nologcz/nginx-configurator
2
0
Fork 0
mirror of https://git.nolog.cz/NoLog.cz/nginx-configurator.git synced 2025-01-30 19:33:35 +01:00
Code Issues Projects Releases Packages Wiki Activity
No description
33 commits 2 branches 0 tags 98 KiB
Python 99.6%
Shell 0.4%
Find a file
bain 607bc7b5fe
bump version
2025-01-19 23:40:22 +01:00
.githooks Add info about git hook for black 2023-10-25 19:44:27 +02:00
ncc add option to skip certificate fetching 2025-01-19 23:39:20 +01:00
.gitignore add clusters.json 2023-11-05 14:57:26 +01:00
ncc.yml.sample rework and refactor 2024-11-04 22:25:33 +01:00
README.md add example install command to readme 2025-01-14 23:10:42 +01:00
requirements.txt rework and refactor 2024-11-04 22:25:33 +01:00
setup.py bump version 2025-01-19 23:40:22 +01:00

README.md

Nginx cluster configurator - ncc

Quality of life script for nginx and dehydrated.

Features

  • Allows the editing of services and using a template for new ones. Makes sure the configuration is valid before reloading the cluster (nginx).
  • Automatically obtains SSL certificates and replicates them to the cluster (dehydrated).
  • Will only make changes on the master server (keepalived).

TODO

  • Prepare config templates for nginx and dehydrated?
  • document dhparam.pem generation (openssl dhparam -out ssl-dhparams.pem 4096 in /etc/autossl)
  • Limit current SSH keys to only config rsync and nginx reload
  • Write down how it works in human language
  • Create a guide how to use it to intrawiki
  • Teach everybody how to use it...

Installation

  • Install dependencies: nginx, keepalived (optional i guess), rsync, ssh, python3

  • Install ncc through pip (or pipx) from this git repository

    pip install -U git+https://git.nolog.cz/NoLog.cz/nginx-configurator.git

  • Create a ncc.yml file (see ncc.yml.sample)

  • Create a base nginx config (in conf_dir):

    It should look like this:

    conf/
  nginx.conf
  sites/
    ...
  dehydrated/
    dehydrated.sh <= you need to download dehydrated from github.com/dehydrated-io/dehydrated
    config <= you don't have to configure anything, i recommend using AUTO_CLEANUP=yes
    ...

  • Register to CA with dehydrated (./dehydrated.sh --register --accept-terms)

  • Optional (for new command): Create a templates folder inside conf_dir and create some templates.

  • Deploy once with a valid configuration (like a default http server that will serve /var/www/dehydrated), so that dehydrated will be able to deploy challenges.

  • Done.

Usage

Usage: ncc [OPTIONS] COMMAND [ARGS]...

  Update the nginx cluster configuration

  MUST BE RAN ON MASTER (will detect automatically)

Options:
  --help  Show this message and exit.

Commands:
  edit  Edit a site
  list  List all sites and the files they are located in
  new   Create a new site
  test  Run nginx -t on the configuration
  up    Deploy the configuration to the cluster

Contributions

Please use black formatter.

You can automate the process by running cp .githooks/pre-commit .git/hooks/pre-commit && chmod +x .git/hooks/pre-commit after pulling the repository.