Switch back to the upstream nginx cookbook

chef_nginx is deprecated

Berksfile

@@ -4,7 +4,7 @@ source 'https://supermarket.chef.io'
 
 cookbook 'mediawiki',
          git: 'https://github.com/67P/mediawiki-cookbook.git',
-         ref: 'd96a886e554e338e982e82c2502701d8e40fa55d'
+         ref: 'f8d0f6b19af4381fdc390aaa32c51a54bd73afdc'
 cookbook 'wordpress',
          git: 'https://github.com/67P/wordpress-cookbook.git',
          ref: 'relax_dependencies'
@@ -31,7 +31,7 @@ cookbook 'users',                  '~> 5.3.1'
 cookbook 'sudo',                   '~> 5.3.3'
 cookbook 'hostname',               '= 0.4.2'
 cookbook 'firewall',               '~> 2.6.3'
-cookbook 'chef_nginx',             '= 6.1.1'
+cookbook 'nginx',                  '= 9.0.0'
 cookbook 'build-essential',        '~> 8.1.1'
 cookbook 'mysql',                  '= 6.1.3'
 cookbook 'postgresql',             '= 6.1.1'

Berksfile.lock

@@ -9,7 +9,6 @@ DEPENDENCIES
   build-essential (~> 8.1.1)
   chef-sugar (= 3.3.0)
   chef_client_updater (= 1.1.1)
-  chef_nginx (= 6.1.1)
   compat_resource (= 12.19.0)
   composer (~> 2.6.1)
   database (= 6.1.1)
@@ -28,11 +27,12 @@ DEPENDENCIES
   mariadb (= 0.3.1)
   mediawiki
     git: https://github.com/67P/mediawiki-cookbook.git
-    revision: d96a886e554e338e982e82c2502701d8e40fa55d
-    ref: d96a886
+    revision: f8d0f6b19af4381fdc390aaa32c51a54bd73afdc
+    ref: f8d0f6b
   mingw (= 2.0.0)
   mysql (= 6.1.3)
   mysql2_chef_gem (= 1.1.0)
+  nginx (= 9.0.0)
   nodejs (~> 5.0.0)
   ntp (= 3.4.0)
   ohai (= 5.0.4)
@@ -58,7 +58,7 @@ DEPENDENCIES
   windows (= 3.1.1)
   wordpress
     git: https://github.com/67P/wordpress-cookbook.git
-    revision: a80b8a17fb823a01b769f690349d745c40fff04c
+    revision: 593ad2c7957fc427da739510de59f36ad648ee5e
     ref: relax_d
   yum (= 3.13.0)
   yum-epel (= 0.3.6)
@@ -94,12 +94,6 @@ GRAPH
   chef-sugar (3.3.0)
   chef_client_updater (1.1.1)
     compat_resource (>= 12.16.3)
-  chef_nginx (6.1.1)
-    build-essential (>= 0.0.0)
-    compat_resource (>= 12.16.3)
-    ohai (>= 4.1.0)
-    yum-epel (>= 0.0.0)
-    zypper (>= 0.0.0)
   compat_resource (12.19.0)
   composer (2.6.1)
     apt (>= 0.0.0)
@@ -129,10 +123,10 @@ GRAPH
     yum-epel (>= 0.0.0)
   mediawiki (0.3.0)
     apache2 (>= 0.0.0)
-    chef_nginx (>= 0.0.0)
     database (>= 0.0.0)
     mysql (>= 0.0.0)
     mysql2_chef_gem (>= 0.0.0)
+    nginx (>= 0.0.0)
     php (>= 0.0.0)
     php-fpm (>= 0.0.0)
   mingw (2.0.0)
@@ -144,6 +138,10 @@ GRAPH
     build-essential (>= 0.0.0)
     mariadb (>= 0.0.0)
     mysql (>= 6.0)
+  nginx (9.0.0)
+    build-essential (>= 5.0)
+    ohai (>= 4.1.0)
+    yum-epel (>= 0.0.0)
   nodejs (5.0.0)
     ark (>= 2.0.2)
     build-essential (>= 0.0.0)
@@ -196,7 +194,7 @@ GRAPH
   smf (2.2.8)
     rbac (>= 1.0.1)
   sudo (5.3.3)
-  tar (2.1.1)
+  tar (2.2.0)
   timezone_iii (1.0.4)
   users (5.3.1)
   windows (3.1.1)
@@ -204,11 +202,11 @@ GRAPH
   wordpress (3.1.0)
     apache2 (>= 2.0.0)
     build-essential (>= 0.0.0)
-    chef_nginx (>= 0.0.0)
     database (>= 1.6.0)
     iis (>= 1.6.2)
     mysql (>= 6.0)
     mysql2_chef_gem (>= 1.0.1)
+    nginx (>= 0.0.0)
     openssl (>= 0.0.0)
     php (>= 0.0.0)
     php-fpm (>= 0.0.0)
@@ -221,4 +219,3 @@ GRAPH
     yum (~> 3.0)
   yum-mysql-community (2.1.0)
     compat_resource (>= 12.16.3)
-  zypper (0.4.0)

cookbooks/chef_nginx/.foodcritic

@@ -1 +0,0 @@
-~FC016

cookbooks/chef_nginx/MAINTAINERS.md

@@ -1,15 +0,0 @@
-<!-- This is a generated file. Please do not edit directly -->
-
-# Maintainers
-
-This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
-
-Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
-
-# Project Maintainer
-* [Tim Smith](https://github.com/tas50)
-
-# Maintainers
-* [Jennifer Davis](https://github.com/sigje)
-* [Tim Smith](https://github.com/tas50)
-* [Thom May](https://github.com/thommay)

cookbooks/chef_nginx/libraries/matchers.rb

@@ -1,35 +0,0 @@
-#
-# Cookbook:: chef_nginx
-# Library:: matchers
-#
-# Author:: Tim Smith (<tsmith@chef.io>)
-#
-# Copyright:: 2016-2017, Chef Software, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-if defined?(ChefSpec)
-  #############
-  # nginx_site
-  #############
-  ChefSpec.define_matcher :nginx_site
-
-  def enable_nginx_site(resource_name)
-    ChefSpec::Matchers::ResourceMatcher.new(:nginx_site, :enable, resource_name)
-  end
-
-  def disable_nginx_site(resource_name)
-    ChefSpec::Matchers::ResourceMatcher.new(:nginx_site, :disable, resource_name)
-  end
-end

cookbooks/mediawiki/metadata.json

@@ -14,7 +14,7 @@
     "php": ">= 0.0.0",
     "mysql": ">= 0.0.0",
     "database": ">= 0.0.0",
-    "chef_nginx": ">= 0.0.0",
+    "nginx": ">= 0.0.0",
     "mysql2_chef_gem": ">= 0.0.0",
     "php-fpm": ">= 0.0.0"
   },

cookbooks/mediawiki/metadata.rb

@@ -9,7 +9,7 @@ depends          'apache2'
 depends          'php'
 depends          'mysql'
 depends          'database'
-depends          'chef_nginx'
+depends          'nginx'
 depends          'mysql2_chef_gem'
 depends          'php-fpm'
 

cookbooks/mediawiki/recipes/database.rb

@@ -64,5 +64,6 @@ mysql_database_user db["user"] do
   connection    mysql_connection_info
   database_name db["name"]
   privileges    [:all]
+  password      db["pass"]
   action        :grant
 end

cookbooks/mediawiki/recipes/default.rb

@@ -63,9 +63,9 @@ bash "configure_mediawiki_database" do
   cwd node["mediawiki"]["webdir"]
   code "php maintenance/install.php" +
     " --pass '" + node["mediawiki"]["admin_password"] +
-    "' --dbserver 'localhost:/run/mysql-default/mysqld.sock" +
     "' --dbname '" + node["mediawiki"]["db"]["name"] +
     "' --dbuser '" + node["mediawiki"]["db"]["user"] +
+    "' --dbpass '" + node["mediawiki"]["db"]["pass"] +
     "' --server '" + node["mediawiki"]["server"] +
     "' --scriptpath '" + node["mediawiki"]["scriptpath"] +
     "' --lang '" + node["mediawiki"]["language_code"] +

cookbooks/mediawiki/recipes/nginx.rb

@@ -25,7 +25,7 @@ php_fpm_pool "mediawiki" do
 end
 
 include_recipe "php::module_mysql"
-include_recipe "chef_nginx"
+include_recipe "nginx"
 
 directory node["mediawiki"]["docroot_dir"] do
   user node['nginx']['user']

cookbooks/nginx/CHANGELOG.md

@@ -2,6 +2,86 @@
 
 This file is used to list changes made in each version of the nginx cookbook.
 
