Adding LUA module to nginx - nginx

I rpm installed nginx 1.12 on a redhat 7.5 server and It also has LUA 5.1.4
I downloaded lua-nginx-module-0.10.13 tar ball and put it under /etc/nginx/modules, but I am not able to run nginx with LUA auth file.
I also have openresty under /opt/openresty/ ..
http://openresty.org/en/installation.html
I followed the "make" method here.
Unfortunately this server doesnt have access to the internet so I cant install stuff from git which slows this down considerably. I am not sure how to add the module here. Any comments would be helpful.
This is what my nginx config looks like ..
server
{
listen 80;
access_log /opt/elk/logs/nginx/access.log main;
#auth_basic "admin";
#auth_basic_user_file "/etc/nginx/passwd";
client_max_body_size 100M;
location /
{
proxy_pass http://127.0.0.1:9200;
keepalive_timeout 300s;
#auth_basic on;
auth_basic "admin";
auth_basic_user_file "/etc/nginx/passwd";
access_by_lua_file '/etc/nginx/authorized.lua';
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html
{
root /usr/share/nginx/html;
}
}
The lua_access_file is causing an error
nginx: [emerg] unknown directive "access_by_lua_file" Is there some "include" I need to define in the config to get rid of this ?
Thanks.

I am breaking down your problem into the small task, as per question and my understanding.
1) The error clearly says that you have not install Lua-nginx-module properly.
Lua-nginx-module documentation
2) The server does not have access to the internet so cannot download from git.
*
Assuming you are doing ssh into your machine from windows. So, please
check below link to copy the files from windows to Linux.
Installing/Accessing via WinSCP
how-to-copy-files-from-one-machine-to-another-using-ssh
this step will get all the necessary files on your server.
3) Steps to install nginx with lua-nginx-module.
lua nginx module compatibility check.
Nginx Compatibility
The latest version of this module is compatible with the following versions of Nginx:
1.13.x (last tested: 1.13.6)
1.12.x
1.11.x (last tested: 1.11.2)
1.10.x
1.9.x (last tested: 1.9.15)
1.8.x
1.7.x (last tested: 1.7.10)
1.6.x
Nginx cores older than 1.6.0 (exclusive) are not supported.
referance document for nginx compatibility
Prerequisites
**- Centos/RHEL**[**In case if internet is working in your server**].
yum install -y wget unzip gcc make openssl-devel pcre-devel zlib-devel
- Downloading .rpm package manually and installing.
Search the prerequisites from the RPM resource site
RPM resource site
Copy the file in your Linux box
Please refer above point (2)"The server does not have access to the internet so cannot download from git".
Install with the following command.
rpm -i rpm-package-name
Install-rpm-file-on-linux
- Tarball installation for prerequisites.
- [Installing gcc from source code ][6] Similarly,you can look for
other prerequistes.
Downloading the source
$ rm -fr /tmp/nginx-build
$ mkdir /tmp/nginx-build
$ cd /tmp/nginx-build
$ wget http://nginx.org/download/nginx-1.13.0.tar.gz
$ wget http://luajit.org/download/LuaJIT-2.0.4.tar.gz
$ wget -O nginx_devel_kit.tar.gz https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz
$ wget -O nginx_lua_module.tar.gz https://github.com/openresty/lua-nginx-module/archive/v0.10.8.tar.gz
Extracting
$ tar xvf LuaJIT-2.0.4.tar.gz
$ tar xvf nginx-1.11.10.tar.gz
$ tar xvf nginx_devel_kit.tar.gz
$ tar xvf nginx_lua_module.tar.gz
Building LuaJIT
To build Nginx with LuaJIT, we need to build LuaJIT first. This is as simple as a make command
$ cd /tmp/nginx-build/LuaJIT-2.0.4
$ make install
==== Building LuaJIT 2.0.4 ====
make -C src
make[1]: Entering directory `/tmp/nginx/LuaJIT-2.0.4/src'
...
...
ln -sf luajit-2.0.4 /usr/local/bin/luajit
==== Successfully installed LuaJIT 2.0.4 to /usr/local ====
Building Nginx
$ cd /tmp/nginx-build/nginx-1.11.10
$ LUAJIT_LIB=/usr/local/lib LUAJIT_INC=/usr/local/include/luajit-2.0 \
./configure \
--user=nobody \
--group=nobody \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-pcre \
--with-file-aio \
--with-http_realip_module \
--without-http_scgi_module \
--without-http_uwsgi_module \
--without-http_fastcgi_module ${NGINX_DEBUG:+--debug} \
--with-cc-opt=-O2 --with-ld-opt='-Wl,-rpath,/usr/local/lib' \
--add-module=/tmp/nginx/ngx_devel_kit-0.3.0 \
--add-module=/tmp/nginx/lua-nginx-module-0.10.8
$ make install
Syntanx Check
$ nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Nginx Lua Testing
*As per you nginx file.
location /
{
proxy_pass http://127.0.0.1:9200;
keepalive_timeout 300s;
#auth_basic on;
auth_basic "admin";
auth_basic_user_file "/etc/nginx/passwd";
access_by_lua_file '/etc/nginx/authorized.lua'; }
Reload / restart nginx
systemctl nginx restart
systemctl nginx reload.
how-to-reload-nginx-systemctl-or-nginx-s

