Skip to content

From merged internal changes, Jan 3 1pm pacific time #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 3, 2025
Merged

From merged internal changes, Jan 3 1pm pacific time #44

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion content/controller/admin-guides/install/try-nginx-controller.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,7 @@ For example:
- Login and capture the session cookie:

```curl
curl -c cookie.txt -X POST --url 'https://198.51.100.10/api/v1/platform/login' --header 'Content-Type: application/json' --data '{"credentials": {"type": "BASIC","username": "arthur@arthurdent.net","password": "Towel$123"}}'
curl -c cookie.txt -X POST --url 'https://198.51.100.10/api/v1/platform/login' --header 'Content-Type: application/json' --data '{"credentials": {"type": "BASIC","username": "arthur@example.net","password": "<password>"}}'
```

- Use the session cookie to authenticate and get the session status:
Expand Down
8 changes: 4 additions & 4 deletions content/controller/admin-guides/install/using-helper-script.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ Use the `helper.sh` script to change the SMTP address; port; TLS; sender; and op
For example:

``` bash
/opt/nginx-controller/helper.sh configsmtp 192.0.2.0 25 false noreply@example.com true user1 password1
/opt/nginx-controller/helper.sh configsmtp 192.0.2.0 25 false noreply@example.com true user1 <password>
```

<style>
Expand Down Expand Up @@ -234,7 +234,7 @@ CTR_SMTP_HOST=192.0.2.0 \
CTR_SMTP_PORT=25 \
CTR_SMTP_TLS=false \
CTR_SMTP_FROM=noreply@nginx.test \
CTR_SMTP_AUTH=true CTR_SMTP_USER=user1 CTR_SMTP_PASS=password1 \
CTR_SMTP_AUTH=true CTR_SMTP_USER=user1 CTR_SMTP_PASS=<password> \
/opt/nginx-controller/helper.sh configsmtp
```

Expand All @@ -253,7 +253,7 @@ Use the `helper.sh` script to change the external config database address; port;
For example:

``` bash
/opt/nginx-controller/helper.sh configdb 192.0.2.1 5432 user1 password1 false
/opt/nginx-controller/helper.sh configdb 192.0.2.1 5432 user1 <password> false
```

<style>
Expand Down Expand Up @@ -305,7 +305,7 @@ For example:
CTR_DB_HOST=192.0.2.1 \
CTR_DB_PORT=5432 \
CTR_DB_USER=user1 \
CTR_DB_PASS=password1 \
CTR_DB_PASS=<password> \
CTR_DB_ENABLE_SSL=false \
/opt/nginx-controller/helper.sh configdb
```
Expand Down
2 changes: 1 addition & 1 deletion content/controller/api/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ For example:
- Login and capture the session cookie:

```curl
curl -c cookie.txt -X POST --url 'https://198.51.100.10/api/v1/platform/login' --header 'Content-Type: application/json' --data '{"credentials": {"type": "BASIC","username": "arthur@arthurdent.net","password": "Towel$123"}}'
curl -c cookie.txt -X POST --url 'https://198.51.100.10/api/v1/platform/login' --header 'Content-Type: application/json' --data '{"credentials": {"type": "BASIC","username": "arthur@example.net","password": "<password>"}}'
```