+## 9.0.0 (2018-11-13)
+
+- This cookbook now requires Chef 13.3 or later, but no longer requires the zypper cookbook. This cookbook was throwing deprecation warnings for users of current Chef 14 releases.
+
+## 8.1.6 (2018-10-05)
+
+- passenger: fixed install order
+- passenger Ubuntu 18.04 support
+- Evaluate ohai_plugin_enabled in the source recipe
+- Abstract nginx users home path to attribute
+
+## 8.1.5 (2018-07-23)
+
+- Fixes cookbook fails when installing repo passenger because there is no service declaration inline
+- Add proxy buffers options
+
+## 8.1.4 (2018-07-18)
+
+- Adds the ability to toggle Ohai Plugin
+- Use build_essential resource instead of the cookbook so we can use the built in resource on Chef 14+
+
+## 8.1.2 (2018-02-26)
+
+- Add map_hash_max_size as configuration option
+
+## 8.1.1 (2018-02-26)
+
+- Use Chef::VersionConstraint in auth request module so we properly compare versions
+
+## 8.1.0 (2018-02-19)
+
+- Added a new nginx_stream resource for enabling/disable nginx stream blocks
+- Make sure we install zlib for source installs. This gives us compression support and fixes compilation on Debian 9
+
+## 8.0.1 (2018-02-16)
+
+- Update the required Chef release to 12.14 since we're using yum/apt repository resources
+- Add a new 'site_name' property to the nginx_site resource. This allows you to specify a site name if it differs from the resource name
+- Removed the check for nginx < 1.2 in the realip module
+
+## 8.0.0 (2018-02-16)
+
+- Remove ChefSpec matchers since these are autogenerated now
+- Remove compat_resource cookbook dependency and require Chef 12.7+ instead
+- Expand testing and test on Amazon Linux
+
+## 7.0.2 (2017-11-22)
+
+- Fix a bug that led to nginx recompiling when it didn't need to
+
+## 7.0.1 (2017-11-14)
+
+- Move passenger test attributes into the cookbook
+- Resolve FC108 warning
+
+## 7.0.0 (2017-09-18)
+
+### Breaking Changes
+
+- This release of the nginx cookbook merges all changes that occurred within the chef_nginx fork from 2.8 - 6.2\. This includes multiple breaking changes along with a large number of improvements and bug fixes. If you're upgrading from 2.7 to current make sure to read the whole changelog to make sure you're ready.
+
+### Other Changes
+
+- Added a new resource nginx_runit_cleanup has been introduced which stops the existing nginx runit service and removes the init files. This is now called automatically from the default recipe to cleanup an existing installation. This should make it possible for users to migrate from the 2.X release to the current w/o manual steps.
+- Fixed compile failures on Fedora and any other distros released in the future which use GCC 7
+- Added the .m3u8 mimetype
+- Moved all files out of the files/default directory since this isn't required with Chef 12 and later
+- Added ulimit to the nginx sysconfig file for RHEL platforms
+
+## 6.2.0 (2017-09-12)
+
+- Install basic configuration before starting the nginx service
+- Correct documentation for `rate_limiting_backoff` attribute
+- Phusion Passenger distro has pid file location in /run/nginx.pid
+- [GH-92] add a test suite for passenger install
+- Swap the maintainer files for a readme section
+- Update nginx version [1.12.1] and checksum attributes for source installs
+- Update versions and checksums for lua-nginx-module and echo-nginx-module
+- Simplify repo logic and use HTTPS repos
+
 ## 6.1.1 (2017-06-08)
 
 - Use multipackage installs in the pagespeed recipe to speed things up
@@ -12,14 +92,13 @@ This file is used to list changes made in each version of the nginx cookbook.
 - Add attributes for setting the repository URLs
 - Fix support for Amazon Linux repos on Chef 13+
 
-
 ## 6.0.3 (2017-06-05)
 
 - Correctly compare nginx versions with multiple digits so 1.10 is properly recognized as coming after 1.2.
 
 ## 6.0.2 (2017-04-27)
 
-- Resolve name conflicts in the resource 
+- Resolve name conflicts in the resource
 
 ## 6.0.1 (2017-04-04)
 
@@ -34,7 +113,7 @@ This file is used to list changes made in each version of the nginx cookbook.
 ### Other changes
 
 - Install nginx 1.10.3 for source based installs
-- Remove freebsd cookbook from testing as it’s not necessary anymore
+- Remove freebsd cookbook from testing as it's not necessary anymore
 - Bump OpenSSL to 1.0.2k
 
 ## 5.1.3 (2017-03-24)
@@ -82,13 +161,14 @@ This file is used to list changes made in each version of the nginx cookbook.
 - Properly disable the default site with nginx.org packages
 
 ## 5.0.2 (2016-12-22)
+
 - Requite the latest compat_resource
 
 ## 5.0.1 (2016-12-13)
 
 - Use multipackage in pagespeed module recipe to speed up installs
 - Simplify the distro repo setup logic to ensure we're using the correct repos under all conditions. Previously the upstream repo was being missed on Suse systems
-- Determine pidfile location correctly via a helper so we correctly set pidfiles when using Upstream packages on Ubuntu 14.04 / 16.04. This involved removing the attribute for the pidfile location, which may cause issues if you relied on that attribute.
+- Determine pidfile location correctly via a helper so we correctly set pidfiles when using Upstream packages on Ubuntu 14.04 / 16.04\. This involved removing the attribute for the pidfile location, which may cause issues if you relied on that attribute.
 - Testing improvements to make sure all suites run and the suites are testing the correct conditions
 
 ## 5.0.0 (2016-12-07)
@@ -104,12 +184,14 @@ This file is used to list changes made in each version of the nginx cookbook.
 - Better document how to compile modules
 
 ## 4.0.2 (2016-12-01)
+
 - Default to openssl 1.0.2j with source installs
 - Add cookbook property to the nginx_site resource to allow using templates defined in other cookbooks
 - Prevent default docroot index.html on bad url in status
 - Readme improvements
 
 ## 4.0.1 (2016-10-31)
+
 - Fix a version check in the realip recipe
 - Align the config with the default config a bit
 - Fix the ChefSpec matchers now that nginx_site is a custom resource

cookbooks/nginx/README.md

@@ -1,15 +1,9 @@
 # nginx Cookbook
 
-[![Cookbook](http://img.shields.io/cookbook/v/chef_nginx.svg)](https://supermarket.chef.io/cookbooks/chef_nginx) [![Build Status](https://travis-ci.org/chef-cookbooks/chef_nginx.svg?branch=master)](https://travis-ci.org/chef-cookbooks/chef_nginx)
+[![Cookbook](http://img.shields.io/cookbook/v/nginx.svg)](https://supermarket.chef.io/cookbooks/nginx) [![Build Status](https://travis-ci.org/chef-cookbooks/nginx.svg?branch=master)](https://travis-ci.org/chef-cookbooks/nginx)
 
 Installs nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts.
 
-## nginx vs. chef_nginx
-
-This cookbook is a fork from the 2.7.x branch of the [community nginx cookbook](https://github.com/miketheman/nginx).
-
-This fork will be actively supported by Chef Software and we will continue to migrate the cookbook to a more resource driven model, with incremental changes following the SemVer model.
-
 ## Requirements
 
 ### Cookbooks
@@ -18,7 +12,6 @@ The following cookbooks are direct dependencies because they're used for common
 
 - `build-essential` for source installations
 - `ohai` for setting up the ohai plugin
-- `compat_resource` for setting up the nginx.org repository on Chef 12.1 - 12.13
 - `yum-epel` for setting up the EPEL repository on RHEL platforms
 - `zypper` for setting up the nginx.org repository on Suse platforms
 
@@ -36,20 +29,20 @@ Other Debian and RHEL family distributions are assumed to work.
 
