Skip to content

Copy edit to NIM NAP WAF docs #441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 23, 2025
Merged

Copy edit to NIM NAP WAF docs #441

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e6125fe
edits to NIM NAP WAF docs
travisamartin Apr 21, 2025
2b539c4
Apply suggestions from code review
travisamartin Apr 23, 2025
8920158
Merge branch 'main' into doc433-expire-waf-config-mgmt-index
travisamartin Apr 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 42 additions & 41 deletions content/includes/agent/installation/install-agent-api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,74 +1,75 @@
**Note**: To complete this step, make sure that `gpg` is installed on your system. You can install NGINX Agent using various command-line tools like `curl` or `wget`. If your NGINX Instance Manager host is not set up with valid TLS certificates, you can use the insecure flags provided by those tools. See the following examples:
---
docs: DOCS-1031
files:
- content/nim/nginx-app-protect/setup-waf-config-management.md
---

{{<note>}}Make sure `gpg` is installed on your system before continuing. You can install NGINX Agent using command-line tools like `curl` or `wget`.{{</note>}}

If your NGINX Instance Manager host doesn't use valid TLS certificates, you can use the insecure flags to bypass verification. Here are some example commands:

{{<tabs name="install-agent-api">}}

{{%tab name="curl"%}}

- Secure:
- **Secure:**

```bash
curl https://<NMS_FQDN>/install/nginx-agent | sudo sh
curl https://<NIM_FQDN>/install/nginx-agent | sudo sh
```

- Insecure:
- **Insecure:**

```bash
curl --insecure https://<NMS_FQDN>/install/nginx-agent | sudo sh
curl --insecure https://<NIM_FQDN>/install/nginx-agent | sudo sh
```

You can add your NGINX instance to an existing instance group or create one using `--instance-group` or `-g` flag when installing NGINX Agent.

The following example shows how to download and run the script with the optional `--instance-group` flag adding the NGINX instance to the instance group **my-instance-group**:

```bash
curl https://<NMS_FQDN>/install/nginx-agent > install.sh; chmod u+x install.sh
sudo ./install.sh --instance-group my-instance-group
```
To add the instance to a specific instance group during installation, use the `--instance-group` (or `-g`) flag:

By default, the install script attempts to use a secure connection when downloading packages. If, however, the script cannot create a secure connection, it uses an insecure connection instead and logs the following warning message:
```shell
curl https://<NIM_FQDN>/install/nginx-agent -o install.sh
chmod u+x install.sh
sudo ./install.sh --instance-group <instance group>
```

``` text
Warning: An insecure connection will be used during this nginx-agent installation
```
By default, the install script uses a secure connection to download packages. If it can’t establish one, it falls back to an insecure connection and logs this message:

To require a secure connection, you can set the optional flag `skip-verify` to `false`.
```text
Warning: An insecure connection will be used during this nginx-agent installation
```

The following example shows how to download and run the script with an enforced secure connection:
To enforce a secure connection, set the `--skip-verify` flag to false:

```bash
curl https://<NMS_FQDN>/install/nginx-agent > install.sh chmod u+x install.sh; chmod u+x install.sh
sudo sh ./install.sh --skip-verify false
```
```shell
curl https://<NIM_FQDN>/install/nginx-agent -o install.sh
chmod u+x install.sh
sudo ./install.sh --skip-verify false
```

{{%/tab%}}

{{%tab name="wget"%}}

- **Secure:**

- Secure:

```bash
wget https://<NMS_FQDN>/install/nginx-agent -O - | sudo sh -s --skip-verify false
```shell
wget https://<NIM_FQDN>/install/nginx-agent -O - | sudo sh -s --skip-verify false
```

- Insecure:
- **Insecure:**

```bash
wget --no-check-certificate https://<NMS_FQDN>/install/nginx-agent -O - | sudo sh
```shell
wget --no-check-certificate https://<NIM_FQDN>/install/nginx-agent -O - | sudo sh
```

When you install the NGINX Agent, you can use the `--instance-group` or `-g` flag to add your NGINX instance to an existing instance group or to a new group that you specify.

The following example downloads and runs the NGINX Agent install script with the optional `--instance-group` flag, adding the NGINX instance to the instance group **my-instance-group**:

```bash
wget https://gnms1.npi.f5net.com/install/nginx-agent -O install.sh ; chmod u+x install.sh
sudo ./install.sh --instance-group my-instance-group
```
To add your instance to a group during installation, use the `--instance-group` (or `-g`) flag:

```shell
wget https://<NIM_FQDN>/install/nginx-agent -O install.sh
chmod u+x install.sh
sudo ./install.sh --instance-group <instance group>
```

{{%/tab%}}
{{</tabs>}}

<!-- Do not remove. Keep this code at the bottom of the include -->
<!-- DOCS-1031 -->
{{</tabs>}}
11 changes: 11 additions & 0 deletions content/includes/nim/nap-waf/restart-nms-integrations.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
docs: DOCS-000
files:
- content/nim/nginx-app-protect/setup-waf-config-management.md
---

Restart the `nms-integrations` service:

```shell
sudo systemctl restart nms-integrations
```
Loading
Loading