openresty-component
1.Array Var Nginx Module ArrayVarNginxModule
location /foo {
array_split ',' $arg_files to=$array; # use the set_quote_sql_str directive in the ngx_set_misc
# module to map to each element in the array $array:
array_map_op set_quote_sql_str $array; array_map "name = $array_it" $array; array_join ' or ' $array to=$sql_condition; # well, we could feed it to ngx_drizzle to talk to MySQL, for example ;)
echo "select * from files where $sql_condition";
} 2.AuthRequestNginxModulelocation /private/
{ auth_request /auth; ... }
location = /auth
{
proxy_pass ...
proxy_set_header X-Original-Uri $request_uri;
... } 3.CoolkitNginxModule
ngx_coolkit is collection of small and useful nginx add-ons. CONFIGURATION DIRECTIVES:
------------------------- override_method off | [methods] source (context: http, server, location)
------------------------------------------------------------------------
Override HTTP method. default: none CONFIGURATION VARIABLES:
------------------------ $remote_passwd
-----------------
Decoded password from "Authorization" header (Basic HTTP Authentication). $location
---------
Name of the matched location block. EXAMPLE CONFIGURATION #1:
-------------------------
http {
server {
location / {
override_method $arg_method;
proxy_pass http://127.0.0.1:8100;
}
}
} Pass request with changed HTTP method (based on "?method=XXX") to the backend. EXAMPLE CONFIGURATION #2:
-------------------------
http {
upstream database {
postgres_server 127.0.0.1 dbname=test
user=monty password=some_pass;
} server {
location = /auth {
internal; set_quote_sql_str $user $remote_user;
set_quote_sql_str $pass $remote_passwd; postgres_pass database;
postgres_query "SELECT login FROM users WHERE login=$user AND pass=$pass";
postgres_rewrite no_rows 403;
postgres_output none;
} location / {
auth_request /auth;
root /files;
}
}
} Restrict access to local files by authenticating against SQL database. Required modules (other than ngx_coolkit):
- ngx_http_auth_request_module,
- ngx_postgres (PostgreSQL) or ngx_drizzle (MySQL, Drizzle, SQLite),
- ngx_set_misc. 4.Drizzle Nginx Module
Yichun Zhang, 26 Aug 2011 (created 21 Jun 2011)
This is an nginx upstream module that talks to MySQL and/or Drizzle database servers by libdrizzle.
This ngx_drizzle module is not enabled by default. You should specify the --with-http_drizzle_module optiotn while configuring OpenResty.
The libdrizzle C library is no longer bundled by OpenResty. You need to download the drizzle server tarball from https://launchpad.net/drizzle.
When you get the drizzle7 release tarball, you can install libdrizzle-1.0 like this:
tar xzvf drizzle7-VERSION.tar.gz
cd drizzle7-VERSION/
./configure --without-server
make libdrizzle-1.0
make install-libdrizzle-1.0
where VERSION is the drizzle7 release version number like 2011.06.20.
Please ensure that you have the python command point to a python2 interpreter. It's known that on recent Arch Linux distribution, python is linked to python3 by default, and while running make libdrizzle-1.0 will yield the following error:
File "config/pandora-plugin", line 185
print "Dependency loop detected with %s" % plugin['name']
^
SyntaxError: invalid syntax
make: *** [.plugin.scan] Error 1
You can fix this by pointing python temporarily to python2.
