Supercharging NGINX With Lua (Part 2)
Once you have installed NGINX with Lua support, you will be able to work with several simple yet powerful Lua integrations.
Join the DZone community and get the full member experience.
Join For FreeIn Supercharging NGINX With Lua: Part I, we demonstrated how to install NGINX with Lua support (via the OpenResty package). In this post, I'll walk through some simple yet powerful examples of Lua integrations.
For the below examples, I am assuming that you have installed NGINX capable of handling Lua scripts and have a basic working NGINX configuration file (to embed the location
blocks below in).
Important: Although the examples below will work, they are somewhat contrived (over-simplified) and are primarily intended for demonstration of Lua capabilities. If you decide to use the examples in your own environments, please make sure that you understand what they are doing and tailor them to your own requirements.
(Phew...legal stuff done!)
Lastly, there is very comprehensive NGINX Lua Module Documentaion and OpenResty Documentation in which the NGINX Lua commands and constructs are explained in detail; if you are unsure about a particular command or method, I highly recommend starting there!
1. Basic Lua Handler (Embedded)
Here we utilize Lua to respond with OK.
location /example1 {
content_by_lua_block {
ngx.say("OK")
}
}
2. Basic Lua Handler (Modular)
Here, we again utilize Lua to respond with OK! However, we use a separate Lua file. This is recommended to allow you to separate your concerns.
Note: With later versions of Lua NGINX, you can also provide these files in pre-compiled Lua/LuaJIT bytecode (for faster start times).
To start, we create the file /etc/lua/example2.lua
with this content:
ngx.say("OK!")
Then, include the following in our NGINX config:
location /example2 {
content_by_lua_file /etc/lua/example2.lua;
}
3. Lua for Auth
Here, we utilize Lua to authorize a request based on the remote_user, remote_address, and URI. We create the file /etc/lua/example3.lua
with this content:
local remote_user = ngx.var.remote_user
local remote_addr = ngx.var.remote_addr
local uri = ngx.var.uri
if string.match(remote_user, "frankie") and
string.match(remote_addr, "123.123.123.123") and
string.match(uri, "[%a%d_%-.]+") then
-- we are ok here!
else
ngx.exit(ngx.HTTP_FORBIDDEN)
end
Then, include the following in our NGINX config:
location /example3 {
access_by_lua_file /etc/lua/example3.lua;
}
Next Steps
Part III of this series will illustrate some more advanced examples of how we can now use Lua modules to do some ultra-cool stuff like request caching and embedded HTTP requests.
Published at DZone with permission of Vic van Gool, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
Trending
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
-
What Is Istio Service Mesh?
-
VPN Architecture for Internal Networks
-
Design Patterns for Microservices: Ambassador, Anti-Corruption Layer, and Backends for Frontends
Comments