Editing nginx lms and cms.conf

I’d like to host my “Javascript diplay and grading problem” on a different server than the LMS, but to be able to get the grade, it has to be hosted on the same domain as the LMS.

For that reason, I tried setting up a proxy. I added this to the lms.conf in tutor/env/apps/nginx, inside the server block for the LMS and the LMS preview:

 	    location /js-components/ {
	        proxy_ssl_verify on;
	        proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
	        proxy_pass https://totem-project.org/js-components/;
	        proxy_ssl_server_name on;

This works, but because lms.conf gets generated by Tutor it gets overwritten when I run tutor config save. I tried setting it with nginx-extra in a plugin, but because that saves changes to extra.conf, I can’t override any of the lms settings.

I’m wondering:

  1. Is there a different way to define the proxy currently?
  2. Or, would you be open to a PR that adds nginx-lms-extra and nginx-cms-extra fields to be patched by Tutor when I run tutor config save?

Yes absolutely. Please name those patches “nginx-lms” and “nginx-cms”.

Note however that it is very likely that in the next major release of Tutor/Open edX (scheduled for December 9) nginx will be replaced by Caddy. This is not 100% sure, yet, but I’m working on it. The reason for this change, if it happens, is that Caddy will make it much simpler to generate SSL certificates or to configure proxying. Of course, I would then create the corresponding “caddy-lms” and “caddy-cmd” patches.

Cool, this was surprisingly simple to achieve! Here’s my PR: https://github.com/overhangio/tutor/pull/387

Thanks for making such an easily pluggable architecture!

By the way (and I wouldn’t be surprised if this was already on your radar) a downside of moving to Caddy is that the nginx-extra patch in people’s current plugins would need to be rewritten to stay compatible.

Yes indeed. I need to take a closer look at Caddy configuration files, to see how difficult it will be to migrate from nginx. In the very worst case, I think 3rd-party plugin developers always have the possibility to run nginx as a separate container.

So, to document my findings: we had to make some small changes after migrating to Koa. Mostly because we used local-docker-compose-nginx-volumes, which was removed in Tutor 11. We’re also running into minor issues with custom redirects (we redirect studio. to studio.learn. to be compatible with old links). These are really not difficult to solve, but now we need to choose some times: do we change configuration in the nginx or caddy configuration?

To be able to answer that question I was wondering if you could tell me your plans for the future @regis. Will nginx be completely replaced by caddy, or did you only add caddy to facilitate easy https certificate generation?

Caddy is a lightweight tool that we use only for SSL termination. I currently have no plan to replace Nginx configuration files by Caddyfiles. That being said, I acknowledge that Nginx and Caddy serve duplicate pruposes, and it would make sense to get rid of Nginx. Not only do I lack the time to do so, it would also introduce a major backward incompatibility for plugin developers. So I am reluctant to actually remove Nginx for at least one or two major releases.

Thanks a lot, that was exactly the kind of reply I was hoping to get! We will keep most of our configuration in nginx, except for things like domain redirects, because Caddy needs to get https certificates for those.