refactor: replace old nginx with nginx.ng

BREAKING CHANGE: all previous `nginx` based configurations must be reviewed;
`nginx.ng` usage must be promoted to `nginx` and any uses of the original
`nginx` will have to be converted.

Author: daks

docs/README.rst

@@ -17,99 +17,50 @@ Available states
     :local:
 
 ``nginx``
----------
-
-Runs the states to install nginx, configure the common files, and the users.
-
-``nginx.common``
-----------------
-
-Ensures standard nginx files are in place, and configures enabled sites.
-
-``nginx.luajit2``
------------------
-
-Installs luajit.
-
-``nginx.openresty``
--------------------
-
-Installs openresty.
-
-``nginx.package``
------------------
-
-Installs the nginx package via package manager.
-
-``nginx.source``
-----------------
-
-Installs nginx via the source files.
-
-``nginx.users``
----------------
-
-Installs apache utils, and configures nginx users specified in the pillar.
-This requires `basicauth <https://github.com/saltstack/salt-contrib/blob/master/modules/basicauth.py>`_
-from `salt-contrib <https://github.com/saltstack/salt-contrib/>`_ (either add it to your salt or ship
-this single file in your `_modules` directory see `Dynamic Module Distribution
-<https://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html>`_
-
-Next-generation, alternate approach
-===================================
-
-The following states provide an alternate approach to managing Nginx and Nginx
-servers, as well as code organization. Please provide feedback by filing issues,
-discussing in ``#salt`` in Freenode and the mailing list as normal.
-
-.. contents::
-    :local:
-
-``nginx.ng``
 ------------
 
-Meta-state for inclusion of all ng states.
+Meta-state for inclusion of all states.
 
-**Note:** nginx.ng requires the merge parameter of salt.modules.pillar.get(),
+**Note:** nginx requires the merge parameter of salt.modules.pillar.get(),
 first available in the Helium release.
 
-``nginx.ng.pkg``
+``nginx.pkg``
 --------------------
 
 Installs nginx from package, from the distribution repositories, the official nginx repo or the ppa from Launchpad.
 
-``nginx.ng.src``
+``nginx.src``
 --------------------
 
 Builds and installs nginx from source.
 
-``nginx.ng.certificates``
+``nginx.certificates``
 -------------------
 
 Manages the deployment of nginx certificates.
 
-``nginx.ng.config``
+``nginx.config``
 -------------------
 
 Manages the nginx main server configuration file.
 
-``nginx.ng.service``
+``nginx.service``
 --------------------
 
 Manages the startup and running state of the nginx service.
 
-``nginx.ng.servers_config``
+``nginx.servers_config``
 --------------------------
 
 Manages virtual host files. This state only manages the content of the files
 and does not bind them to service calls.
 
-``nginx.ng.servers``
+``nginx.servers``
 -------------------
 
 Manages nginx virtual hosts files and binds them to service calls.
 
-``nginx.ng.passenger``
+``nginx.passenger``
 ----------------------
 
 Installs and configures Phusion Passenger module for nginx. You need to enable

docs/TOFS_pattern.rst

@@ -39,7 +39,7 @@ Using SaltStack is a simple and effective way to implement configuration managem
 
 To avoid this situation we can use the `pillar mechanism <http://docs.saltstack.com/en/latest/topics/pillar/>`_, which is designed to provide controlled access to data from the minions based on some selection rules. As pillar data could be easily integrated in the `Jinja <http://docs.saltstack.com/en/latest/topics/tutorials/pillar.html>`_ templates, it is a good mechanism to store values to be used in the final rendering of state files and templates.
 
