Skip to content
nylon docs

Config Distribution Setup

Nylon’s distribution system allows you to manage network topology from a central source using signed and encrypted “bundles”.

graph TD
    Admin[Admin] -- "nylon seal & upload" --> S3[("S3 Bucket / Web Server (central.nybundle)")]

    subgraph "Nylon Mesh"
        NodeA[Node A]
        NodeB[Node B]
    end

    S3 -- "Fetch & Update" --> NodeA
    S3 -- "Fetch & Update" --> NodeB

  1. Generate a Distribution Keypair

    Section titled “Generate a Distribution Keypair”

    First, generate a keypair specifically for distribution (separate from node keys).

    Terminal window
    nylon key > dist.key 2> dist.pub

  2. Seal your Configuration

    Section titled “Seal your Configuration”

    Sign and encrypt your central.yaml into a .nybundle file.

    Terminal window
    nylon seal -c central.yaml -k dist.key -o central.nybundle

  3. Publish the Bundle

    Section titled “Publish the Bundle”

    Host central.nybundle on any HTTP/HTTPS server (e.g., GitHub Pages, S3, or Nginx).

  4. Configure Nodes

    Section titled “Configure Nodes”

    Initial Bootstrap (node.yaml)

    Section titled “Initial Bootstrap (node.yaml)”

    Nodes fetch their first central config using the dist block:

    node.yaml
    dist:
      url: "https://your-server.com/central.nybundle"
      key: "<contents-of-dist.pub>"

    Automatic Updates (central.yaml)

    Section titled “Automatic Updates (central.yaml)”

    Once bootstrapped, nodes poll the repositories defined in central.yaml:

    central.yaml
    dist:
      key: "<contents-of-dist.pub>"
      repos:
        - "https://your-server.com/central.nybundle"

    Nylon polls for updates every 10 seconds and applies them.