openresty-component
1.Array Var Nginx Module ArrayVarNginxModule
location /foo {
array_split ',' $arg_files to=$array; # use the set_quote_sql_str directive in the ngx_set_misc
# module to map to each element in the array $array:
array_map_op set_quote_sql_str $array; array_map "name = $array_it" $array; array_join ' or ' $array to=$sql_condition; # well, we could feed it to ngx_drizzle to talk to MySQL, for example ;)
echo "select * from files where $sql_condition";
} 2.AuthRequestNginxModulelocation /private/
{ auth_request /auth; ... }
location = /auth
{
proxy_pass ...
proxy_set_header X-Original-Uri $request_uri;
... } 3.CoolkitNginxModule
ngx_coolkit is collection of small and useful nginx add-ons. CONFIGURATION DIRECTIVES:
------------------------- override_method off | [methods] source (context: http, server, location)
------------------------------------------------------------------------
Override HTTP method. default: none CONFIGURATION VARIABLES:
------------------------ $remote_passwd
-----------------
Decoded password from "Authorization" header (Basic HTTP Authentication). $location
---------
Name of the matched location block. EXAMPLE CONFIGURATION #1:
-------------------------
http {
server {
location / {
override_method $arg_method;
proxy_pass http://127.0.0.1:8100;
}
}
} Pass request with changed HTTP method (based on "?method=XXX") to the backend. EXAMPLE CONFIGURATION #2:
-------------------------
http {
upstream database {
postgres_server 127.0.0.1 dbname=test
user=monty password=some_pass;
} server {
location = /auth {
internal; set_quote_sql_str $user $remote_user;
set_quote_sql_str $pass $remote_passwd; postgres_pass database;
postgres_query "SELECT login FROM users WHERE login=$user AND pass=$pass";
postgres_rewrite no_rows 403;
postgres_output none;
} location / {
auth_request /auth;
root /files;
}
}
} Restrict access to local files by authenticating against SQL database. Required modules (other than ngx_coolkit):
- ngx_http_auth_request_module,
- ngx_postgres (PostgreSQL) or ngx_drizzle (MySQL, Drizzle, SQLite),
- ngx_set_misc. 4.Drizzle Nginx Module
Yichun Zhang, 26 Aug 2011 (created 21 Jun 2011)
This is an nginx upstream module that talks to MySQL and/or Drizzle database servers by libdrizzle.
This ngx_drizzle module is not enabled by default. You should specify the --with-http_drizzle_module optiotn while configuring OpenResty.
The libdrizzle C library is no longer bundled by OpenResty. You need to download the drizzle server tarball from https://launchpad.net/drizzle.
When you get the drizzle7 release tarball, you can install libdrizzle-1.0 like this:
tar xzvf drizzle7-VERSION.tar.gz
cd drizzle7-VERSION/
./configure --without-server
make libdrizzle-1.0
make install-libdrizzle-1.0where VERSION is the drizzle7 release version number like 2011.06.20.
Please ensure that you have the python command point to a python2 interpreter. It's known that on recent Arch Linux distribution, python is linked to python3 by default, and while running make libdrizzle-1.0 will yield the following error:
File "config/pandora-plugin", line 185
print "Dependency loop detected with %s" % plugin['name']
^
SyntaxError: invalid syntax
make: *** [.plugin.scan] Error 1You can fix this by pointing python temporarily to python2.
When you install the libdrizzle-1.0 library to a custom path prefix, you can specify the libdrizzle prefix to OpenResty like this:
cd /path/to/ngx_openresty-VERSION/
./configure --with-libdrizzle=/path/to/drizzle --with-http_drizzle_module
https://github.com/openresty/drizzle-nginx-module#rds-header-part
drizzle_connect_timeout 1s;
drizzle_send_query_timeout 2s;
drizzle_recv_cols_timeout 1s;
drizzle_recv_rows_timeout 1s; location /query {
drizzle_query 'select sleep(10)';
drizzle_pass my_backend;
rds_json on; more_set_headers -s 504 'X-Mysql-Tid: $drizzle_thread_id';
} location /kill {
drizzle_query "kill query $arg_tid";
drizzle_pass my_backend;
rds_json on;
} location /main {
content_by_lua '
local res = ngx.location.capture("/query")
if res.status ~= ngx.HTTP_OK then
local tid = res.header["X-Mysql-Tid"]
if tid and tid ~= "" then
ngx.location.capture("/kill", { args = {tid = tid} })
end
return ngx.HTTP_INTERNAL_SERVER_ERROR;
end
ngx.print(res.body)
'
}
5.Echo Nginx Module
This module wraps lots of Nginx internal APIs for streaming input and output, parallel/sequential subrequests, timers and sleeping, as well as various meta data accessing.
