Using Strider CI to deploy nginx config
« Friday, March 07, 2014 »

nginx strider

After acquiring my new server, I came up with the wish to do things right. I wish that I can deploy most of my work with an integration server. Yesterday I got Strider to work “correctly” and I came up with the idea of managing my nginx config using Strider. Note that all of this could be possible using Jenkins/TeamCity and so on. The idea is quite simple and it's pretty cool once it works.

Setting up the project

Create a git repository containing all sites you'd want to have setup. You have to create a folder in which you can read/write your configs. Mine is located here:

/home/user/config/nginx-sites

Remember the path you chose and now it's time to edit the main nginx config file. It's usually this file: /etc/nginx/nginx.conf. Open it and search for this line:

 include /etc/nginx/sites-enabled/*;

And add the following line with the path you chose to use (don't forget the /*).

 include /home/user/config/nginx-sites/*;

Create the nginx repository

Here nothing complicated, just create a repository that will contain the config files you want to load. In my case, I usually create a file with its domain name. A virtualhost pointing to myfriend.com will be a file named myfriend.com. Each file is an individual server unless I have multiple servers on one domain. But all of this is really up to the reader.

Create the strider project

Once you linked your project to github or bitbucket, you should be able to receive post request from webhooks. When you will push to github or bitbucket, Strider will automatically redeploy the config. If it works, then you can read further, if it doesn't work, you'll have to fix your Strider setup.

The project you create in Strider should be custom as it's not python/ruby or nodejs. You'll have to add a custom scripts plugins from the plugins list.

Add the following two lines in the prepare text box:

rm -r /home/user/config/nginx-sites
mkdir /home/user/config/nginx-sites

This will clear the configs on each deploy. In the deploy box, add the following line to copy all files to the folder you just created.

cp -r ./* /home/user/config/nginx-sites

Now it's time to redeploy, if it works, you should see the config files in /home/user/config/nginx-sites, if it doesn't. You should have an error in the Strider logs.

Making it work

What you should have now is a git repository with all of your config getting deployed on every push to github or bitbucket. Deployed files are copied to /home/user/config/nginx-sites, but nginx doesn't see the changes. Because you didn't reload nginx.

As you shouldn't run Strider as root, we will have to do some sudoers black magic.

Create a script in /usr/bin/reload_nginx with the following content:

#!/bin/bash
nginx -s reload

Make this script executable. And edit the /etc/sudoers file and add the following line:

username ALL=NOPASSWD: /usr/bin/reload_nginx

Replace username by the user running Strider. This line is giving access to execute the script located in /usr/bin/reload_nginx to the user running Strider. To be able to reload nginx, we need the root privileges but we cannot input passwords from Strider. For that reason, we can give a special privilege to this particular script to be ran with sudo without requiring a password.

When it's done, you can edit the deploy section of the Strider config to look like this:

cp -r ./* /home/user/config/nginx-sites
sudo reload_nginx

We still have to use sudo but it will only give us the ability to reload the nginx config. When it's done, push or redeploy the nginx config. If it works fine and that all your dns zones are already configured. The changes to nginx should take changes almost instantly without having to manually edit files.

On the plus side, all of your configs are going to be under revision and you could use a much more complex flow with branches and so on.

comments powered by Disqus

Copyright © 2015 Loïc Faure-Lacroix