In case you are running nginx with docker you can just follow the instructions on the docker-nginx github repository.
In your nginx-conf make sure to also load the module by adding
load_module modules/ndk_http_module.so;
load_module modules/ngx_http_lua_module.so;
load_module modules/ngx_stream_lua_module.so;

Now in most Operating Systems (e.g. Ubuntu, etc) Lua support for Nginx can be enabled by installing the libnginx-mod-http-lua package. e.g:
sudo apt install libnginx-mod-http-lua
This package includes the dynamic library and the corresponding load_module directive in /usr/share/nginx/modules-available/mod-http-lua.conf which is usually enabled when the package is installed (by softlinking it into the /etc/nginx/modules-enabled/ directory).

Akshay barahate's answer is long and comprehensive.
However to answer your question
Is there some "include" I need to define in the config to get rid of this ?
Try adding
load_module "ngx_http_lua_module.so"
The package name may vary, the above file name is derived from an ubuntu 18.04 installation from package.
(Usually you find your modules in /usr/share/nginx/modules)
Note: If you compiled nginx from source (which seems to be the recommended way to get lua running), pathes and filenames can vary.
Happy codin'.

Related

Nginx: Hide server signature

I have read a lot of questions on StackOverflow. For many people they were helpful, but for me not.
I need to hide the server name, or at least change it.
I wrote a docker file, to download a dynamic module and inject it into the configuration in the next step.
ARG VERSION=alpine
FROM nginx:${VERSION} as builder
ENV MORE_HEADERS_VERSION=0.34
ENV MORE_HEADERS_GITREPO=openresty/headers-more-nginx-module
RUN wget "http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" -O nginx.tar.gz && \
wget "https://github.com/${MORE_HEADERS_GITREPO}/archive/v${MORE_HEADERS_VERSION}.tar.gz" -O extra_module.tar.gz
RUN apk add --no-cache --virtual .build-deps \
gcc \
libc-dev \
make \
openssl-dev \
pcre-dev \
zlib-dev \
linux-headers \
libxslt-dev \
gd-dev \
geoip-dev \
perl-dev \
libedit-dev \
mercurial \
bash \
alpine-sdk \
findutils
SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
RUN rm -rf /usr/src/nginx /usr/src/extra_module && mkdir -p /usr/src/nginx /usr/src/extra_module && \
tar -zxC /usr/src/nginx -f nginx.tar.gz && \
tar -xzC /usr/src/extra_module -f extra_module.tar.gz
WORKDIR /usr/src/nginx/nginx-${NGINX_VERSION}
RUN CONFARGS=$(nginx -V 2>&1 | sed -n -e 's/^.*arguments: //p') && \
sh -c "./configure --with-compat $CONFARGS --add-dynamic-module=/usr/src/extra_module/*" && make modules
FROM nginx:${VERSION}
COPY --from=builder /usr/src/nginx/nginx-${NGINX_VERSION}/objs/*_module.so /etc/nginx/modules/
COPY devops/nginx/nginx.conf /etc/nginx/
EXPOSE 81 82
CMD ["nginx", "-g", "daemon off;"]
Then, I added the module into the nginx.conf file. (I also tried to load the module without "")
load_module "modules/ngx_http_headers_more_filter_module.so";
And finally, I wrote into http block
http{
more_clear_headers server;
more_set_headers "server: hidden";
server_tokens off;
proxy_pass_header server; //Tried to add it for reverse proxying, but it did not work
}
Only server_tokens off; works. I have removed nginx version, but not it's signature. more_clear_headers and more_set_headers do not affect it. What am I missing?
P.s. Checked the modules folder in the server, and my module loaded correctly
P.p.s. Tried Server with capital S, and it did not work either. (As many suggested, but my response returns it with lowercase)