 ### Chef
 
-- Chef 12.1+
+- Chef 13.3+
 
 ## Attributes
 
 Node attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe.
 
-### chef_nginx::auth_request
+### nginx::auth_request
 
-These attributes are used in the `chef_nginx::auth_request` recipe.
+These attributes are used in the `nginx::auth_request` recipe.
 
 - `node['nginx']['auth_request']['url']` - The url to the auth_request module tar.gz file
 - `node['nginx']['auth_request']['checksum']` - The checksum of the auth_request module tar.gz file
 
-### chef_nginx::default
+### nginx::default
 
 Generally used attributes. Some have platform specific values. See `attributes/default.rb`. "The Config" refers to "nginx.conf" the main config file.
 
@@ -59,10 +52,12 @@ Generally used attributes. Some have platform specific values. See `attributes/d
 - `node['nginx']['log_dir']` - Location for nginx logs.
 - `node['nginx']['log_dir_perm']` - Permissions for nginx logs folder.
 - `node['nginx']['user']` - User that nginx will run as.
+- `node['nginx']['user_home']` - User home path, used during user creation.
 - `node['nginx']['group']` - Group for nginx.
 - `node['nginx']['port']` - Port for nginx to listen on.
 - `node['nginx']['binary']` - Path to the nginx binary.
-- `node['nginx']['init_style']` - How to run nginx as a service when using `chef_nginx::source`. Values can be "upstart", "systemd", or "init". This attribute is not used in the `package` recipe because the package manager's init script style for the platform is assumed.
+- `node['nginx']['init_style']` - How to run nginx as a service when using `nginx::source`. Values can be "upstart", "systemd", or "init". This attribute is not used in the `package` recipe because the package manager's init script style for the platform is assumed.
+- `node['nginx']['cleanup_runit']` - Cleanup existing runit based nginx service installation. Uses the `nginx_cleanup_runit` resource. Default: true
 - `node['nginx']['upstart']['foreground']` - Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid.
 - `node['nginx']['upstart']['runlevels']` - String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving.
 - `node['nginx']['upstart']['respawn_limit']` - Respawn limit in upstart stanza format, count followed by space followed by interval in seconds.
@@ -92,7 +87,7 @@ Generally used attributes. Some have platform specific values. See `attributes/d
 - `node['nginx']['proxy_read_timeout']` - defines a timeout (between two successive read operations) for reading a response from the proxied server.
 - `node['nginx']['client_body_buffer_size']` - used for config value of `client_body_buffer_size`.
 - `node['nginx']['client_max_body_size']` - specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.
-- `node['nginx']['repo_source']` - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the `yum-epel` cookbook, 'nginx' will use the `chef_nginx::repo` recipe, 'passenger' will use the 'chef_nginx::repo_passenger' recipe, and setting no value will not add any additional repositories.
+- `node['nginx']['repo_source']` - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the `yum-epel` cookbook, 'nginx' will use the `nginx::repo` recipe, 'passenger' will use the 'nginx::repo_passenger' recipe, and setting no value will not add any additional repositories.
 - `node['nginx']['sts_max_age']` - Enable Strict Transport Security for all apps (See: <http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security>). This attribute adds the following header: Strict-Transport-Security max-age=SECONDS to all incoming requests and takes an integer (in seconds) as its argument.
 - `node['nginx']['default']['modules']` - Array specifying which modules to enable via the conf-enabled config include function. Currently the only valid value is "socketproxy".
 - `node['nginx']['load_modules']` - Array of paths to modules to dynamically load on nginx startup using the `load_module` directive. Default is `[]`.
@@ -119,25 +114,25 @@ Generally used attributes. Some have platform specific values. See `attributes/d
 
 - `node['nginx']['extra_configs']` - a Hash of key/values to nginx configuration.
 
-### chef_nginx::devel
+### nginx::devel
 
-These attributes are used in the `chef_nginx::ngx_devel_module` recipe.
+These attributes are used in the `nginx::ngx_devel_module` recipe.
 
 - `node['nginx']['devel']['version']` - The version of the nginx devel module
 - `node['nginx']['devel']['url']` - The URL of the nginx devel module tar.gz file
 - `node['nginx']['devel']['checksum']` - The checksum of the nginx devel module tar.gz file
 
-### chef_nginx::echo
+### nginx::echo
 
-These attributes are used in the `chef_nginx::http_echo_module` recipe.
+These attributes are used in the `nginx::http_echo_module` recipe.
 
 - `node['nginx']['echo']['version']` - The version of `http_echo` you want (default: 0.59)
 - `node['nginx']['echo']['url']` - URL for the tarball.
 - `node['nginx']['echo']['checksum']` - Checksum of the tarball.
 
-### chef_nginx::geoip
+### nginx::geoip
 
-These attributes are used in the `chef_nginx::http_geoip_module` recipe. Please note that the `country_dat_checksum` and `city_dat_checksum` are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location.
+These attributes are used in the `nginx::http_geoip_module` recipe. Please note that the `country_dat_checksum` and `city_dat_checksum` are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location.
 
 **Note** The upstream, maxmind.com, may block access for repeated downloads of the data files. It is recommended that you download and host the data files, and change the URLs in the attributes.
 
@@ -151,7 +146,7 @@ These attributes are used in the `chef_nginx::http_geoip_module` recipe. Please
 - `node['nginx']['geoip']['lib_url']` - (Versioned) Tarball URL of the GeoIP library
 - `node['nginx']['geoip']['lib_checksum']` - Checksum of the GeoIP library tarball
 
-### chef_nginx::http_realip_module
+### nginx::http_realip_module
 
 From: <http://nginx.org/en/docs/http/ngx_http_realip_module.html>
 
@@ -159,16 +154,28 @@ From: <http://nginx.org/en/docs/http/ngx_http_realip_module.html>
 - `node['nginx']['realip']['addresses']` - Addresses to use for the `http_realip` configuration.
 - `node['nginx']['realip']['real_ip_recursive']` - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default).
 
-### chef_nginx::openssl_source
+### nginx::ohai_plugin
 
-These attributes are used in the `chef_nginx::openssl_source` recipe.
+The `ohai_plugin` recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package):
+
+- `node['nginx']['version']` - version of nginx
+- `node['nginx']['configure_arguments']` - options passed to `./configure` when nginx was built
+- `node['nginx']['prefix']` - installation prefix
+- `node['nginx']['conf_path']` - configuration file path
+- `node['nginx']['ohai_plugin_enabled']` - Toggles ohai_plugin recipe. Defaults to true.
+
+In the source recipe, it is used to determine whether control attributes for building nginx have changed.
+
+### nginx::openssl_source
+
+These attributes are used in the `nginx::openssl_source` recipe.
 
 - `node['nginx']['openssl_source']['version']` - The version of OpenSSL you want to download and use (default: 1.0.1t)
 - `node['nginx']['openssl_source']['url']` - The url for the OpenSSL source
 
-### chef_nginx::passenger
+### nginx::passenger
 
-These attributes are used in the `chef_nginx::passenger` recipe.
+These attributes are used in the `nginx::passenger` recipe.
 
 - `node['nginx']['passenger']['version']` - passenger gem version
 - `node['nginx']['passenger']['root']` - passenger gem root path
@@ -191,21 +198,21 @@ Basic configuration to use the official Phusion Passenger repositories:
 - `node['nginx']['package_name']` - 'nginx-extras'
 - `node['nginx']['passenger']['install_method']` - 'package'
 
-### chef_nginx::rate_limiting
+### nginx::rate_limiting
 
 - `node['nginx']['enable_rate_limiting']` - set to true to enable rate limiting (`limit_req_zone` in nginx.conf)
 - `node['nginx']['rate_limiting_zone_name']` - sets the zone in `limit_req_zone`.
-- `node['nginx']['rate_limiting_backoff']` - sets the backoff time for `limit_req_zone`.
+- `node['nginx']['rate_limiting_backoff']` - **Incorrect name, retained for compatibility reasons** - sets the size of the shared memory zone (default=`10m`, 10 megabytes)
 - `node['nginx']['rate_limit']` - set the rate limit amount for `limit_req_zone`.
 
