diff --git a/assets/css/v2/style.css b/assets/css/v2/style.css index f5baff09..79fc21aa 100644 --- a/assets/css/v2/style.css +++ b/assets/css/v2/style.css @@ -6,7 +6,7 @@ font-feature-settings: "liga" on, "calt" on; /* fallback to slightly thinner font on browsers without variable 'wght' support */ - font-weight: 400; + font-weight: 350; /* base rem = 16px by default, left as percentage for screen readers */ font-size: 100%; @@ -120,12 +120,19 @@ p { ul, ol { padding: 0; - margin: 0; + margin: 0.5rem 0 0.5rem 0; } ul li, ol li { - margin-bottom: 0.5rem; + margin: 0.5rem 0 0.5rem 0; +} + +ul ul, +ul ol, +ol ul, +ol ol { + padding: 0 0 0 1rem; } ul li:last-child, @@ -963,7 +970,7 @@ table hr { blockquote { border: 1px solid var(--color-foreground); padding: 1rem; - margin: 1rem -1rem; + margin: 0 -1rem; /* solid 3px drop shadow */ box-shadow: 3px 3px 0px var(--color-shadow); @@ -1140,6 +1147,10 @@ blockquote ul { } } +.tab-content > div > * { + margin: 0 0 var(--flow-gap) 0; +} + /* Codeblocks */ .highlight { padding: 0 1rem 0 1rem; diff --git a/exampleSite/content/test-product/_index.md b/exampleSite/content/test-product/_index.md index 325c5e10..0561b347 100644 --- a/exampleSite/content/test-product/_index.md +++ b/exampleSite/content/test-product/_index.md @@ -2,5 +2,4 @@ description: Test pages for nginx-hugo-theme title: Test pages for nginx-hugo-theme weight: 100 -toc: true --- diff --git a/exampleSite/content/test-product/code-blocks/code-blocks.md b/exampleSite/content/test-product/code-blocks/code-blocks-root-non-root.md similarity index 88% rename from exampleSite/content/test-product/code-blocks/code-blocks.md rename to exampleSite/content/test-product/code-blocks/code-blocks-root-non-root.md index 04688a41..dcdbfd13 100644 --- a/exampleSite/content/test-product/code-blocks/code-blocks.md +++ b/exampleSite/content/test-product/code-blocks/code-blocks-root-non-root.md @@ -1,6 +1,6 @@ --- -description: Code Blocks - with root and non-root -title: Code Blocks - with root and non-root +description: Code Blocks - With root and non-root +title: Code Blocks - With root and non-root weight: 200 --- diff --git a/exampleSite/content/test-product/code-blocks/code-blocks-spacing.md b/exampleSite/content/test-product/code-blocks/code-blocks-spacing.md index 5abc98b6..deb9fac6 100644 --- a/exampleSite/content/test-product/code-blocks/code-blocks-spacing.md +++ b/exampleSite/content/test-product/code-blocks/code-blocks-spacing.md @@ -64,4 +64,4 @@ sudo rm -rf / sslclientkey=/etc/ssl/nginx/nginx-repo.key gpgcheck=0 enabled=1 - ``` \ No newline at end of file + ``` diff --git a/exampleSite/content/test-product/code-blocks/code-blocks-stacked.md b/exampleSite/content/test-product/code-blocks/code-blocks-stacked.md new file mode 100644 index 00000000..d5ffef45 --- /dev/null +++ b/exampleSite/content/test-product/code-blocks/code-blocks-stacked.md @@ -0,0 +1,21 @@ +--- +description: Code Blocks - Stacked +title: Code Blocks - Stacked +weight: 200 +--- + +## Stacked Code Blocks + +```shell +sudo yum install yum-utils procps +``` + +```shell +sudo rm /etc/yum.repos.d/nginx*.repo +sudo rm /etc/yum.repos.d/*app-protect*.repo +``` +```js +console.log("Hello World"); +console.warn("Hello... World"); +console.error("WORLD?! HELLO?!"); +``` diff --git a/exampleSite/content/test-product/lists/_index.md b/exampleSite/content/test-product/lists/_index.md new file mode 100644 index 00000000..4a0f0124 --- /dev/null +++ b/exampleSite/content/test-product/lists/_index.md @@ -0,0 +1,4 @@ +--- +description: Lists +title: Lists +--- diff --git a/exampleSite/content/test-product/lists/ol.md b/exampleSite/content/test-product/lists/ol.md new file mode 100644 index 00000000..a7bf4d7f --- /dev/null +++ b/exampleSite/content/test-product/lists/ol.md @@ -0,0 +1,39 @@ +--- +description: List - OL +title: List - OL +--- + +The following list describes the connections, preceeded by their types in parentheses. For brevity, the suffix "process" has been omitted from the process descriptions. + +1. (HTTPS) + - Read: _NGF_ reads the _Kubernetes API_ to get the latest versions of the resources in the cluster. + - Write: _NGF_ writes to the _Kubernetes API_ to update the handled resources' statuses and emit events. If there's more than one replica of _NGF_ and [leader election](https://github.com/nginx/nginx-gateway-fabric/tree/v/charts/nginx-gateway-fabric#configuration) is enabled, only the _NGF_ pod that is leading will write statuses to the _Kubernetes API_. +1. (HTTP, HTTPS) _Prometheus_ fetches the `controller-runtime` and NGINX metrics via an HTTP endpoint that _NGF_ exposes (`:9113/metrics` by default). Prometheus is **not** required by NGINX Gateway Fabric, and its endpoint can be turned off. +1. (File I/O) + - Write: _NGF_ generates NGINX _configuration_ based on the cluster resources and writes them as `.conf` files to the mounted `nginx-conf` volume, located at `/etc/nginx/conf.d`. It also writes _TLS certificates_ and _keys_ from [TLS secrets](https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) referenced in the accepted Gateway resource to the `nginx-secrets` volume at the path `/etc/nginx/secrets`. + - Read: _NGF_ reads the PID file `nginx.pid` from the `nginx-run` volume, located at `/var/run/nginx`. _NGF_ extracts the PID of the nginx process from this file in order to send reload signals to _NGINX master_. +1. (File I/O) _NGF_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +1. (HTTP) _NGF_ fetches the NGINX metrics via the unix:/var/run/nginx/nginx-status.sock UNIX socket and converts it to _Prometheus_ format used in #2. +1. (Signal) To reload NGINX, _NGF_ sends the [reload signal](https://nginx.org/en/docs/control.html) to the **NGINX master**. +1. (File I/O) + - Write: The _NGINX master_ writes its PID to the `nginx.pid` file stored in the `nginx-run` volume. + - Read: The _NGINX master_ reads _configuration files_ and the _TLS cert and keys_ referenced in the configuration when it starts or during a reload. These files, certificates, and keys are stored in the `nginx-conf` and `nginx-secrets` volumes that are mounted to both the `nginx-gateway` and `nginx` containers. +1. (File I/O) + - Write: The _NGINX master_ writes to the auxiliary Unix sockets folder, which is located in the `/var/run/nginx` + directory. + - Read: The _NGINX master_ reads the `nginx.conf` file from the `/etc/nginx` directory. This [file](https://github.com/nginx/nginx-gateway-fabric/blob/v/internal/mode/static/nginx/conf/nginx.conf) contains the global and http configuration settings for NGINX. In addition, _NGINX master_ reads the NJS modules referenced in the configuration when it starts or during a reload. NJS modules are stored in the `/usr/lib/nginx/modules` directory. +1. (File I/O) The _NGINX master_ sends logs to its _stdout_ and _stderr_, which are collected by the container runtime. +1. (File I/O) An _NGINX worker_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +1. (Signal) The _NGINX master_ controls the [lifecycle of _NGINX workers_](https://nginx.org/en/docs/control.html#reconfiguration) it creates workers with the new configuration and shutdowns workers with the old configuration. +1. (HTTP) To consider a configuration reload a success, _NGF_ ensures that at least one NGINX worker has the new configuration. To do that, _NGF_ checks a particular endpoint via the unix:/var/run/nginx/nginx-config-version.sock UNIX socket. +1. (HTTP, HTTPS) A _client_ sends traffic to and receives traffic from any of the _NGINX workers_ on ports 80 and 443. +1. (HTTP, HTTPS) An _NGINX worker_ sends traffic to and receives traffic from the _backends_. + + + + +## Regular OL + +1. (File I/O) _NGF_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +1. (HTTP) _NGF_ fetches the NGINX metrics via the unix:/var/run/nginx/nginx-status.sock UNIX socket and converts it to _Prometheus_ format used in #2. +1. (Signal) To reload NGINX, _NGF_ sends the [reload signal](https://nginx.org/en/docs/control.html) to the **NGINX master**. diff --git a/exampleSite/content/test-product/lists/ul.md b/exampleSite/content/test-product/lists/ul.md new file mode 100644 index 00000000..224eb865 --- /dev/null +++ b/exampleSite/content/test-product/lists/ul.md @@ -0,0 +1,39 @@ +--- +description: List - UL +title: List - UL +--- + +The