Skip to content

Generate Nginx includes for advanced configuration (e.g. SSL) (rebased onto metadata53) (rebased onto develop)#5388

Closed
manics wants to merge 6 commits intoome:developfrom
manics:rebased/develop/rebased/metadata53/nginx-includes
Closed

Generate Nginx includes for advanced configuration (e.g. SSL) (rebased onto metadata53) (rebased onto develop)#5388
manics wants to merge 6 commits intoome:developfrom
manics:rebased/develop/rebased/metadata53/nginx-includes

Conversation

@manics
Copy link
Copy Markdown
Member

@manics manics commented Jul 20, 2017

This is the same as gh-5387 but rebased onto develop.

This is the same as gh-5381 but rebased onto metadata53.

What this PR does

This creates a minimal nginx configuration file that can be included in a fixed file created by a sysadmin. This allows custom nginx options to be defined once (e.g. SSL options), instead of having to modify the generated web config after every upgrade, and means any Nginx server options can be used.

Testing this PR

  1. Install a production OMERO.web in the standard way
  2. Install Nginx.
  3. Create a omero-web nginx wrapper file with an include statement for the generated omero-web config. This file is exclusively managed by the sysadmin e.g. /etc/nginx/conf.d/omero-web-wrapper.conf:
server {
    listen 80;
    server_name $hostname;

    # SSL configuration ...

    sendfile on;
    client_max_body_size 0;

    # Include generated file from omero web config nginx-location:
    include /opt/omero/web/omero-web-location.include;
}
  1. Generate the minimal omero-web configuration in the location specified by your include statement. The expectation is that this would be routinely regenerated on every OMERO.web upgrade. e.g.
omero web config nginx-location > /opt/omero/web/omero-web-location.include
  1. Start nginx
  2. Start OMERO.web: omero web start
  3. OMERO.web should work as normal

Related reading

Notes

  • omero web config nginx-location generates the location blocks only, other server options are now left for the sysadmin to manage e.g. sendfile on;, client_max_body_size 0;.
  • I've removed the separate upstream block since there was only one server which means it's redundant, and it would be impossible to auto-generate a load-balanced upstream configuration since you'd need to know the addresses of all OMERO.web backends.

@manics manics mentioned this pull request Jul 20, 2017
Merged
@manics
Copy link
Copy Markdown
Member Author

manics commented Jul 20, 2017

--rebased-from #5387

@manics
Copy link
Copy Markdown
Member Author

manics commented Jul 25, 2017

Somehow this ended up as a duplicate rebase

@manics manics closed this Jul 25, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@manics