From 622a6f96ad4cfe8ad01b81d166de50f8148a0f3f Mon Sep 17 00:00:00 2001 From: Jon Cahill-Torre Date: Thu, 28 Aug 2025 11:40:10 +0100 Subject: [PATCH 1/5] chore: remove mentions of specific proxy --- .../connect-instances/connect-using-squid.md | 47 ++++++------------- 1 file changed, 14 insertions(+), 33 deletions(-) diff --git a/content/nginx-one/connect-instances/connect-using-squid.md b/content/nginx-one/connect-instances/connect-using-squid.md index a844fde5c..1e9d3e3f4 100644 --- a/content/nginx-one/connect-instances/connect-using-squid.md +++ b/content/nginx-one/connect-instances/connect-using-squid.md @@ -1,32 +1,26 @@ --- -title: Prepare - Set up Squid as a proxy +title: Prepare - Set up forward proxy toc: true weight: 250 nd-docs: DOCS-000 --- -NGINX Agent can be configured to connect to NGINX One using a [Squid proxy](https://www.squid-cache.org/). This is useful in environments where direct internet access is restricted or monitored. +NGINX Agent can be configured to connect to NGINX One using a forward proxy. This is useful in environments where direct internet access is restricted or monitored. ## Before you start Ensure you have the following: -- [Squid proxy server set up and running](https://wiki.squid-cache.org/SquidFaq/InstallingSquid) +- A forward proxy server installed and configured in your network. - [NGINX Agent is installed]({{< ref "nginx-one/agent/install-upgrade/" >}}) - Access to the NGINX One console -## Configure Squid +## Configure a forward proxy server -Follow the steps below to configure Squid with basic authentication. +Follow the documentation of your proxy server to configure basic authentication. -1. Open the Squid configuration file with your favorite text editor (you might need superuser privileges): - - ```sh - vi /etc/conf/squid.conf - ``` - -1. Add the following lines to configure the proxy settings: +Example configuration: ```conf # Standard HTTP port for the proxy. @@ -49,12 +43,7 @@ Follow the steps below to configure Squid with basic authentication. ``` -1. Save the changes and exit the text editor. -1. Restart the Squid service to apply the changes: - - ```sh - sudo systemctl reload squid - ``` +Make sure to restart your proxy server to apply the changes. --- @@ -62,7 +51,7 @@ Follow the steps below to configure Squid with basic authentication. 1. Open a secure connection to your instance using SSH and log in. 1. Open the NGINX Agent configuration file (/etc/nginx-agent/nginx-agent.conf) with a text editor. To edit this file you need superuser privileges. -1. Add or modify the `proxy` section to include the Squid proxy URL and timeout settings: +1. Add or modify the `proxy` section to include the proxy URL and timeout settings: ```conf server: @@ -100,7 +89,7 @@ To configure NGINX Agent in a containerized environment: ## NGINX Agent proxy authentication -If your Squid proxy requires authentication, you can specify the username and password in the `proxy` section of the `agent.conf` file: +If your forward proxy requires authentication, you can specify the username and password in the `proxy` section of the `agent.conf` file: 1. Open a secure connection to your instance using SSH and log in. 1. Add or modify the `proxy` section of the NGINX Agent configuration file (/etc/nginx-agent/nginx-agent.conf) to include the authentication details: @@ -142,9 +131,9 @@ To set proxy authentication in a containerized environment: -d private-registry.nginx.com/nginx-plus/agentv3:latest ``` -## Validate connectivity between NGINX Agent, Squid, and NGINX One Console +## Validate connectivity between the components -To test the connectivity between NGINX Agent, Squid, and NGINX One Console, you can use the `curl` command with the proxy settings. +To test the connectivity between NGINX Agent, your proxy, and NGINX One Console, you can use the `curl` command with the proxy settings. 1. Open a secure connection to your instance using SSH and log in. 1. Run the following `curl` command to test the connection: @@ -152,8 +141,8 @@ To test the connectivity between NGINX Agent, Squid, and NGINX One Console, you curl -x http://proxy.example.com:3128 -U your_user:your_password https://agent.connect.nginx.com/api/v1/agents ``` - - Replace `proxy.example.com:3128` with your Squid proxy address and port. - - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps. + - Replace `proxy.example.com:3128` with your proxy address and port. + - Replace `your_user` and `your_password` with the credentials you set up for proxy in the previous steps. To test the configuration from a containerized environment, run the following command from within the container: @@ -161,13 +150,5 @@ To test the configuration from a containerized environment, run the following co curl -x http://host.docker.internal:3128 -U your_user:your_password https://agent.connect.nginx.com/api/v1/agents ``` - - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps. - -## Troubleshooting - -1. Find the configuration and log files: - - - Run `squid -v | grep "configure options"` - - Configuration directory should look like `--sysconfdir=/etc/squid'` - - Log directory should look like `--sysconfdir=/var/log'` + - Replace `your_user` and `your_password` with the credentials you set up for proxy in the previous steps. From 779225ad91da6cc7496c9e72a9d96d95a7e7a37f Mon Sep 17 00:00:00 2001 From: Jon Cahill-Torre Date: Thu, 28 Aug 2025 11:49:03 +0100 Subject: [PATCH 2/5] chore: change filename --- .../{connect-using-squid.md => connect-using-forward.proxy.