Basically it provides various utilities that help testing and debugging of other modules by trivially emulating different kinds of faked subrequest locations.
location /hello {
echo "hello, world!";
}
location /hello {
echo -n "hello, ";
echo "world!";
}
location /timed_hello {
echo_reset_timer;
echo hello world;
echo "'hello world' takes about $echo_timer_elapsed sec.";
echo hiya igor;
echo "'hiya igor' takes about $echo_timer_elapsed sec.";
}
location /echo_with_sleep {
echo hello;
echo_flush; # ensure the client can see previous output immediately
echo_sleep 2.5; # in sec
echo world;
}
# in the following example, accessing /echo yields
# hello
# world
# blah
# hiya
# igor
location /echo {
echo_before_body hello;
echo_before_body world;
proxy_pass $scheme://127.0.0.1:$server_port$request_uri/more;
echo_after_body hiya;
echo_after_body igor;
}
location /echo/more {
echo blah;
}
# the output of /main might be
# hello
# world
# took 0.000 sec for total.
# and the whole request would take about 2 sec to complete.
location /main {
echo_reset_timer; # subrequests in parallel
echo_location_async /sub1;
echo_location_async /sub2; echo "took $echo_timer_elapsed sec for total.";
}
location /sub1 {
echo_sleep 2;
echo hello;
}
location /sub2 {
echo_sleep 1;
echo world;
}
# the output of /main might be
# hello
# world
# took 3.003 sec for total.
# and the whole request would take about 3 sec to complete.
location /main {
echo_reset_timer; # subrequests in series (chained by CPS)
echo_location /sub1;
echo_location /sub2; echo "took $echo_timer_elapsed sec for total.";
}
location /sub1 {
echo_sleep 2;
echo hello;
}
location /sub2 {
echo_sleep 1;
echo world;
}
# Accessing /dup gives
# ------ END ------
location /dup {
echo_duplicate 3 "--";
echo_duplicate 1 " END ";
echo_duplicate 3 "--";
echo;
}
# /bighello will generate 1000,000,000 hello's.
location /bighello {
echo_duplicate 1000_000_000 'hello';
}
# echo back the client request
location /echoback {
echo_duplicate 1 $echo_client_request_headers;
echo "\r"; echo_read_request_body; echo_request_body;
}
# GET /multi will yields
# querystring: foo=Foo
# method: POST
# body: hi
# content length: 2
# ///
# querystring: bar=Bar
# method: PUT
# body: hello
# content length: 5
# ///
location /multi {
echo_subrequest_async POST '/sub' -q 'foo=Foo' -b 'hi';
echo_subrequest_async PUT '/sub' -q 'bar=Bar' -b 'hello';
}
location /sub {
echo "querystring: $query_string";
echo "method: $echo_request_method";
echo "body: $echo_request_body";
echo "content length: $http_content_length";
echo '///';
}
# GET /merge?/foo.js&/bar/blah.js&/yui/baz.js will merge the .js resources together
location /merge {
default_type 'text/javascript';
echo_foreach_split '&' $query_string;
echo "/* JS File $echo_it */";
echo_location_async $echo_it;
echo;
echo_end;
}
# accessing /if?val=abc yields the "hit" output
# while /if?val=bcd yields "miss":
location ^~ /if {
set $res miss;
if ($arg_val ~* '^a') {
set $res hit;
echo $res;
}
echo $res;
} https://github.com/openresty/echo-nginx-module
6.EncryptedSessionNginxModule
# key must be of 32 bytes long
encrypted_session_key "abcdefghijklmnopqrstuvwxyz123456"; # iv must not be longer than 16 bytes
# default: "deadbeefdeadbeef" (w/o quotes)
encrypted_session_iv "1234567812345678"; # default: 1d (1 day)
encrypted_session_expires 3600; # in sec location /encrypt {
set $raw 'text to encrypted'; # from the ngx_rewrite module
set_encrypt_session $session $raw;
set_encode_base32 $session; # from the ngx_set_misc module add_header Set-Cookie 'my_login=$session'; # from the ngx_headers module # your content handler goes here...
