Forge Home


Puppet module for nginx web server.


10,171 latest version

3.8 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.0.3 (latest)
  • 0.0.2
  • 0.0.1
released Nov 27th 2013

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'zooz-nginx', '0.0.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add zooz-nginx
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install zooz-nginx --version 0.0.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



zooz/nginx — version 0.0.3 Nov 27th 2013


This module installs nginx and allows to manage its configuration. It supports multiple vhost and upstream configurations as well as caching.

This module will test nginx config before reloading nginx service just to prevent from applying incorrect config.



This class installs php and sets up default php.ini file.


  • package - Used to specify what version of the package should be used. Valid values: installed, absent or specific package version. Default: installed. Note: Puppet cannot downgrade packages.

  • service - Determines the state of the service. Valid values: running or stopped. Default: running.

  • onboot - Whether to enable to disable the service on boot. Valid values: true or false. Default: true - enabled.

  • worker_processes - How many worker processes nginx should use. Default $::processorcount.

  • access_log - Global access log. Default: /var/log/nginx/access.log main.

  • error_log - Global error lo. Default: /var/log/nginx/error.log main.

  • index - Space separated list of index files. Default: index.html.

  • worker_connections - Maximum connections to handle at once per worker process. Default: 1024.

  • worker_rlimit_nofile - Changes the limit on the maximum number of open files (RLIMIT_NOFILE) for worker processes. Used to increase the limit without restarting the main process. Default: 1024.

  • reset_timedout_connection - Enables or disables resetting timed out connections to free up resources consumed by a connection in FIN_WAIT1 state. Default: on.

  • keepalive_timeout - Keep alive timeout in seconds. Default: 65.

  • gzip - Whether to enable compression. Default: on. Valid values: on or off.

  • include - A list of other configuration files to include. Default: undef.

  • cache_dirs - A list of directories which are to be created for proxy_cache_path or fastcgi_cache_path parameters. Default: /var/cache/nginx. Please note that Puppet will not create directories recursively.

  • proxy_cache_path - A list of valid proxy_cache_path parameters. See nginx docs. Default: undef.

  • fastcgi_cache_path - A list of valid fastcgi_cache_path parameters. See nginx docs. Default: undef.

  • server_tokens - Whether to display nginx version or not. Default: off.


  - 'nginx'

nginx::gzip: off
  - '/tmp/my_custom_config.conf'

  - '/srv/nginx_cache'
  - '/srv/nginx_cache/myapp'


This class configures nginx upstream config blocks using nginx::upstream_conf defined type.


  • server - A list of upstream servers. If this parameter is not set then the config will fail. It is a required parameter. Default: undef.

  • ip_hash - Whether to use load balancing based on client IP hash. Valid values: true or false. Default: false.

  • keepalive - Sets the maximum number of idle keepalive connections to upstream servers that are retained in the cache per one worker process. Default: undef.

  • least_conn - Load balancing method where a request is passed to the server with the least number of active connections, taking into account weights of servers. Default: false.

The following parameters will only be available if you have nginx_http_upstream_check_module ( compiled in. See the URL for the details of the below parameters.

  • check - Add the health check for the upstream servers. Default: undef.

  • check_http_send - What http request to send. Default: undef.

  • check_http_expect_alive - These status codes indicate the upstream server's http response is OK, the backend is alive.


  - nginx::upstream

    ip_hash: true
    least_conn: false
      - ' weight=3'
      - ' weight=1'
      - ' down'

    check: 'interval=3000 rise=2 fall=5 timeout=1000'
    check_http_send: '"GET / HTTP/1.0\r\n\r\n"'


This class configures nginx vhost config block using nginx::vhost_conf defined type.


  • server_name - A list of server names. Default: $::fqdn.

  • listen - A list of ports to listen on. Default: 80.

  • charset - Default charset for this server. Default: off.

  • access_log - Access log. Default: /var/log/nginx/<hash name>_access.log main.

  • error_log - Error log. Default: /var/log/nginx/<hash name>_error.log warn.

  • index - Space separated list of index files. Default: undef.

  • include - Nginx include directive. Usually used to include additional configuration files. Default: undef.

  • autoindex - Enables or disables the automatic directory listing. Default: off.

  • root - vhost root location. Default: undef.

  • return - Return code parameter. Can return a code and some URL etc. Default: undef

  • keepalive_timeout - Keep-alive timeout. Default: 60s.

  • proxy_intercept_errors - Determines whether proxied responses with codes greater than or equal to 300 should be passed to a client or be redirected to nginx for processing with the error_page directive. Default: off.

  • gzip - Whether to turn gzip on. Default: on.

  • proxy_headers_hash_bucket_size - Sets the bucket size for hash tables used by the proxy_hide_header and proxy_set_header directives. Default: 128.

  • ssl_certificate - SSL/TLS certificate file location. Default: undef.

  • ssl_certificate_key - SSL/TLS certificate key file location. Default: undef.

  • ssl_ciphers - What SSL/TLS ciphers to use. Default: ALL:!kEDH!ADH:RC4+RSA:+HIGH:+MEDIUM:+SSLv2:+EXP.

  • locations - This parameter takes an array of hashes. The name parameter is what defines an actual location, the rest of parameters of the hash can be anything that nginx supports within a location config block. See examples for more details. Default: undef.


  - nginx::vhost

# this example shows a vhost configuration for ssl and reverse proxying
    listen: ['80']
    server_name: ['*']
    listen: ['443 ssl']
    server_name: ['*']
    ssl_certificate: '/etc/pki/tls/certs/'
    ssl_certificate_key: '/etc/pki/tls/private/'
      - name: '/'
        proxy_pass: ''
          - 'X-Real-IP $remote_addr'
          - 'X-Forwarded-For $proxy_add_x_forwarded_for'
          - 'Host $http_host'
      - name: '/foo'
        return: 404


This class allows to configure nginx config snippets which can be then included into other configuration parts. These snippets will be dropped in /etc/nginx/snippet.d with .conf file extension by default.


  • conf - A block of text, which needs to be valid nginx configuration. See examples. Default: undef.

  • filename_prefix - By default it is set a hash name. But if for some reason you want your snippet file name to be different, then use this parameter.


  - nginx::snippet

    filename_prefix: location_404
    conf: |
      location = /apache_404 {
        add_header Content-Type text/javascript;