Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


nginx (112) Versions 2.7.5

Installs and configures nginx

cookbook 'nginx', '= 2.7.5', :supermarket
cookbook 'nginx', '= 2.7.5'
knife supermarket install nginx
knife supermarket download nginx
Quality 0%

nginx Cookbook

Build Status
Gitter chat

Installs nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts.


After having struggled with the cookbook format and the interfaces being brittle, the maintainers have decided to begin rewriting the core implmenetation of the nginx cookbook from the ground up, to allow for better flexibility, testability and maintianability.

To this end, we request that you not open new issues for the existing codebase.

Pull requests for bugs will be merged, any obvious optimizations and clarifications will be merged, and a 2.7.5 release will be shipped, and we will focus on writing the 3.0.0 version.

Thank you for your help on this front!

-- The Maintainers



The following cookbooks are direct dependencies because they're used for common "default" functionality.

  • build-essential (for nginx::source)
  • ohai (for nginx::ohai_plugin)

The following cookbook is not a strict dependency because its use can be controlled by an attribute, so it may not be a common "default."

  • runit (for nginx::source)
  • On RHEL family distros, the "yum" cookbook is required for recipe[yum::epel].
  • On Ubuntu, when using's stable package, recipe[apt::default] is required.


The following platforms are supported and tested under test kitchen:

  • Ubuntu 10.04, Ubuntu 12.04
  • CentOS 5.8, 6.3

Other Debian and RHEL family distributions are assumed to work.


Node attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe.


Generally used attributes. Some have platform specific values. See attributes/default.rb. "The Config" refers to "nginx.conf" the main config file.

  • node['nginx']['dir'] - Location for Nginx configuration.
  • node['nginx']['conf_template'] - The source template to use when creating the nginx.conf.
  • node['nginx']['conf_cookbook'] - The cookbook where node['nginx']['conf_template'] resides.
  • node['nginx']['log_dir'] - Location for Nginx logs.
  • node['nginx']['log_dir_perm'] - Permissions for Nginx logs folder.
  • node['nginx']['user'] - User that Nginx will run as.
  • node['nginx']['group] - Group for Nginx.
  • node['nginx']['port'] - Port for nginx to listen on.
  • node['nginx']['binary'] - Path to the Nginx binary.
  • node['nginx']['init_style'] - How to run Nginx as a service when using nginx::source. Values can be "runit", "upstart", "init" or "bluepill". When using runit or bluepill, those recipes will be included as well and are dependencies of this cookbook. Recipes are not included for upstart, it is assumed that upstart is built into the platform you are using (ubuntu or el6). This attribute is not used in the nginx recipe because the package manager's init script style for the platform is assumed. Upstart is never set as a default as this represents a change in behavior, if you are running ubuntu or el6 and want to use upstart, please set this attribute in a role or similar.
  • node['nginx']['upstart']['foreground'] - Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid.
  • node['nginx']['upstart']['runlevels'] - String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving.
  • node['nginx']['upstart']['respawn_limit'] - Respawn limit in upstart stanza format, count followed by space followed by interval in seconds.
  • node['nginx']['pid'] - Location of the PID file.
  • node['nginx']['keepalive'] - Whether to use keepalive_timeout, any value besides "on" will leave that option out of the config.
  • node['nginx']['keepalive_requests'] - used for config value of keepalive_requests.
  • node['nginx']['keepalive_timeout'] - used for config value of keepalive_timeout.
  • node['nginx']['worker_processes'] - used for config value of worker_processes.
  • node['nginx']['worker_connections'] - used for config value of events { worker_connections }
  • node['nginx']['worker_rlimit_nofile'] - used for config value of worker_rlimit_nofile. Can replace any "ulimit -n" command. The value depend on your usage (cache or not) but must always be superior than worker_connections.
  • node['nginx']['multi_accept'] - used for config value of events { multi_accept }. Try to accept() as many connections as possible. Disable by default.
  • node['nginx']['event'] - used for config value of events { use }. Set the event-model. By default nginx looks for the most suitable method for your OS.
  • node['nginx']['accept_mutex_delay'] - used for config value of accept_mutex_delay
  • node['nginx']['server_tokens'] - used for config value of server_tokens.
  • node['nginx']['server_names_hash_bucket_size'] - used for config value of server_names_hash_bucket_size.
  • node['nginx']['disable_access_log'] - set to true to disable the general access log, may be useful on high traffic sites.
  • node['nginx']['access_log_options'] - Set to a string of additional options to be appended to the access log directive
  • node['nginx']['error_log_options'] - Set to a string of additional options to be appended to the error log directive
  • node['nginx']['default_site_enabled'] - enable the default site
  • node['nginx']['sendfile'] - Whether to use sendfile. Defaults to "on".
  • node['nginx']['tcp_nopush'] - Whether to use tcp_nopush. Defaults to "on".
  • node['nginx']['tcp_nodelay'] - Whether to use tcp_nodelay. Defaults to "on".
  • node['nginx']['install_method'] - Whether nginx is installed from packages or from source.
  • node['nginx']['types_hash_max_size'] - Used for the types_hash_max_size configuration directive.
  • node['nginx']['types_hash_bucket_size'] - Used for the types_hash_bucket_size configuration directive.
  • node['nginx']['proxy_read_timeout'] - defines a timeout (between two successive read operations) for reading a response from the proxied server.
  • node['nginx']['client_body_buffer_size'] - used for config value of client_body_buffer_size.
  • node['nginx']['client_max_body_size'] - specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.
  • node['nginx']['repo_source'] - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the yum::epel recipe, 'nginx' will use the nginx::repo recipe, 'passenger' will use the 'nginx::repo_passenger' recipe, and setting no value will not add any additional repositories.
  • node['nginx']['sts_max_age'] - Enable Strict Transport Security for all apps (See: This attribute adds the following header:

Strict-Transport-Security max-age=SECONDS

to all incoming requests and takes an integer (in seconds) as its argument.
* node['nginx']['default']['modules'] - Array specifying which
modules to enable via the conf-enabled config include function.
Currently the only valid value is "socketproxy".

Other configurations

  • node['nginx']['extra_configs'] - a Hash of key/values to nginx configuration.

Rate Limiting

  • node['nginx']['enable_rate_limiting'] - set to true to enable rate limiting (limit_req_zone in nginx.conf)
  • node['nginx']['rate_limiting_zone_name'] - sets the zone in limit_req_zone.
  • node['nginx']['rate_limiting_backoff'] - sets the backoff time for limit_req_zone.
  • node['nginx']['rate_limit'] - set the rate limit amount for limit_req_zone.

gzip module

  • node['nginx']['gzip'] - Whether to use gzip, can be "on" or "off"
  • node['nginx']['gzip_http_version'] - used for config value of gzip_http_version.
  • node['nginx']['gzip_comp_level'] - used for config value of gzip_comp_level.
  • node['nginx']['gzip_proxied'] - used for config value of gzip_proxied.
  • node['nginx']['gzip_vary'] - used for config value of gzip_vary.
  • node['nginx']['gzip_buffers'] - used for config value of gzip_buffers.
  • node['nginx']['gzip_types'] - used for config value of gzip_types - must be an Array.
  • node['nginx']['gzip_min_length'] - used for config value of gzip_min_length.
  • node['nginx']['gzip_disable'] - used for config value of gzip_disable.
  • node['nginx']['gzip_static'] - used for config value of gzip_static (http_gzip_static_module must be enabled) ### Attributes set in recipes


  • node['nginx']['daemon_disable'] - Whether the daemon should be disabled which can be true or false; disable the daemon (run in the foreground) when using a service supervisor such as runit or bluepill for "init_style". This is automatically set in the nginx::source recipe when the init style is not bluepill or runit.


  • node['nginx']['remote_ip_var'] - The remote ip variable name to use.
  • node['nginx']['authorized_ips'] - IPs authorized by the module



  • node['nginx']['realip']['header'] - Header to use for the RealIp Module; only accepts "X-Forwarded-For" or "X-Real-IP"
  • node['nginx']['realip']['addresses'] - Addresses to use for the http_realip configuration.
  • node['nginx']['realip']['real_ip_recursive'] - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default).


These attributes are used in the nginx::source recipe. Some of them
are dynamically modified during the run. See attributes/source.rb
for default values.