- Use the session cookie to authenticate and get the session status:
Expand Down
10 changes: 5 additions & 5 deletions content/controller/api/reference/ctlr-adc-openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11369,15 +11369,15 @@
"type": "AWS_INTEGRATION",
"credential": {
"type": "AWS_ACCESS_KEY_CREDENTIAL",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
},
"currentStatus": {
"type": "AWS_INTEGRATION",
"credential": {
"type": "AWS_ACCESS_KEY_CREDENTIAL",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand Down Expand Up @@ -11665,7 +11665,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand All @@ -11689,7 +11689,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand All @@ -11707,7 +11707,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand Down
10 changes: 5 additions & 5 deletions content/controller/api/reference/ctlr-apim-openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10634,15 +10634,15 @@
"type": "AWS_INTEGRATION",
"credential": {
"type": "AWS_ACCESS_KEY_CREDENTIAL",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
},
"currentStatus": {
"type": "AWS_INTEGRATION",
"credential": {
"type": "AWS_ACCESS_KEY_CREDENTIAL",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand Down Expand Up @@ -12013,7 +12013,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand All @@ -12037,7 +12037,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand All @@ -12055,7 +12055,7 @@
"desiredState": {
"credential": {
"type": "API_KEY",
"apiKey": "ADv2ZheQnLjVx5klhQ39"
"apiKey": "<access key id>"
}
}
}
Expand Down
20 changes: 10 additions & 10 deletions content/controller/api/reference/ctlr-platform-openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -905,8 +905,8 @@
"userFormat": "UPN",
"bindUser": {
"type": "PASSWORD",
"username": "user@mydomain",
"password": "passwd1234"
"username": "<username>",
"password": "<password>"
},
"pollIntervalSec": 3600,
"groupCacheTimeSec": 7200,
Expand Down Expand Up @@ -7147,7 +7147,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY)"
}
}
Expand All @@ -7171,7 +7171,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
},
Expand All @@ -7180,7 +7180,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand Down Expand Up @@ -7254,7 +7254,7 @@
"type": "AWS_INTEGRATION",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand All @@ -7278,7 +7278,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
},
Expand All @@ -7287,7 +7287,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand Down Expand Up @@ -7366,7 +7366,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
},
Expand All @@ -7375,7 +7375,7 @@
"endpointUri": "https://ec2.us-west-1.amazonaws.com",
"credential": {
"type": "AWS_ACCESS_KEY",
"accessKeyID": "AKIAJ3N2PZUMZE3Y67ZA",
"accessKeyID": "<access key id>",
"secretAccessKey": "*********"
}
}
Expand Down
2 changes: 1 addition & 1 deletion content/nap-waf/v5/admin-guide/compiler.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ For instance:
{
"waf-settings": {
"cookie-protection": {
"seed": "80miIOiSeXfvNBiDJV4t"
"seed": "<seed value>"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion content/nginx/deployment-guides/single-sign-on/keycloak.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ Configure NGINX Plus as the OpenID Connect relying party:
- `map $host $oidc_authz_endpoint` – Value of `authorization_endpoint` from [Step 3](#nginx-plus-urls) (in this guide, <span style="white-space: nowrap;">`https://<keycloak-server-address>/auth/realms/master/protocol/openid-connect/auth`</span>)
- `map $host $oidc_token_endpoint` – Value of `token_endpoint` from [Step 3](#nginx-plus-urls) (in this guide, <span style="white-space: nowrap;">`https://<keycloak-server-address>/auth/realms/master/protocol/openid-connect/token`)</span>
- `map $host $oidc_client` – Value in the **Client ID** field from [Step 3 of _Configuring Keycloak_](#keycloak-client-id) (in this guide, `NGINX Plus`)
- `map $host $oidc_client_secret` – Value in the **Secret** field from [Step 5 of _Configuring Keycloak_](#keycloak-secret) (in this guide, <span style="white-space: nowrap;">`w4b32c4b0-f4b3-41d9-a345-2bc0fbfcaaba`)</span>
- `map $host $oidc_client_secret` – Value in the **Secret** field from [Step 5 of _Configuring Keycloak_](#keycloak-secret) (in this guide, <span style="white-space: nowrap;">`<oidc client secret>`)</span>
- `map $host $oidc_hmac_key` – A unique, long, and secure phrase

5. Configure the JWK file. The procedure depends on which version of NGINX Plus you are using.
Expand Down
2 changes: 1 addition & 1 deletion content/nim/admin-guide/authentication/basic-auth/set-up-basic-authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ To change a user's password with the `basic_passwords.sh` script:
For example:

```bash
sudo bash /etc/nms/scripts/basic_passwords.sh johndoe 'jelly22fi$h'
sudo bash /etc/nms/scripts/basic_passwords.sh johndoe '<password>'
```

### Manually set user passwords {#manually-set-basic-passwords}
Expand Down
18 changes: 14 additions & 4 deletions content/nim/deploy/vm-bare-metal/install.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,10 @@ Download the certificate and private key required for NGINX Instance Manager. Th

## Download and run the installation script {#download-install}

Download the `install-nim-bundle.sh` script:

{{<fa "download">}} {{<link "/scripts/install-nim-bundle.sh" "Download install-nim-bundle.sh script">}}

### Prepare your system for installation

Follow these steps to get your system ready for a successful installation with the `install-nim-bundle.sh` script:
Expand Down Expand Up @@ -135,10 +139,6 @@ As noted in [About subscription licenses]({{< relref "solutions/about-subscripti

{{< /warning >}}

Download the `install-nim-bundle.sh` script:

{{<fa "download">}} {{<link "/scripts/install-nim-bundle.sh" "Download install-nim-bundle.sh script">}}

When you run the script, it downloads and installs NGINX Instance Manager.

If you want to use the script with non-default options, use these switches:
Expand Down Expand Up @@ -193,6 +193,16 @@ After installation, you can access the NGINX Instance Manager web interface to b

Save the autogenerated password displayed at the end of the installation process. If you want to change the admin password, refer to the [Set user passwords]({{< relref "/nim/admin-guide/authentication/basic-auth/set-up-basic-authentication.md#set-basic-passwords" >}}) section in the Basic Authentication topic.


### Using the script to uninstall NGINX Instance Manager and its dependencies

In some cases, the script may need to be re-run due to parameters not being set correctly, or wrong versions being specified. You can remove NGINX Instance Manager and all of its dependencies (including NGINX) so that the script can be re-run.