following list describes the connections, preceeded by their types in parentheses. For brevity, the suffix "process" has been omitted from the process descriptions. + +- (HTTPS) + - Read: _NGF_ reads the _Kubernetes API_ to get the latest versions of the resources in the cluster. + - Write: _NGF_ writes to the _Kubernetes API_ to update the handled resources' statuses and emit events. If there's more than one replica of _NGF_ and [leader election](https://github.com/nginx/nginx-gateway-fabric/tree/v/charts/nginx-gateway-fabric#configuration) is enabled, only the _NGF_ pod that is leading will write statuses to the _Kubernetes API_. +- (HTTP, HTTPS) _Prometheus_ fetches the `controller-runtime` and NGINX metrics via an HTTP endpoint that _NGF_ exposes (`:9113/metrics` by default). Prometheus is **not** required by NGINX Gateway Fabric, and its endpoint can be turned off. +- (File I/O) + - Write: _NGF_ generates NGINX _configuration_ based on the cluster resources and writes them as `.conf` files to the mounted `nginx-conf` volume, located at `/etc/nginx/conf.d`. It also writes _TLS certificates_ and _keys_ from [TLS secrets](https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) referenced in the accepted Gateway resource to the `nginx-secrets` volume at the path `/etc/nginx/secrets`. + - Read: _NGF_ reads the PID file `nginx.pid` from the `nginx-run` volume, located at `/var/run/nginx`. _NGF_ extracts the PID of the nginx process from this file in order to send reload signals to _NGINX master_. +- (File I/O) _NGF_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +- (HTTP) _NGF_ fetches the NGINX metrics via the unix:/var/run/nginx/nginx-status.sock UNIX socket and converts it to _Prometheus_ format used in #2. +- (Signal) To reload NGINX, _NGF_ sends the [reload signal](https://nginx.org/en/docs/control.html) to the **NGINX master**. +- (File I/O) + - Write: The _NGINX master_ writes its PID to the `nginx.pid` file stored in the `nginx-run` volume. + - Read: The _NGINX master_ reads _configuration files_ and the _TLS cert and keys_ referenced in the configuration when it starts or during a reload. These files, certificates, and keys are stored in the `nginx-conf` and `nginx-secrets` volumes that are mounted to both the `nginx-gateway` and `nginx` containers. +- (File I/O) + - Write: The _NGINX master_ writes to the auxiliary Unix sockets folder, which is located in the `/var/run/nginx` + directory. + - Read: The _NGINX master_ reads the `nginx.conf` file from the `/etc/nginx` directory. This [file](https://github.com/nginx/nginx-gateway-fabric/blob/v/internal/mode/static/nginx/conf/nginx.conf) contains the global and http configuration settings for NGINX. In addition, _NGINX master_ reads the NJS modules referenced in the configuration when it starts or during a reload. NJS modules are stored in the `/usr/lib/nginx/modules` directory. +- (File I/O) The _NGINX master_ sends logs to its _stdout_ and _stderr_, which are collected by the container runtime. +- (File I/O) An _NGINX worker_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +- (Signal) The _NGINX master_ controls the [lifecycle of _NGINX workers_](https://nginx.org/en/docs/control.html#reconfiguration) it creates workers with the new configuration and shutdowns workers with the old configuration. +- (HTTP) To consider a configuration reload a success, _NGF_ ensures that at least one NGINX worker has the new configuration. To do that, _NGF_ checks a particular endpoint via the unix:/var/run/nginx/nginx-config-version.sock UNIX socket. +- (HTTP, HTTPS) A _client_ sends traffic to and receives traffic from any of the _NGINX workers_ on ports 80 and 443. +- (HTTP, HTTPS) An _NGINX worker_ sends traffic to and receives traffic from the _backends_. + + + + +## Regular OL + +- (File I/O) _NGF_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime. +- (HTTP) _NGF_ fetches the NGINX metrics via the unix:/var/run/nginx/nginx-status.sock UNIX socket and converts it to _Prometheus_ format used in #2. +- (Signal) To reload NGINX, _NGF_ sends the [reload signal](https://nginx.org/en/docs/control.html) to the **NGINX master**. diff --git a/exampleSite/content/test-product/tab-group.md b/exampleSite/content/test-product/tab-group.md deleted file mode 100644 index de30b854..00000000 --- a/exampleSite/content/test-product/tab-group.