When you install the libdrizzle-1.0 library to a custom path prefix, you can specify the libdrizzle prefix to OpenResty like this:
cd /path/to/ngx_openresty-VERSION/
./configure --with-libdrizzle=/path/to/drizzle --with-http_drizzle_module
https://github.com/openresty/drizzle-nginx-module#rds-header-part
drizzle_connect_timeout 1s;
drizzle_send_query_timeout 2s;
drizzle_recv_cols_timeout 1s;
drizzle_recv_rows_timeout 1s; location /query {
drizzle_query 'select sleep(10)';
drizzle_pass my_backend;
rds_json on; more_set_headers -s 504 'X-Mysql-Tid: $drizzle_thread_id';
} location /kill {
drizzle_query "kill query $arg_tid";
drizzle_pass my_backend;
rds_json on;
} location /main {
content_by_lua '
local res = ngx.location.capture("/query")
if res.status ~= ngx.HTTP_OK then
local tid = res.header["X-Mysql-Tid"]
if tid and tid ~= "" then
ngx.location.capture("/kill", { args = {tid = tid} })
end
return ngx.HTTP_INTERNAL_SERVER_ERROR;
end
ngx.print(res.body)
'
}
5.Echo Nginx Module
This module wraps lots of Nginx internal APIs for streaming input and output, parallel/sequential subrequests, timers and sleeping, as well as various meta data accessing.
Basically it provides various utilities that help testing and debugging of other modules by trivially emulating different kinds of faked subrequest locations.
location /hello {
echo "hello, world!";
}
location /hello {
echo -n "hello, ";
echo "world!";
}
location /timed_hello {
echo_reset_timer;
echo hello world;
echo "'hello world' takes about $echo_timer_elapsed sec.";
echo hiya igor;
echo "'hiya igor' takes about $echo_timer_elapsed sec.";
}
location /echo_with_sleep {
echo hello;
echo_flush; # ensure the client can see previous output immediately
echo_sleep 2.5; # in sec
echo world;
}
# in the following example, accessing /echo yields
# hello
# world
# blah
# hiya
# igor
location /echo {
echo_before_body hello;
echo_before_body world;
proxy_pass $scheme://127.0.0.1:$server_port$request_uri/more;
echo_after_body hiya;
echo_after_body igor;
}
location /echo/more {
echo blah;
}
# the output of /main might be
# hello
# world
# took 0.000 sec for total.
# and the whole request would take about 2 sec to complete.
location /main {
echo_reset_timer; # subrequests in parallel
echo_location_async /sub1;
echo_location_async /sub2; echo "took $echo_timer_elapsed sec for total.";
}
location /sub1 {
echo_sleep 2;
echo hello;
}
location /sub2 {
echo_sleep 1;
echo world;
}
# the output of /main might be
# hello
# world
# took 3.003 sec for total.
# and the whole request would take about 3 sec to complete.
location /main {
echo_reset_timer; # subrequests in series (chained by CPS)
echo_location /sub1;
echo_location /sub2; echo "took $echo_timer_elapsed sec for total.";
}
location /sub1 {
echo_sleep 2;
echo hello;
}
location /sub2 {
echo_sleep 1;
echo world;
}
# Accessing /dup gives
# ------ END ------
location /dup {
echo_duplicate 3 "--";
echo_duplicate 1 " END ";
echo_duplicate 3 "--";
echo;
}
# /bighello will generate 1000,000,000 hello's.
location /bighello {
echo_duplicate 1000_000_000 'hello';
}
# echo back the client request
location /echoback {
echo_duplicate 1 $echo_client_request_headers;
echo "\r"; echo_read_request_body; echo_request_body;
}
# GET /multi will yields
# querystring: foo=Foo
# method: POST
# body: hi
# content length: 2
# ///
# querystring: bar=Bar
# method: PUT
# body: hello
# content length: 5
# ///
location /multi {
echo_subrequest_async POST '/sub' -q 'foo=Foo' -b 'hi';
echo_subrequest_async PUT '/sub' -q 'bar=Bar' -b 'hello';
}
location /sub {
echo "querystring: $query_string";
echo "method: $echo_request_method";
echo "body: $echo_request_body";
echo "content length: $http_content_length";
echo '///';
}
# GET /merge?/foo.js&/bar/blah.js&/yui/baz.js will merge the .js resources together
location /merge {
default_type 'text/javascript';
echo_foreach_split '&' $query_string;
echo "/* JS File $echo_it */";
echo_location_async $echo_it;
echo;
echo_end;
}
# accessing /if?val=abc yields the "hit" output
# while /if?val=bcd yields "miss":
location ^~ /if {
set $res miss;
if ($arg_val ~* '^a') {
set $res hit;
echo $res;
}
echo $res;
} https://github.com/openresty/echo-nginx-module
6.EncryptedSessionNginxModule
# key must be of 32 bytes long
encrypted_session_key "abcdefghijklmnopqrstuvwxyz123456"; # iv must not be longer than 16 bytes
# default: "deadbeefdeadbeef" (w/o quotes)
encrypted_session_iv "1234567812345678"; # default: 1d (1 day)
encrypted_session_expires 3600; # in sec location /encrypt {
set $raw 'text to encrypted'; # from the ngx_rewrite module
set_encrypt_session $session $raw;
set_encode_base32 $session; # from the ngx_set_misc module add_header Set-Cookie 'my_login=$session'; # from the ngx_headers module # your content handler goes here...