{{<call-out "warning" "Potential for data loss" "">}}The `-r` option removes all NGINX configuration files, NGINX Instance Manager, and ClickHouse. Once you run this command, the data is gone and cannot be recovered unless you have backups. Use this option only if you need to remove NGINX Instance Manager to re-run the script in a fresh environment for a new installation. See "[Uninstall NGINX Instance Manager](#uninstall-nim)" below to perform these steps manually. If you do not want to lose your NGINX Configuration, you should take a backup of `/etc/nginx/`. {{</call-out>}}

```bash
bash install-nim-bundle.sh -r
```
---

## Post-installation steps
Expand Down
13 changes: 4 additions & 9 deletions content/nim/disconnected/offline-install-guide.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ Download the SSL certificate and private key required for NGINX Instance Manager

{{<fa "download">}} {{<link "/scripts/install-nim-bundle.sh" "Download the install-nim-bundle.sh script.">}}

### Use the script to Download the necessary packages to Install NGINX Instance Manager in a Disconnected environment

To run the script, enter the following command, replacing `<path/to/certificate.crt>` and `<path/to/private.key>` with the full paths and filenames of your SSL certificate and private key files:

```shell
Expand All @@ -64,16 +66,12 @@ sudo bash install-nim-bundle.sh \
-k <path/to/private.key> \
-m offline \
-d <distribution> \
-p <version> \
-v <version> \
-j <path/to/nginx-product.jwt>
```

<br>

By default, this command installs the latest version of NGINX Open Source. To install NGINX Plus or specify a different version of NGINX Open Source, use the `-p` or `-n` options as needed.

{{< note >}} Starting from [NGINX Plus Release 33]({{< ref "nginx/releases.md#r33" >}}), a JWT file is required for each NGINX Plus instance. For more information, see [About Subscription Licenses]({{< ref "/solutions/about-subscription-licenses.md">}}). {{< /note >}}
By default, this command installs the latest version of NGINX Open Source to run NGINX Instance Manager. NGINX Plus is currently not supported when using the script in Disconnected mode. Please see this guide to install NGINX Plus offline if you would like to use this in front of NGINX Instance Manager

<br>

Expand All @@ -83,11 +81,8 @@ By default, this command installs the latest version of NGINX Open Source. To in
- **`-k`**: Uses the specified private key file. Copies the file to the /etc/ssl/nginx directory.
- **`-m`**: Sets the installation mode (use `offline` for disconnected environments).
- **`-d`**: Defines the target distribution (replace `<distribution>` with one of the supported options below).
- **`-n`**: Installs a specific version of NGINX Open Source. Use `latest` to install the most recent version or specify a version like `1.27.1`. If neither `-n` nor `-p` is specified, the script defaults to installing the latest version of NGINX Open Source.
- **`-p`**: Installs the specified version of NGINX Plus. Use `latest` for the newest version or a specific release like `R32`. Overrides the `-n` option if both are specified.
- **`-n`**: Installs a specific version of NGINX Open Source. Use `latest` to install the most recent version or specify a version like `1.27.1`. The script defaults to installing the latest version of NGINX Open Source.
- **`-v`**: Installs the specified version of NGINX Instance Manager. Use `latest` for the newest version or a specific release like `2.18.0`. If you skip this option, the script assumes you want to install `latest`.
- **`-j`**: Uses the specified JWT token.


**Supported distributions:**

Expand Down
4 changes: 2 additions & 2 deletions content/nms/acm/how-to/policies/apikey-authn.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ Send a POST request to add the API key authentication policy to the API Proxy.
"data": [
{
"clientID": "clientA",
"apiKey": "5ff229f7d64e4d6"
"apiKey": "<api key>"
},
{
"clientID": "clientB"
Expand All @@ -114,7 +114,7 @@ Send a POST request to add the API key authentication policy to the API Proxy.
| `errorReturnConditions`<br>`.notSupplied`<br>`.returnCode` | int | In range `400-599` | The error code that is returned from the API Proxy when an invalid API key is supplied. | No | `401` |
| `errorReturnConditions`<br>`.noMatch`<br>`.returnCode` | int | In range `400-599` | The error code that is returned from the API Proxy when an API key is not supplied. | No | `403` |
| `data.clientID` | string | Example: `ClientA` | Identifies the client who is holding the API Key. | Yes | N/A |
| `data.apiKey` | string | Example: `5ff229f7d64e4d6` | The value of the API Key used to access the API. If an API Key is not provided, a random 32-byte key will be created. | No | N/A |
| `data.apiKey` | string | Example: `<api key>` | The value of the API Key used to access the API. If an API Key is not provided, a random 32-byte key will be created. | No | N/A |

{{< /bootstrap-table >}}

Expand Down
Loading
Loading