Docker Image with Nginx and running with docker compose and in Jenkins Pipeline

I already have a docker file for customized image for nginx and this works fine.
FROM library/nginx:1.13.2
LABEL maintainer="san#test.com"
# Remove the default Nginx configuration file
RUN rm -v /etc/nginx/nginx.conf
# Copy a configuration file from the current directory
ADD nginx.conf /etc/nginx/
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \
# Make PageSpeed cache writable
&& mkdir -p /var/cache/ngx_pagespeed && \
chmod -R o+wr /var/cache/ngx_pagespeed
ADD server.crt /etc/nginx/ssl/
ADD server.key /etc/nginx/ssl/
ADD conf.d/ /etc/nginx/conf.d/
ADD proxy.d/ /etc/nginx/proxy.d/
CMD ["nginx", "-g", "daemon off;"]
I am trying to also have aws cli installed so I can copy some s3 files and dynamically change nginx configuration which i will do with CMD[] once awsCli is available within the container.
I tried and read many a links from google, but the documentation or reads are not helping especially how to have credentials passed.
I am creating the image in two ways. First is via jenkins pipeline (snippet below
stages {
stage('Build Docker image') {
steps {
script {
docker.withRegistry("http://xyz-1.amazonaws.com", "ecr:eu-central-1:aws-credentials") {
def customImage = docker.build("web-proxy:${CY_RELEASE_VERSION}", ".")
customImage.push()
}
}
}
}
And other way is in local I manually build the image like following
docker build -t web-proxy-dev_san_1:1.11 .
What I am not sure is how I can have aws-cli in DockerFile and have the image take credentials automatically both locally and in jenkins. I think for jenkins it may work if I manage to have aws-cli installed as I am using aws-credentials specified in pipeline but I havent reached that stage yet.
You can use AWS plugin to interact AWS in your pipeline, check the following example: link

How to fix '404 (Not Found)' errors when sourcing CSS and Javascript files in ShinyProxy

