Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use a template for our simplest nginx configs #4231

Closed
wants to merge 33 commits into from
Closed

Use a template for our simplest nginx configs #4231

wants to merge 33 commits into from

Conversation

acozine
Copy link
Contributor

@acozine acozine commented Sep 7, 2023

DRAFT ONLY - includes changes for testing that must not be merged.

This approach would convert a majority of our nginx config files to variables that run through a template. Currently addresses our two most common use cases:

  • public/production sites with a single location definition
  • private/staging sites with a single location definition that are restricted to the VPN

@acozine acozine force-pushed the nginx_templates_simpler branch from ae980e9 to ea99ad3 Compare September 7, 2023 22:51
@acozine acozine added the Operations pulls issues into the Operations ZenHub board label Sep 11, 2023
@acozine
Copy link
Contributor Author

acozine commented Sep 11, 2023
edited
Loading

A quick look at a few config files uncovers a few differences among sites. Known needed changes:

  • add a var for the HTTP load-balancing technique (see annotations-prod)
  • add a section for enabling/disabling app_protect (see abid-staging)
  • allow more than one included restrict file (see bibdata-qa)
  • regularize an ansible-managed comment

With these changes done, we can try using the template for these sites:

  • abid
  • annotations
  • ansible-tower
  • approvals
  • bibdata
  • byzantine-tsp
  • cicognara
  • eal-apps
    . . . and probably more.

Once the changes are ready, we can put the vars in place and create the templated files in /tmp/, then diff the files against the actual nginxplus config files to identify any changes/drift.

@acozine
Copy link
Contributor Author

acozine commented Sep 12, 2023

Add a variable for the health check page (see Drupal sites for examples).

@acozine acozine mentioned this pull request Oct 2, 2023
Open
1 task
@acozine
Copy link
Contributor Author

acozine commented Oct 2, 2023

Current CI failure is:

  TASK [nginxplus : Setup | Upload NGINX HTTP Configuration Files] ***************
  fatal: [instance]: FAILED! => {"msg": "Invalid data passed to 'loop', it requires a list, got this instead: conf/http/*.conf. Hint: If you passed a list/dict of just one element, try adding wantlist=True to your lookup invocation or use q/query instead of lookup."}

@acozine acozine force-pushed the nginx_templates_simpler branch from 68efd90 to ed149a2 Compare October 2, 2023 20:49
@acozine acozine force-pushed the nginx_templates_simpler branch from aae6e9c to a814abe Compare October 11, 2023 15:47
acozine added 22 commits October 11, 2023 12:56
@acozine
first draft of simple template for nginx config
fe84990 
    Co-authored-by: Francis Kayiwa <kayiwa@users.noreply.github.com>
    Co-authored-by: Jane Sandberg <sandbergja@users.noreply.github.com>
    Co-authored-by: Max Kadel <maxkadel@users.noreply.github.com>
    Co-authored-by: Robert-Anthony Lee-Faison <leefaisonr@users.noreply.github.com>
    Co-authored-by: Trey Pendragon <tpendragon@users.noreply.github.com>
    Co-authored-by: Vickie Karasic <vickiekarasic@users.noreply.github.com>
@acozine
adds a task to use the templates, with a tag for testing
843004a
@acozine
revert this change before merging, for testing only
68a2fa8
@acozine
adds comments to vars for clarity
3fd7a91
@acozine
incorporate fix for issue 4090
f7d4c5a
@acozine
use 'visibility: public' instead of boolena value for 'public_site'
c774e32
@acozine
adds option to change the load balancing technique
90d0a56
@acozine
various improvements, updates example var
d1c0087
@acozine
expands list of sites for testing the template
4b032c8
@acozine
public is a string, not a var
9967d92
@acozine
fix app_protect settings
5e549a5
@acozine
moar better
93692ad
@acozine
add a task to create the cache dirs
118a32d
@acozine
regularize pattern of names
4783e8f
@acozine
use pipe instead of colon for task names
facf9c9
@acozine
include static files from a subdirectory
b26941c
@acozine
allows us to define specific health check URIs
6897857
@acozine
oops
98eab7d
@acozine
set up to test dual-upload (templated and static site configs)
aa33896
@acozine
bibdata prod and staging do not use new certs yet
c0cf8cb
@acozine
remove static configs that have been templated
2e6f8d8
@acozine
only remove static site config files, move slash out of var def
d125111
@acozine acozine force-pushed the nginx_templates_simpler branch from 8344c8c to c793bd0 Compare October 11, 2023 17:59
@acozine
Copy link
Contributor Author

acozine commented Oct 11, 2023

Closing in favor of #4397

@acozine acozine closed this Oct 11, 2023
@acozine acozine deleted the nginx_templates_simpler branch May 24, 2024 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Operations pulls issues into the Operations ZenHub board
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@acozine