1.安装lua
1.1安装LuaJIT
yum install readline-devel
mkdir -p lua-file
cd lua-file/
wget http://luajit.org/download/LuaJIT-2.0.5.tar.gz
tar -zxvf LuaJIT-2.0.5.tar.gz
cd LuaJIT-2.0.5
make && make install PREFIX=/usr/local/luajit
1.2配置LuaJIT环境变量
[root@localhost lua-file]# vim /etc/profile
#/etc/profile 文件中加入环境变量
export LUAJIT_LIB=/usr/local/luajit/lib
export LUAJIT_INC=/usr/local/luajit/include/luajit-2.0
[root@localhost lua-file]# source /etc/profile
1.3 lua安装测试
[root@localhost lua-file]# vim hello.lua
print('hello world lua');
[root@localhost lua-file]# lua hello.lua
hello world lua
2.ngx_devel_kit和lua-nginx-module
ngx_devel_kit简称NDK,提供函数和宏处理一些基本任务,减轻第三方模块开发的代码量。
lua-nginx-module是nginx的lua模块
[root@localhost ~]# mkdir -p /usr/local/src/nginx
[root@localhost ~]# cd /usr/local/src/nginx/
[root@localhost nginx]# wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz
[root@localhost nginx]# wget https://github.com/openresty/lua-nginx-module/archive/v0.10.9rc7.tar.gz
[root@localhost nginx]# ls
v0.10.9rc7.tar.gz v0.3.0.tar.gz
[root@localhost nginx]# tar -zxvf v0.10.9rc7.tar.gz
[root@localhost nginx]# tar -zxvf v0.3.0.tar.gz
3.查看已安装好的nginx
3.1查看原安装
[root@localhost nginx]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-pcre --with-http_ssl_module --with-http_gzip_static_module
3.2 安装依赖
[root@localhost nginx]# yum -y install openssl openssl-devel zlib zlib-devel pcre-devel
3.3 进入nginx解压目录,安装扩展
[root@localhost ~]# cd nginx-1.14.2
[root@localhost nginx-1.14.2]#
3.3.1.清空之前的编译文件
[root@localhost nginx-1.14.2]# make clean
3.3.2 执行 nginx -V 查看之前的编译参数
[root@localhost nginx-1.14.2]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-pcre --with-http_ssl_module --with-http_gzip_static_module
3.3.3 添加扩展执行编译
[root@localhost nginx-1.14.2]# ls /usr/local/src/nginx/
lua-nginx-module-0.10.9rc7 ngx_devel_kit-0.3.0 v0.10.9rc7.tar.gz v0.3.0.tar.gz
[root@localhost nginx-1.14.2]# ./configure --prefix=/usr/local/nginx --with-pcre --with-http_ssl_module --with-http_gzip_static_module --add-module=/usr/local/src/nginx/lua-nginx-module-0.10.9rc7/ --add-module=/usr/local/src/nginx/ngx_devel_kit-0.3.0/
3.3.4.执行make (不能执行 make install)
[root@localhost nginx-1.14.2]# make
(打开新连接窗口操作)重命名 nginx 旧版本二进制文件,即 sbin 目录下的 nginx(期间 nginx 并不会停止服务)
[root@localhost nginx-1.14.2]# cd /usr/local/nginx/sbin/
[root@localhost sbin]# ls
nginx
[root@localhost sbin]# mv nginx nginx.old
[root@localhost sbin]# ls
nginx.old
拷贝一份新编译的二进制文件到安装目录
[root@localhost nginx-1.14.2]# pwd
/root/nginx-1.14.2
[root@localhost nginx-1.14.2]# cd objs/
[root@localhost objs]# cp nginx /usr/local/nginx/sbin/
[root@localhost objs]# ls /usr/local/nginx/sbin/
nginx nginx.old
在源码目录执行 make upgrade 开始升级
[root@localhost nginx-1.14.2]# make upgrade
/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
