Ask HN: Automate adding nginx and ufw allow rules via a restful API?

2 points by oneweekwonder ↗ HN
I feel this is a problem that should be solved somewhere already, without using something big like openstack.

eg. You can only connect to `myapp.com:443` and call `/set/ip-address` with a `auth` token in the header and ip in the body. This data get dumped into a sql table and a nginx and ufw allow rules update will take place, currently with a ugly py hack:

system.os('ufw allow proto tcp from {} to any port 444'.format(ip))

system.os('echo "allow {}" >> /etc/nginx/sites-enabled/include_allow.conf && service nginx relead'.format(ip))

I will be running another nginx `server` listening on `port 444 ssl;` that will `include /etc/nginx/sites-enabled/include_allow.conf`

The idea, problem and current solution is introduced here:

https://gist.github.com/Morabaraba/06403358de009ede60e1d842c48100b7

I asked /r/flask(10 hours ago) as well:

https://www.reddit.com/r/flask/comments/6cvo4j/af_swagger_api_connexion_behind_nginxusing/

Any insight or nudge in the right direction would be appreciated.

1 comment

[ 4.8 ms ] story [ 10.5 ms ] thread