70 lines
2.2 KiB
Markdown
70 lines
2.2 KiB
Markdown
# Nginx cluster configurator - ncc
|
|
|
|
Quality of life script for nginx and dehydrated.
|
|
|
|
## Features
|
|
|
|
* Allows the editing of services and using a template for new ones. Makes sure
|
|
the configuration is valid before reloading the cluster (nginx).
|
|
* Automatically obtains SSL certificates and replicates them to the cluster (dehydrated).
|
|
* Will only make changes on the master server (keepalived).
|
|
|
|
# TODO
|
|
|
|
* Prepare config templates for nginx and dehydrated?
|
|
* document dhparam.pem generation (`openssl dhparam -out ssl-dhparams.pem 4096` in /etc/autossl)
|
|
* Limit current SSH keys to only config rsync and nginx reload
|
|
* Write down how it works in human language
|
|
* Create a guide how to use it to intrawiki
|
|
* Teach everybody how to use it...
|
|
|
|
# Installation
|
|
|
|
* Install dependencies: nginx, keepalived (optional i guess), rsync, ssh, python3
|
|
* Install `ncc` through pip (or pipx) from this git repository
|
|
* Create a `ncc.yml` file (see `ncc.yml.sample`)
|
|
* Create a base nginx config (in `conf_dir`):
|
|
|
|
It should look like this:
|
|
```
|
|
conf/
|
|
nginx.conf
|
|
sites/
|
|
...
|
|
dehydrated/
|
|
dehydrated.sh <= you need to download dehydrated from github.com/dehydrated-io/dehydrated
|
|
config <= you don't have to configure anything, i recommend using AUTO_CLEANUP=yes
|
|
...
|
|
```
|
|
* Register to CA with dehydrated (`./dehydrated.sh --register --accept-terms`)
|
|
* Optional (for `new` command): Create a `templates` folder inside `conf_dir` and create some templates.
|
|
* Deploy once with a valid configuration (like a default http server that will
|
|
serve `/var/www/dehydrated`), so that dehydrated will be able to deploy
|
|
challenges.
|
|
* Done.
|
|
|
|
# Usage
|
|
|
|
```
|
|
Usage: ncc [OPTIONS] COMMAND [ARGS]...
|
|
|
|
Update the nginx cluster configuration
|
|
|
|
MUST BE RAN ON MASTER (will detect automatically)
|
|
|
|
Options:
|
|
--help Show this message and exit.
|
|
|
|
Commands:
|
|
edit Edit a site
|
|
list List all sites and the files they are located in
|
|
new Create a new site
|
|
test Run nginx -t on the configuration
|
|
up Deploy the configuration to the cluster
|
|
```
|
|
|
|
# Contributions
|
|
|
|
Please use `black` formatter.
|
|
|
|
You can automate the process by running `cp .githooks/pre-commit .git/hooks/pre-commit && chmod +x .git/hooks/pre-commit` after pulling the repository.
|