  • node['nginx']['source']['url'] - (versioned) URL for the Nginx source code. By default this will use the version specified as node['nginx']['version'].
  • node['nginx']['source']['prefix'] - (versioned) prefix for installing nginx from source
  • node['nginx']['source']['conf_path'] - location of the main config file, in node['nginx']['dir'] by default.
  • node['nginx']['source']['modules'] - Array of modules that should be compiled into Nginx by including their recipes in nginx::source.
  • node['nginx']['source']['default_configure_flags'] - The default flags passed to the configure script when building Nginx.
  • node['nginx']['configure_flags'] - Preserved for compatibility and dynamically generated from the node['nginx']['source']['default_configure_flags'] in the nginx::source recipe.
  • node['nginx']['source']['use_existing_user'] - set to true if you do not want nginx::source recipe to create system user with name node['nginx']['user'].


These attributes are used in the nginx::http_geoip_module recipe.
Please note that the country_dat_checksum and city_dat_checksum
are based on downloads from a datacenter in Fremont, CA, USA. You
really should override these with checksums for the geo tarballs from
your node location.

Note The upstream,, may block access for repeated
downloads of the data files. It is recommended that you download and
host the data files, and change the URLs in the attributes.

  • node['nginx']['geoip']['path'] - Location where to install the geoip libraries.
  • node['nginx']['geoip']['enable_city'] - Whether to enable City data
  • node['nginx']['geoip']['country_dat_url'] - Country data tarball URL
  • node['nginx']['geoip']['country_dat_checksum'] - Country data tarball checksum
  • node['nginx']['geoip']['city_dat_url'] - City data tarball URL
  • node['nginx']['geoip']['city_dat_checksum'] - City data tarball checksum
  • node['nginx']['geoip']['lib_version'] - Version of the GeoIP library to install
  • node['nginx']['geoip']['lib_url'] - (Versioned) Tarball URL of the GeoIP library
  • node['nginx']['geoip']['lib_checksum'] - Checksum of the GeoIP library tarball


These attributes are used in the nginx::upload_progress_module

  • node['nginx']['upload_progress']['url'] - URL for the tarball.
  • node['nginx']['upload_progress']['checksum'] - Checksum of the tarball.
  • node['nginx']['upload_progress']['javascript_output'] - Output in javascript. Default is true for backwards compatibility.
  • node['nginx']['upload_progress']['zone_name'] - Zone name which will be used to store the per-connection tracking information. Default is proxied.
  • node['nginx']['upload_progress']['zone_size'] - Zone size in bytes. Default is 1m (1 megabyte).


These attributes are used in the nginx::passenger recipe.

  • node['nginx']['passenger']['version'] - passenger gem version
  • node['nginx']['passenger']['root'] - passenger gem root path
  • node['nginx']['passenger']['install_rake'] - set to false if rake already present on system
  • node['nginx']['passenger']['max_pool_size'] - maximum passenger pool size (default=10)
  • node['nginx']['passenger']['ruby'] - Ruby path for Passenger to use (default=$(which ruby))
  • node['nginx']['passenger']['spawn_method'] - passenger spawn method to use (default=smart-lv2)
  • node['nginx']['passenger']['buffer_response'] - turns on or off response buffering (default=on)
  • node['nginx']['passenger']['max_pool_size'] - passenger maximum pool size (default=6)
  • node['nginx']['passenger']['min_instances'] - minimum instances (default=1)
  • node['nginx']['passenger']['max_instances_per_app'] - maximum instances per app (default=0)
  • node['nginx']['passenger']['pool_idle_time'] - passenger pool idle time (default=300)
  • node['nginx']['passenger']['max_requests'] - maximum requests (default=0)
  • node['nginx']['passenger']['nodejs'] - Nodejs path for Passenger to use (default=nil)

Basic configuration to use the official Phusion Passenger repositories:
- node['nginx']['repo_source'] - 'passenger'
- node['nginx']['package_name'] - 'nginx-extras'
- node['nginx']['passenger']['install_method'] - 'package'


These attributes are used in the nginx::http_echo_module recipe.

  • node['nginx']['echo']['version'] - The version of http_echo you want (default: 0.40)
  • node['nginx']['echo']['url'] - URL for the tarball.
  • node['nginx']['echo']['checksum'] - Checksum of the tarball.


These attributes are used in the nginx::http_stub_status_module recipe.