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename content/nginx-one/connect-instances/{connect-using-squid.md => connect-using-forward.proxy.md} (100%) diff --git a/content/nginx-one/connect-instances/connect-using-squid.md b/content/nginx-one/connect-instances/connect-using-forward.proxy.md similarity index 100% rename from content/nginx-one/connect-instances/connect-using-squid.md rename to content/nginx-one/connect-instances/connect-using-forward.proxy.md From 9774631285aa9abad4a3a047c9b9f1b93fff95d6 Mon Sep 17 00:00:00 2001 From: Jon Cahill-Torre Date: Thu, 28 Aug 2025 11:55:46 +0100 Subject: [PATCH 3/5] fix: add explicit --- .../connect-instances/connect-using-forward.proxy.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/content/nginx-one/connect-instances/connect-using-forward.proxy.md b/content/nginx-one/connect-instances/connect-using-forward.proxy.md index 42717f053..1e9f17ec9 100644 --- a/content/nginx-one/connect-instances/connect-using-forward.proxy.md +++ b/content/nginx-one/connect-instances/connect-using-forward.proxy.md @@ -1,21 +1,22 @@ --- -title: Prepare - Set up forward proxy +title: Prepare - Set up an explicit forward proxy toc: true weight: 250 nd-docs: DOCS-000 --- -NGINX Agent can be configured to connect to NGINX One using a forward proxy. This is useful in environments where direct internet access is restricted or monitored. +NGINX Agent can be configured to connect to NGINX One using an explicit forward +proxy. This is useful in environments where direct internet access is restricted or monitored. ## Before you start Ensure you have the following: -- A forward proxy server installed and configured in your network. +- An explicit forward proxy server installed and configured in your network. - [NGINX Agent is installed]({{< ref "nginx-one/agent/install-upgrade/" >}}) - Access to the [NGINX One console]({{< ref "/nginx-one/getting-started.md#before-you-begin" >}}). -## Configure a forward proxy server +## Configure an explicit forward proxy server Follow the documentation of your proxy server to configure basic authentication. From f1e8357423062f44db018e23c3d2cac7d666b6b7 Mon Sep 17 00:00:00 2001 From: Jon Cahill-Torre Date: Thu, 28 Aug 2025 12:23:30 +0100 Subject: [PATCH 4/5] fix: typo --- ...nect-using-forward.proxy.md => connect-using-forward-proxy.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename content/nginx-one/connect-instances/{connect-using-forward.proxy.md => connect-using-forward-proxy.md} (100%) diff --git a/content/nginx-one/connect-instances/connect-using-forward.proxy.md b/content/nginx-one/connect-instances/connect-using-forward-proxy.md similarity index 100% rename from content/nginx-one/connect-instances/connect-using-forward.proxy.md rename to content/nginx-one/connect-instances/connect-using-forward-proxy.md From 15454c8bf0237cb004797fb8ba086f1d86e2027d Mon Sep 17 00:00:00 2001 From: Jon Cahill-Torre Date: Thu, 28 Aug 2025 12:40:38 +0100 Subject: [PATCH 5/5] docs: removed example --- .../connect-using-forward-proxy.md | 32 +------------------ 1 file changed, 1 insertion(+), 31 deletions(-) diff --git a/content/nginx-one/connect-instances/connect-using-forward-proxy.md b/content/nginx-one/connect-instances/connect-using-forward-proxy.md index 1e9f17ec9..3e83e38d4 100644 --- a/content/nginx-one/connect-instances/connect-using-forward-proxy.md +++ b/content/nginx-one/connect-instances/connect-using-forward-proxy.md @@ -16,38 +16,8 @@ Ensure you have the following: - [NGINX Agent is installed]({{< ref "nginx-one/agent/install-upgrade/" >}}) - Access to the [NGINX One console]({{< ref "/nginx-one/getting-started.md#before-you-begin" >}}). -## Configure an explicit forward proxy server -Follow the documentation of your proxy server to configure basic authentication. - -Example configuration: - - ```conf - # Standard HTTP port for the proxy. - http_port myproxy.example.com:3128 - - # Define an ACL for allowing access from the agent's IP address - acl agent_ip src - - # Allow the agent to connect to NGINX One Console - acl mgmt_server dstdomain agent.connect.nginx.com - - # Allow HTTPS traffic (port 443 is default for HTTPS) - acl ssl_ports port 443 - - # HTTP access rules (allow the agent to access the destination server through the proxy) - http_access allow agent_ip mgmt_server ssl_ports - - # Deny all other traffic by default (best practice) - http_access deny all - ``` - - -Make sure to restart your proxy server to apply the changes. - ---- - -## NGINX Agent Proxy configuration +## NGINX Agent configuration for proxy usage 1. Open a secure connection to your instance using SSH and log in. 1. Open the NGINX Agent configuration file (/etc/nginx-agent/nginx-agent.conf) with a text editor. To edit this file you need superuser privileges.