} location /decrypt {
set_decode_base32 $session $cookie_my_login; # from the ngx_set_misc module
set_decrypt_session $raw $session; if ($raw = '') {
# bad session
} # your content handler goes here...
}
Description
This module provides encryption and decryption support for nginx variables based on AES-256 with Mac.
This module is usually used with the ngx_set_misc module and the standard rewrite module's directives.
This module can be used to implement simple user login and ACL.
Usually, you just decrypt data in nginx level, and pass the unencrypted data to your FastCGI/HTTP backend, as in
location /blah {
set_decrypt_session $raw_text $encrypted;
# this directive is from the ngx_set_misc module
set_escape_uri $escaped_raw_text $raw_text;
fastcgi_param QUERY_STRING "uid=$uid";
fastcgi_pass unix:/path/to/my/php/or/python/fastcgi.sock;
}
Lua web applications running directly on ngx_lua can call this module's directives directly from within Lua code:
local raw_text = ndk.set_var.set_decrypt_session(encrypted_text)
7.FormInputNginxModule
set_form_input $variable;
set_form_input $variable argument; set_form_input_multi $variable;
set_form_input_multi $variable argument;
example:
#nginx.conf
location /foo {
# ensure client_max_body_size == client_body_buffer_size
client_max_body_size 100k;
client_body_buffer_size 100k;
set_form_input $data; # read "data" field into $data
set_form_input $foo foo; # read "foo" field into $foo
}
location /bar {
# ensure client_max_body_size == client_body_buffer_size
client_max_body_size 1m;
client_body_buffer_size 1m;
set_form_input_multi $data; # read all "data" field into $data
set_form_input_multi $foo data; # read all "data" field into $foo
array_join ' ' $data; # now $data is an string
array_join ' ' $foo; # now $foo is an string
}
8.
# set the Server output header
more_set_headers 'Server: my-server'; # set and clear output headers
location /bar {
more_set_headers 'X-MyHeader: blah' 'X-MyHeader2: foo';
more_set_headers -t 'text/plain text/css' 'Content-Type: text/foo';
more_set_headers -s '400 404 500 503' -s 413 'Foo: Bar';
more_clear_headers 'Content-Type'; # your proxy_pass/memcached_pass/or any other config goes here...
} # set output headers
location /type {
more_set_headers 'Content-Type: text/plain';
# ...
} # set input headers
location /foo {
set $my_host 'my dog';
more_set_input_headers 'Host: $my_host';
more_set_input_headers -t 'text/plain' 'X-Foo: bah'; # now $host and $http_host have their new values...
# ...
} # replace input header X-Foo *only* if it already exists
more_set_input_headers -r 'X-Foo: howdy';
8.HeadersMoreNginxModule
Description
This module allows you to add, set, or clear any output or input header that you specify.
This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server.
It also allows you to specify an optional HTTP status code criteria using the -s option and an optional content type criteria using the -t option while modifying the output headers with the more_set_headers and more_clear_headers directives. For example,
more_set_headers -s 404 -t 'text/html' 'X-Foo: Bar';
You can also specify multiple MIME types to filter out in a single -t option. For example,
more_set_headers -t 'text/html text/plain' 'X-Foo: Bar';
Never use other paramemters like charset=utf-8 in the -t option values; they will not work as you would expect.