  • node['nginx']['status']['port'] - The port on which nginx will serve the status info (default: 8090)


These attributes are used in the nginx::syslog_module recipe.

  • node['nginx']['syslog']['git_repo'] - The git repository url to use for the syslog patches.
  • node['nginx']['syslog']['git_revision'] - The revision on the git repository to checkout.


These attributes are used in the nginx::openssl_source recipe.

  • node['nginx']['openssl_source']['version'] - The version of OpenSSL you want to download and use (default: 1.0.1e)
  • node['nginx']['openssl_source']['url'] - The url for the OpenSSL source


These attributes are used in the nginx::socketproxy recipe.

  • node['nginx']['socketproxy']['root'] - The directory (on your server) where socketproxy apps are deployed.
  • node['nginx']['socketproxy']['default_app'] - Static assets directory for requests to "/" that don't meet any proxy_pass filter requirements.
  • node['nginx']['socketproxy']['apps']['app_name']['prepend_slash'] - Prepend a slash to requests to app "app_name" before sending them to the socketproxy socket.
  • node['nginx']['socketproxy']['apps']['app_name']['context_name'] - URI (e.g. "app_name" in order to achieve "") at which to host the application "app_name"
  • node['nginx']['socketproxy']['apps']['app_name']['subdir'] - Directory (under node['nginx']['socketproxy']['root']) in which to find the application.


This cookbook provides three main recipes for installing Nginx.

  • default.rb - Use this recipe if you have a native package for Nginx.
  • repo.rb - The developer of Nginx also maintain stable packages for several platforms.
  • source.rb - Use this recipe if you do not have a native package for Nginx, or if you want to install a newer version than is available, or if you have custom module compilation needs.

Several recipes are related to the source recipe specifically. See
that recipe's section below for a description.


The default recipe will install Nginx as a native package for the
system through the package manager and sets up the configuration
according to the Debian site enable/disable style with sites-enabled
using the nxensite and nxdissite scripts. The nginx service will
be managed with the normal init scripts that are presumably included
in the native package.

Includes the ohai_plugin recipe so the plugin is available.


This will add socketproxy support to your nginx proxy setup. Do not
include this recipe directly. Instead, add it to the
node['nginx']['default']['modules'] array (see below).


This recipe provides an Ohai plugin as a template. It is included by
both the default and source recipes.


Sets up configuration for the authorized_ip nginx module.


This recipe is responsible for building Nginx from source. It ensures
that the required packages to build Nginx are installed (pcre,
openssl, compile tools). The source will be downloaded from the
node['nginx']['source']['url']. The node['nginx']['user'] will be
created as a system user. If you want to use existing user set
node['nginx']['source']['use_existing_user'] to true. The appropriate
configuration and log directories and config files will be created
as well according to the attributes node['nginx']['dir'] and

The recipe attempts to detect whether additional modules should be
added to the configure command through recipe inclusion (see below),
and whether the version or configuration flags have changed and should
trigger a recompile.

The nginx service will be set up according to
node['nginx']['init_style']. Available options are:

  • runit: uses runit cookbook and sets up runit_service.
  • bluepill: uses bluepill cookbook and sets up bluepill_service.
  • anything else (e.g., "init") will use the nginx init script template.

RHEL/CentOS This recipe should work on RHEL/CentOS with "init" as
the init style.

The following recipes are used to build module support into Nginx. To
use a module in the nginx::source recipe, add its recipe name to the
attribute node['nginx']['source']['modules'].

  • ipv6.rb - enables IPv6 support
  • http_echo_module.rb - downloads the http_echo_module module and enables it as a module when compiling nginx.
  • http_geoip_module.rb - installs the GeoIP libraries and data files and enables the module for compilation.
  • http_gzip_static_module.rb - enables the module for compilation. Be sure to set node['nginx']['gzip_static'] = 'yes'.
  • http_perl_module.rb - enables embedded Perl for compilation.
  • http_realip_module.rb - enables the module for compilation and creates the configuration.
  • http_ssl_module.rb - enables SSL for compilation.
  • http_stub_status_module.rb - provides nginx_status configuration and enables the module for compilation.
  • naxsi_module - enables the naxsi module for the web application firewall for nginx.
  • passenger - builds the passenger gem and configuration for "mod_passenger".
  • syslog - enables syslog support for nginx. This only works with source builds. See
  • upload_progress_module.rb - builds the upload_progress module and enables it as a module when compiling nginx.
  • openssl_source.rb - downloads and uses custom OpenSSL source when compiling nginx


The cookbook provides a new definition. At some point in the future this definition may be refactored into a lightweight resource and provider as suggested by foodcritic rule FC015.


