From 6713bb48c58b781cd78ac948d00b49e6aab41ab0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erich=20Mauerb=C3=B6ck?= Date: Mon, 20 Oct 2025 22:14:41 +0200 Subject: [PATCH] add directives variables_hash_bucket_size, variables_hash_max_size, proxy_headers_hash_max_size --- REFERENCE.md | 27 +++++++++++++++++++++ manifests/config.pp | 3 +++ manifests/init.pp | 42 +++++++++++++++++++-------------- spec/classes/nginx_spec.rb | 24 +++++++++++++++++++ templates/conf.d/nginx.conf.erb | 10 ++++++++ 5 files changed, 88 insertions(+), 18 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 823326928..09e67698b 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -181,6 +181,7 @@ The following parameters are available in the `nginx` class: * [`proxy_use_temp_path`](#-nginx--proxy_use_temp_path) * [`proxy_connect_timeout`](#-nginx--proxy_connect_timeout) * [`proxy_headers_hash_bucket_size`](#-nginx--proxy_headers_hash_bucket_size) +* [`proxy_headers_hash_max_size`](#-nginx--proxy_headers_hash_max_size) * [`proxy_http_version`](#-nginx--proxy_http_version) * [`proxy_read_timeout`](#-nginx--proxy_read_timeout) * [`proxy_redirect`](#-nginx--proxy_redirect) @@ -252,6 +253,8 @@ The following parameters are available in the `nginx` class: * [`nginx_upstreams`](#-nginx--nginx_upstreams) * [`nginx_upstreams_defaults`](#-nginx--nginx_upstreams_defaults) * [`purge_passenger_repo`](#-nginx--purge_passenger_repo) +* [`variables_hash_bucket_size`](#-nginx--variables_hash_bucket_size) +* [`variables_hash_max_size`](#-nginx--variables_hash_max_size) ##### `include_modules_enabled` @@ -1112,6 +1115,14 @@ Data type: `Integer` Default value: `64` +##### `proxy_headers_hash_max_size` + +Data type: `Optional[Integer]` + + + +Default value: `undef` + ##### `proxy_http_version` Data type: `Optional[String]` @@ -1691,6 +1702,22 @@ Data type: `Boolean` Default value: `true` +##### `variables_hash_bucket_size` + +Data type: `Optional[Integer]` + + + +Default value: `undef` + +##### `variables_hash_max_size` + +Data type: `Optional[Integer]` + + + +Default value: `undef` + ## Defined types ### `nginx::resource::geo` diff --git a/manifests/config.pp b/manifests/config.pp index 3a09742e5..c373364ef 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -102,6 +102,7 @@ $proxy_use_temp_path = $nginx::proxy_use_temp_path $proxy_connect_timeout = $nginx::proxy_connect_timeout $proxy_headers_hash_bucket_size = $nginx::proxy_headers_hash_bucket_size + $proxy_headers_hash_max_size = $nginx::proxy_headers_hash_max_size $proxy_http_version = $nginx::proxy_http_version $proxy_max_temp_file_size = $nginx::proxy_max_temp_file_size $proxy_read_timeout = $nginx::proxy_read_timeout @@ -139,6 +140,8 @@ $worker_rlimit_nofile = $nginx::worker_rlimit_nofile $pcre_jit = $nginx::pcre_jit $include_modules_enabled = $nginx::include_modules_enabled + $variables_hash_bucket_size = $nginx::variables_hash_bucket_size + $variables_hash_max_size = $nginx::variables_hash_max_size # Non-configurable settings $conf_template = 'nginx/conf.d/nginx.conf.erb' diff --git a/manifests/init.pp b/manifests/init.pp index 0902fd552..7f03fd688 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -145,6 +145,7 @@ # @param proxy_use_temp_path # @param proxy_connect_timeout # @param proxy_headers_hash_bucket_size +# @param proxy_headers_hash_max_size # @param proxy_http_version # @param proxy_read_timeout # @param proxy_redirect @@ -216,6 +217,8 @@ # @param nginx_upstreams # @param nginx_upstreams_defaults # @param purge_passenger_repo +# @param variables_hash_bucket_size +# @param variables_hash_max_size class nginx ( ### START Nginx Configuration ### Optional[Variant[Stdlib::Absolutepath, Tuple[Stdlib::Absolutepath, Integer, 1, 4]]] $client_body_temp_path = undef, @@ -320,6 +323,7 @@ Optional[Enum['on', 'off']] $proxy_use_temp_path = undef, Nginx::Time $proxy_connect_timeout = '90s', Integer $proxy_headers_hash_bucket_size = 