Input headers can be modified as well. For example
location /foo {
more_set_input_headers 'Host: foo' 'User-Agent: faked';
# now $host, $http_host, $user_agent, and
# $http_user_agent all have their new values.
}
The option -t is also available in the more_set_input_headers and more_clear_input_headers directives (for request header filtering) while the -s option is not allowed.
Unlike the standard headers module, this module's directives will by default apply to all the status codes, including 4xx and 5xx.
#nginx.conf
location /foo {
set $src '你好'; #in UTF-8
set_iconv $dst $src from=utf8 to=gbk; #now $dst holds 你好 in GBK
}
#everything generated from /foo will be converted from utf8 to gbk
location /bar {
iconv_filter from=utf-8 to=gbk;
iconv_buffer_size 1k;
#content handler here
}
10.lua-nginx-module
# set search paths for pure Lua external libraries (';;' is the default path):
lua_package_path '/foo/bar/?.lua;/blah/?.lua;;';
# set search paths for Lua external libraries written in C (can also use ';;'):
lua_package_cpath '/bar/baz/?.so;/blah/blah/?.so;;';
server {
location /lua_content {
# MIME type determined by default_type:
default_type 'text/plain';
content_by_lua_block {
ngx.say('Hello,world!')
}
}
location /nginx_var {
# MIME type determined by default_type:
default_type 'text/plain';
# try access /nginx_var?a=hello,world
content_by_lua_block {
ngx.say(ngx.var.arg_a)
}
}
location = /request_body {
client_max_body_size 50k;
client_body_buffer_size 50k;
content_by_lua_block {
ngx.req.read_body() -- explicitly read the req body
local data = ngx.req.get_body_data()
if data then
ngx.say("body data:")
ngx.print(data)
return
end
-- body may get buffered in a temp file:
local file = ngx.req.get_body_file()
if file then
ngx.say("body is in file ", file)
else
ngx.say("no body found")
end
}
}
# transparent non-blocking I/O in Lua via subrequests
# (well, a better way is to use cosockets)
location = /lua {
# MIME type determined by default_type:
default_type 'text/plain';
content_by_lua_block {
local res = ngx.location.capture("/some_other_location")
if res then
ngx.say("status: ", res.status)
ngx.say("body:")
ngx.print(res.body)
end
}
}
location = /foo {
rewrite_by_lua_block {
res = ngx.location.capture("/memc",
{ args = { cmd = "incr", key = ngx.var.uri } }
)
}
proxy_pass http://blah.blah.com;
}
location = /mixed {
rewrite_by_lua_file /path/to/rewrite.lua;
access_by_lua_file /path/to/access.lua;
content_by_lua_file /path/to/content.lua;
}
# use nginx var in code path
# CAUTION: contents in nginx var must be carefully filtered,
# otherwise there'll be great security risk!
location ~ ^/app/([-_a-zA-Z0-9/]+) {
set $path $1;
content_by_lua_file /path/to/lua/app/root/$path.lua;
}
location / {
client_max_body_size 100k;
client_body_buffer_size 100k;
access_by_lua_block {
-- check the client IP address is in our black list
if ngx.var.remote_addr == "132.5.72.3" then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if the URI contains bad words
if ngx.var.uri and
string.match(ngx.var.request_body, "evil")
then
return ngx.redirect("/terms_of_use.html")
end
-- tests passed
}
# proxy_pass/fastcgi_pass/etc settings
}
}
openresty-component的更多相关文章
- OpenResty:通过 Lua 扩展 NGINX 实现的可伸缩的 Web 平台
关于 http://openresty.org/cn/about.html 这个开源 Web 平台主要由章亦春(agentzh)维护.在 2011 年之前曾由淘宝网赞助,在后来的 2012 ~ 201 ...
- Nginx插件之openresty反向代理和日志滚动配置案例
Nginx插件之openresty反向代理和日志滚动配置案例 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.openresty介绍 1>.Nginx介绍 Nginx是一款 ...
- openresty 集成lua-resty-mail +smtp2http 扩展灵活的mail 服务
lua-resty-mail 是一个不错的openresty mail 扩展,我们可以用来进行邮件发送,支持附件功能 smtp2http 是一个smtp 服务,可以将smtp 请求数据转换为http ...