Enable or disable a Server Block in
#{node['nginx']['dir']}/sites-available by calling nxensite or
nxdissite (introduced by this cookbook) to manage the symbolic link in

The template for the site must be managed as a separate resource.


  • name - Name of the site.
  • enable - Default true, which uses nxensite to enable the site. If false, the site will be disabled with nxdissite.

Adding New Modules

To add a new module to be compiled into nginx in the source recipe,
the node's run state is manipulated in a recipe, and the module as a
recipe should be added to node['nginx']['source']['modules']. For

node.run_state['nginx_configure_flags'] =
  node.run_state['nginx_configure_flags'] | ['--with-http_stub_status_module']

The recipe will be included by recipe[nginx::source] automatically,
adding the configure flags. Add any other configuration templates or
other resources as required. See the recipes described above for

Ohai Plugin

The ohai_plugin recipe includes an Ohai plugin. It will be
automatically installed and activated, providing the following
attributes via ohai, no matter how nginx is installed (source or

  • node['nginx']['version'] - version of nginx
  • node['nginx']['configure_arguments'] - options passed to ./configure when nginx was built
  • node['nginx']['prefix'] - installation prefix
  • node['nginx']['conf_path'] - configuration file path

In the source recipe, it is used to determine whether control
attributes for building nginx have changed.


Include the recipe on your node or role that fits how you wish to
install Nginx on your system per the recipes section above. Modify the
attributes as required in your role to change how various
configuration is applied per the attributes section above. In general,
override attributes in the role should be used when changing

There's some redundancy in that the config handling hasn't been
separated from the installation method (yet), so use only one of the
recipes, default or source.

License & Authors

Copyright 2008-2014, Chef Software, Inc

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

apt ~> 2.2
bluepill ~> 2.3
build-essential ~> 2.0
ohai ~> 2.0
runit ~> 1.2
yum-epel ~> 0.3