kill -USR2 `cat /usr/local/nginx/logs/nginx.pid`
sleep 1
test -f /usr/local/nginx/logs/nginx.pid.oldbin
kill -QUIT `cat /usr/local/nginx/logs/nginx.pid.oldbin`
如果有这个报错:nginx: error while loading shared libraries: libluajit-5.1.so.2: cannot open shared object file: No such file or directory#解决方案
[root@localhost nginx-1.14.2]# vim /etc/ld.so.conf
#新增一条
/usr/local/luajit/lib
#保存文件,执行ldconfig
[root@localhost nginx-1.14.2]# ldconfig
###查看是否安装成功
[root@localhost nginx-1.14.2]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-pcre --with-http_ssl_module --with-http_gzip_static_module --add-module=/usr/local/src/nginx/lua-nginx-module-0.10.9rc7/ --add-module=/usr/local/src/nginx/ngx_devel_kit-0.3.0/
4 nginx引入lua调试
4.1 nginx.conf引入lua
[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
set $test "hello world lua";
location /lua_test {
content_by_lua '
ngx.header.content_type="text/plain";
ngx.say(ngx.var.test);
';
}
4.2 重启nginx,执行访问
[root@localhost nginx]# /usr/local/nginx/sbin/nginx -s reload
执行访问
5.实现lua连接redis
redis集群扩展包:https://github.com/onlonely/lua-redis-cluster
对于lua来说,它是一个非常轻量级的脚本语言,而它本身也与php的composer是一样的,是可以添加扩展,只是他们的扩展我们需要自己找对应的模块库
官方组件:https://openresty.org/cn/components.html
[root@localhost 5.1]# pwd
/usr/local/luajit/share/lua/5.1
5.2 下载快速JSON编码/解析
[root@localhost 5.1]# git clone https://github.com/openresty/lua-cjson.git
5.3 下载 lua-resty-redis (单机版redis)客户端
[root@localhost 5.1]# wget https://codeload.github.com/agentzh/lua-resty-redis/tar.gz/v0.26
tar -zxvf v0.26
cd lua-resty-redis-0.26/lib/resty/
cp redis.lua /usr/local/nginx/conf/lua/
5.4 lua连接单机版本redis
资料地址:https://github.com/openresty/lua-resty-redis
5.4.1编辑nginx.conf脚本
#引入lua-reds 扩展库(此处可以在lua脚本里面引入,公共的也可以在此引入)
#连接单机版本的redis
lua_package_path "/usr/local/nginx/conf/lua/redis.lua;;";
location /lua_redis {
default_type 'application/x-javascript;charset=utf-8';
content_by_lua_file /usr/local/nginx/conf/lua/lua_redis.lua;
}
5.4.2 编辑连接redis的lua脚本
[root@localhost conf]# vim lua/lua_redis.lua
local redis = require "resty.redis"
local red = redis:new()
red:set_timeouts(1000, 1000, 1000) -- 1 sec
--lua 连接redis
local ok,err = red:connect("127.0.0.1", 6379)
if not ok then
ngx.say("failed to connect: ", err)
return
end
--设置数据
local date=os.date("%Y-%m-%d %H:%M:%S")
ok,err = red:set("dog", date.."-数据")
if not ok then
ngx.say("failed to set dog: ", err)
return
end
--获取设置的值
local res,err=red:get("dog")
if not res then
ngx.say("failed to get dog",err)
return
end
ngx.say(res)
5.4.3 重启nginx,访问nginx,数据成功写入redis,并读取
[root@localhost lua]# /usr/local/nginx/sbin/nginx -s reload
#(重启报错,自行查看nginx 的 error.log文件,具体根据自行的错误日志输错文件目录查看)
[root@localhost lua]# ls /usr/local/nginx/logs/
access.log error.log
准备工作已经完成,现在要实现nginx+Lua+Redis自动封禁并解封IP了,参考前面文章,这里不重复了
Nginx+Lua脚本+Redis 实现自动封禁访问频率过高IP-CSDN博客