server_maint 0.0.1

data/lib/cookbooks/nginx/recipes/commons_script.rb

@@ -0,0 +1,28 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: common/script
+# Author:: AJ Christensen <aj@junglist.gen.nz>
+#
+# Copyright 2008-2012, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+%w(nxensite nxdissite).each do |nxscript|
+  template "/usr/sbin/#{nxscript}" do
+    source "#{nxscript}.erb"
+    mode "0755"
+    owner "root"
+    group "root"
+  end
+end

data/lib/cookbooks/nginx/recipes/default.rb

@@ -0,0 +1,42 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: default
+# Author:: AJ Christensen <aj@junglist.gen.nz>
+#
+# Copyright 2008-2012, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe 'nginx::ohai_plugin'
+
+case node['nginx']['install_method']
+when 'source'
+  include_recipe 'nginx::source'
+when 'package'
+  case node['platform']
+  when 'redhat','centos','scientific','amazon','oracle'
+    include_recipe 'yum::epel'
+  end
+  package 'nginx'
+  service 'nginx' do
+    supports :status => true, :restart => true, :reload => true
+    action :enable
+  end
+  include_recipe 'nginx::commons'
+end
+
+service 'nginx' do
+  supports :status => true, :restart => true, :reload => true
+  action :start
+end

data/lib/cookbooks/nginx/recipes/http_echo_module.rb

@@ -0,0 +1,46 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_echo_module
+#
+# Author:: Danial Pearce (<danial@cushycms.com>)
+#
+# Copyright 2012, CushyCMS
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+echo_src_filename = "echo-nginx-module-v#{node['nginx']['echo']['version']}.tar.gz"
+echo_src_filepath = "#{Chef::Config['file_cache_path']}/#{echo_src_filename}"
+echo_extract_path = "#{Chef::Config['file_cache_path']}/nginx_echo_module/#{node['nginx']['echo']['checksum']}"
+
+remote_file echo_src_filepath do
+  source   node['nginx']['echo']['url']
+  checksum node['nginx']['echo']['checksum']
+  owner    'root'
+  group    'root'
+  mode     0644
+end
+
+bash 'extract_http_echo_module' do
+  cwd ::File.dirname(echo_src_filepath)
+  code <<-EOH
+    mkdir -p #{echo_extract_path}
+    tar xzf #{echo_src_filename} -C #{echo_extract_path}
+    mv #{echo_extract_path}/*/* #{echo_extract_path}/
+  EOH
+
+  not_if { ::File.exists?(echo_extract_path) }
+end
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--add-module=#{echo_extract_path}"]