Contingent cookbooks

aegir Applicable Versions
aegir3 Applicable Versions
alfresco-webserver Applicable Versions
app Applicable Versions
application_nginx Applicable Versions
application_static Applicable Versions
archiva Applicable Versions
base_image Applicable Versions
berkshelf Applicable Versions
berkshelf-api-server Applicable Versions
berkshelf-api-server-ya Applicable Versions
boxbilling Applicable Versions
cabot Applicable Versions
cassandra-opscenter Applicable Versions
certbot Applicable Versions
chef-jellyfish Applicable Versions
chef-server Applicable Versions
cloudfoundry-cloud_controller Applicable Versions
cloudfoundry-nginx Applicable Versions
config-driven-helper Applicable Versions
cyclesafe_chef Applicable Versions
devpi Applicable Versions
docker-registry2 Applicable Versions
dokku Applicable Versions
drone Applicable Versions
elasticsearch_cluster Applicable Versions
elkstack Applicable Versions
errbit Applicable Versions
etherpad-lite Applicable Versions
eulipion-slate Applicable Versions
fanfare Applicable Versions
frog Applicable Versions
gem_server Applicable Versions
geminabox Applicable Versions
gemirro Applicable Versions
ghost Applicable Versions
github_connector Applicable Versions
gitlab Applicable Versions
gitlab-server Applicable Versions
gitpaste Applicable Versions
grafana Applicable Versions
huginn Applicable Versions
ice Applicable Versions
insight Applicable Versions
iptables_web Applicable Versions
ipynb Applicable Versions
ish Applicable Versions
jenkins Applicable Versions
jenkins-server Applicable Versions
kibana5-gm Applicable Versions
kibana_lwrp Applicable Versions
kloudspeaker Applicable Versions
kong Applicable Versions
lemur Applicable Versions
looker Applicable Versions
lxc-web-panel Applicable Versions
magento Applicable Versions
maven-deploy Applicable Versions
mediacore Applicable Versions
met-jenkins Applicable Versions
mirage Applicable Versions
modcloth-hubot Applicable Versions
moodle Applicable Versions
mozilla-firefox-sync Applicable Versions
mozilla-sync Applicable Versions
mruby Applicable Versions
munin Applicable Versions
myusa Applicable Versions
nagios Applicable Versions
nexus Applicable Versions
nginx-hardening Applicable Versions
nginx-proxy Applicable Versions
nginx_conf Applicable Versions
nginx_fallback_to_apache Applicable Versions
nginx_simplecgi Applicable Versions
nginxsite Applicable Versions
ngx Applicable Versions
nodejs-deploy Applicable Versions
nodestack Applicable Versions
noosfero Applicable Versions
oc-id Applicable Versions
ohmage Applicable Versions
omakase Applicable Versions
opennms Applicable Versions
opsworks_ruby Applicable Versions
owncloud Applicable Versions
paramount Applicable Versions
passenger_enterprise Applicable Versions
phabricator Applicable Versions
phpstack Applicable Versions
pita Applicable Versions
piwik Applicable Versions
postfixadmin Applicable Versions
prose Applicable Versions
pythonstack Applicable Versions
rackbox Applicable Versions
rackspace_nginx_php Applicable Versions
rails_application Applicable Versions
railsbox Applicable Versions
redirect Applicable Versions
redmine2 Applicable Versions
reprepro Applicable Versions
request_tracker Applicable Versions
roundcube Applicable Versions
rubycas Applicable Versions
rundeck-alt Applicable Versions
sensu_admin Applicable Versions
sinatra Applicable Versions
snipe-it Applicable Versions
spree Applicable Versions
stack_commons Applicable Versions
storj Applicable Versions
strongloop Applicable Versions
sudo_consul Applicable Versions
supermarket Applicable Versions
symfony Applicable Versions
teleport-le Applicable Versions
thumbor Applicable Versions
thumbor_ng Applicable Versions
webapp Applicable Versions
wordpress Applicable Versions
ya-piwik Applicable Versions
zabbix Applicable Versions
zabbix_lwrp Applicable Versions
zammad Applicable Versions

nginx Cookbook CHANGELOG

This file is used to list changes made in each version of the nginx cookbook.

v2.7.5 (Unreleased)

NOTE As of this release, this cookbook in its current format is deprecated,
and only critical bugs and fixes will be added.
A complete rewrite is in progress, so we appreciate your patience while we sort things out.
The amount of change included here

After merging a ton of pull requests, here's a brief changelog. Click each to read more.

v2.7.4 (2014-06-06)

  • [COOK-4703] Default openssl version to 1.0.1h to address CVE-2014-0224

v2.7.2 (2014-05-27)

  • [COOK-4658] - Nginx::socketproxy if the context is blank or nonexistent, the location in the config file has a double slash at the beginning
  • [COOK-4644] - add support to nginx::repo for Amazon Linux
  • Allow to use an environment variable for the EC2 Availability Zone

v2.7.0 (2014-05-15)

  • [COOK-4643] - Update metadata lock on ohai
  • [COOK-4588] - Give more love to FreeBSD
  • [COOK-4601] - Add proxy type: Socket

v2.6.2 (2014-04-09)

[COOK-4527] - set default openssl source version to 1.0.1g to address CVE-2014-0160 aka Heartbleed

v2.6.0 (2014-04-08)

  • Reverting COOK-4323

v2.5.0 (2014-03-27)

  • [COOK-4323] - Need a resource to easily configure available sites (vhosts)

v2.4.4 (2014-03-13)

  • Updating for build-essential 2.0

v2.4.2 (2014-02-28)

Fixing bad commit from COOK-4330

v2.4.1 (2014-02-27)

  • [COOK-4345] - nginx default recipe include install type recipe directly

v2.4.0 (2014-02-27)

  • [COOK-4380] - kitchen.yml platform listings for ubuntu-10.04 and ubuntu-12.04 are missing the dot
  • [COOK-4330] - Bump nginx version for security issues (CVE-2013-0337, CVE-2013-4547)

v2.3.0 (2014-02-25)

  • COOK-4293 - Update testing Gems in nginx and fix a rubocop warnings
  • **[COOK-4237] - Nginx version incorrectly parsed on Ubuntu 13
  • **[COOK-3866] - Nginx default site folder

v2.2.2 (2014-01-23)