-There are a variety of approaches on the usage of pillar and templates as seen in the `saltstack-formulas <https://github.com/saltstack-formulas>`_' repositories. `Some <https://github.com/saltstack-formulas/nginx-formula/pull/18>`_ `developments <https://github.com/saltstack-formulas/php-formula/pull/14>`_ stress the initial purpose of pillar data into a storage for most of the possible variables for a determined system configuration. This, in my opinion, is shifting too much load from the original template files approach. Adding up some `non-trivial Jinja <https://github.com/spsoit/nginx-formula/blob/81de880fe0276dd9488ffa15bc78944c0fc2b919/nginx/ng/files/nginx.conf>`_ code as essential part of composing the state file definitely makes SaltStack state files (hence formulas) more difficult to read. The extreme of this approach is that we could end up with a new render mechanism, implemented in Jinja, storing everything needed in pillar data to compose configurations. Additionally, we are establishing a strong dependency with the Jinja renderer.
+There are a variety of approaches on the usage of pillar and templates as seen in the `saltstack-formulas <https://github.com/saltstack-formulas>`_' repositories. `Some <https://github.com/saltstack-formulas/nginx-formula/pull/18>`_ `developments <https://github.com/saltstack-formulas/php-formula/pull/14>`_ stress the initial purpose of pillar data into a storage for most of the possible variables for a determined system configuration. This, in my opinion, is shifting too much load from the original template files approach. Adding up some `non-trivial Jinja <https://github.com/spsoit/nginx-formula/blob/81de880fe0276dd9488ffa15bc78944c0fc2b919/nginx/files/nginx.conf>`_ code as essential part of composing the state file definitely makes SaltStack state files (hence formulas) more difficult to read. The extreme of this approach is that we could end up with a new render mechanism, implemented in Jinja, storing everything needed in pillar data to compose configurations. Additionally, we are establishing a strong dependency with the Jinja renderer.
 
 In opposition to the *put the code in file_roots and the data in pillars* approach, there is the *pillar as a store for a set of key-values* approach. A full-blown configuration file abstracted in pillar and jinja is complicated to develop, understand and maintain. I think a better and simpler approach is to keep a configuration file templated using just a basic (non-extensive but extensible) set of pillar values.
 

kitchen.yml

@@ -72,7 +72,7 @@ provisioner:
   state_top:
     base:
       '*':
-        - nginx.ng
+        - nginx
   pillars:
     top.sls:
       base:

nginx/ng/certificates.sls renamed to nginx/certificates.sls

@@ -1,16 +1,16 @@
-{% from 'nginx/ng/map.jinja' import nginx with context %}
+{% from 'nginx/map.jinja' import nginx with context %}
 
 include:
-  - nginx.ng.service
+  - nginx.service
 
-{% set certificates_path = salt['pillar.get']('nginx:ng:certificates_path', '/etc/nginx/ssl') %}
+{% set certificates_path = salt['pillar.get']('nginx:certificates_path', '/etc/nginx/ssl') %}
 
-{%- for dh_param, value in salt['pillar.get']('nginx:ng:dh_param', {}).items() %}
+{%- for dh_param, value in salt['pillar.get']('nginx:dh_param', {}).items() %}
 {%- if value is string %}
 create_nginx_dhparam_{{ dh_param }}_key:
   file.managed:
     - name: {{ certificates_path }}/{{ dh_param }}
-    - contents_pillar: nginx:ng:dh_param:{{ dh_param }}
+    - contents_pillar: nginx:dh_param:{{ dh_param }}
     - makedirs: True
     - watch_in:
       - service: nginx_service
@@ -30,30 +30,30 @@ generate_nginx_dhparam_{{ dh_param }}_key:
 {%- endif %}
 {%- endfor %}
 
-{%- for domain in salt['pillar.get']('nginx:ng:certificates', {}).keys() %}
+{%- for domain in salt['pillar.get']('nginx:certificates', {}).keys() %}
 
 nginx_{{ domain }}_ssl_certificate:
   file.managed:
     - name: {{ certificates_path }}/{{ domain }}.crt
     - makedirs: True
-{% if salt['pillar.get']("nginx:ng:certificates:{}:public_cert_pillar".format(domain)) %}
-    - contents_pillar: {{salt['pillar.get']('nginx:ng:certificates:{}:public_cert_pillar'.format(domain))}}
+{% if salt['pillar.get']("nginx:certificates:{}:public_cert_pillar".format(domain)) %}
+    - contents_pillar: {{salt['pillar.get']('nginx:certificates:{}:public_cert_pillar'.format(domain))}}
 {% else %}
-    - contents_pillar: nginx:ng:certificates:{{ domain }}:public_cert
+    - contents_pillar: nginx:certificates:{{ domain }}:public_cert
 {% endif %}
     - watch_in:
       - service: nginx_service
 