-### chef_nginx::repo
+### nginx::repo
 
 - `node['nginx']['upstream_repository']` - the URL to use for the package repository resource; default is set based on platform type
 - `node['nginx']['repo_signing_key']` - The URL from which package signing/gpg key is retrieved
 
-### chef_nginx::socketproxy
+### nginx::socketproxy
 
-These attributes are used in the `chef_nginx::socketproxy` recipe.
+These attributes are used in the `nginx::socketproxy` recipe.
 
 - `node['nginx']['socketproxy']['root']` - The directory (on your server) where socketproxy apps are deployed.
 - `node['nginx']['socketproxy']['default_app']` - Static assets directory for requests to "/" that don't meet any proxy_pass filter requirements.
@@ -213,34 +220,34 @@ These attributes are used in the `chef_nginx::socketproxy` recipe.
 - `node['nginx']['socketproxy']['apps']['app_name']['context_name']` - URI (e.g. "app_name" in order to achieve "<http://mydomain.com/app_name>") at which to host the application "app_name"
 - `node['nginx']['socketproxy']['apps']['app_name']['subdir']` - Directory (under `node['nginx']['socketproxy']['root']`) in which to find the application.
 
-### chef_nginx::source
+### nginx::source
 
-These attributes are used in the `chef_nginx::source` recipe. Some of them are dynamically modified during the run. See `attributes/source.rb` for default values.
+These attributes are used in the `nginx::source` recipe. Some of them are dynamically modified during the run. See `attributes/source.rb` for default values.
 
 - `node['nginx']['source']['url']` - (versioned) URL for the nginx source code. By default this will use the version specified as `node['nginx']['version']`.
 - `node['nginx']['source']['prefix']` - (versioned) prefix for installing nginx from source
 - `node['nginx']['source']['conf_path']` - location of the main config file, in `node['nginx']['dir']` by default.
-- `node['nginx']['source']['modules']` - Array of modules that should be compiled into nginx by including their recipes in `chef_nginx::source`.
+- `node['nginx']['source']['modules']` - Array of modules that should be compiled into nginx by including their recipes in `nginx::source`.
 - `node['nginx']['source']['default_configure_flags']` - The default flags passed to the configure script when building nginx.
-- `node['nginx']['configure_flags']` - Preserved for compatibility and dynamically generated from the `node['nginx']['source']['default_configure_flags']` in the `chef_nginx::source` recipe.
-- `node['nginx']['source']['use_existing_user']` - set to `true` if you do not want `chef_nginx::source` recipe to create system user with name `node['nginx']['user']`.
+- `node['nginx']['configure_flags']` - Preserved for compatibility and dynamically generated from the `node['nginx']['source']['default_configure_flags']` in the `nginx::source` recipe.
+- `node['nginx']['source']['use_existing_user']` - set to `true` if you do not want `nginx::source` recipe to create system user with name `node['nginx']['user']` and `node['nginx']['user_home']`.
 
-### chef_nginx::status
+### nginx::status
 
-These attributes are used in the `chef_nginx::http_stub_status_module` recipe.
+These attributes are used in the `nginx::http_stub_status_module` recipe.
 
 - `node['nginx']['status']['port']` - The port on which nginx will serve the status info (default: 8090)
 
-### chef_nginx::syslog
+### nginx::syslog
 
-These attributes are used in the `chef_nginx::syslog_module` recipe.
+These attributes are used in the `nginx::syslog_module` recipe.
 
 - `node['nginx']['syslog']['git_repo']` - The git repository url to use for the syslog patches.
 - `node['nginx']['syslog']['git_revision']` - The revision on the git repository to checkout.
 
-### chef_nginx::upload_progress
+### nginx::upload_progress
 
-These attributes are used in the `chef_nginx::upload_progress_module` recipe.
+These attributes are used in the `nginx::upload_progress_module` recipe.
 
 - `node['nginx']['upload_progress']['url']` - URL for the tarball.
 - `node['nginx']['upload_progress']['checksum']` - Checksum of the tarball.
@@ -261,24 +268,36 @@ Enable or disable a Server Block in `#{node['nginx']['dir']}/sites-available` by
 
 ### Properties:
 
-- `name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.
+- `site_name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.
 - `template` - (optional) Path to the source for the `template` resource.
 - `variables` - (optional) Variables to be used with the `template` resource
 
-## Ohai Plugin
+### nginx_stream
 
-The `ohai_plugin` recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package):
+Enable or disable a Stream Block in `#{node['nginx']['dir']}/streams-available` by calling nxenstream or nxdisstream (introduced by this cookbook) to manage the symbolic link in `#{node['nginx']['dir']}/streams-enabled`.
 
-- `node['nginx']['version']` - version of nginx
-- `node['nginx']['configure_arguments']` - options passed to `./configure` when nginx was built
-- `node['nginx']['prefix']` - installation prefix
-- `node['nginx']['conf_path']` - configuration file path
+### Actions
 
-In the source recipe, it is used to determine whether control attributes for building nginx have changed.
+- `enable` - Enable the nginx stream (default)
+- `disable` - Disable the nginx stream
+
+### Properties:
+
+- `stream_name` - (optional) Name of the stream to enable.
+- `template` - (optional) Path to the source for the `template` resource.
+- `variables` - (optional) Variables to be used with the `template` resource
+
+### nginx_cleanup_runit
+
+A simple resource to remove existing runit based nginx service installations. This is used in the default nginx recipe to stop runit based nginx services and cleanup runit service configs before setting up nginx under the system's own init system.
+
+### Actions
+
+- `cleanup` - Stop runit based nginx and remove runit configs (default)
 
 ## Usage
 
-This cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the chef_nginx::default recipe.
+This cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the nginx::default recipe.
 