[COOK-3672] - Add gzip_static option


No changes. Version bump for toolchain


[COOK-3923] - Enable the list of packages installed by nginx::passenger to be configurable
[COOK-3672] - Nginx should support the gzip_static option
Updating for yum ~> 3.0
Fixing up style for rubocop
Updating test-kitchen harness


fixing metadata version error. locking to 3.0


Locking yum dependency to '< 3'



  • COOK-3808 - nginx::passenger run fails because of broken installation of package dependencies
  • COOK-3779 - Build in master fails due to rubocop error



  • COOK-3808 - nginx::passenger run fails because of broken installation of package dependencies
  • COOK-3779 - Build in master fails due to rubocop error




  • COOK-3686 - Remove deprecated 'passenger_use_global_queue' directive
  • COOK-3626 - Parameterize hardcoded path to helper scripts
  • COOK-3571 - Reloda ohai plugin after installation
  • COOK-3428 - Fix an issue where access logs are not disabled when the disable_access_log attribute is set to true
  • COOK-3322 - Fix an issue where nginx::ohai_plugin fails when using source recipe
  • COOK-3241 - Fix an issue wherenginx::ohai_plugin fails unless using source recipe

New Feature



  • COOK-3397 - Fix user from nginx package on Gentoo
  • COOK-2968 - Fix foodcritic failure
  • COOK-2723 - Remove duplicate passenger max_pool_size


  • COOK-3186 - Add client_body_buffer_size and server_tokens attributes
  • COOK-3080 - Add rate-limiting support
  • COOK-2927 - Add support for real_ip_recursive directive
  • COOK-2925 - Fix ChefSpec converge
  • COOK-2724 - Automatically create directory for PID file
  • COOK-2472 - Bump nginx version to 1.2.9
  • COOK-2312 - Add additional mine_types to the gzip_types value

New Feature

  • COOK-3183 - Allow inclusion in extra-cookbook modules



  • [COOK-3030]: The repo_source attribute should allow you to not add any additional repositories to your node


  • [COOK-2738]: move nginx::passenger attributes to nginx/attributes/passenger.rb



  • [COOK-2409]: update nginx::source recipe for new runit_service resource
  • [COOK-2877]: update nginx cookbook test-kitchen support to 1.0 (alpha)


  • [COOK-1976]: nginx source should be able to configure binary path
  • [COOK-2622]: nginx: add upstart support
  • [COOK-2725]: add "configtest" subcommand in initscript


  • [COOK-2398]: nginx_site definition cannot be used to manage the default site
  • [COOK-2493]: Resources in nginx::source recipe always use 1.2.6 version, even overriding version attribute
  • [COOK-2531]: Remove usage of non-existant attribute "description" for apt_repository
  • [COOK-2665]: nginx::source install with custom sbin_path breaks ohai data


  • [COOK-2183] - Install nginx package from nginxyum repo
  • [COOK-2311] - headers-more should be updated to the latest version
  • [COOK-2455] - Support sendfile option (nginx.conf)


  • [COOK-1979] - Passenger module requires curl-dev(el)
  • [COOK-2219] - Support proxy_read_timeout (in nginx.conf)
  • [COOK-2220] - Support client_max_body_size (in nginx.conf)
  • [COOK-2280] - Allow custom timing of nginx_site's reload notification
  • [COOK-2304] - nginx cookbook should install 1.2.6 not 1.2.3 for source installs
  • [COOK-2309] - checksums for geoip files need to be updated in nginx
  • [COOK-2310] - Checksum in the nginx::upload_progress recipe is not correct
  • [COOK-2314] - nginx::passenger: Install the latest version of passenger
  • [COOK-2327] - nginx: passenger recipe should find ruby via Ohai
  • [COOK-2328] - nginx: Update mime.types file to the latest
  • [COOK-2329] - nginx: Update naxsi rules to the current


  • [COOK-1752] - Add headers more module to the nginx cookbook
  • [COOK-2209] - nginx source recipe should create web user before creating directories
  • [COOK-2221] - make nginx::source compatible with gentoo
  • [COOK-2267] - add version for runit recommends


