drop support for versions < 1.15.0

REFERENCE.md

@@ -277,11 +277,11 @@ Data type: `String[1]`
 The version of nginx installed (or being installed).
 Unfortunately, different versions of nginx may need configuring
 differently.  The default is derived from the version of nginx
-already installed.  If the fact is unavailable, it defaults to '1.6.0'.
+already installed.  If the fact is unavailable, it defaults to '1.15.0'.
 You may need to set this manually to get a working and idempotent
 configuration.
 
-Default value: `pick(fact('nginx_version'), '1.6.0')`
+Default value: `pick(fact('nginx_version'), '1.15.0')`
 
 ##### <a name="-nginx--debug_connections"></a>`debug_connections`
 
@@ -3080,7 +3080,7 @@ Create a new mapping entry for NGINX
 nginx::resource::map { 'backend_pool':
   ensure    => present,
   hostnames => true,
-  default   => 'ny-pool-1,
+  default   => 'ny-pool-1',
   string    => '$http_host',
   mappings  => {
     '*.nyc.example.com' => 'ny-pool-1',

manifests/init.pp

@@ -20,7 +20,7 @@
 #   The version of nginx installed (or being installed).
 #   Unfortunately, different versions of nginx may need configuring
 #   differently.  The default is derived from the version of nginx
-#   already installed.  If the fact is unavailable, it defaults to '1.6.0'.
+#   already installed.  If the fact is unavailable, it defaults to '1.15.0'.
 #   You may need to set this manually to get a working and idempotent
 #   configuration.
 #
@@ -240,7 +240,7 @@
   Hash $nginx_upstreams                                   = {},
   Nginx::UpstreamDefaults $nginx_upstreams_defaults       = {},
   Boolean $purge_passenger_repo                           = true,
-  String[1] $nginx_version                                = pick(fact('nginx_version'), '1.6.0'),
+  String[1] $nginx_version                                = pick(fact('nginx_version'), '1.15.0'),
 
   ### END Hiera Lookups ###
 ) inherits nginx::params {

spec/acceptance/nginx_mail_spec.rb

@@ -79,45 +79,5 @@ class { 'nginx':
     describe port(465) do
       it { is_expected.to be_listening }
     end
-
-    context 'when configured for nginx 1.14' do
-      it 'runs successfully' do
-        pp = "
-      if fact('os.family') == 'RedHat' {
-        package { 'nginx-mod-mail':
-          ensure => installed,
-        }
-      }
-
-      class { 'nginx':
-        mail            => true,
-        nginx_version   => '1.14.0',
-        dynamic_modules => fact('os.family') ? {
-          'RedHat' => ['/usr/lib64/nginx/modules/ngx_mail_module.so'],
-          default  => [],
-        }
-      }
-      nginx::resource::mailhost { 'domain1.example':
-        ensure      => present,
-        auth_http   => 'localhost/cgi-bin/auth',
-        protocol    => 'smtp',
-        listen_port => 587,
-        ssl         => true,
-        ssl_port    => 465,
-        ssl_cert    => '/etc/pki/tls/certs/blah.cert',
-        ssl_key     => '/etc/pki/tls/private/blah.key',
-        xclient     => 'off',
-      }
-        "
-
-        apply_manifest(pp, catch_failures: true)
-      end
-
-      describe file('/etc/nginx/conf.mail.d/domain1.example.conf') do
-        it 'does\'t contain `ssl` on `listen` line' do
-          is_expected.to contain 'listen                *:465;'
-        end
-      end
-    end
   end
 end

spec/defines/resource_mailhost_spec.rb

@@ -54,7 +54,7 @@
               title: 'should set the IPv4 listen port',
               attr: 'listen_port',
               value: 45,
-              match: '  listen                *:45;'
+              match: '  listen                *:45 ssl;'
             },
             {
               title: 'should set the IPv4 listen options',
@@ -548,7 +548,7 @@
               title: 'should set the IPv4 SSL listen port',
               attr: 'ssl_port',
               value: 45,
-              match: '  listen                *:45;'
+              match: '  listen                *:45 ssl;'
             },
             {
               title: 'should enable IPv6',

spec/defines/resource_server_spec.rb

@@ -675,12 +675,6 @@
               it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{  ssl on;}) }
             end
 
-            context 'with fact nginx_version=1.14.1' do
-              let(:facts) { facts.merge(nginx_version: '1.14.1') }
-
-              it { is_expected.to contain_concat__fragment("#{title}-ssl-header").with_content(%r{  ssl on;}) }
-            end
-
             context 'with fact nginx_version=1.15.1' do
               let(:facts) { facts.merge(nginx_version: '1.15.1') }
 

templates/mailhost/mailhost.epp

@@ -23,9 +23,6 @@ server {
 <%- } -%>
 <%= $mailhost_common -%>
 
-<%- if versioncmp($nginx_version, '1.15.0') < 0 { -%>
-  ssl                   off;
-<% } %>
   starttls              <%= $starttls %>;
 
 <% if $starttls != 'off' { %>

templates/mailhost/mailhost_ssl.epp

@@ -14,16 +14,13 @@
 server {
 <%= $mailhost_prepend -%>
 <%- $listen_ip.each |$ip| { -%>
-  listen                <%= $ip %>:<%= $ssl_port %><% if versioncmp($nginx_version, '1.15.0') >= 0 { %> ssl<% } %>;
+  listen                <%= $ip %>:<%= $ssl_port %> ssl;
 <%- } -%>
 <%- $ipv6_listen_ip.each |$ipv6| { -%>
   listen                [<%= $ipv6 %>]:<%= $ssl_port %> <% if $ipv6_listen_options { %><%= $ipv6_listen_options %><% } %>;
 <%- } -%>
 <%= $mailhost_common -%>
 
-<%- if versioncmp($nginx_version, '1.15.0') < 0 { -%>
-  ssl                   on;
-<% } %>
   starttls              off;
 
 <%= $mailhost_ssl_settings -%>

templates/server/server_ssl_settings.erb

@@ -1,6 +1,3 @@
-<% if scope.call_function('versioncmp', [scope['nginx::nginx_version'], '1.15.0']) < 0 -%>
-  ssl on;
-<% end -%>
 <% if scope.call_function('versioncmp', [scope['nginx::nginx_version'], '1.25.1']) >= 0 && @http2 -%>
   http2 <%= @http2 %>;
 <% end -%>