 ### Package installation using the nginx.org repositories
 
@@ -347,17 +366,13 @@ node.run_state['nginx_configure_flags'] =
   node.run_state['nginx_configure_flags'] | ['--with-SOMETHING', "--with-SOME_OPT='things'"]
 ```
 
-## License & Authors
+## Maintainers
 
-- Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))
-- Author:: Adam Jacob ([adam@chef.io](mailto:adam@chef.io))
-- Author:: AJ Christensen ([aj@chef.io](mailto:aj@chef.io))
-- Author:: Jamie Winsor ([jamie@vialstudios.com](mailto:jamie@vialstudios.com))
-- Author:: Mike Fiedler ([miketheman@gmail.com](mailto:miketheman@gmail.com))
+This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/)
 
-```text
-Copyright 2008-2016, Chef Software, Inc
+## License
 
+```
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

cookbooks/nginx/attributes/auth_request.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: auth_request
 #
 # Author:: David Radcliffe (<radcliffe.david@gmail.com>)

cookbooks/nginx/attributes/default.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: default
 #
 # Author:: Adam Jacob (<adam@chef.io>)
@@ -22,7 +22,7 @@
 
 # In order to update the version, the checksum attribute must be changed too.
 # This attribute is defined in the source.rb attribute file
-default['nginx']['version']      = '1.10.3'
+default['nginx']['version']      = '1.12.1'
 default['nginx']['package_name'] = 'nginx'
 default['nginx']['port']         = '80'
 default['nginx']['dir']          = '/etc/nginx'
@@ -33,6 +33,9 @@ default['nginx']['binary']       = '/usr/sbin/nginx'
 default['nginx']['default_root'] = '/var/www/nginx-default'
 default['nginx']['ulimit']       = '1024'
 
+# cleanup runit install of previous cookbooks
+default['nginx']['cleanup_runit'] = true
+
 # use the upstream nginx repo vs. distro packages
 # this enables the use of modern nginx releases
 # set this to nil to use the distro packages
@@ -42,7 +45,7 @@ default['nginx']['install_method'] = 'package'
 
 case node['platform_family']
 when 'rhel', 'fedora', 'amazon'
-  default['nginx']['user']        = 'nginx'
+  default['nginx']['user'] = 'nginx'
 when 'freebsd'
   default['nginx']['package_name'] = 'www/nginx'
   default['nginx']['user']         = 'www'
@@ -57,6 +60,8 @@ else # debian probably
   default['nginx']['user']       = 'www-data'
 end
 
+default['nginx']['user_home'] = '/var/www'
+
 default['nginx']['upstart']['runlevels']     = '2345'
 default['nginx']['upstart']['respawn_limit'] = nil
 default['nginx']['upstart']['foreground']    = true
@@ -117,8 +122,13 @@ default['nginx']['proxy_read_timeout']          = nil
 default['nginx']['client_body_buffer_size']     = nil
 default['nginx']['client_max_body_size']        = nil
 default['nginx']['large_client_header_buffers'] = nil
+default['nginx']['map_hash_max_size']           = nil
+default['nginx']['proxy_buffer_size']           = nil
+default['nginx']['proxy_buffers']               = nil
+default['nginx']['proxy_busy_buffers_size']     = nil
 default['nginx']['default']['modules']          = []
 
 default['nginx']['extra_configs'] = {}
+default['nginx']['ohai_plugin_enabled'] = true
 
 default['nginx']['load_modules'] = []

cookbooks/nginx/attributes/devel.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: devel
 #
 # Author:: Arthur Freyman (<afreyman@riotgames.com>)

cookbooks/nginx/attributes/echo.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: echo
 #
 # Author:: Danial Pearce (<github@tigris.id.au>)
@@ -19,6 +19,6 @@
 # limitations under the License.
 #
 
-default['nginx']['echo']['version']        = '0.59'
+default['nginx']['echo']['version']        = '0.61'
 default['nginx']['echo']['url']            = "https://github.com/openresty/echo-nginx-module/archive/v#{node['nginx']['echo']['version']}.tar.gz"
-default['nginx']['echo']['checksum']       = '9b319ad7836202883128d2b9c24ed818082541df57ef7f2065b7557085c603cd'
+default['nginx']['echo']['checksum']       = '2e6a03032555f5da1bdff2ae96c96486f447da3da37c117e0f964ae0753d22aa'

cookbooks/nginx/attributes/geoip.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: geoip
 #
 # Author:: Jamie Winsor (<jamie@vialstudios.com>)

cookbooks/nginx/attributes/headers_more.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: headers_more
 #
 # Author:: Lucas Jandrew (<ljandrew@riotgames.com>)

cookbooks/nginx/attributes/lua.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: lua
 #
 # Author:: Arthur Freyman (<afreyman@riotgames.com>)
@@ -19,9 +19,9 @@
 # limitations under the License.
 #
 
-default['nginx']['lua']['version']  = '0.10.7'
+default['nginx']['lua']['version']  = '0.10.10'
 default['nginx']['lua']['url']      = "https://github.com/chaoslawful/lua-nginx-module/archive/v#{node['nginx']['lua']['version']}.tar.gz"
-default['nginx']['lua']['checksum'] = 'c21c8937dcdd6fc2b6a955f929e3f4d1388610f47180e60126e6dcab06786f77'
+default['nginx']['lua']['checksum'] = 'b4acb84e2d631035a516d61830c910ef6e6485aba86096221ec745e0dbb3fbc9'
 
 default['nginx']['luajit']['version']  = '2.0.4'
 default['nginx']['luajit']['url']	     = "http://luajit.org/download/LuaJIT-#{node['nginx']['luajit']['version']}.tar.gz"

cookbooks/nginx/attributes/naxsi.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: naxsi
 #
 # Author:: Artiom Lunev (<artiom.lunev@gmail.com>)

cookbooks/nginx/attributes/openssl_source.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: openssl_source
 #
 # Author:: David Radcliffe (<radcliffe.david@gmail.com>)

cookbooks/nginx/attributes/pagespeed.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Recipe:: pagespeed_module
 #
 default['nginx']['pagespeed']['version'] = '1.11.33.2'

cookbooks/nginx/attributes/passenger.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attribute:: passenger
 #
 # Author:: Alex Dergachev (<alex@evolvingweb.ca>)
@@ -19,7 +19,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+ubuntu_18 = platform?('ubuntu') && node['platform_version'].to_i >= 18
 
+# this is only used for source installs
+# for package installs you will receive the latest version in the repository
 node.default['nginx']['passenger']['version'] = '4.0.57'
 
 if node['nginx']['repo_source'] == 'passenger'
@@ -36,13 +39,23 @@ else
   node.default['nginx']['passenger']['ruby'] = '/usr/bin/ruby'
 end
 
+node.default['nginx']['passenger']['conf_file'] = if ubuntu_18
+                                                    "#{node['nginx']['dir']}/conf.d/mod-http-passenger.conf"
+                                                  else
+                                                    "#{node['nginx']['dir']}/conf.d/passenger.conf"
+                                                  end
+
 node.default['nginx']['passenger']['packages']['rhel'] = if platform_family?('rhel') && node['platform_version'].to_i >= 6
                                                            %w(ruby-devel libcurl-devel)
                                                          else
                                                            %w(ruby-devel curl-devel)
                                                          end
 node.default['nginx']['passenger']['packages']['fedora'] = %w(ruby-devel libcurl-devel)
-node.default['nginx']['passenger']['packages']['debian'] = %w(ruby-dev libcurl4-gnutls-dev)
+node.default['nginx']['passenger']['packages']['debian'] = if ubuntu_18
+                                                             %w(ruby-dev libcurl4-gnutls-dev libnginx-mod-http-passenger)
+                                                           else
+                                                             %w(ruby-dev libcurl4-gnutls-dev)
+                                                           end
 
 node.default['nginx']['passenger']['install_rake'] = true
 node.default['nginx']['passenger']['spawn_method'] = 'smart-lv2'