I am trying to launch a shiny app using ShinyProxy - something I have done many times before. However, this app is not correctly using any of the CSS or JS files that is required to make it run.
When I run the app manually with docker run -p 3838:3838 my_app everything works perfectly fine. However, when pointing ShinyProxy to the my_app image, the resulting app fails to load any CSS or JS files.
Dockerfile
FROM openanalytics/r-base
MAINTAINER Daniel Beachnau "DannyBeachnau#gmail.com"
# Dependencies outside of R
RUN apt-get update && apt-get install -y \
sudo \
gdebi-core \
pandoc \
pandoc-citeproc \
libcurl4-gnutls-dev \
libcairo2-dev \
libxt-dev \
xtail \
wget \
libpq-dev \
libmariadb-client-lgpl-dev \
# Might be needed for the archivist R-Library
dbus \
systemd \
# needed for odbc
unixodbc-dev
RUN apt-get install apt-transport-https curl -y
RUN curl http://packages.microsoft.com/keys/microsoft.asc | apt-key add -
RUN curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
RUN apt-get update
RUN ACCEPT_EULA=Y apt-get install msodbcsql17 -y
# Download R-Packages
# tidyverse
RUN R -e "install.packages('tidyr')"
RUN R -e "install.packages('dplyr')"
RUN R -e "install.packages('readr')"
# Shiny Packages
RUN R -e "install.packages('shiny')"
RUN R -e "install.packages('shinycssloaders')"
RUN R -e "install.packages('shinydashboard')"
RUN R -e "install.packages('shinyWidgets')"
RUN R -e "install.packages('DT')"
RUN R -e "install.packages('shinyjs')"
RUN R -e "install.packages('flexdashboard')"
# Database Packages
RUN R -e "install.packages('odbc')"
RUN R -e "install.packages('RMySQL')"
# Other
RUN R -e "install.packages('devtools')"
RUN R -e "install.packages('lubridate')"
RUN R -e "install.packages('reshape2')"
RUN R -e "install.packages('grid')"
RUN R -e "install.packages('lemon')"
RUN R -e "install.packages('scales')"
RUN R -e "install.packages('ggthemes')"
RUN R -e "install.packages('ggplot2')"
RUN R -e "devtools::install_bitbucket(repo = 'my_repo/my_package', auth_user = 'my_username', password = 'my_password')"
# copy the app to the image
COPY . /root
# run the script to update the app data
WORKDIR /root
RUN Rscript app_data_update.R
WORKDIR /root/app
COPY Rprofile.site /usr/lib/R/etc/
EXPOSE 3838
CMD ["R", "-e", "shiny::runApp('/root/app', host='0.0.0.0', port=3838)"]
application.yml
shiny:
proxy:
title: ShinyProxy Server
logo-url: /images/logo-image.png
landing-page: /
heartbeat-rate: 10000
heartbeat-timeout: 60000
container-wait-time: 60000
port: 8080
authentication: ldap
# Docker configuration
docker:
cert-path: /home/none
url: http://localhost:2375
port-range-start: 20000
support:
container-log-path: ./container-logs
mail-to-address: DannyBeachnau#gmail.co,
- name: my_apps_name
display-name: Shiny App
docker-image: dbeachnau/my_app
groups: [Shiny Users Management]
logo-url: /images/logo-image.png
container-volumes: ["/path/to/app:/root/app"]
logging:
file:
shinyproxy.log
Here is how app looks in shiny proxy.
problem
Here is hoe my app looks when running manually.
desired
The console in chrome's inspect tool is replete with errors such as
GET https://myshinyserver.com/container_name/font-awesome-5.3.1/css/all.min.css net::ERR_ABORTED 404 (Not Found)
I do have other apps running on ShinyProxy which display properly, but I cannot solve the difference between how those apps are configured to how this app is configured. Let me know if additional details are required for diagnosing the issue. All feedback is appreciated - thank you.
You're probably seeing this with Shiny v1.3.0, and not with earlier versions. If so, it's probably because of a misconfiguration in your NGINX proxy directives. I've written up the details here, but I'll also post the salient details here.
proxy_set_header Connection "upgrade";
This directive causes NGINX to add a Connection: upgrade header to every HTTP request, when it's only supposed to be used for WebSockets.
This line is recommended by NGINX Inc. themselves, however, those recommendations are intended for proxying of traffic that is exclusively WebSockets, whereas Shiny traffic is a combination of normal HTTP requests and WebSockets. Older versions of shiny/httpuv didn't mind this situation, but the new versions are stricter.
A correct configuration looks something like this:
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
location / {
proxy_pass http://localhost:3838;
proxy_redirect / $scheme://$http_host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
proxy_buffering off;
}
}
}
See the articles linked in the RStudio Community post for other examples.
You will have to install the requested font at the top of your Dockerfile. You can add it to your list "Dependencies outside of R":
sudo apt-get install fonts-font-awesome
I have solved my problem, although, this still may not count as a sufficient answer or explanation, because I cannot account for why this solution makes a difference. I decided to rewrite the Dockerfile using a different base image which now works. Nothing else in my code changed - just the Dockerfile. The working docker file is as follows:
FROM rocker/shiny-verse
# based on debian 9
MAINTAINER Daniel Beachnau "DannyBeachnau#gmail.com"
# Dependencies outside of R
RUN apt-get update && apt-get install -y \
gnupg2 \
apt-utils \
sudo \
gdebi-core \
libxt-dev \
xtail \
wget
# Install ODBC driver from microsoft
RUN apt-get install apt-transport-https curl -y
RUN curl http://packages.microsoft.com/keys/microsoft.asc | apt-key add -
RUN curl https://packages.microsoft.com/config/debian/9/prod.list > /etc/apt/sources.list.d/mssql-release.list
RUN apt-get update
RUN ACCEPT_EULA=Y apt-get install msodbcsql17 -y
# Download R-Packages
# Shiny Packages
RUN R -e "install.packages('shinycssloaders')"
RUN R -e "install.packages('shinydashboard')"
RUN R -e "install.packages('shinyWidgets')"
RUN R -e "install.packages('DT')"
RUN R -e "install.packages('shinyjs')"
RUN R -e "install.packages('flexdashboard')"
# Database Packages
RUN R -e "install.packages('odbc')"
RUN R -e "install.packages('RMySQL')"
# Other
RUN R -e "install.packages('lubridate')"
RUN R -e "install.packages('reshape2')"
RUN R -e "install.packages('scales')"
RUN R -e "install.packages('ggthemes')"
RUN R -e "install.packages('ggplot2')"
RUN R -e "devtools::install_bitbucket(repo = 'my_repo', auth_user = 'my_username', password = 'my_password')"
# copy the app to the image
COPY . /root
# run the script to update the app data
WORKDIR /root
RUN Rscript app_data_update.R
WORKDIR /root/app
COPY Rprofile.site /usr/lib/R/etc/
EXPOSE 3838
CMD ["R", "-e", "shiny::runApp('/root/app', host='0.0.0.0', port=3838)"]
If anyone has insight to why this behavior is observed I would love to hear it because I am baffled to say the least.
why this solution makes a difference
It seems to be an issue with the Shiny version, changing the base image has very probably fixed that.
See Shiny apps not rendering after updated to v1.3.0