data/lib/cookbooks/nginx/recipes/http_geoip_module.rb

@@ -0,0 +1,117 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_geoip_module
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+if node['platform'] == 'ubuntu'
+  package 'libtool'
+end
+
+country_dat          = "#{node['nginx']['geoip']['path']}/GeoIP.dat"
+country_src_filename = ::File.basename(node['nginx']['geoip']['country_dat_url'])
+country_src_filepath = "#{Chef::Config['file_cache_path']}/#{country_src_filename}"
+city_dat             = nil
+city_src_filename    = ::File.basename(node['nginx']['geoip']['city_dat_url'])
+city_src_filepath    = "#{Chef::Config['file_cache_path']}/#{city_src_filename}"
+geolib_filename      = ::File.basename(node['nginx']['geoip']['lib_url'])
+geolib_filepath      = "#{Chef::Config['file_cache_path']}/#{geolib_filename}"
+
+remote_file geolib_filepath do
+  source node['nginx']['geoip']['lib_url']
+  checksum node['nginx']['geoip']['lib_checksum']
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+bash "extract_geolib" do
+  cwd ::File.dirname(geolib_filepath)
+  code <<-EOH
+    tar xzvf #{geolib_filepath} -C #{::File.dirname(geolib_filepath)}
+    cd GeoIP-#{node['nginx']['geoip']['lib_version']}
+    which libtoolize && libtoolize -f
+    ./configure
+    make && make install
+  EOH
+
+  creates "/usr/local/lib/libGeoIP.so.#{node['nginx']['geoip']['lib_version']}"
+  subscribes :run, resources(:remote_file => geolib_filepath)
+end
+
+directory node['nginx']['geoip']['path'] do
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+remote_file country_src_filepath do
+  not_if do
+    File.exists?(country_src_filepath) &&
+    File.mtime(country_src_filepath) > Time.now - 86400
+  end
+  source node['nginx']['geoip']['country_dat_url']
+  checksum node['nginx']['geoip']['country_dat_checksum']
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+bash "gunzip_geo_lite_country_dat" do
+  code <<-EOH
+    gunzip -c #{country_src_filepath} > #{country_dat}
+  EOH
+  creates country_dat
+end
+
+if node['nginx']['geoip']['enable_city']
+  city_dat  = "#{node['nginx']['geoip']['path']}/GeoLiteCity.dat"
+
+  remote_file city_src_filepath do
+    not_if do
+      File.exists?(city_src_filepath) &&
+      File.mtime(city_src_filepath) > Time.now - 86400
+    end
+    source node['nginx']['geoip']['city_dat_url']
+    checksum node['nginx']['geoip']['city_dat_checksum']
+    owner "root"
+    group "root"
+    mode 0644
+  end
+
+  bash "gunzip_geo_lite_city_dat" do
+    code <<-EOH
+      gunzip -c #{city_src_filepath} > #{city_dat}
+    EOH
+    creates city_dat
+  end
+end
+
+template "#{node['nginx']['dir']}/conf.d/http_geoip.conf" do
+  source "modules/http_geoip.conf.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  variables(
+    :country_dat => country_dat,
+    :city_dat => city_dat
+  )
+end
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--with-http_geoip_module", "--with-ld-opt='-Wl,-R,/usr/local/lib -L /usr/local/lib'"]

data/lib/cookbooks/nginx/recipes/http_gzip_static_module.rb

@@ -0,0 +1,23 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_gzip_static_module
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--with-http_gzip_static_module"]

data/lib/cookbooks/nginx/recipes/http_realip_module.rb

@@ -0,0 +1,46 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_realip_module
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Documentation: http://wiki.nginx.org/HttpRealIpModule
+
+# Currently only accepts X-Forwarded-For or X-Real-IP
+node.default['nginx']['realip']['header']    = "X-Forwarded-For"
+node.default['nginx']['realip']['addresses'] = ["127.0.0.1"]
+
+service "nginx" do
+  supports :status => true, :restart => true, :reload => true
+end
+
+template "#{node['nginx']['dir']}/conf.d/http_realip.conf" do
+  source "modules/http_realip.conf.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  variables(
+    :addresses => node['nginx']['realip']['addresses'],
+    :header => node['nginx']['realip']['header']
+  )
+
+  notifies :reload, resources(:service => "nginx")
+end
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--with-http_realip_module"]

data/lib/cookbooks/nginx/recipes/http_ssl_module.rb

@@ -0,0 +1,23 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_ssl_module
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--with-http_ssl_module"]

data/lib/cookbooks/nginx/recipes/http_stub_status_module.rb

@@ -0,0 +1,36 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: http_stub_status_module
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "nginx::authorized_ips"
+
+template "nginx_status" do
+  path "#{node['nginx']['dir']}/sites-available/nginx_status"
+  source "modules/nginx_status.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  notifies :reload, resources(:service => "nginx")
+end
+
+nginx_site "nginx_status"
+
+node.run_state['nginx_configure_flags'] =
+  node.run_state['nginx_configure_flags'] | ["--with-http_stub_status_module"]

data/lib/cookbooks/nginx/recipes/naxsi_module.rb

@@ -0,0 +1,53 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: naxsi_module
+#
+# Author:: Artiom Lunev (<artiom.lunev@gmail.com>)
+#
+# Copyright 2012, Artiom Lunev
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+cookbook_file "#{node['nginx']['dir']}/naxsi_core.rules" do
+  source "naxsi_core.rules"
+  owner "root"
+  group "root"
+  mode "0644"
+  notifies :reload, 'service[nginx]'
+end
+
+naxsi_src_filename = ::File.basename(node['nginx']['naxsi']['url'])
+naxsi_src_filepath = "#{Chef::Config['file_cache_path']}/#{naxsi_src_filename}"
+naxsi_extract_path = "#{Chef::Config['file_cache_path']}/nginx-naxsi-#{node['nginx']['naxsi']['version']}"
+
+remote_file naxsi_src_filepath do
+  source node['nginx']['naxsi']['url']
+  checksum node['nginx']['naxsi']['checksum']
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+bash "extract_naxsi_module" do
+  cwd ::File.dirname(naxsi_src_filepath)
+  code <<-EOH
+    mkdir -p #{naxsi_extract_path}
+    tar xzf #{naxsi_src_filename} -C #{naxsi_extract_path}
+  EOH
+
+  not_if { ::File.exists?(naxsi_extract_path) }
+end
+
+node.run_state['nginx_configure_flags'] =
+  ["--add-module=#{naxsi_extract_path}/naxsi-#{node['nginx']['naxsi']['version']}/naxsi_src"] | node.run_state['nginx_configure_flags']