64, + Optional[Integer] $proxy_headers_hash_max_size = undef, Optional[String] $proxy_http_version = undef, Nginx::Time $proxy_read_timeout = '90s', Optional[Variant[Array[String],String]] $proxy_redirect = undef, @@ -397,24 +401,26 @@ ### END Service Configuration ### ### START Hiera Lookups ### - Hash $geo_mappings = {}, - Hash $geo_mappings_defaults = {}, - Hash $string_mappings = {}, - Hash $string_mappings_defaults = {}, - Hash $nginx_snippets = {}, - Hash $nginx_snippets_defaults = {}, - Hash $nginx_locations = {}, - Hash $nginx_locations_defaults = {}, - Hash $nginx_mailhosts = {}, - Hash $nginx_mailhosts_defaults = {}, - Hash $nginx_servers = {}, - Hash $nginx_servers_defaults = {}, - Hash $nginx_streamhosts = {}, - Hash $nginx_streamhosts_defaults = {}, - Hash $nginx_upstreams = {}, - Nginx::UpstreamDefaults $nginx_upstreams_defaults = {}, - Boolean $purge_passenger_repo = true, - String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'), + Hash $geo_mappings = {}, + Hash $geo_mappings_defaults = {}, + Hash $string_mappings = {}, + Hash $string_mappings_defaults = {}, + Hash $nginx_snippets = {}, + Hash $nginx_snippets_defaults = {}, + Hash $nginx_locations = {}, + Hash $nginx_locations_defaults = {}, + Hash $nginx_mailhosts = {}, + Hash $nginx_mailhosts_defaults = {}, + Hash $nginx_servers = {}, + Hash $nginx_servers_defaults = {}, + Hash $nginx_streamhosts = {}, + Hash $nginx_streamhosts_defaults = {}, + Hash $nginx_upstreams = {}, + Nginx::UpstreamDefaults $nginx_upstreams_defaults = {}, + Boolean $purge_passenger_repo = true, + String[1] $nginx_version = pick(fact('nginx_version'), '1.16.0'), + Optional[Integer] $variables_hash_bucket_size = undef, + Optional[Integer] $variables_hash_max_size = undef, ### END Hiera Lookups ### ) inherits nginx::params { diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb index 769774cbf..7bf2a3c3d 100644 --- a/spec/classes/nginx_spec.rb +++ b/spec/classes/nginx_spec.rb @@ -1141,6 +1141,30 @@ attr: 'reset_timedout_connection', value: 'on', match: %r{^\s+reset_timedout_connection\s+on;} + }, + { + title: 'should set variables_hash_bucket_size', + attr: 'variables_hash_bucket_size', + value: 64, + match: ' variables_hash_bucket_size 64;' + }, + { + title: 'should set variables_hash_max_size', + attr: 'variables_hash_max_size', + value: 1024, + match: ' variables_hash_max_size 1024;' + }, + { + title: 'should set proxy_headers_hash_bucket_size', + attr: 'proxy_headers_hash_bucket_size', + value: 64, + match: ' proxy_headers_hash_bucket_size 64;' + }, + { + title: 'should set proxy_headers_hash_max_size', + attr: 'proxy_headers_hash_max_size', + value: 512, + match: ' proxy_headers_hash_max_size 512;' } ].each do |param| context "when #{param[:attr]} is #{param[:value]}" do diff --git a/templates/conf.d/nginx.conf.erb b/templates/conf.d/nginx.conf.erb index 965065927..39805a3ac 100644 --- a/templates/conf.d/nginx.conf.erb +++ b/templates/conf.d/nginx.conf.erb @@ -132,6 +132,13 @@ http { map_hash_max_size <%= @map_hash_max_size %>; <% end -%> +<% if @variables_hash_bucket_size -%> + variables_hash_bucket_size <%= @variables_hash_bucket_size %>; +<% end -%> +<% if @variables_hash_max_size -%> + variables_hash_max_size <%= @variables_hash_max_size %>; +<% end -%> + keepalive_timeout <%= @keepalive_timeout %>; keepalive_requests <%= @keepalive_requests %>; client_body_timeout <%= @client_body_timeout %>; @@ -226,6 +233,9 @@ http { <% if @proxy_headers_hash_bucket_size -%> proxy_headers_hash_bucket_size <%= @proxy_headers_hash_bucket_size %>; <% end -%> +<% if @proxy_headers_hash_max_size -%> + proxy_headers_hash_max_size <%= @proxy_headers_hash_max_size %>; +<% end -%> <% if @proxy_cache_path.is_a?(Hash) -%> <% @proxy_cache_path.sort_by{|k,v| k}.each do |key,value| -%> proxy_cache_path <%= key %> levels=<%= @proxy_cache_levels %> keys_zone=<%= value %> max_size=<%= @proxy_cache_max_size %> inactive=<%= @proxy_cache_inactive -%>