- 使用openresty + lua 搭建api 网关(一)安装openresty ,并添加lua模块
openresty 有点不多说,网上各种介绍,先安装吧. 官方操作在此,http://openresty.org/cn/installation.html, tar -xzvf openresty-V ...
- Nginx+lua+openresty精简系列
1. CentOS系统安装openresty 你可以在你的 CentOS 系统中添加 openresty 仓库,这样就可以便于未来安装或更新我们的软件包(通过 yum update 命令).运行下面的 ...
- 火焰图分析openresty性能瓶颈
注:本文操作基于CentOS 系统 准备工作 用wget从https://sourceware.org/systemtap/ftp/releases/下载最新版的systemtap.tar.gz压缩包 ...
- openresty 前端开发入门五之Mysql篇
openresty 前端开发入门五之Mysql篇 这章主要演示怎么通过lua连接mysql,并根据用户输入的name从mysql获取数据,并返回给用户 操作mysql主要用到了lua-resty-my ...
- openfire的组件(Component)开发
在之前的文章<Openfire阶段实践总结>中提到过一种openfire的扩展模式Compoent.本文将主要探讨对这种模式的应用与开发方法. 内部与外部组件介绍 在openfire中的许 ...
- openresty 前端开发入门六之调试篇
大多数情况下,调试信息,都可以通过ngx.say打印出来,但是有的时候,我们希望打印调试日志,不影响到返回数据,所以系统打印到其它地方,比如日志文件,或者控制台 这里主要用到一个方法就是ngx.log ...
- salesforce 零基础学习(六十一)apex:component简单使用以及图片轮转播放的实现
有的时候,我们项目有可能有类似需求:做一个简单的图像轮转播放功能,不同的VF页面调用可以显示不同的图片以及不同的图片描述.这种情况,如果在每个页面单独处理相关的图像轮转播放则显得代码特别冗余,此种情况 ...
随机推荐
- Weather
Scientists say a lot about the problems of global warming and cooling of the Earth. Indeed, such nat ...
- LED Holiday Light -Picking LED Christmas Lights, 4 Things
LED Christmas lights are not very cheap, but you should know that LED lights can be used for more th ...
- [CF467C] George and Job - DP,前缀和
简单dp + 前缀和 你谷这乱标难度的风气真是-- #include <bits/stdc++.h> using namespace std; #define int long long ...
- C++-1019-Number Sequence
题意: 求数字112123123412345123456123456712345678123456789123456789101234567891011123456789101112123456789 ...
- AAC MDCT
AAC采用MDCT进行时频变换. 在编码端,以block为单位取出N个sample,乘以合适的window function后再进行MDCT.N通常为2048,256. 每个输入到MDCT的sampl ...
- 搭建第一个scrapy项目的常见问题
错误1:在执行 scrapy crawl spider名命令的时候 出现了ImportError:DLL load failed: %1不是有效的win32程序错误 这是因为pywin32的版本安装错 ...
- 【转载】Java的JDBC事务详解
转自:http://www.cnblogs.com/azhqiang/p/4044127.html 事务的特性: 1) 原子性(atomicity):事务是数据库的逻辑工作单位,而且是必须是原子工作单 ...
- 【转载】Java容器的线程安全
转自:http://blog.csdn.net/huilangeliuxin/article/details/12615507 同步容器类 同步容器类包括Vector和Hashtable(二者是早期J ...
- C#学习笔记之泛型
泛型的作用和约定 提高性能 拆箱和装箱 从值类型转换为引用类型为装箱,把引用类型转换为值类型为拆箱 装箱和拆箱很容易使用,但是性能损失比较大,尤其是遍历许多项的时候. List<T>不使用 ...
- bugku flag在index里
原题内容: http://120.24.86.145:8005/post/ Mark一下这道题,前前后后弄了两个多小时,翻了一下别的博主的wp感觉还是讲的太粗了,这里总结下自己的理解: 首先打开这道题 ...