From 0527945668bd37f949e25eafc0687f540dc1a947 Mon Sep 17 00:00:00 2001 From: Pavlov Makar Date: Fri, 24 Oct 2025 19:59:20 +0300 Subject: [PATCH] Improved README --- README.md | 102 ++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 73 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index 7f07888..a595b65 100644 --- a/README.md +++ b/README.md @@ -1,39 +1,83 @@ -# PROXY +# Rproxy -## Content -* Reverse proxy -* HTTPS file share +## Description -## Installation -```yml -target_host: Enter FQDN or IP Address of target host -rproxy_install: Install rproxy and https repo if checked -config_add: Will config be created +This job handles Nginx 1.29 installation and includes the following components: -rproxy_service_name: Server/service name without domain suffix -rproxy_service_port: Port to redirect the request to -rproxy_service_address: Address to redirect the request to +- **Nginx as Reverse Proxy**: + - Acts as a reverse proxy for secure traffic routing + - Supports SSL termination -Example: -domain: olsson.ul -jenkins_host: http://10.10.10.1:8080/ +- **HTTP Repository**: + - Provides a base for hosting and managing web content -rproxy_service_name: jenkins -rproxy_service_port: 8080 -rproxy_service_address: 10.10.10.1 +- **Infrastructure**: + - ✅ Includes Podman installation + - ✅ Contains a management job for proxy configuration + - Allows seamless addition of new services (e.g., enabling SSL access to Jenkins) -# After adding alias jenkins.olsson.ul => rproxy.olsson.ul -result_address: https://jenkins.olsson.ul/ +### Nginx as Reverse Proxy + +**Setup**: +- Installs Nginx container in Podman environment + +**Configuration Structure**: +- **Root directory**: `/opt/rproxy` + - **Main config**: `/opt/rproxy/nginx.conf` + - **Site-specific configs**: `/opt/rproxy/sites/*.conf` + - **Certificates**: `/opt/rproxy/certs/` (stores unique certificates for each connected site) + +**Operation**: +- Listens on `https://$hostname/` +- Maps incoming requests to `/opt/rproxy/sites/$hostname.conf` +- Forwards traffic to `https://$hostname:[port]` with SSL termination + +**Entrypoint**: +- Proxy endpoint: `https://$hostname/` + + +### HTTP Repository + +**Configuration**: +- A `repo.conf` file is added to the `/opt/rproxy/sites/` directory +- **DAVFS** functionality is enabled for file management +- **Data storage path**: `/opt/repodata` + +**Access Point**: +- Proxy endpoint: `https://localhost:9000/` + +#### Example Usage + +Upload a file to the repository using `curl`: +```bash +# Upload example: kafka_4.1.tar to /podman/kafka/4.1/ +curl -T kafka_4.1.tar https://rproxy.olsson.ul:9000/podman/kafka/4.1/kafka_4.1.tar ``` -## Reverse Proxy -Allows redirecting requests based on fqdn to the required address and ports with ssl certificate substitution +## Add configuration via management job +Import management/AddService.groovy to Jenkins -## HTTPS repository -Would be installed with rproxy service. Hosted on port 9000. \ -Files should be stored in /opt/rproxy/repo/ to be shared. +To integrate `http://jenkins-master.olsson.ul:8080` with the SSL proxy, configure these parameters: -Put file in repo -```bash -curl -T kafka_4.1.tar https://rproxy.olsson.ul:9000/podman/kafka/4.1/kafka_4.1.tar -k -``` \ No newline at end of file +- **target_host**: Host with rproxy installed +- **rproxy_service_name**: Service identifier (e.g., `jenkins`) +- **rproxy_service_port**: Port (e.g., `8080`) +- **rproxy_service_address**: Address (e.g., `jenkins-master.olsson.ul` or `10.10.10.1`) + +✅ **Result**: +`https://jenkins.olsson.ul/` will securely route to `http://jenkins-master.olsson.ul:8080`. + +CNAME configuration (`jenkins.olsson.ul → rproxy`) is automatically handled during deployment in FreeIPA. + +## Software Requirements +* OS - AlmaLinux 10 +* FreeIPA domain (for certificates request) + +## Jenkins credentials +* JENKINS_DEPLOYER_PASS (domain) +* JENKINS_DEPLOYER_KEY (domain) + +## Jenkins paramethers +* target_hosts - is basic inventory line for ansible +* images_repo_url - image registry with nginx repository +* update_job - download changes from git and finish job \ No newline at end of file