Salt States by Example | Part 4 | Create and Configure an Nginx Virtual Host

By: rahul On: Mon 23 October 2017
In: Devops
Tags: #devops #configuration-management #linux #saltstack

Greetings Wanderer!

This is a continuation on our attempt to write a complete Salt State. Before proceeding, if you haven't already, please check the links/articles listed below:

> Saltstack By Example | Part 1 | Installation
> Saltstack By Example | Part 2 | Configuration
> Saltstack By Example | Part 3 | Basic Commands
> Saltstack By Example | Part 4 | Salt State Examples

> Salt States by Example | Part 1 | Install a Salt Minion on CentOS or Debian
> Salt States by Example | Part 2 | Install Nginx using Saltstack
> Salt States by Example | Part 3 | Install MySQL, PHP and PHP-FPM using Saltstack
>> Salt States by Example | Part 4 | Create and Configure an Nginx Virtual Host (<== We are here)

In the previous article, we saw how to install MariaDB, PHP and PHP-FPM on a Salt Minion. In this post, we'll see how to go about creating and configuring an Nginx Virtual host on the same Salt Minion.

Prerequisites
  • A Salt Master
  • A Salt Minion that runs a Debian minimal install or a CentOS minimal install - the installation is outlined in Part 1
  • This is what our directory structure looks like:
.
|-- common    <=== COMPLETED
|-- nginx     <=== COMPLETED
|   `-- repofiles
|-- mysql     <=== COMPLETED
|-- php       <=== COMPLETED
|   `-- files
|-- wordpress 
|   `-- files
|-- wpcli
|   `-- files
`-- wp_user
    `-- files
        |-- templates
        `-- wptest
            |-- logs
            `-- public_html

1. Create an Nginx Virtual Host - create an Nginx Virtual Host user with Saltstack:

1a. As usual, we'll begin by declaring a few variables, using the map.jinja file (wp_user/map.jinja):

{%  set wpuser = salt['grains.filter_by']({
    'Debian': {
        'username': 'wptest',
        'domain': 'wptest.com',
        'sock': '/var/run/php5-fpm.sock'
    },
    'RedHat': {
        'username': 'wptest',
        'domain': 'wptest.com',
        'sock': '/var/run/php-fpm/php-fpm.sock'
    }
}) %}

Here, we've declared the virtual host username, domain-name and the PHP-FPM socket path.

1b. The next step would be to create the actual user, and create the required directory structure. This is done using the file called create.sls (wp_user/create.sls):

{%- from "wordpresser/wp_user/map.jinja" import wpuser %}

create-wp-account:
  user.present:
    - name: {{ wpuser.username }}
    - shell: /bin/bash

create-home-subdirs:
  file.recurse:
    - name: /home/{{ wpuser.username }}/
    - source: salt://wordpresser/wp_user/files/{{ wpuser.username }}/
    - makedirs: True

1c. The next and the most important part in this section is to configure the nginx virtual host user; these are the steps we'll take in this example:
- Create the sites-available and sites-enabled directories for Nginx.
- Copy the Nginx Virtual Host user's Nginx configuration file into the site-available directory.
- Create a symlink from sites-available to sites-enabled, for the configuration file.
- Correct the file and directory permissions and ownerships for the user's home directory.
- Restart the PHP-FPM and Nginx services.

These steps are run using the configure.sls file (wp_user/configure.sls):

{%- from "wordpresser/wp_user/map.jinja" import wpuser %}
{%- from "wordpresser/php/map.jinja" import php %}

create-nginx-available:
  file.directory:
    - name: /etc/nginx/sites-available
    - user: root
    - group: root

create-nginx-enabled:
  file.directory:
    - name: /etc/nginx/sites-enabled
    - user: root
    - group: root

copy-nginx-conf:
  file.managed:
    - name: /etc/nginx/sites-available/{{ wpuser.domain }}.conf
    - source: salt://wordpresser/wp_user/files/templates/nginx.conf
    - template: jinja
    - context:
      domain: {{ wpuser.domain }}
      username: {{ wpuser.username }}
      sockpath: {{ wpuser.sock }}

symlink-nginx-enabled:
  file.symlink:
    - name: /etc/nginx/sites-enabled/{{ wpuser.domain }}.conf
    - target: /etc/nginx/sites-available/{{ wpuser.domain }}.conf

add-enabled-nginx-conf:
  file.line:
    - name: /etc/nginx/nginx.conf
    - content: "include /etc/nginx/sites-enabled/*.conf;"
    - mode: insert
    - backup: True
    - after: "include /etc/nginx/conf.d/*.conf;"

change-file-dir-ownership:
  file.directory:
    - name: /home/{{ wpuser.username }}
    - user: {{ wpuser.username }}
    - group: {{ wpuser.username }}
    - dir_mode: 755
    - file_mode: 644
    - recurse:
      - user
      - group
      - mode

change-homdir-perm:
  file.directory:
    - name: /home/{{ wpuser.username }}
    - user: {{ wpuser.username }}
    - group: {{ wpuser.username }}
    - mode: 711

php5_fpm_restart:
  cmd.run:
    - name: systemctl restart {{ php.service }}

nginx_restart:
  cmd.run:
- name: systemctl restart nginx 

Here's what the completed wp_user directory structure should look like:

wp_user/
|-- configure.sls
|-- create.sls
|-- files
|   |-- templates
|   |   `-- nginx.conf
|   `-- wptest
|       |-- logs
|       |   |-- access.log
|       |   `-- error.log
|       `-- public_html
|           |-- index.html
|           `-- info.php
`-- map.jinja

1d. Edit the init.sls file to include the wp_user files:

include:
  - wordpresser.common.packages
  - wordpresser.nginx.repo
  - wordpresser.nginx.packages
  - wordpresser.nginx.firewalld
  - wordpresser.mysql.packages
  - wordpresser.mysql.firewalld
  - wordpresser.mysql.mysql_secure
  - wordpresser.php.packages
  - wordpresser.wp_user.create
  - wordpresser.wp_user.configure

1e. Run salt command - salt '*' state.apply
If it runs successfully, a new Nginx virtual host user will be create on the Minions.

To recap, in this post we saw how to create and configure an Nginx Virtual Host user using Salt. In the next post, we'll discuss how to go about Installing WP-CLI and use it to install Wordpress within the Salt Minions.

A complete version of the code is available at this GitHub repository: Wordpresser


If you found the article helpful, please share or cite the article, and spread the word:


For any feedback or corrections, please write in to: rahul [at] muchbits [dot] com