I'm trying to use chef to provision a centos webserver with nginx. I want to use the http_auth_request_module and the headers_more_module. My role looks like this:
{
"name" : "cms-aws",
"description" : "a role to deploy cms to aws",
"default_attributes" : {
"nginx" : {
"source" : {
"modules" : ["nginx::http_auth_request_module","nginx::headers_more_module"]
}
}
},
"run_list" : [
"runit",
"python",
"build-essential",
"gunicorn",
"nginx::source",
"openssl",
"yum",
"git",
"yum-epel",
"my-custom-cookbook",
"supervisor"
]
}
However, when I run nginx -V on the server, those modules aren't listed, and nginx complains when I use the auth_request directive in my conf file.
I've also tried with the following attributes, but chef couldn't find those cookbooks when I ran it:
"default_attributes" : {
"nginx" : {
"source" : {
"modules" : ["http_auth_request_module","headers_more_module"]
}
}
},
Edit:
So I've determined that the AMI I was running this on already had nginx installed. So when systemctl starts nginx it's hitting the preexisting one, and not the one chef installs. I tried modifying my attributes as such:
"default_attributes" : {
"nginx" : {
"source" : {
"modules" : ["nginx::http_auth_request_module","nginx::headers_more_module"]
},
"binary" : "/usr/sbin/nginx"
}
},
but chef still installs nginx at /opt/nginx-1.6.2/sbin/nginx, any idea how to correct this?
Edit edit: Turns out nginx is not installed out of the box on this AMI, so the cookbook installs it at /usr/sbin/nginx, yet when I run nginx -V the desired modules aren't listed. When I run /opt/nginx-1.6.2/sbin/nginx -V it lists the requested modules.
Even if nginx was installed from a package, the nginx cookbook will create an runit service starting nginx from /opt/nginx-1.6.2/sbin/. You can manage it with the runit's sv command
sudo sv status nginx
sudo sv up nginx
When compiling nginx from source in chef, it makes sense to forcefully remove any existing packages in the same recipe:
package("nginx") { action :remove }
Since your nginx appears to be compiled correctly (/opt/nginx-1.6.2/sbin/nginx -V produces the correct result), the above should be enough to fix the issue.
Related
I would like to setup ansible on my Mac. I've done something similar in GNS3 and it worked but here there are more factors I need to take into account. so I have the Ansible installed. I added hostnames in /etc/hosts and I can ping using the hostnames I provided there.
I have created ansible folder which I am going to use and put ansible.cfg inside:
[defaults]
hostfile = ./hosts
host_key_checking = false
timeout = 5
inventory = ./hosts
In the same folder I have hosts file:
[tp-lab]
lab-acc0
When I try to run the following command: ansible tx-edge-acc0 -m ping
I am getting the following errors:
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
[WARNING]: Unhandled error in Python interpreter discovery for host tx-edge-acc0: unexpected output from Python interpreter discovery
[WARNING]: sftp transfer mechanism failed on [tx-edge-acc0]. Use ANSIBLE_DEBUG=1 to see detailed information
[WARNING]: scp transfer mechanism failed on [tx-edge-acc0]. Use ANSIBLE_DEBUG=1 to see detailed information
[WARNING]: Platform unknown on host tx-edge-acc0 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible/2.10/reference_appendices/interpreter_discovery.html for more information.
tx-edge-acc0 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"module_stderr": "Shared connection to tx-edge-acc0 closed.\r\n",
"module_stdout": "\r\nerror: unknown command: /bin/sh\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 0
Any idea what might the problem here? much appreciated
At first glance it seems that you ansible controller does not load configuration files (especially ansible.cfg) when playbook is fired.
(From documentation) Ansible searches for configuration files in the following order, processing the first file it finds and ignoring the rest:
$ANSIBLE_CONFIG if the environment variable is set.
ansible.cfg if it’s in the current directory.
~/.ansible.cfg if it’s in the user’s home directory.
/etc/ansible/ansible.cfg, the default config file.
Edit: For peace of mind it is good to use full paths
EDIT Based on comments
$ cat /home/ansible/ansible.cfg
[defaults]
host_key_checking = False
inventory = /home/ansible/hosts # <-- use full path to inventory file
$ cat /home/ansible/hosts
[servers]
server-a
server-b
Command & output:
# Supplying inventory host group!
$ ansible servers -m ping
server-a | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
server-b | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
I'm running DDEV nginx server on Bedrock wordpress site and trying to load snippet for Browsersync.
gulpfile.js browserSync task:
browserSync.init({
proxy: {
target: "https://web.ddev.site"
},
https: {
key: "/Users/user/Library/Application Support/mkcert/rootCA-key.pem",
cert: "/Users/user/Library/Application Support/mkcert/rootCA.pem"
}, open:false});
Browser doesnt load snippet and print following error:
(index):505 GET https://web.ddev.site:3000/browser-sync/browser-sync-client.js?v=2.26.7 net::ERR_SSL_KEY_USAGE_INCOMPATIBLE
How can I get this two things to work together? Before DDEV I was using MAMP but DDEV has much better performance and I want to switch to this app. Thanks for help.
The problem was bad ssl certificates file. It was necessary to use docker container certificate. Proxy option is not anymore required.
After setup ddev container, you need to copy docker certificate to some location:
docker cp ddev-router:/etc/nginx/certs ~/tmp
After that just update path to correct certificates files. My gulpfile task now looks like this:
browserSync.init({https: {
key: "/Users/username/tmp/master.key",
cert: "/Users/username/tmp/master.crt"
}, open:false});
Thanks #rfay for solution!
