Upload using the Azure portal
An NGINX configuration can be applied to the deployment using the Azure portal in two different ways:
- Create a new NGINX configuration from scratch or by pasting it in the Azure portal editor.
- Upload a gzip compressed tar archive containing your NGINX configuration.
As part of applying your NGINX configuration, the service validates the configuration for syntax and compatibility with F5 NGINX as a Service for Azure (NGINXaaS). The use of certain directives and parameters is not allowed to ensure the NGINX configuration’s compatibility with IaaS deployment model in Azure. Validation errors are reported in the editor for you to correct. For more information, check the NGINX Configuration Validation section.
Prerequisites
-
If the NGINX configuration requires SSL/TLS certificates, then a managed identity and integration with Azure Key Vault is required.
-
A contributor role is required to apply the configuration to the deployment.
Add an NGINX configuration
-
Go to your NGINXaaS for Azure deployment.
-
Select NGINX configuration in the left menu and you will see the default configuration that NGINXaaS provides.
Note:
If you don’t see the default configuration, it’s likely the deployment was created through a client tool other than the portal (For example, Terraform), or the “Apply default NGINX configuration” was unchecked during the deployment creation process in the portal. You can still proceed with the steps below to provide your own NGINX configuration for the deployment. -
Select New File to add a file path, then Confirm.
Property Description File path Each NGINX configuration file can be uniquely identified by a file path (for example, nginx.conf or /etc/nginx/nginx.conf) to align with the intended NGINX configuration file structure. Root file The root file is the main NGINX configuration file. - The first file created will be the root file by default. You can designate a different root file if you have more than a single configuration file in your deployment.
- The root file is designated with a icon on the portal.
Protected File Indicates that the file may contain sensitive data such as passwords or represent an ssl/tls certificate. - To protect a file, enable the Protected toggle button.
- You cannot access the file contents of a protected file saved to the NGINX configuration, but you can view its metadata, such as the SHA-256 hash of the file contents.
- You can provide new contents for an existing protected file using the Overwrite link or resubmit it without having to provide the file contents again.
- To modify the file path of a protected file or convert it to a regular file, delete the original file and create a new one.
- A protected file is designated with a icon on the portal.
Note:
If specifying an absolute file path, see the NGINX Filesystem Restrictions table for the allowed directories the file can be written to. -
Provide your NGINX configuration in the configuration file.
-
Files like SSL/TLS certificates can be similarly added - see Add SSL/TLS certificates bundled with NGINXaaS configuration for more details.
-
Select Submit to apply the new configuration.
Note:
We currently only support more than 5 unique listen ports on the Standard V2 plan. NGINX configurations that specify more than 5 ports on other plans will be rejected. For more information on listen port limitations, see our FAQ.
NGINX configuration validation
NGINX configuration is validated real-time to check for syntax and compatibility with the service. Validation errors are reported in the editor for you to correct.
For example, if you create/update an NGINX config with a particular directive that is not allowed, the service will analyse your NGINX config and provide real-time feedback.
The editing experience consists of a single view for both editing and validation
-
If the config is invalid, then any errors are highlighted in-place in the config editor. Hover over the highlighted errors to learn more about them or check the problems section at the bottom. Corrections can be made in the same panel.
-
If the config is valid, then a green check mark appears next to NGINXaaS Analyzer at the bottom indicating that you can submit the config to deploy it.
Upload a GZIP NGINX configuration
Given the example gzipped archive,
$ tar -czf nginx.tar.gz nginx
$ tar -tzf nginx.tar.gz
nginx/
nginx/nginx.conf
nginx/njs.js
nginx/servers
nginx/servers/
nginx/servers/server1.conf
nginx/servers/server2.conf
where nginx is a directory with the following structure,
$ tree nginx
nginx
├── nginx.conf
├── njs.js
└── servers
├── server1.conf
└── server2.conf
1 directory, 4 files
nginx.tar.gz can be uploaded using the following portal workflow.
Before continuing, ensure the file paths in the archive match the includes in the NGINX config. For example,
http {
include nginx/servers/server1.conf;
js_import nginx/njs.js;
# ...
}
-
Go to your NGINXaaS for Azure deployment.
-
Select NGINX configuration from the left menu.
-
Select Upload config package.
-
Drag and drop or browse for the new gzip compressed archive file to upload.
-
Specify the root file.
Warning:
Uploading a new file will replace all existing NGINX configuration files in your deployment. You must acknowledge this step before you proceed to upload. -
Select Upload.
Update an NGINX configuration
-
Go to your NGINXaaS for Azure deployment.
-
Select NGINX configuration in the left menu.
-
Select the configuration file you want to update from the File path list.
-
Make the necessary updates to the configuration.
- You can also update the file path and/or assign the file as root.
-
(Optional) Select any other configuration files to make additional updates.
-
Submit your changes.
Delete NGINX configuration Files
-
Go to your NGINXaaS for Azure deployment.
-
Select NGINX configuration in the left menu.
-
Select the configuration file you want to delete from the File path list.
-
Select the delete icon .
-
Confirm your action to delete the configuration file.
Note:
Only non-root configuration files can be deleted.