cookbooks/nginx/attributes/rate_limiting.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attribute:: rate_limiting
 #
 # Copyright:: 2013-2017, Chef Software, Inc.

cookbooks/nginx/attributes/repo.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Recipe:: repo
 #
 # Author:: Nick Rycar <nrycar@bluebox.net>
@@ -21,22 +21,20 @@
 
 default['nginx']['upstream_repository'] =
   case node['platform_family']
-  when 'amazon' # Chef 13+ on amazon linux
-    'http://nginx.org/packages/rhel/6/$basearch/'
-  when 'rhel', 'fedora'
+  when 'rhel', 'fedora', 'amazon'
     case node['platform']
     when 'centos'
       # See http://wiki.nginx.org/Install
-      "http://nginx.org/packages/centos/#{node['platform_version'].to_i}/$basearch/"
+      "https://nginx.org/packages/centos/#{node['platform_version'].to_i}/$basearch/"
     when 'amazon' # Chef < 13 on Amazon
-      'http://nginx.org/packages/rhel/6/$basearch/'
+      'https://nginx.org/packages/rhel/6/$basearch/'
     else
-      "http://nginx.org/packages/rhel/#{node['platform_version'].to_i}/$basearch/"
+      "https://nginx.org/packages/rhel/#{node['platform_version'].to_i}/$basearch/"
     end
   when 'debian'
-    "http://nginx.org/packages/#{node['platform']}"
+    "https://nginx.org/packages/#{node['platform']}"
   when 'suse'
-    'http://nginx.org/packages/sles/12'
+    'https://nginx.org/packages/sles/12'
   end
 
-default['nginx']['repo_signing_key'] = 'http://nginx.org/keys/nginx_signing.key'
+default['nginx']['repo_signing_key'] = 'https://nginx.org/keys/nginx_signing.key'

cookbooks/nginx/attributes/set_misc.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: set_misc
 #
 

cookbooks/nginx/attributes/socketproxy.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: socketproxy.rb
 #
 

cookbooks/nginx/attributes/source.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: source
 #
 # Author:: Jamie Winsor (<jamie@vialstudios.com>)
@@ -19,7 +19,7 @@
 # limitations under the License.
 #
 
-include_attribute 'chef_nginx::default'
+include_attribute 'nginx::default'
 
 default['nginx']['init_style'] = if node['platform'] == 'ubuntu' && node['platform_version'].to_f <= 14.04
                                    # init_package identifies 12.04/14.04 as init, but we should be using upstart here
@@ -32,18 +32,21 @@ default['nginx']['source']['version']                 = node['nginx']['version']
 default['nginx']['source']['prefix']                  = "/opt/nginx-#{node['nginx']['source']['version']}"
 default['nginx']['source']['conf_path']               = "#{node['nginx']['dir']}/nginx.conf"
 default['nginx']['source']['sbin_path']               = "#{node['nginx']['source']['prefix']}/sbin/nginx"
+
+# Wno-error can be removed when nginx compiles on GCC7: https://trac.nginx.org/nginx/ticket/1259
 default['nginx']['source']['default_configure_flags'] = %W(
   --prefix=#{node['nginx']['source']['prefix']}
   --conf-path=#{node['nginx']['dir']}/nginx.conf
   --sbin-path=#{node['nginx']['source']['sbin_path']}
+  --with-cc-opt=-Wno-error
 )
 
 default['nginx']['configure_flags']    = []
 default['nginx']['source']['version']  = node['nginx']['version']
 default['nginx']['source']['url']      = "http://nginx.org/download/nginx-#{node['nginx']['source']['version']}.tar.gz"
-default['nginx']['source']['checksum'] = '75020f1364cac459cb733c4e1caed2d00376e40ea05588fb8793076a4c69dd90'
+default['nginx']['source']['checksum'] = '8793bf426485a30f91021b6b945a9fd8a84d87d17b566562c3797aba8fac76fb'
 default['nginx']['source']['modules']  = %w(
-  chef_nginx::http_ssl_module
-  chef_nginx::http_gzip_static_module
+  nginx::http_ssl_module
+  nginx::http_gzip_static_module
 )
 default['nginx']['source']['use_existing_user'] = false

cookbooks/nginx/attributes/status.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: status
 #
 # Author:: David Radcliffe (<radcliffe.david@gmail.com>)

cookbooks/nginx/attributes/syslog.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: syslog
 #
 # Author:: Bob Ziuchkovski (<bob@bz-technology.com>)

cookbooks/nginx/attributes/upload_progress.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Attributes:: upload_progress
 #
 # Author:: Jamie Winsor (<jamie@vialstudios.com>)

cookbooks/nginx/files/mime.types

@@ -96,6 +96,7 @@ types {
     application/pdf                       pdf;
     application/postscript                ai eps ps;
     application/rtf                       rtf;
+    application/vnd.apple.mpegurl         m3u8;
     application/vnd.google-earth.kml+xml  kml;
     application/vnd.google-earth.kmz      kmz;
     application/vnd.wap.wmlc              wmlc;

cookbooks/nginx/libraries/helpers.rb

@@ -1,5 +1,5 @@
 #
-# Cookbook:: chef_nginx
+# Cookbook:: nginx
 # Library:: helpers
 #
 # Author:: Tim Smith (<tsmith@chef.io>)
@@ -26,7 +26,7 @@ module NginxRecipeHelpers
   # systemd based distros and Ubuntu 14.04 use '/run/nginx.pid' for their
   # packages
   def pidfile_location
-    if (node['nginx']['repo_source'].nil? || node['nginx']['repo_source'] == 'distro') &&
+    if (node['nginx']['repo_source'].nil? || %w(distro passenger).include?(node['nginx']['repo_source'])) &&
        (node['init_package'] == 'systemd' || node['platform_version'].to_f == 14.04)
       '/run/nginx.pid'
     else

cookbooks/nginx/recipes/commons.rb

@@ -19,6 +19,6 @@
 # limitations under the License.
 #
 
-include_recipe 'chef_nginx::commons_dir'
-include_recipe 'chef_nginx::commons_script'
-include_recipe 'chef_nginx::commons_conf'
+include_recipe 'nginx::commons_dir'
+include_recipe 'nginx::commons_script'
+include_recipe 'nginx::commons_conf'

cookbooks/nginx/recipes/commons_dir.rb

@@ -37,7 +37,7 @@ directory 'pid file directory' do
   recursive true
 end
 
-%w(sites-available sites-enabled conf.d).each do |leaf|
+%w(sites-available sites-enabled conf.d streams-available streams-enabled).each do |leaf|
   directory File.join(node['nginx']['dir'], leaf) do
     mode  '0755'
   end

cookbooks/nginx/recipes/commons_script.rb

@@ -19,7 +19,7 @@
 # limitations under the License.
 #
 
-%w(nxensite nxdissite).each do |nxscript|
+%w(nxensite nxdissite nxenstream nxdisstream).each do |nxscript|
   template "#{node['nginx']['script_dir']}/#{nxscript}" do
     source "#{nxscript}.erb"
     mode   '0755'

cookbooks/nginx/recipes/default.rb

@@ -19,8 +19,10 @@
 # limitations under the License.
 #
 
-include_recipe "chef_nginx::#{node['nginx']['install_method']}"
+nginx_cleanup_runit 'cleanup' if node['nginx']['cleanup_runit']
+
+include_recipe "nginx::#{node['nginx']['install_method']}"
 
 node['nginx']['default']['modules'].each do |ngx_module|
-  include_recipe "chef_nginx::#{ngx_module}"
+  include_recipe "nginx::#{ngx_module}"
 end

cookbooks/nginx/recipes/http_auth_request_module.rb

@@ -21,7 +21,7 @@
 
 # Documentation:
 #   http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
-if node['nginx']['source']['version'] >= '1.5.4'
+if Chef::VersionConstraint.new('>= 1.5.4').include?(node['nginx']['source']['version'])
   node.run_state['nginx_configure_flags'] =
     node.run_state['nginx_configure_flags'] | ['--with-http_auth_request_module']
 else

cookbooks/nginx/recipes/http_stub_status_module.rb

@@ -19,7 +19,7 @@
 # limitations under the License.
 #
 
-include_recipe 'chef_nginx::authorized_ips'
+include_recipe 'nginx::authorized_ips'
 
 template 'nginx_status' do
   path "#{node['nginx']['dir']}/sites-available/nginx_status"

cookbooks/nginx/recipes/ngx_lua_module.rb

@@ -40,5 +40,5 @@ end
 node.run_state['nginx_configure_flags'] =
   node.run_state['nginx_configure_flags'] | ["--add-module=#{lua_extract_path}/lua-nginx-module-#{node['nginx']['lua']['version']}"]
 
-include_recipe 'chef_nginx::lua'
-include_recipe 'chef_nginx::ngx_devel_module'
+include_recipe 'nginx::lua'
+include_recipe 'nginx::ngx_devel_module'

cookbooks/nginx/recipes/package.rb