-{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key".format(domain)) or salt['pillar.get']("nginx:ng:certificates:{}:private_key_pillar".format(domain))%}
+{% if salt['pillar.get']("nginx:certificates:{}:private_key".format(domain)) or salt['pillar.get']("nginx:certificates:{}:private_key_pillar".format(domain))%}
 nginx_{{ domain }}_ssl_key:
   file.managed:
     - name: {{ certificates_path }}/{{ domain }}.key
     - mode: 600
     - makedirs: True
-{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key_pillar".format(domain)) %}
-    - contents_pillar: {{salt['pillar.get']('nginx:ng:certificates:{}:private_key_pillar'.format(domain))}}
+{% if salt['pillar.get']("nginx:certificates:{}:private_key_pillar".format(domain)) %}
+    - contents_pillar: {{salt['pillar.get']('nginx:certificates:{}:private_key_pillar'.format(domain))}}
 {% else %}
-    - contents_pillar: nginx:ng:certificates:{{ domain }}:private_key
+    - contents_pillar: nginx:certificates:{{ domain }}:private_key
 {% endif %}
     - watch_in:
       - service: nginx_service

nginx/common.sls

@@ -1,8 +1,8 @@
-# nginx.ng.config
+# nginx.config
 #
 # Manages the main nginx server configuration file.
 
-{% from 'nginx/ng/map.jinja' import nginx, sls_block with context %}
+{% from 'nginx/map.jinja' import nginx, sls_block with context %}
 
 {% if nginx.install_from_source %}
 nginx_log_dir:
@@ -15,7 +15,7 @@ nginx_log_dir:
 {% if 'source_path' in nginx.server.config %}
 {% set source_path = nginx.server.config.source_path %}
 {% else %}
-{% set source_path = 'salt://nginx/ng/files/nginx.conf' %}
+{% set source_path = 'salt://nginx/files/nginx.conf' %}
 {% endif %}
 nginx_config:
   file.managed:

nginx/ng/config.sls renamed to nginx/config.sls

@@ -1,18 +1,30 @@
-{% from "nginx/map.jinja" import nginx as nginx_map with context %}
+# nginx
+#
+# Meta-state to fully install nginx.
+
+{% from 'nginx/map.jinja' import nginx, sls_block with context %}
 
 include:
-  - nginx.common
-{% if salt['pillar.get']('nginx:use_upstart', nginx_map['use_upstart']) %}
-  - nginx.upstart
-{% elif salt['pillar.get']('nginx:use_sysvinit', nginx_map['use_sysvinit']) %}
-  - nginx.sysvinit
-{% endif %}
-{% if pillar.get('nginx', {}).get('user_auth_enabled', true) %}
-  - nginx.users
-{% endif %}
-{% if pillar.get('nginx', {}).get('install_from_source', false) %}
-  - nginx.source
-{% else %}
-  - nginx.package
-{% endif -%}
+  - nginx.config
+  - nginx.service
+  {% if nginx.snippets is defined %}
+  - nginx.snippets
+  {% endif %}
+  - nginx.servers
+  - nginx.certificates
 
+extend:
+  nginx_service:
+    service:
+      - listen:
+        - file: nginx_config
+      - require:
+        - file: nginx_config
+  nginx_config:
+    file:
+      - require:
+        {% if nginx.install_from_source %}
+        - cmd: nginx_install
+        {% else %}
+        - pkg: nginx_install
+        {% endif %}