Menu
currently a project my team inherited has a complete mess on the nginx configuration across 10+ environments, we would like to implement a versioning strategy however im not sure how people "normally" achieve this. you make the whole nginx conf folder a git repo and ignore what you do not want to version? or have a separate folder with the config file repo and deploy the files with a script?
800
We manage it via separate Git repository exclusive only for nginx configuration. Yes, it includes everything inside /etc/nginx/ directory.
But it's not synced directly on server, instead a bash script is used to pull changes, update configuration, and reload nginx configuration.
Script example:
# Pull changes
git pull
# Sync changes excluding .git directory
rsync -qauh ./* "/etc/nginx" --exclude=".git"
# Set proper permissions
chmod -R 644 /etc/nginx
find /etc/nginx -type d -exec chmod 700 {} \;
# If you store SSL certs under `/etc/nginx/ssl`
# Set proper permission for SSL certs
chmod -R 600 /etc/nginx/ssl
chmod -R 400 /etc/nginx/ssl/*
# Reload nginx config
# but only if configtest is passed
nginx -t && service nginx reload
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