  • [COOK-2168] - specify package name as an attribute


  • [COOK-1766] - Nginx Source Recipe Rebuilding Source at Every Run
  • [COOK-1910] - Add IPv6 module
  • [COOK-1966] - nginx cookbook should let you set gzip_vary and gzip_buffers in nginx.conf
  • [COOK-1969]- - nginx::passenger module not included due to use of symbolized :nginx_configure_flags
  • [COOK-1971] - Template passenger.conf.erb configures key passenger_max_pool_size 2 times
  • [COOK-1972] - nginx::source compile_nginx_source reports success in spite of failed compilation
  • [COOK-1975] - nginx::passenger requires rake gem
  • [COOK-1979] - Passenger module requires curl-dev(el)
  • [COOK-2080] - Restart nginx on source compilation


  • [COOK-1263] - Nginx log (and possibly other) directory creations should be recursive
  • [COOK-1515] - move creation of node['nginx']['dir'] out of commons.rb
  • [COOK-1523] - nginx http_geoip_module requires libtoolize
  • [COOK-1524] - nginx checksums are md5
  • [COOK-1641] - add "use", "multi_accept" and "worker_rlimit_nofile" to nginx cookbook
  • [COOK-1683] - Nginx fails Windows nodes just by being required in metadata
  • [COOK-1735] - Support Amazon Linux in nginx::source recipe
  • [COOK-1753] - Add ability for nginx::passenger recipe to configure more Passenger global settings
  • [COOK-1754] - Allow group to be set in nginx.conf file
  • [COOK-1770] - nginx cookbook fails on servers that don't have a "cpu" attribute
  • [COOK-1781] - Use 'sv' to reload nginx when using runit
  • [COOK-1789] - stop depending on bluepill, runit and yum. they are not required by nginx cookbook
  • [COOK-1791] - add name attribute to metadata
  • [COOK-1837] - nginx::passenger doesn't work on debian family
  • [COOK-1956] - update naxsi version due to incompatibility with newer nginx


  • [COOK-1636] - relax the version constraint on ohai


  • [COOK-913] - defaults for gzip cause warning on service restart
  • [COOK-1020] - duplicate MIME type
  • [COOK-1269] - add passenger module support through new recipe
  • [COOK-1306] - increment nginx version to 1.2 (now 1.2.3)
  • [COOK-1316] - default site should not always be enabled
  • [COOK-1417] - resolve errors preventing build from source
  • [COOK-1483] - source prefix attribute has no effect
  • [COOK-1484] - source relies on /etc/sysconfig
  • [COOK-1511] - add support for naxsi module
  • [COOK-1525] - nginx source is downloaded every time
  • [COOK-1526] - nginx_site does not remove sites
  • [COOK-1527] - add http_echo_module recipe


Erroneous cookbook upload due to timeout.

Version #'s are cheap.


  • [COOK-1280] - Improve RHEL family support and fix ohai_plugins recipe bug
  • [COOK-1194] - allow installation method via attribute
  • [COOK-458] - fix duplicate nginx processes


  • [COOK-1211] - include the default attributes explicitly so version is available.


Attribute Change: node['nginx']['url'] -> node['nginx']['source']['url']; see the

  • [COOK-1115] - daemonize when using init script
  • [COOK-477] - module compilation support in nginx::source


  • [COOK-1126] - source version bump to 1.0.14


  • [COOK-1053] - Add :url attribute to nginx cookbook


  • [COOK-818] - add "application/json" per RFC.
  • [COOK-870] - bluepill init style support
  • [COOK-957] - Compress application/javascript.
  • [COOK-981] - Add reload support to NGINX service


  • [COOK-809] - attribute to disable access logging
  • [COOK-772] - update nginx download source location

Foodcritic Metric

2.7.5 failed this metric

FC015: Consider converting definition to a LWRP: /tmp/cook/e3fbaf7093ff0113ff536fd4/nginx/definitions/nginx_site.rb:1
FC023: Prefer conditional attributes: /tmp/cook/e3fbaf7093ff0113ff536fd4/nginx/definitions/nginx_site.rb:25
FC023: Prefer conditional attributes: /tmp/cook/e3fbaf7093ff0113ff536fd4/nginx/recipes/source.rb:34
FC023: Prefer conditional attributes: /tmp/cook/e3fbaf7093ff0113ff536fd4/nginx/recipes/source.rb:189