Reputation: 1077
Nginx Configuration Versioning Strategy
currently a project my team inherited has a complete mess on the nginx configuration across 10+ environments, we would like to implement a versioning strategy however im not sure how people "normally" achieve this. you make the whole nginx conf folder a git repo and ignore what you do not want to version? or have a separate folder with the config file repo and deploy the files with a script?
Upvotes: 19
Views: 5980
Answers (1)
Reputation: 2702
We manage it via separate Git repository exclusive only for nginx configuration. Yes, it includes everything inside /etc/nginx/ directory.
But it's not synced directly on server, instead a bash script is used to pull changes, update configuration, and reload nginx configuration.
Script example:
# Pull changes
git pull
# Sync changes excluding .git directory
rsync -qauh ./* "/etc/nginx" --exclude=".git"
# Set proper permissions
chmod -R 644 /etc/nginx
find /etc/nginx -type d -exec chmod 700 {} \;
# If you store SSL certs under `/etc/nginx/ssl`
# Set proper permission for SSL certs
chmod -R 600 /etc/nginx/ssl
chmod -R 400 /etc/nginx/ssl/*
# Reload nginx config
# but only if configtest is passed
nginx -t && service nginx reload
Upvotes: 24
Related Questions
- Git best practice for config files etc
- Best practice for a git repo for system config files (nginx/php.ini etc)
- What is the right way to maintain a "version for the server" - with only config files changed, in Git?
- Git on production
- Control Version for Web Development
- Ideal workflow for Git repository for software project and companion server code?
- How best to handle Git Deployment For multiple web servers
- git: recommended structure
- Git development workflow
- Using git properly