I'm using the following Vagrantfile to install nginx. After I run vagrant up, a request to http://192.168.33.14/ returns a 404 from nginx. After I run 'vagrant reload', making a request to http://192.168.33.14/ returns the expected proxied result.
I expect that the proxy works as expected after vagrant up. I am writing the config change after running the nginx cookbook, so I suspect I need to reload nginx after writing the config file. I tried a shell provisioner running sudo /usr/sbin/nginx -s reload, this fails with nginx: [error] open() "/var/run/nginx.pid" failed (2: No such file or directory).
Vagrant.configure("2") do |config|
config.vm.box = "opscode-ubuntu-14.04"
config.vm.box_url = "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box"
config.omnibus.chef_version = :latest
config.vm.provision "shell", inline: "echo 'set nocp' > /home/vagrant/.vimrc"
config.vm.define "nginx" do |nginx|
nginx.vm.network "private_network", ip: "192.168.33.14"
nginx.vm.provision :chef_solo do |chef|
chef.cookbooks_path = "cookbooks"
chef.add_recipe "nginx"
chef.json = {
:nginx => {
dir: '/etc/nginx' # this is the default value, sample only
}
}
end
nginx.vm.provision "shell",
inline: "echo -e $1 > /etc/nginx/conf.d/nginx.conf",
args: [<<-EOS
server {
listen *:80;
location ~ ^/ {
proxy_pass http://192.168.33.11:8080;
}
}
EOS
]
end
I was experiencing the same problem, also using Ubuntu 14.04 as the base box.
This post helped me:
http://www.rollnorocks.com/2014/05/fear-and-loathing-with-chef-and-nginx/
In short, the PID location for the initial install is different to what's set in the config. The chef recipe sets the config PID (default /var/run/nginx.pid), but the initial install uses the default Ubuntu setting (/run/nginx.pid).
A quick way of resolving this problem is adding this line to an attribute file:
override['nginx']['pid'] = '/run/nginx.pid'
This means the chef PID location is set to the same location that Ubuntu uses on the initial install.
A better fix would be to improve the recipe so the initial install uses a PID as set by chef - I can't find where to add that, so for now I'm using the quick fix above.
Another work-around was found, setting install_method to source:
vm.provision :chef_solo do |chef|
chef.cookbooks_path = "cookbooks"
chef.add_recipe "nginx"
chef.json = {
:nginx => {
install_method: "source"
}
}
end
I found the workaround here: https://github.com/miketheman/nginx/pull/223
I am very new to nginx and lua .i have installed Openresty .
below is my code in nginx.conf file .
server{
location /hellolua {
default_type 'text/plain';
content_by_lua ' local name = ngx.var.arg_name or "Anonymous"
ngx.say("Hello, ", name, "!") ';
}
}
When i am running sudo service nginx start i am getting error Starting nginx: nginx: [emerg] unknown directive "content_by_lua" in /etc/nginx/nginx.conf:24
nginx: configuration file /etc/nginx/nginx.conf test failedt
Please let me know what i am missing .
It seems to me, as if you haven't installed the right module? ngx_lua (http://wiki.nginx.org/HttpLuaModule)
You mention OpenResty. Did you configure it with lua? If not, the guide is here(http://wiki.nginx.org/HttpLuaModule#Installation).
Quick resumé:
The ngx_openresty bundle can be used to install Nginx, ngx_lua, either one of the standard Lua 5.1 interpreter or LuaJIT 2.0, as well as a package of powerful companion Nginx modules. The basic installation step is a simple ./configure --with-luajit && make && make install.
You can manually compile ngx_lua into nginx too, the full guide is in the link too.
After comment-discussing - I removed the irrelevant part of the answer.
By default, OpenResty's nginx is installed into the path /usr/local/openresty/nginx/sbin/nginx. Your system's default nginx init configurations need an update to point to the right locations.
I'm using http://community.opscode.com/cookbooks/nginx to install Nginx on Vagrant
I'd like for Nginx to start with my configuration file /home/vagrant/nginx/nginx.conf, however it seems to insist on using etc/nginx/nginx.conf
The relevant section of my Vagrantfile is:
chef.add_recipe "ohai"
chef.add_recipe "runit"
chef.add_recipe "nginx"
chef.json = {
:nginx => {
:install_method => "source",
:source => {
:version => "1.4.1",
:conf_path => "#{VAGRANT_HOME_DIRECTORY}/nginx/nginx.conf",
}
}
}
What's going on here??
I install and configure nginx with my requirements as below. This is my recipe for nginx installation and configuration:
include_recipe "apt"
apt_repository 'nginx' do
uri 'http://nginx.org/packages/ubuntu/'
distribution node['lsb']['codename']
components ['nginx']
key 'http://nginx.org/keys/nginx_signing.key'
deb_src true
end
apt_package 'nginx' do
action :install
end
file "/etc/nginx/nginx.conf" do
action :delete
end
cookbook_file "/etc/nginx/nginx.conf" do
source "nginx.conf"
action :create
end
service "nginx" do
action :start
end
Explanation:
Configure the nginx repo under sources.list. This needs the apt cookbook which provides apt_repository LWRP,
Delete the existing /etc/nginx/nginx.conf and copy a pre-defined one using cookbook_file. I have already configured nginx.conf as per my requirements and saved it under files directory of the cookbook.
Bottom line, I do not install nginx using the nginx cookbook; instead, I install it as a package and then configure it as per my needs.