections_waiting",
+ "policy": "default",
+ "query": "SELECT last(\"value\") FROM \"apache_connections\" WHERE \"hostname\" =~ /^$server$/ AND $timeFilter GROUP BY time($interval) fill(null)",
+ "rawQuery": false,
+ "refId": "A",
+ "resultFormat": "time_series",
+ "select": [
+ [
+ {
+ "params": [
+ "value"
+ ],
+ "type": "field"
+ },
+ {
+ "params": [],
+ "type": "last"
+ }
+ ]
+ ],
+ "tags": [
+ {
+ "key": "hostname",
+ "operator": "=",
+ "value": "$server"
+ },
+ {
+ "condition": "AND",
+ "key": "environment_label",
+ "operator": "=~",
+ "value": "/^$environment$/"
+ }
+ ]
+ }
+ ],
+ "thresholds": "",
+ "title": "Waiting connections",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ }
+ ],
+ "title": "Metrics"
+ }
+ ],
+ "schemaVersion": 12,
+ "sharedCrosshair": true,
+ "style": "dark",
+ "tags": [],
+ "templating": {
+ "enable": true,
+ "list": [
+ {
+ "allFormat": "regex values",
+ "current": {},
+ "datasource": null,
+ "hide": 0,
+ "includeAll": false,
+ "name": "environment",
+ "options": [],
+ "query": "show tag values from nginx_requests with key = environment_label",
+ "refresh": 1,
+ "refresh_on_load": true,
+ "regex": "",
+ "type": "query"
+ },
+ {
+ "allFormat": "glob",
+ "current": {},
+ "datasource": null,
+ "hide": 0,
+ "includeAll": false,
+ "name": "server",
+ "options": [],
+ "query": "show tag values from nginx_requests with key = hostname where environment_label =~ /^$environment$/",
+ "refresh": 1,
+ "refresh_on_load": true,
+ "regex": "",
+ "type": "query"
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "collapse": false,
+ "enable": true,
+ "notice": false,
+ "now": true,
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "status": "Stable",
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ],
+ "type": "timepicker"
+ },
+ "timezone": "browser",
+ "title": "Nginx",
+ "version": 7
+}
\ No newline at end of file
diff --git a/nginx/files/nginx.conf b/nginx/files/nginx.conf
index 3686872..856adab 100644
--- a/nginx/files/nginx.conf
+++ b/nginx/files/nginx.conf
@@ -1,8 +1,10 @@
{%- from "nginx/map.jinja" import server with context -%}
user {{ server.system_user }};
worker_processes {{ server.get('worker', {}).get('processes', 'auto') }};
+worker_rlimit_nofile {{ server.get('worker', {}).get('limit', {}).get('nofile', '20000') }};
pid /run/nginx.pid;
+
events {
worker_connections {{ server.get('worker', {}).get('connections', '1024') }};
# multi_accept on;
diff --git a/nginx/files/proxy.conf b/nginx/files/proxy.conf
index f388890..7e97bbe 100644
--- a/nginx/files/proxy.conf
+++ b/nginx/files/proxy.conf
@@ -65,6 +65,7 @@
proxy_buffering on;
proxy_buffers {{ site.proxy.buffer.get('number', 8) }} {{ site.proxy.buffer.get('size', 16) }}k;
proxy_buffer_size {{ buffer_size }}k;
+ proxy_busy_buffers_size {{ site.proxy.buffer.get('busy', buffer_size) }}k;
{%- else %}
proxy_buffering off;
{%- endif %}
diff --git a/nginx/files/sensu.conf b/nginx/files/sensu.conf
deleted file mode 100644
index 4a128ee..0000000
--- a/nginx/files/sensu.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-{%- from "nginx/map.jinja" import server with context -%}
-local_nginx_server_proc:
- command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -C nginx -u root -c 1:1"
- interval: 60
- occurrences: 1
- subscribers:
- - local-nginx-server
-local_nginx_server_worker_procs:
- command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -C nginx -u {{ server.system_user }} -c 1:20"
- interval: 60
- occurrences: 1
- subscribers:
- - local-nginx-server
-{%- for site_name, site in server.get('site', {}).iteritems() %}
-{%- if site.enabled %}
-{%- if site.get('check', True) %}
-remote_nginx_server_http_{{ site.host.name }}_{{ site.host.get('port', '80') }}:
- command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_http -H {{ site.host.name }} -p {{ site.host.get('port', '80') }} -w 5 -c 10 -f follow{% if site.get('ssl', {}).get('enabled', False) %} -S{% endif %}"
- interval: 60
- occurrences: 2
- subscribers:
- - remote-network
-{%- endif %}
-{%- endif %}
-{%- endfor %}
diff --git a/nginx/meta/collectd.yml b/nginx/meta/collectd.yml
index 74051bb..3a9af83 100644
--- a/nginx/meta/collectd.yml
+++ b/nginx/meta/collectd.yml
@@ -1,7 +1,15 @@
+{%- if pillar.nginx.server is defined %}
+{%- from "nginx/map.jinja" import server with context %}
-plugin:
+{%- if server.get('enabled', False) and server.get('site', {}).nginx_stats_server is defined %}
+local_plugin:
collectd_nginx:
plugin: nginx
- interval: 60
- template: collectd/files/collectd_nginx.conf
-
+ template: nginx/files/collectd_nginx.conf
+ url: http://localhost:{{ server.site.nginx_stats_server.host.port }}
+ collectd_nginx_check:
+ plugin: python
+ template: nginx/files/collectd_nginx_check.conf
+ url: http://localhost:{{ server.site.nginx_stats_server.host.port }}
+{%- endif %}
+{%- endif %}
diff --git a/nginx/meta/grafana.yml b/nginx/meta/grafana.yml
new file mode 100644
index 0000000..957c94d
--- /dev/null
+++ b/nginx/meta/grafana.yml
@@ -0,0 +1,19 @@
+dashboard:
+ nginx:
+ format: json
+ template: nginx/files/grafana_dashboards/nginx_influxdb.json
+ main:
+ row:
+ ost-middleware:
+ title: Middleware
+ panel:
+ nginx:
+ title: Nginx
+ links:
+ - dashboard: Nginx
+ title: Nginx
+ type: dashboard
+ target:
+ cluster_status:
+ rawQuery: true
+ query: SELECT last(value) FROM cluster_status WHERE cluster_name = 'nginx' AND environment_label = '$environment' AND $timeFilter GROUP BY time($interval) fill(null)
diff --git a/nginx/meta/heka.yml b/nginx/meta/heka.yml
index e69de29..7f3c1b7 100644
--- a/nginx/meta/heka.yml
+++ b/nginx/meta/heka.yml
@@ -0,0 +1,45 @@
+{%- from "nginx/map.jinja" import server with context %}
+{%- if server.get('enabled', False) and server.get('site', {}).nginx_stats_server is defined %}
+metric_collector:
+ trigger:
+ nginx_check:
+ description: 'nginx cannot be checked'
+ severity: down
+ rules:
+ - metric: nginx_check
+ relational_operator: '=='
+ threshold: 0
+ window: 60
+ periods: 0
+ function: last
+ alarm:
+ nginx_check:
+ alerting: enabled
+ triggers:
+ - nginx_check
+ dimension:
+ service: nginx-check
+aggregator:
+ alarm_cluster:
+ nginx_check:
+ policy: availability_of_members
+ alerting: enabled
+ match:
+ service: nginx-check
+ group_by: hostname
+ members:
+ - nginx_check
+ dimension:
+ service: nginx
+ nagios_host: 01-service-clusters
+ nginx:
+ policy: highest_severity
+ alerting: enabled_with_notification
+ match:
+ service: nginx
+ members:
+ - nginx_check
+ dimension:
+ cluster_name: nginx
+ nagios_host: 00-top-clusters
+{%- endif %}
diff --git a/nginx/server/sites.sls b/nginx/server/sites.sls
index 7aa7add..8137e03 100644
--- a/nginx/server/sites.sls
+++ b/nginx/server/sites.sls
@@ -10,6 +10,8 @@
{%- if site.ssl.engine is not defined %}
+{%- if site.ssl.key is defined %}
+
{{ site.host.name }}_public_cert:
file.managed:
- name: /etc/ssl/certs/{{ site.host.name }}.crt
@@ -59,14 +61,13 @@
{%- endif %}
+{%- endif %}
+
{%- elif site.ssl.engine == 'salt' %}
nginx_init_{{ site.host.name }}_tls:
- cmd.wait:
+ cmd.run:
- name: "cat /etc/ssl/certs/{{ site.host.name }}.crt /etc/ssl/certs/ca-{{ site.ssl.authority }}.crt > /etc/ssl/certs/{{ site.host.name }}-with-chain.crt"
- - watch:
- - x509: /etc/ssl/certs/{{ site.host.name }}.crt
- - x509: /etc/ssl/certs/ca-{{ site.ssl.authority }}.crt
- watch_in:
- service: nginx_service
diff --git a/tests/pillar/static.sls b/tests/pillar/static.sls
index 4e565f2..1a40205 100644
--- a/tests/pillar/static.sls
+++ b/tests/pillar/static.sls
@@ -8,6 +8,9 @@
bind:
address: 127.0.0.1
protocol: tcp
+ worker:
+ limit:
+ nofile: 30000
site:
nginx_static_site01:
enabled: true