Deploying ASP.NET 4.* MVC and Web API applications to Linux server

Is there any way of Deploying ASP.NET 4.* MVC and Web API applications to Linux server? I searched and read about Docker but I think that is for .NET 5.
Appreciate your help!
I managed to do that with some bricolage on a Linux-based Docker image.
This helped me a lot: https://github.com/junalmeida/docker-mono-web
Basically, you can host your web application with nginx, but you also need fastcgi-mono-server4.
The dockerfile looks like this:
FROM mono:latest
RUN apt-get update \
&& apt-get install -y \
iproute2 supervisor ca-certificates-mono fsharp mono-vbnc nuget \
referenceassemblies-pcl mono-fastcgi-server4 nginx nginx-extras \
&& rm -rf /var/lib/apt/lists/* /tmp/* \
&& echo "daemon off;" | cat - /etc/nginx/nginx.conf > temp && mv temp /etc/nginx/nginx.conf \
&& sed -i -e 's/www-data/root/g' /etc/nginx/nginx.conf
# this copies nginx configuration files to the proper directory
COPY nginx/ /etc/nginx/
In the link above, the supervisord command is used to start both nginx and fastcgi-mono-server4.
It is configured in a supervisord.conf file like the following, in which the --appconfigdir specifies the root folder of your application:
[supervisord]
logfile=/var/log/supervisor/supervisord.log
logfile_maxbytes = 50MB
nodaemon=true
user=root
[program:mono]
command=fastcgi-mono-server4 --appconfigdir=appconfig --socket=unix --filename=/var/run/mono-fastcgi.sock --printlog --name=mono
user=root
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:nginx]
command=nginx
user=root
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
and launched with this command:
/usr/bin/supervisord -c supervisord.conf
(a folder contains a configuration for nginx, too).

Static webpage on Nginx Docker Container Missing CSS

I am trying to host the Swagger UI on a docker container using Nginx.
When I access my webpage via hostAddress.com it returns the webpage as plain text and inspecting it tells me that it can't find any of the javascript or css files despite them seeming to be present in the container as I have ssh into the container to check.
My dockerfile
FROM nginx
COPY src /usr/share/nginx/html
COPY config/nginx.conf /etc/nginx
EXPOSE 80
nginx.config
events {
worker_connections 4096; ## Default: 1024
}
http {
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.html index.htm;
include /etc/nginx/mime.types;
location /swagger {
try_files $uri /index.html;
}
#Static File Caching. All static files with the following extension will be cached for 1 day
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 1d;
}
}
}
Here what you can do achieve that.
Like it was mentioned the comment, you can download the artifacts from
https://github.com/ianneub/docker-swagger-ui/blob/master
Create a directory say ngix
Copy Dockerfile, run.sh into that directory
Edit the Dockerfile to make the customization that you need to change the location as shown below:
FROM nginx:1.9
ENV SWAGGER_UI_VERSION 2.1.2-M2
ENV URL **None**
RUN apt-get update \
&& apt-get install -y curl \
&& curl -L https://github.com/swagger-api/swagger-ui/archive/v${SWAGGER_UI_VERSION}.tar.gz | tar -zxv -C /tmp \
&& mkdir /usr/share/nginx/html/swagger \
&& cp -R /tmp/swagger-ui-${SWAGGER_UI_VERSION}/dist/* /usr/share/nginx/html/swagger \
&& rm -rf /tmp/*
COPY run.sh /run.sh
CMD ["/run.sh"]
If you compare the above changes with original Dockerfile, there are changes made in the lines 9, 10 to include additional path i.e., swagger. Of course, you may change as needed.
Next, run the following docker commands to build and run
Build Image:
docker build -t myswagger .
Run it
docker run -it --rm -p 3000:80 --name testmyswagger -e "URL=http://petstore.swagger.io/v2/swagger.json" myswagger
Now you should be able to access your swagger using http://localhost:3000/swagger/index.html

Resources