README.md

@@ -1,39 +1,83 @@
-# PROXY
+# Rproxy
 
-## Content
-* Reverse proxy
-* HTTPS file share
+## Description
 
-## Installation
-```yml
-target_host: Enter FQDN or IP Address of target host
-rproxy_install: Install rproxy and https repo if checked
-config_add: Will config be created
+This job handles Nginx 1.29 installation and includes the following components:
 
-rproxy_service_name: Server/service name without domain suffix
-rproxy_service_port: Port to redirect the request to 
-rproxy_service_address: Address to redirect the request to 
+- **Nginx as Reverse Proxy**:  
+  - Acts as a reverse proxy for secure traffic routing  
+  - Supports SSL termination  
 
-Example:
-domain: olsson.ul
-jenkins_host: http://10.10.10.1:8080/
+- **HTTP Repository**:  
+  - Provides a base for hosting and managing web content  
 
-rproxy_service_name: jenkins
-rproxy_service_port: 8080
-rproxy_service_address: 10.10.10.1
+- **Infrastructure**:  
+  - ✅ Includes Podman installation  
+  - ✅ Contains a management job for proxy configuration  
+    - Allows seamless addition of new services (e.g., enabling SSL access to Jenkins)  
 
-# After adding alias jenkins.olsson.ul => rproxy.olsson.ul
-result_address: https://jenkins.olsson.ul/
+### Nginx as Reverse Proxy
+
+**Setup**:  
+- Installs Nginx container in Podman environment  
+
+**Configuration Structure**:  
+- **Root directory**: `/opt/rproxy`  
+  - **Main config**: `/opt/rproxy/nginx.conf`  
+  - **Site-specific configs**: `/opt/rproxy/sites/*.conf`  
+  - **Certificates**: `/opt/rproxy/certs/` (stores unique certificates for each connected site)  
+
+**Operation**:  
+- Listens on `https://$hostname/`  
+- Maps incoming requests to `/opt/rproxy/sites/$hostname.conf`  
+- Forwards traffic to `https://$hostname:[port]` with SSL termination  
+
+**Entrypoint**:  
+- Proxy endpoint: `https://$hostname/`  
+
+
+### HTTP Repository
+
+**Configuration**:  
+- A `repo.conf` file is added to the `/opt/rproxy/sites/` directory  
+- **DAVFS** functionality is enabled for file management  
+- **Data storage path**: `/opt/repodata`  
+
+**Access Point**:  
+- Proxy endpoint: `https://localhost:9000/`  
+
+#### Example Usage
+
+Upload a file to the repository using `curl`:
+```bash
+# Upload example: kafka_4.1.tar to /podman/kafka/4.1/
+curl -T kafka_4.1.tar https://rproxy.olsson.ul:9000/podman/kafka/4.1/kafka_4.1.tar
 ```
 
-## Reverse Proxy
-Allows redirecting requests based on fqdn to the required address and ports with ssl certificate substitution
+## Add configuration via management job
+Import management/AddService.groovy to Jenkins
 
-## HTTPS repository
-Would be installed with rproxy service. Hosted on port 9000. \
-Files should be stored in /opt/rproxy/repo/ to be shared.
+To integrate `http://jenkins-master.olsson.ul:8080` with the SSL proxy, configure these parameters:
 
-Put file in repo
-```bash
-curl -T kafka_4.1.tar https://rproxy.olsson.ul:9000/podman/kafka/4.1/kafka_4.1.tar -k
-```
+- **target_host**: Host with rproxy installed  
+- **rproxy_service_name**: Service identifier (e.g., `jenkins`)  
+- **rproxy_service_port**: Port (e.g., `8080`)  
+- **rproxy_service_address**: Address (e.g., `jenkins-master.olsson.ul` or `10.10.10.1`)  
+
+✅ **Result**:  
+`https://jenkins.olsson.ul/` will securely route to `http://jenkins-master.olsson.ul:8080`.  
+ 
+CNAME configuration (`jenkins.olsson.ul → rproxy`) is automatically handled during deployment in FreeIPA.
+
+## Software Requirements
+* OS - AlmaLinux 10
+* FreeIPA domain (for certificates request)
+
+## Jenkins credentials
+* JENKINS_DEPLOYER_PASS (domain)
+* JENKINS_DEPLOYER_KEY (domain)
+
+## Jenkins paramethers
+* target_hosts - is basic inventory line for ansible
+* images_repo_url - image registry with nginx repository
+* update_job - download changes from git and finish job