} location /decrypt {
set_decode_base32 $session $cookie_my_login; # from the ngx_set_misc module
set_decrypt_session $raw $session; if ($raw = '') {
# bad session
} # your content handler goes here...
}
Description
This module provides encryption and decryption support for nginx variables based on AES-256 with Mac.
This module is usually used with the ngx_set_misc module and the standard rewrite module's directives.
This module can be used to implement simple user login and ACL.
Usually, you just decrypt data in nginx level, and pass the unencrypted data to your FastCGI/HTTP backend, as in
location /blah {
set_decrypt_session $raw_text $encrypted;
# this directive is from the ngx_set_misc module
set_escape_uri $escaped_raw_text $raw_text;
fastcgi_param QUERY_STRING "uid=$uid";
fastcgi_pass unix:/path/to/my/php/or/python/fastcgi.sock;
}
Lua web applications running directly on ngx_lua can call this module's directives directly from within Lua code:
local raw_text = ndk.set_var.set_decrypt_session(encrypted_text)
7.FormInputNginxModule
set_form_input $variable;
set_form_input $variable argument; set_form_input_multi $variable;
set_form_input_multi $variable argument;
example:
#nginx.conf
location /foo {
# ensure client_max_body_size == client_body_buffer_size
client_max_body_size 100k;
client_body_buffer_size 100k;
set_form_input $data; # read "data" field into $data
set_form_input $foo foo; # read "foo" field into $foo
}
location /bar {
# ensure client_max_body_size == client_body_buffer_size
client_max_body_size 1m;
client_body_buffer_size 1m;
set_form_input_multi $data; # read all "data" field into $data
set_form_input_multi $foo data; # read all "data" field into $foo
array_join ' ' $data; # now $data is an string
array_join ' ' $foo; # now $foo is an string
}
8.
# set the Server output header
more_set_headers 'Server: my-server'; # set and clear output headers
location /bar {
more_set_headers 'X-MyHeader: blah' 'X-MyHeader2: foo';
more_set_headers -t 'text/plain text/css' 'Content-Type: text/foo';
more_set_headers -s '400 404 500 503' -s 413 'Foo: Bar';
more_clear_headers 'Content-Type'; # your proxy_pass/memcached_pass/or any other config goes here...
} # set output headers
location /type {
more_set_headers 'Content-Type: text/plain';
# ...
} # set input headers
location /foo {
set $my_host 'my dog';
more_set_input_headers 'Host: $my_host';
more_set_input_headers -t 'text/plain' 'X-Foo: bah'; # now $host and $http_host have their new values...
# ...
} # replace input header X-Foo *only* if it already exists
more_set_input_headers -r 'X-Foo: howdy';
8.HeadersMoreNginxModule
Description
This module allows you to add, set, or clear any output or input header that you specify.
This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server.
It also allows you to specify an optional HTTP status code criteria using the -s option and an optional content type criteria using the -t option while modifying the output headers with the more_set_headers and more_clear_headers directives. For example,
more_set_headers -s 404 -t 'text/html' 'X-Foo: Bar';
You can also specify multiple MIME types to filter out in a single -t option. For example,
more_set_headers -t 'text/html text/plain' 'X-Foo: Bar';
Never use other paramemters like charset=utf-8 in the -t option values; they will not work as you would expect.
Input headers can be modified as well. For example
location /foo {
more_set_input_headers 'Host: foo' 'User-Agent: faked';
# now $host, $http_host, $user_agent, and
# $http_user_agent all have their new values.
}
The option -t is also available in the more_set_input_headers and more_clear_input_headers directives (for request header filtering) while the -s option is not allowed.