@@ -18,7 +18,7 @@
 # limitations under the License.
 #
 
-include_recipe 'chef_nginx::ohai_plugin'
+include_recipe 'nginx::ohai_plugin' if node['nginx']['ohai_plugin_enabled']
 
 case node['nginx']['repo_source']
 when 'epel'
@@ -28,11 +28,11 @@ when 'epel'
     Chef::Log.warn("node['nginx']['repo_source'] set to EPEL, but not running on a RHEL platform so skipping EPEL setup")
   end
 when 'nginx'
-  include_recipe 'chef_nginx::repo'
+  include_recipe 'nginx::repo'
   package_install_opts = '--disablerepo=* --enablerepo=nginx' if platform_family?('rhel')
 when 'passenger'
   if platform_family?('debian')
-    include_recipe 'chef_nginx::repo_passenger'
+    include_recipe 'nginx::repo_passenger'
   else
     Chef::Log.warn("node['nginx']['repo_source'] set to passenger, but not running on a Debian based platform so skipping repo setup")
   end
@@ -42,12 +42,16 @@ end
 
 package node['nginx']['package_name'] do
   options package_install_opts
-  notifies :reload, 'ohai[reload_nginx]', :immediately
+  notifies :reload, 'ohai[reload_nginx]', :immediately if node['nginx']['ohai_plugin_enabled']
+end
+
+include_recipe 'nginx::commons'
+
+if node['nginx']['repo_source'] == 'passenger'
+  include_recipe 'nginx::passenger'
 end
 
 service 'nginx' do
   supports status: true, restart: true, reload: true
   action   [:start, :enable]
 end
-
-include_recipe 'chef_nginx::commons'

cookbooks/nginx/recipes/pagespeed_module.rb

@@ -22,7 +22,7 @@ remote_file psol_src_filepath do
 end
 
 package_array = value_for_platform_family(
-  %w(rhel amazon)   => node['nginx']['pagespeed']['packages']['rhel'],
+  %w(rhel amazon) => node['nginx']['pagespeed']['packages']['rhel'],
   %w(debian) => node['nginx']['pagespeed']['packages']['debian']
 )
 

cookbooks/nginx/recipes/passenger.rb

@@ -51,7 +51,7 @@ elsif node['nginx']['passenger']['install_method'] == 'source'
 
 end
 
-template "#{node['nginx']['dir']}/conf.d/passenger.conf" do
+template node['nginx']['passenger']['conf_file'] do
   source 'modules/passenger.conf.erb'
   notifies :reload, 'service[nginx]', :delayed
 end

cookbooks/nginx/recipes/repo_passenger.rb

@@ -26,10 +26,9 @@ if platform_family?('debian')
     keyserver 'keyserver.ubuntu.com'
     key '561F9B9CAC40B2F7'
   end
-
-  include_recipe 'chef_nginx::passenger'
 else
   log "There is not official phusion passenger repo platform #{node['platform']}. Skipping repo setup!" do
     level :warn
   end
 end
+

cookbooks/nginx/recipes/set_misc.rb

@@ -24,4 +24,4 @@ end
 node.run_state['nginx_configure_flags'] =
   node.run_state['nginx_configure_flags'] | ["--add-module=#{set_misc_extract_path}/set-misc-nginx-module-#{node['nginx']['set_misc']['version']}"]
 
-include_recipe 'chef_nginx::ngx_devel_module'
+include_recipe 'nginx::ngx_devel_module'

cookbooks/nginx/recipes/socketproxy.rb

@@ -1,4 +1,4 @@
-include_recipe 'chef_nginx::commons_dir'
+include_recipe 'nginx::commons_dir'
 
 directory node['nginx']['socketproxy']['root'] do
   owner node['nginx']['socketproxy']['app_owner']

cookbooks/nginx/recipes/source.rb

@@ -29,22 +29,23 @@ node.normal['nginx']['daemon_disable'] = true
 user node['nginx']['user'] do
   system true
   shell  '/bin/false'
-  home   '/var/www'
+  home   node['nginx']['user_home']
+  manage_home true
   not_if { node['nginx']['source']['use_existing_user'] }
 end
 
-include_recipe 'chef_nginx::ohai_plugin'
-include_recipe 'chef_nginx::commons_dir'
-include_recipe 'chef_nginx::commons_script'
-include_recipe 'build-essential::default'
+include_recipe 'nginx::ohai_plugin' if node['nginx']['ohai_plugin_enabled']
+include_recipe 'nginx::commons_dir'
+include_recipe 'nginx::commons_script'
+build_essential 'install compilation tools'
 
 src_filepath = "#{Chef::Config['file_cache_path']}/nginx-#{node['nginx']['source']['version']}.tar.gz"
 
 # install prereqs
 package value_for_platform_family(
-  %w(rhel fedora amazon) => %w(pcre-devel openssl-devel tar),
+  %w(rhel fedora amazon) => %w(pcre-devel openssl-devel tar zlib-devel),
   %w(suse) => %w(pcre-devel libopenssl-devel tar),
-  %w(debian) => %w(libpcre3 libpcre3-dev libssl-dev tar)
+  %w(debian) => %w(libpcre3 libpcre3-dev libssl-dev tar zlib1g-dev)
 )
 
 remote_file 'nginx source' do
@@ -60,7 +61,7 @@ node.run_state['nginx_configure_flags'] =
   node['nginx']['source']['default_configure_flags'] | node['nginx']['configure_flags']
 node.run_state['nginx_source_env'] = {}
 
-include_recipe 'chef_nginx::commons_conf'
+include_recipe 'nginx::commons_conf'
 
 cookbook_file "#{node['nginx']['dir']}/mime.types" do
   source 'mime.types'
@@ -102,7 +103,7 @@ bash 'compile_nginx_source' do
   end
 
   notifies :restart, 'service[nginx]'
-  notifies :reload,  'ohai[reload_nginx]', :immediately
+  notifies :reload,  'ohai[reload_nginx]', :immediately if node['nginx']['ohai_plugin_enabled']
 end
 
 case node['nginx']['init_style']

cookbooks/nginx/resources/cleanup_runit.rb

@@ -0,0 +1,36 @@
+#
+# Copyright:: 20017-2018, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+action :cleanup do
+  # remove old init script link
+  file 'remove symlinked runit init script' do
+    path '/etc/init.d/nginx'
+    manage_symlink_source false # nuke the link not the runit binary
+    action :delete
+    only_if { ::File.exist?('/etc/init.d/nginx') && ::File.symlink?('/etc/init.d/nginx') && ::File.realpath('/etc/init.d/nginx') == '/usr/bin/sv' }
+  end
+
+  execute 'kill old nginx process' do
+    command 'pkill nginx'
+    returns [0, 1] # ignores failures
+    not_if { !::File.exist?('/etc/sv/nginx/supervise/pid') || ::File.zero?('/etc/sv/nginx/supervise/pid') }
+  end
+
+  # remove the old service configs
+  directory '/etc/sv/nginx' do
+    recursive true
+    action :delete
+  end
+end

cookbooks/nginx/resources/site.rb

@@ -20,9 +20,7 @@
 # limitations under the License.
 #
 
-provides :nginx_site
-
-property :name, String, name_property: true
+property :site_name, String, name_property: true
 property :variables, Hash, default: {}
 property :cookbook, String
 property :template, [String, Array]
@@ -41,7 +39,7 @@ action :enable do
 
   if new_resource.template
     # use declare_resource so we can have a property also named template
-    declare_resource(:template, "#{node['nginx']['dir']}/sites-available/#{new_resource.name}") do
+    declare_resource(:template, "#{node['nginx']['dir']}/sites-available/#{new_resource.site_name}") do
       source new_resource.template
       cookbook new_resource.cookbook
       variables(new_resource.variables)
@@ -49,29 +47,29 @@ action :enable do
     end
   end
 
-  execute "nxensite #{new_resource.name}" do
-    command "#{node['nginx']['script_dir']}/nxensite #{new_resource.name}"
+  execute "nxensite #{new_resource.site_name}" do
+    command "#{node['nginx']['script_dir']}/nxensite #{new_resource.site_name}"
     notifies :reload, 'service[nginx]'
     not_if do
-      ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.name}") ||
-        ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.name}")
+      ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.site_name}") ||
+        ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.site_name}")
     end
   end
 end
 
 action :disable do
-  execute "nxdissite #{new_resource.name}" do
-    command "#{node['nginx']['script_dir']}/nxdissite #{new_resource.name}"
+  execute "nxdissite #{new_resource.site_name}" do
+    command "#{node['nginx']['script_dir']}/nxdissite #{new_resource.site_name}"
     notifies :reload, 'service[nginx]'
     only_if do
-      ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.name}") ||
-        ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.name}")
+      ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.site_name}") ||
+        ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.site_name}")