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -description: Tab Group -title: Tab Group -weight: 200 ---- - -## tab-group - - -{{}} - -{{%tab name="Ordered List With Code Block types"%}} - -1. Create the `/etc/ssl/nginx` directory: - - ```shell - sudo mkdir -p /etc/ssl/nginx - ``` - -2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory. - -3. Install required dependencies: - - ```shell - sudo yum install ca-certificates wget - ``` - -4. Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`: - - ```shell - sudo rm /etc/yum.repos.d/nginx*.repo - sudo rm /etc/yum.repos.d/*app-protect*.repo - ``` - -{{%/tab%}} - -{{%tab name="Code Block"%}} - -```shell -nginx -s reload -``` - -{{%/tab%}} -{{}} \ No newline at end of file diff --git a/exampleSite/content/test-product/tab-group/_index.md b/exampleSite/content/test-product/tab-group/_index.md new file mode 100644 index 00000000..54b45e6e --- /dev/null +++ b/exampleSite/content/test-product/tab-group/_index.md @@ -0,0 +1,5 @@ +--- +description: Tab Group +title: Tab Group +weight: 100 +--- diff --git a/exampleSite/content/test-product/tab-group/tab-group.md b/exampleSite/content/test-product/tab-group/tab-group.md new file mode 100644 index 00000000..190e293c --- /dev/null +++ b/exampleSite/content/test-product/tab-group/tab-group.md @@ -0,0 +1,102 @@ +--- +description: Tab Group +title: Tab Group +weight: 200 +--- + +## tab-group + +{{}} + +{{%tab name="Ordered List With Code Block types"%}} + +1. Create the `/etc/ssl/nginx` directory: + + ```shell + sudo mkdir -p /etc/ssl/nginx + ``` + +2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory. + +3. Install required dependencies: + + ```shell + sudo yum install ca-certificates wget + ``` + +4. Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`: + + ```shell + sudo rm /etc/yum.repos.d/nginx*.repo + sudo rm /etc/yum.repos.d/*app-protect*.repo + ``` + +{{%/tab%}} + +{{%tab name="Code Block"%}} + +```shell +nginx -s reload +``` + +{{%/tab%}} +{{}} + + +## Much nested tab group +To configure a CA cert and/or client certificate and key, a few extra steps are needed. + +First, you need to create two Secrets in the `nginx-gateway` namespace. The CA must live under the key `ca.crt`: + +```shell +kubectl -n nginx-gateway create secret generic nim-ca --from-file ca.crt +``` + +The client cert and key must be added to a TLS Secret: + +```shell +kubectl -n nginx-gateway create secret tls nim-client --cert /path/to/cert --key /path/to/key +``` + +{{}} + +{{%tab name="Manifests"%}} + +Specify the CA Secret name in the `--usage-report-ca-secret` command-line flag on the `nginx-gateway` container. Specify the client Secret name in the `--usage-report-client-ssl-secret` command-line flag on the `nginx-gateway` container. + +You also need to define the proper volume mount to mount the Secrets to the nginx container. Add the following volume to the Deployment: + +```yaml +- name: nginx-plus-usage-certs + projected: + sources: + - secret: + name: nim-ca + - secret: + name: nim-client +``` + +and the following volume mounts to the `nginx` container: + +```yaml +- mountPath: /etc/nginx/certs-bootstrap/ + name: nginx-plus-usage-certs +``` + +Finally, in the `nginx-includes-bootstrap` ConfigMap, add the following lines to the `mgmt` block: + +```text +ssl_trusted_certificate /etc/nginx/certs-bootstrap/ca.crt; +ssl_certificate /etc/nginx/certs-bootstrap/tls.crt; +ssl_certificate_key /etc/nginx/certs-bootstrap/tls.key; +``` + +{{% /tab %}} + +{{%tab name="Helm"%}} + +Specify the CA Secret name using the `nginx.usage.caSecretName` helm value. Specify the client Secret name using the `nginx.usage.clientSSLSecretName` helm value. + +{{% /tab %}} + +{{}} diff --git a/layouts/shortcodes/tabs.html b/layouts/shortcodes/tabs.html index 093f5dbf..26a9cf88 100644 --- a/layouts/shortcodes/tabs.html +++ b/layouts/shortcodes/tabs.html @@ -22,7 +22,6 @@ {{ else }}
{{ end }} -

{{- with .content -}} {{- . -}} {{- else -}}