Unlike the standard headers module, this module's directives will by default apply to all the status codes, including 4xx and 5xx.
#nginx.conf
location /foo {
set $src '你好'; #in UTF-8
set_iconv $dst $src from=utf8 to=gbk; #now $dst holds 你好 in GBK
}
#everything generated from /foo will be converted from utf8 to gbk
location /bar {
iconv_filter from=utf-8 to=gbk;
iconv_buffer_size 1k;
#content handler here
}
10.lua-nginx-module
# set search paths for pure Lua external libraries (';;' is the default path):
lua_package_path '/foo/bar/?.lua;/blah/?.lua;;';
# set search paths for Lua external libraries written in C (can also use ';;'):
lua_package_cpath '/bar/baz/?.so;/blah/blah/?.so;;';
server {
location /lua_content {
# MIME type determined by default_type:
default_type 'text/plain';
content_by_lua_block {
ngx.say('Hello,world!')
}
}
location /nginx_var {
# MIME type determined by default_type:
default_type 'text/plain';
# try access /nginx_var?a=hello,world
content_by_lua_block {
ngx.say(ngx.var.arg_a)
}
}
location = /request_body {
client_max_body_size 50k;
client_body_buffer_size 50k;
content_by_lua_block {
ngx.req.read_body() -- explicitly read the req body
local data = ngx.req.get_body_data()
if data then
ngx.say("body data:")
ngx.print(data)
return
end
-- body may get buffered in a temp file:
local file = ngx.req.get_body_file()
if file then
ngx.say("body is in file ", file)
else
ngx.say("no body found")
end
}
}
# transparent non-blocking I/O in Lua via subrequests
# (well, a better way is to use cosockets)
location = /lua {
# MIME type determined by default_type:
default_type 'text/plain';
content_by_lua_block {
local res = ngx.location.capture("/some_other_location")
if res then
ngx.say("status: ", res.status)
ngx.say("body:")
ngx.print(res.body)
end
}
}
location = /foo {
rewrite_by_lua_block {
res = ngx.location.capture("/memc",
{ args = { cmd = "incr", key = ngx.var.uri } }
)
}
proxy_pass http://blah.blah.com;
}
location = /mixed {
rewrite_by_lua_file /path/to/rewrite.lua;
access_by_lua_file /path/to/access.lua;
content_by_lua_file /path/to/content.lua;
}
# use nginx var in code path
# CAUTION: contents in nginx var must be carefully filtered,
# otherwise there'll be great security risk!
location ~ ^/app/([-_a-zA-Z0-9/]+) {
set $path $1;
content_by_lua_file /path/to/lua/app/root/$path.lua;
}
location / {
client_max_body_size 100k;
client_body_buffer_size 100k;
access_by_lua_block {
-- check the client IP address is in our black list
if ngx.var.remote_addr == "132.5.72.3" then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if the URI contains bad words
if ngx.var.uri and
string.match(ngx.var.request_body, "evil")
then
return ngx.redirect("/terms_of_use.html")
end
-- tests passed
}
# proxy_pass/fastcgi_pass/etc settings
}
}
openresty-component的更多相关文章
- OpenResty:通过 Lua 扩展 NGINX 实现的可伸缩的 Web 平台
关于 http://openresty.org/cn/about.html 这个开源 Web 平台主要由章亦春(agentzh)维护.在 2011 年之前曾由淘宝网赞助,在后来的 2012 ~ 201 ...
- Nginx插件之openresty反向代理和日志滚动配置案例
Nginx插件之openresty反向代理和日志滚动配置案例 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.openresty介绍 1>.Nginx介绍 Nginx是一款 ...
- openresty 集成lua-resty-mail +smtp2http 扩展灵活的mail 服务
lua-resty-mail 是一个不错的openresty mail 扩展,我们可以用来进行邮件发送,支持附件功能 smtp2http 是一个smtp 服务,可以将smtp 请求数据转换为http ...
- 使用openresty + lua 搭建api 网关(一)安装openresty ,并添加lua模块
openresty 有点不多说,网上各种介绍,先安装吧. 官方操作在此,http://openresty.org/cn/installation.html, tar -xzvf openresty-V ...