     end
   end
 
   # The nginx.org packages store the default site at /etc/nginx/conf.d/default.conf and our
   # normal script doesn't disable these.
-  if new_resource.name == 'default' && ::File.exist?('/etc/nginx/conf.d/default.conf') # ~FC023
+  if new_resource.site_name == 'default' && ::File.exist?('/etc/nginx/conf.d/default.conf') # ~FC023
     execute 'Move nginx.org package default site config to sites-available' do
       command "mv /etc/nginx/conf.d/default.conf #{node['nginx']['dir']}/sites-available/default"
       user 'root'

cookbooks/nginx/resources/stream.rb

@@ -0,0 +1,65 @@
+#
+# Cookbook:: nginx
+# Resource:: stream
+#
+# Copyright:: 2017-2018, David Sieciński
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+property :stream_name, String, name_property: true
+property :variables, Hash, default: {}
+property :cookbook, String
+property :template, [String, Array]
+
+action :enable do
+  if new_resource.template
+    # use declare_resource so we can have a property also named template
+    declare_resource(:template, "#{node['nginx']['dir']}/streams-available/#{new_resource.stream_name}") do
+      source new_resource.template
+      cookbook new_resource.cookbook
+      variables(new_resource.variables)
+      notifies :reload, 'service[nginx]'
+    end
+  end
+
+  execute "nxenstream #{new_resource.stream_name}" do
+    command "#{node['nginx']['script_dir']}/nxenstream #{new_resource.stream_name}"
+    notifies :reload, 'service[nginx]'
+    not_if do
+      ::File.symlink?("#{node['nginx']['dir']}/streams-enabled/#{new_resource.stream_name}") ||
+        ::File.symlink?("#{node['nginx']['dir']}/streams-enabled/000-#{new_resource.stream_name}")
+    end
+  end
+end
+
+action :disable do
+  execute "nxdisstream #{new_resource.stream_name}" do
+    command "#{node['nginx']['script_dir']}/nxdisstream #{new_resource.stream_name}"
+    notifies :reload, 'service[nginx]'
+    only_if do
+      ::File.symlink?("#{node['nginx']['dir']}/streams-enabled/#{new_resource.stream_name}") ||
+        ::File.symlink?("#{node['nginx']['dir']}/streams-enabled/000-#{new_resource.stream_name}")
+    end
+  end
+
+  # The nginx.org packages store the default stream at /etc/nginx/conf.d/default.conf and our
+  # normal script doesn't disable these.
+  if new_resource.stream_name == 'default' && ::File.exist?('/etc/nginx/conf.d/default.conf') # ~FC023
+    execute 'Move nginx.org package default stream config to streams-available' do
+      command "mv /etc/nginx/conf.d/default.conf #{node['nginx']['dir']}/streams-available/default"
+      user 'root'
+      notifies :reload, 'service[nginx]'
+    end
+  end
+end

cookbooks/nginx/templates/default/modules/http_realip.conf.erb

@@ -2,6 +2,4 @@
 set_real_ip_from <%= address %>;
 <% end -%>
 real_ip_header <%= node['nginx']['realip']['header'] %>;
-<% if NginxVersion.new(node['nginx']['version']) >= NginxVersion.new('1.2') -%>
 real_ip_recursive <%= node['nginx']['realip']['real_ip_recursive'] %>;
-<% end -%>

cookbooks/nginx/templates/default/nginx-upstart.conf.erb

@@ -29,7 +29,7 @@ console output
 
 exec ${DAEMON} -c "${CONFIG}"
 
-<% if node.recipe?('chef_nginx::passenger') && !node['nginx']['upstart']['foreground'] -%>
+<% if node.recipe?('nginx::passenger') && !node['nginx']['upstart']['foreground'] -%>
 # classic example of why pidfiles should have gone away
 # with the advent of fork().  we missed that bus a long
 # time ago so hack around it.

cookbooks/nginx/templates/default/nginx.conf.erb

@@ -12,6 +12,9 @@ worker_shutdown_timeout <%= node['nginx']['worker_shutdown_timeout'] %>;
 <% node['nginx']['load_modules'].each do |module_to_load| %>
 load_module <%= module_to_load %>;
 <% end -%>
+<% if node['platform'] == 'ubuntu' && node['platform_version'].to_i >= 18 %>
+include /etc/nginx/modules-enabled/*.conf;
+<% end -%>
 
 error_log  <%= node['nginx']['log_dir'] %>/error.log<% if node['nginx']['error_log_options'] %> <%= node['nginx']['error_log_options'] %><% end %>;
 pid        <%= @pid_file %>;
@@ -29,7 +32,7 @@ events {
 }
 
 http {
-  <% if node.recipe?('chef_nginx::naxsi_module') %>
+  <% if node.recipe?('nginx::naxsi_module') %>
   include       <%= node['nginx']['dir'] %>/naxsi_core.rules;
   <% end %>
 
@@ -95,6 +98,18 @@ http {
   <% if node['nginx']['large_client_header_buffers'] -%>
   large_client_header_buffers <%= node['nginx']['large_client_header_buffers'] %>;
   <% end -%>
+  <% if node['nginx']['map_hash_max_size'] -%>
+  map_hash_max_size <%= node['nginx']['map_hash_max_size'] %>;
+  <% end -%>
+  <% if node['nginx']['proxy_buffer_size'] -%>
+  proxy_buffer_size <%= node['nginx']['proxy_buffer_size'] %>;
+  <% end -%>
+  <% if node['nginx']['proxy_buffers'] -%>
+  proxy_buffers <%= node['nginx']['proxy_buffers'] %>;
+  <% end -%>
+  <% if node['nginx']['proxy_busy_buffers_size'] -%>
+  proxy_busy_buffers_size <%= node['nginx']['proxy_busy_buffers_size'] %>;
+  <% end -%>
 
   <% if node['nginx']['enable_rate_limiting'] -%>
   limit_req_zone $binary_remote_addr zone=<%= node['nginx']['rate_limiting_zone_name'] %>:<%= node['nginx']['rate_limiting_backoff'] %> rate=<%= node['nginx']['rate_limit'] %>;
@@ -107,3 +122,8 @@ http {
   include <%= node['nginx']['dir'] %>/conf.d/*.conf;
   include <%= node['nginx']['dir'] %>/sites-enabled/*;
 }
+<% if node['nginx']['install_method'] == 'source' and  node['nginx']['configure_flags'].include? '--with-stream'  %>
+stream{
+  include <%= node['nginx']['dir'] %>/streams-enabled/*;
+}
+<% end %>

cookbooks/nginx/templates/default/nginx.sysconfig.erb

@@ -1 +1,2 @@
 NGINX_GLOBAL=<%= node['nginx']['global'] %>
+ULIMIT="-n <%= node['nginx']['ulimit'] %>"

cookbooks/nginx/templates/default/nxdisstream.erb

@@ -0,0 +1,29 @@
+#!/bin/sh -e
+
+SYSCONFDIR='<%= node['nginx']['dir'] %>'
+
+if [ -z $1 ]; then
+        echo "Which stream would you like to disable?"
+        echo -n "Your choices are: "
+        ls $SYSCONFDIR/streams-enabled/* | \
+        sed -e "s,$SYSCONFDIR/streams-enabled/,,g" | xargs echo
+        echo -n "Stream name? "
+        read STREAMNAME
+else
+        STREAMNAME=$1
+fi
+
+if [ $STREAMNAME = "default" ]; then
+        PRIORITY="000"
+fi
+
+if ! [ -e $SYSCONFDIR/streams-enabled/$STREAMNAME -o \
+       -e $SYSCONFDIR/streams-enabled/"$PRIORITY"-"$STREAMNAME" ]; then
+        echo "This Stream is already disabled, or does not exist!"
+        exit 1
+fi
+
+if ! rm $SYSCONFDIR/streams-enabled/$STREAMNAME 2>/dev/null; then
+        rm -f $SYSCONFDIR/streams-enabled/"$PRIORITY"-"$STREAMNAME"
+fi
+echo "Stream $STREAMNAME disabled; reload nginx to disable."

cookbooks/nginx/templates/default/nxenstream.erb

@@ -0,0 +1,38 @@
+#!/bin/sh -e
+
+SYSCONFDIR='<%= node['nginx']['dir'] %>'
+
+if [ -z $1 ]; then
+        echo "Which stream would you like to enable?"
+        echo -n "Your choices are: "
+        ls $SYSCONFDIR/streams-available/* | \
+        sed -e "s,$SYSCONFDIR/streams-available/,,g" | xargs echo
+        echo -n "Stream name? "
+        read STREAMNAME
+else
+        STREAMNAME=$1
+fi
+
+if [ $STREAMNAME = "default" ]; then
+        PRIORITY="000"
+fi
+
+if [ -e $SYSCONFDIR/streams-enabled/$STREAMNAME -o \
+     -e $SYSCONFDIR/streams-enabled/"$PRIORITY"-"$STREAMNAME" ]; then
+        echo "This stream is already enabled!"
+        exit 0
+fi
+
+if ! [ -e $SYSCONFDIR/streams-available/$STREAMNAME ]; then
+        echo "This stream does not exist!"
+        exit 1
+fi
+
+if [ $STREAMNAME = "default" ]; then
+        ln -sf $SYSCONFDIR/streams-available/$STREAMNAME \
+               $SYSCONFDIR/streams-enabled/"$PRIORITY"-"$STREAMNAME"
+else
+        ln -sf $SYSCONFDIR/streams-available/$STREAMNAME $SYSCONFDIR/streams-enabled/$STREAMNAME
+fi
+
+echo "Stream $STREAMNAME installed; reload nginx to enable."

cookbooks/tar/.foodcritic

@@ -1 +0,0 @@
-~FC016