# Nginx cluster configurator - ncc

Quality of life script for nginx and dehydrated.

## Features

* Allows the editing of services and using a template for new ones. Makes sure
  the configuration is valid before reloading the cluster (nginx).
* Automatically obtains SSL certificates and replicates them to the cluster (dehydrated).
* Will only make changes on the master server (keepalived).

# TODO

* Prepare config templates for nginx and dehydrated?
* document dhparam.pem generation (`openssl dhparam -out ssl-dhparams.pem 4096` in /etc/autossl)
* Limit current SSH keys to only config rsync and nginx reload
* Write down how it works in human language
* Create a guide how to use it to intrawiki
* Teach everybody how to use it...

# Installation

* Install dependencies: nginx, keepalived (optional i guess), rsync, ssh, python3
* Install `ncc` through pip (or pipx) from this git repository
* Create a `ncc.yml` file (see `ncc.yml.sample`)
* Create a base nginx config (in `conf_dir`):

  It should look like this:
  ```
  conf/
    nginx.conf
    sites/
      ...
    dehydrated/
      dehydrated.sh <= you need to download dehydrated from github.com/dehydrated-io/dehydrated
      config <= you don't have to configure anything, i recommend using AUTO_CLEANUP=yes
      ...
  ```
* Register to CA with dehydrated (`./dehydrated.sh --register --accept-terms`)
* Optional (for `new` command): Create a `templates` folder inside `conf_dir` and create some templates.
* Deploy once with a valid configuration (like a default http server that will
  serve `/var/www/dehydrated`), so that dehydrated will be able to deploy
  challenges.
* Done.

# Usage

```
Usage: ncc [OPTIONS] COMMAND [ARGS]...

  Update the nginx cluster configuration

  MUST BE RAN ON MASTER (will detect automatically)

Options:
  --help  Show this message and exit.

Commands:
  edit  Edit a site
  list  List all sites and the files they are located in
  new   Create a new site
  test  Run nginx -t on the configuration
  up    Deploy the configuration to the cluster
```

# Contributions

Please use `black` formatter. 

You can automate the process by running `cp .githooks/pre-commit .git/hooks/pre-commit && chmod +x .git/hooks/pre-commit` after pulling the repository.