- Nginx+lua+openresty精简系列
1. CentOS系统安装openresty 你可以在你的 CentOS 系统中添加 openresty 仓库,这样就可以便于未来安装或更新我们的软件包(通过 yum update 命令).运行下面的 ...
- 火焰图分析openresty性能瓶颈
注:本文操作基于CentOS 系统 准备工作 用wget从https://sourceware.org/systemtap/ftp/releases/下载最新版的systemtap.tar.gz压缩包 ...
- openresty 前端开发入门五之Mysql篇
openresty 前端开发入门五之Mysql篇 这章主要演示怎么通过lua连接mysql,并根据用户输入的name从mysql获取数据,并返回给用户 操作mysql主要用到了lua-resty-my ...
- openfire的组件(Component)开发
在之前的文章<Openfire阶段实践总结>中提到过一种openfire的扩展模式Compoent.本文将主要探讨对这种模式的应用与开发方法. 内部与外部组件介绍 在openfire中的许 ...
- openresty 前端开发入门六之调试篇
大多数情况下,调试信息,都可以通过ngx.say打印出来,但是有的时候,我们希望打印调试日志,不影响到返回数据,所以系统打印到其它地方,比如日志文件,或者控制台 这里主要用到一个方法就是ngx.log ...
- salesforce 零基础学习(六十一)apex:component简单使用以及图片轮转播放的实现
有的时候,我们项目有可能有类似需求:做一个简单的图像轮转播放功能,不同的VF页面调用可以显示不同的图片以及不同的图片描述.这种情况,如果在每个页面单独处理相关的图像轮转播放则显得代码特别冗余,此种情况 ...
随机推荐
- Python 之路Day04
列表 list:数据类型之一,存储数据,大量的,存储不同类型的数据 lst=[1,2,'alex',True,['钥匙','门禁卡',['银行卡']]] print(lst) 列表 -- 容器 别的语 ...
- [CCPC2019 哈尔滨] A. Artful Paintings - 差分约束,最短路
Description 给 \(N\) 个格子区间涂色,有两类限制条件 区间 \([L,R]\) 内至少 \(K\) 个 区间 \([L,R]\) 外至少 \(K\) 个 求最少要涂多少个格子 Sol ...
- python 数组array的一些操作
对一些特定大小的元素进行操作 1.将数组Arr中大于100的值都设定为100 Arr[Arr >100] = 100 利用array索引的内置 numpy.minimum(Arr, 100 ...
- Ubuntu卸载软件Firefox
查找火狐详细内容: dpkg --get-selections |grep firefox 删除 sudo apt-get purge firefox*
- 三分钟快速上手TensorFlow 2.0 (下)——模型的部署 、大规模训练、加速
前文:三分钟快速上手TensorFlow 2.0 (中)——常用模块和模型的部署 TensorFlow 模型导出 使用 SavedModel 完整导出模型 不仅包含参数的权值,还包含计算的流程(即计算 ...
- input placeholder 文字颜色修改
placeholder 文字颜色修改 input::-webkit-input-placeholder{ color:red; } input::-moz-placeholder{ /* Mozill ...
- js -- 车牌号对应的归属地js文件
/*车牌号对应的归属地*/ let cardCallerloc = new Map(); // 北京市(京) cardCallerloc.set("京A", "北京市&q ...
- 第四十二篇 入门机器学习——Numpy的基本操作——索引相关
No.1. 使用np.argmin和np.argmax来获取向量元素中最小值和最大值的索引 No.2. 使用np.random.shuffle将向量中的元素顺序打乱,操作后,原向量发生改变:使用np. ...
- 题解 【Codeforces755A】 PolandBall and Hypothesis
我们可以发现,当n>2时,n·(n-2)+1=(n-1)·(n-1),因此,输出n-2即可. 如果n<=2,我们可以发现: 当n=2时,2·4+1=9不是质数,输出4即可: 当n=1时,1 ...
- flutter web 配置环境及运行(windows)
此下 操作 都是基于 windows 一, 将镜像添加到 用户环境变量中 由于在国内访问Flutter有时可能会受到限制,Flutter官方为中国开发者搭建了临时镜像,大家可以将如下环境变量加入到用 ...