Xedge>> iocage-plugin-nginx>> 返回
项目作者: fnichol

项目描述 :
An iocage plugin for nginx, a Robust and small WWW server.
高级语言: Shell
项目地址: git://github.com/fnichol/iocage-plugin-nginx.git
创建时间: 2019-04-18T01:49:54Z
项目社区:https://github.com/fnichol/iocage-plugin-nginx
开源协议:Mozilla Public License 2.0
下载


iocage-plugin-nginx

An iocage plugin for nginx, a Robust and small WWW server.
CI ![CI Status][badge-ci-overall]
License License

Table of Contents

Installation

This plugin can be installed via the fnichol/iocage-plugin-index plugin
collection which is not installed on TrueOS or FreeBSD by default. For example,
to install the plugin with a name of nginx and a dedicated IP address:

  1. # Variables
  2. jail=www
  3. ip_addr=10.200.0.110
  1. sudo iocage fetch \
  2.   -g https://github.com/fnichol/iocage-plugin-index \
  3.   -P nginx \
  4.   --name $jail \
  5.   ip4_addr="vnet0|$ip_addr"

Usage

Enabling TLS Mode with an SSL Certificate

To enable TLS you will need a public SSL certificate (i.e. a cert.pem file)
and the private server key (i.e. a key.pem file) installed into the nginx
configuration directory of the plugin’s jail. Assuming a running installed
plugin called www with a jail mount point of /mnt/tank/iocage/jails/www in
the host system, the following will setup nginx to run under HTTPS:

  1. # Variables
  2. jail=www
  3. jail_mnt=/mnt/tank/iocage/jails/$jail
  5. cert=/tmp/cert.pem
  6. key=/tmp/key.pem
  1. sudo install -p -m 0644 $cert $jail_mnt/root/usr/local/etc/nginx/cert.pem
  2. sudo install -p -m 0600 $key $jail_mnt/root/usr/local/etc/nginx/key.pem
  3. sudo iocage exec $jail plugin config set nginx_mode https
  4. sudo iocage exec $jail plugin services restart

Persisting Data

There is 1 primary directory that may contain data in an nginx jail:

  • /usr/local/www/nginx The web site content served up by nginx

A good strategy is to create a ZFS dataset for this directory or use an existing
dataset and mount it into the jail. This way, the jail can be destroyed and
later re-created without losing the served up web content.

  1. # Variables
  2. jail=www
  3. mnt=/mnt/tank/website
  1. # Attach an existing ZFS dataset to be served
  2. sudo iocage exec $jail rm -rf /usr/local/www/nginx
  3. sudo iocage exec $jail mkdir /usr/local/www/nginx
  4. sudo iocage fstab -a $jail "$mnt /usr/local/www/nginx nullfs ro 0 0"
  6. # Restart the nginx service
  7. sudo iocage exec $jail plugin services restart

Configuration

User Serviceable Configuration

The following configuration is intended to be modified by a plugin user.

nginx_mode

Whether or not TLS is being used for the service. See the TLS section for more
information regarding how to install an SSL certificate.

  • default: "http"
  • valid values: "http"|"https"|"https-only"

Note that "https-" mode runs the service on HTTP and HTTPS whereas
"https-only" mode only runs on HTTPS.

To change this value, use the installed plugin program and restart the
services to apply the updated configuration:

  1. plugin config set nginx_mode http
  2. plugin services restart

System Configuration

The following configuration is used to configure and setup the services during
post installation and is therefore not intended to be changed or modified by a
plugin user.

nginx_listen_addr

Listen address for the service.
(nginx reference)

  • default: "0.0.0.0"

Code of Conduct

This project adheres to the Contributor Covenant [code of
conduct][code-of-conduct]. By participating, you are expected to uphold this
code. Please report unacceptable behavior to fnichol@nichol.ca.

Issues

If you have any problems with or questions about this project, please contact us
through a GitHub issue.

Contributing

You are invited to contribute to new features, fixes, or updates, large or
small; we are always thrilled to receive pull requests, and do our best to
process them as fast as we can.

Before you start to code, we recommend discussing your plans through a GitHub
issue, especially for more ambitious contributions. This gives other
contributors a chance to point you in the right direction, give you feedback on
your design, and help you find out if someone else is working on the same thing.

Release History

This project uses a “deployable main” strategy, meaning that the main branch
is assumed to be working and production ready. As such there is no formal
versioning process and therefore also no formal changelog documentation.

Authors

Created and maintained by Fletcher Nichol (fnichol@nichol.ca).

License

Licensed under the Mozilla Public License Version 2.0 (LICENSE.txt).

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the MPL-2.0 license, shall be
licensed as above, without any additional terms or conditions.

[badge-ci-overall]:
https://api.cirrus-ci.com/github/fnichol/iocage-plugin-nginx.svg

[code-of-conduct]:
https://github.com/fnichol/iocage-plugin-nginx/blob/main/CODE_OF_CONDUCT.md