clarify allowed upload directories #1020
Conversation
github-actions
bot
added
documentation
| {{</bootstrap-table>}} | ||
|
|
||
| **Uploaded files can be placed in:** |
There was a problem hiding this comment.
If I read this quickly, I'd ask: "What about /tmp and /var/cache/nginx"?
There was a problem hiding this comment.
This docs says the same thing in four ways:
- big table
- bulleted list
- bulleted list with more words
- plaintext code block
I think that's a lot more confusing than what we had. If AI wrote this, please keep in mind the F5 AI policy, especially
Review outputs from approved AI Applications
How about we just stick to the table and delete the other three?
There was a problem hiding this comment.
the four methods that @ryepup noted leads to inconsistencies such as https://github.com/nginx/documentation/pull/1020/files#r2334077715 .
|
|
||
| | Directory | Master Read | Master Write | Worker Read | Worker Write | Recommended Use | | ||
| |-------------------|:-----------:|:------------:|:-----------:|:------------:|----------------------------------| | ||
| | /etc/nginx/ | ✔️ | ✔️ | ❌ | ❌ | Certificates, keys | |
There was a problem hiding this comment.
NGINX config files are recommend here
| | Directory | Master Read | Master Write | Worker Read | Worker Write | Recommended Use | | ||
| |-------------------|:-----------:|:------------:|:-----------:|:------------:|----------------------------------| | ||
| | /etc/nginx/ | ✔️ | ✔️ | ❌ | ❌ | Certificates, keys | | ||
| | /opt/ | ✔️ | ✔️ | ✔️ | ❌ | Application files | |
There was a problem hiding this comment.
what's an example "Application file"?
| | /var/www/ | ✔️ | ✔️ | ✔️ | ❌ | Static files (e.g. index.html) | | ||
| | /tmp/ | ✔️ | ✔️ | ✔️ | ✔️ | Temporary files | | ||
| | /var/cache/nginx/ | ✔️ | ✔️ | ✔️ | ✔️ | Cache data | | ||
| | /etc/app_protect/ | ✔️ | ✔️ | ✔️ | ❌ | App Protect policies, logs | |
There was a problem hiding this comment.
app protect logs don't live here
There was a problem hiding this comment.
Where would they live? Based on standard Linux conventions, I'd assume some /var subdirectory
There was a problem hiding this comment.
I think it's configurable via NGINX config, but this is a table for where users can upload files on their deployment. Users aren't uploading logs.
There was a problem hiding this comment.
Users aren't uploading logs.
But they do need to reserve space for their logs on their systems.
There was a problem hiding this comment.
But they do need to reserve space for their logs on their systems.
Not on NGINXaaS, that is not part of the user's responsibility. NGINXaaS manages the OS / filesystem, the user just focused on their NGINX config.
Proposed changes
Checklist
Before sharing this pull request, I completed the following checklist:
Footnotes
Potentially sensitive information includes personally identify information (PII), authentication credentials, and live URLs. Refer to the style guide for guidance about placeholder content. ↩