data/lib/cookbooks/nginx/recipes/ohai_plugin.rb

@@ -0,0 +1,32 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: ohai_plugin
+#
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2012, Riot Games
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+template "#{node['ohai']['plugin_path']}/nginx.rb" do
+  source "plugins/nginx.rb.erb"
+  owner "root"
+  group "root"
+  mode 0755
+  variables(
+    :nginx_bin => node['nginx']['binary']
+  )
+end
+
+include_recipe "ohai"

data/lib/cookbooks/nginx/recipes/passenger.rb

@@ -0,0 +1,51 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: Passenger
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#package 'libcurl4-openssl-dev' do
+package 'ruby-devel' do
+  action :install
+end
+
+gem_package 'passenger' do
+  action :install
+  version node["nginx"]["passenger"]["version"]
+end
+
+node.default["nginx"]["passenger"]["version"] = "3.0.12"
+node.default["nginx"]["passenger"]["root"] = "/usr/lib/ruby/gems/1.8/gems/passenger-3.0.12"
+node.default["nginx"]["passenger"]["ruby"] = %x{which ruby}.chomp
+node.default["nginx"]["passenger"]["max_pool_size"] = 10
+
+service "nginx" do
+  supports :status => true, :restart => true, :reload => true
+end
+
+template "#{node["nginx"]["dir"]}/conf.d/passenger.conf" do
+  source "modules/passenger.conf.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  variables(
+    :passenger_root => node["nginx"]["passenger"]["root"],
+    :passenger_ruby => node["nginx"]["passenger"]["ruby"],
+    :passenger_max_pool_size => node["nginx"]["passenger"]["max_pool_size"]
+  )
+  notifies :reload, resources(:service => "nginx")
+end
+
+node.run_state[:nginx_configure_flags] =
+  node.run_state[:nginx_configure_flags] | ["--add-module=#{node["nginx"]["passenger"]["root"]}/ext/nginx"]

