Module ngx_mgmt

Module ngx_mgmt_module

Example Configuration
Directives
     mgmt
     enforce_initial_report
     license_token
     resolver
     ssl_crl
     ssl_trusted_certificate
     ssl_verify
     state_path
     usage_report

The ngx_mgmt_module module enables NGINX Plus license verification and usage reporting. This is mandatory for each nginx/1.27.2 (nginx-plus-r33) instance.

A JWT license file named license.jwt should be located at /etc/nginx/ for Linux or /usr/local/etc/nginx/ for FreeBSD or at the path specified by the license_token directive. The license file is available from MyF5.

Usage report is sent to F5 licensing endpoint every hour using the secure connection. Optionally, in network-restricted environments reporting can be configured to F5 NGINX Instance Manager from which the report can be sent to F5 licensing endpoint.

By default, if the initial usage report is not received by F5 licensing endpoint, nginx will stop processing traffic.

This module is available as part of our commercial subscription.

Example Configuration

mgmt {
    # in case if custom path is required
    license_token custom/file/path/license.jwt;

    # in case of reporting to NGINX Instance Manager
    usage_report endpoint=NIM_FQDN;
}

Directives

Syntax:	`mgmt { ... }`
Default:	—
Context:	`main`

Provides the configuration file context in which usage reporting and license management directives are specified.

Syntax:	`enforce_initial_report on \| off;`
Default:	enforce_initial_report on;
Context:	`mgmt`

This directive appeared in version 1.27.2.

Enables or disables the 180-day grace period for sending the initial usage report.

The initial usage report is sent immediately upon nginx first start after installation. By default, if the initial report is not received by F5 licensing endpoint, nginx stops processing traffic until the report is successfully delivered. Setting the directive value to off enables the 180-day grace period during which the initial usage report must be received by F5 licensing endpoint.

Syntax:	`license_token file;`
Default:	license_token license.jwt;
Context:	`mgmt`

This directive appeared in version 1.27.2.

Specifies a JWT license file. By default, the license.jwt file is expected to be at /etc/nginx/ for Linux or at /usr/local/etc/nginx/ for FreeBSD.

Syntax:	`resolver address ... [valid=time] [ipv4=on\|off] [ipv6=on\|off] [status_zone=zone];`
Default:	—
Context:	`mgmt`

Configures name servers used to resolve usage reporting endpoint name. By default, the system resolver is used.

See resolver for details.

Syntax:	`ssl_crl file;`
Default:	—
Context:	`mgmt`

Specifies a file with revoked certificates (CRL) in the PEM format used to verify the certificate of the usage reporting endpoint.

Syntax:	`ssl_trusted_certificate file;`
Default:	ssl_trusted_certificate system CA bundle;
Context:	`mgmt`

Specifies a file with trusted CA certificates in the PEM format used to verify the certificate of the usage reporting endpoint.

Syntax:	`ssl_verify on \| off;`
Default:	ssl_verify on;
Context:	`mgmt`

Enables or disables verification of the usage reporting endpoint certificate.

Before 1.27.2, the default value was off.

Syntax:	`state_path path;`
Default:	—
Context:	`mgmt`

This directive appeared in version 1.27.2.

Defines a directory for storing state files (nginx-mgmt-*) created by the ngx_mgmt_module module. The default directory for Linux is /var/lib/nginx/state, for FreeBSD is /var/db/nginx/state.

Syntax:	`usage_report [endpoint=address] [interval=time];`
Default:	usage_report endpoint=product.connect.nginx.com interval=1h;
Context:	`mgmt`

Sets the address and port of the usage reporting endpoint. The interval parameter sets an interval between two consecutive reports.

Before 1.27.2, the default values were nginx-mgmt.local and 30m.