data/lib/cookbooks/nginx/recipes/source.rb

@@ -0,0 +1,182 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: source
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Joshua Timberman (<joshua@opscode.com>)
+# Author:: Jamie Winsor (<jamie@vialstudios.com>)
+#
+# Copyright 2009-2012, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+nginx_url = node['nginx']['source']['url'] ||
+  "http://nginx.org/download/nginx-#{node['nginx']['version']}.tar.gz"
+
+unless(node['nginx']['source']['prefix'])
+  node.set['nginx']['source']['prefix'] = "/opt/nginx-#{node['nginx']['version']}"
+end
+unless(node['nginx']['source']['conf_path'])
+  node.set['nginx']['source']['conf_path'] = "#{node['nginx']['dir']}/nginx.conf"
+end
+unless(node['nginx']['source']['default_configure_flags'])
+  node.set['nginx']['source']['default_configure_flags'] = [
+    "--prefix=#{node['nginx']['source']['prefix']}",
+    "--conf-path=#{node['nginx']['dir']}/nginx.conf"
+  ]
+end
+node.set['nginx']['binary']          = "#{node['nginx']['source']['prefix']}/sbin/nginx"
+node.set['nginx']['daemon_disable']  = true
+
+include_recipe "nginx::ohai_plugin"
+include_recipe "nginx::commons_dir"
+include_recipe "build-essential"
+
+src_filepath  = "#{Chef::Config['file_cache_path'] || '/tmp'}/nginx-#{node['nginx']['version']}.tar.gz"
+packages = value_for_platform(
+    ["centos","redhat","fedora"] => {'default' => ['pcre-devel', 'openssl-devel']},
+    "default" => ['libpcre3', 'libpcre3-dev', 'libssl-dev']
+  )
+
+packages.each do |devpkg|
+  package devpkg
+end
+
+remote_file nginx_url do
+  source nginx_url
+  checksum node['nginx']['source']['checksum']
+  path src_filepath
+  backup false
+end
+
+user node['nginx']['user'] do
+  system true
+  shell "/bin/false"
+  home "/var/www"
+end
+
+node.run_state['nginx_force_recompile'] = false
+node.run_state['nginx_configure_flags'] =
+  node['nginx']['source']['default_configure_flags'] | node['nginx']['configure_flags']
+
+node['nginx']['source']['modules'].each do |ngx_module|
+  include_recipe "nginx::#{ngx_module}"
+end
+
+configure_flags = node.run_state['nginx_configure_flags']
+nginx_force_recompile = node.run_state['nginx_force_recompile']
+
+bash "compile_nginx_source" do
+  cwd ::File.dirname(src_filepath)
+  code <<-EOH
+    tar zxf #{::File.basename(src_filepath)} -C #{::File.dirname(src_filepath)}
+    cd nginx-#{node['nginx']['version']} && ./configure #{node.run_state['nginx_configure_flags'].join(" ")}
+    make && make install
+    rm -f #{node['nginx']['dir']}/nginx.conf
+  EOH
+
+  not_if do
+    nginx_force_recompile == false &&
+      node.automatic_attrs['nginx'] &&
+      node.automatic_attrs['nginx']['version'] == node['nginx']['version'] &&
+      node.automatic_attrs['nginx']['configure_arguments'].sort == configure_flags.sort
+  end
+end
+
+node.run_state.delete(:nginx_configure_flags)
+node.run_state.delete(:nginx_force_recompile)
+
+case node['nginx']['init_style']
+when "runit"
+  node.set['nginx']['src_binary'] = node['nginx']['binary']
+  include_recipe "runit"
+
+  runit_service "nginx"
+
+  service "nginx" do
+    supports :status => true, :restart => true, :reload => true
+    reload_command "[[ -f #{node['nginx']['pid']} ]] && kill -HUP `cat #{node['nginx']['pid']}` || true"
+  end
+when "bluepill"
+  include_recipe "bluepill"
+
+  template "#{node['bluepill']['conf_dir']}/nginx.pill" do
+    source "nginx.pill.erb"
+    mode 0644
+    variables(
+      :working_dir => node['nginx']['source']['prefix'],
+      :src_binary => node['nginx']['binary'],
+      :nginx_dir => node['nginx']['dir'],
+      :log_dir => node['nginx']['log_dir'],
+      :pid => node['nginx']['pid']
+    )
+  end
+
+  bluepill_service "nginx" do
+    action [ :enable, :load ]
+  end
+
+  service "nginx" do
+    supports :status => true, :restart => true, :reload => true
+    reload_command "[[ -f #{node['nginx']['pid']} ]] && kill -HUP `cat #{node['nginx']['pid']}` || true"
+    action :nothing
+  end
+else
+  node.set['nginx']['daemon_disable'] = false
+
+  template "/etc/init.d/nginx" do
+    source "nginx.init.erb"
+    owner "root"
+    group "root"
+    mode "0755"
+    variables(
+      :src_binary => node['nginx']['binary'],
+      :pid => node['nginx']['pid']
+    )
+  end
+
+  defaults_path = case node['platform']
+    when 'debian', 'ubuntu'
+      '/etc/default/nginx'
+    else
+      '/etc/sysconfig/nginx'
+  end
+  template defaults_path do
+    source "nginx.sysconfig.erb"
+    owner "root"
+    group "root"
+    mode "0644"
+  end
+
+  service "nginx" do
+    supports :status => true, :restart => true, :reload => true
+    action :enable
+  end
+end
+
+include_recipe "nginx::commons_script"
+include_recipe "nginx::commons_conf"
+
+cookbook_file "#{node['nginx']['dir']}/mime.types" do
+  source "mime.types"
+  owner "root"
+  group "root"
+  mode "0644"
+  notifies :reload, 'service[nginx]', :immediately
+end
+
+service "nginx" do
+  action :start
+end