目录
需求背景
环境搭建后nginx和redis版本
系统环境
搭建步骤
配置服务器DNS
安装ntpdate同步一下系统时间
安装网络工具、编译工具及依赖库
创建软件包下载目录、nginx和redis安装目录
下载配置安装lua解释器LuaJIT
下载nginx NDK(ngx_devel_kit)扩展模块
下载lua-nginx-module
下载安装lua-resty-http模块(lua的库,实现http功能的一些库)
下载安装lua-resty-redis模块(lua的库,实现操作redis功能的一些库)
下载配置安装nginx
将luajia相关库加载一下
下载安装redis
启动redis
启动nginx
环境测试
环境搭建的脚本
想做个防重放攻击,在环境搭建过程中,发现nginx+lua的环境不是很好搭建,当然直接用打包好的openresty也是可以,只是对于定制化的一些库,还是需要什么就编译用什么还是方便些,本文不介绍防重放攻击的设计实现,只做nginx+lua+redis环境的搭建,实现一个通过web连接redis的demon,在此基础上只需自己开发lua即可
cat /etc/centos-release
echo "nameserver 114.114.114.114" >> /etc/resolv.conf
yum install ntpdate -y
ntpdate ntp.aliyun.com
timedatectl set-timezone Asia/Shanghai
yum install -y wget net-tools gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y
mkdir -p /root/dev_env /usr/cloudland/nginx /usr/cloudland/redis
export NGINX_INSTALL_PATH=/usr/cloudland/nginx
export REDIS_INSTALL_PATH=/usr/cloudland/redis
cd /root/dev_env
wget -c http://luajit.org/download/LuaJIT-2.0.4.tar.gz
tar xzvf LuaJIT-2.0.4.tar.gz
cd LuaJIT-2.0.4
make install PREFIX=$NGINX_INSTALL_PATH/luajit
export LUAJIT_LIB=$NGINX_INSTALL_PATH/luajit/lib
export LUAJIT_INC=$NGINX_INSTALL_PATH/luajit/include/luajit-2.0
cd -
注意上面的两个export命令,配置lua解释器的环境变量,解决的是"cannot find LuaJIT there"的问题
wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz
tar -xzvf v0.3.0.tar.gz
wget https://github.com/openresty/lua-nginx-module/archive/v0.10.9rc7.tar.gz
tar -xzvf v0.10.9rc7.tar.gz
wget https://github.com/ledgetech/lua-resty-http/archive/refs/tags/v0.16.1.tar.gz
tar -zxvf v0.16.1.tar.gz
cp -r lua-resty-http-0.16.1/lib/resty/ $NGINX_INSTALL_PATH/luajit/lib/lua/5.1/
cp -r lua-resty-http-0.16.1/lib/resty/ $NGINX_INSTALL_PATH/luajit/share/lua/5.1/
注意NGINX_INSTALL_PATH换成自己nginx的安装路径即可,上面的两个cp的命令,这个是解决resty-http找不到的问题
wget https://github.com/openresty/lua-resty-redis/archive/refs/tags/v0.29.tar.gz
tar -zxvf v0.29.tar.gz
\cp -r lua-resty-redis-0.29/lib/resty $NGINX_INSTALL_PATH/luajit/lib/lua/5.1/
\cp -r lua-resty-redis-0.29/lib/resty $NGINX_INSTALL_PATH/luajit/share/lua/5.1/
注意NGINX_INSTALL_PATH换成自己nginx的安装路径即可,上面的两个cp的命令,这个是解决resty- redis找不到的问题
wget https://nginx.org/download/nginx-1.20.1.tar.gz
tar -xzvf nginx-1.20.1.tar.gz
cd nginx-1.20.1
./configure --prefix=$NGINX_INSTALL_PATH --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_realip_module --with-pcre --add-module=../lua-nginx-module-0.10.9rc7 --add-module=../ngx_devel_kit-0.3.0
make -j32
make install
echo "$NGINX_INSTALL_PATH/luajit/lib" >> /etc/ld.so.conf.d/usr_local_lib.conf
ldconfig
注意NGINX_INSTALL_PATH换成自己nginx的安装目录
wget http://download.redis.io/releases/redis-7.0.12.tar.gz
tar -zxvf redis-7.0.12.tar.gz
cd redis-7.0.12
make -j32
make install PREFIX=$REDIS_INSTALL_PATH
mkdir -p $REDIS_INSTALL_PATH/conf
cp redis.conf $REDIS_INSTALL_PATH/conf
注意REDIS_INSTALL_PATH是自己的redis安装目录
/usr/cloudland/redis/bin/redis-server /usr/cloudland/redis/conf/redis.conf &
配置启动nginx
配置nginx.conf,指明lua库的路径
lua_package_path "/usr/cloudland/nginx/luajit/lib/lua/?.lua;;";
server {
listen 9080;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /lua/check {
default_type 'text/plain';
content_by_lua_file conf/lua/check.lua;
}
简单写一个lua的测试脚本check.lua,放到nginx的安装目录 conf/lua下,注意与nginx.conf里的content_by_lua_file 参数一致
check.lua的内容
local redis = require "resty.redis"
local cache = redis.new()
local ok, err = cache.connect(cache, '127.0.0.1', '6379')
if not ok then
ngx.log(ngx.ERR, "failed to connect redis: ", err)
ngx.exit(ngx.HTTP_SERVICE_UNAVAILABLE)
end
/usr/cloudland/nginx/sbin/nginx -c /usr/cloudland/nginx/conf/nginx.conf
curl -I "http://localhost:9080/lua/check"
curl返回200 OK,将redis-server kill掉之后返回500,说明通过nginx+lua连接redis成功,
有些库下载慢些,多执行几次就可以了
#!/bin/sh
NGINX_INSTALL_PATH=/usr/cloudland/nginx
REDIS_INSTALL_PATH=/usr/cloudland/redis
SCRIPT_PATH=$(dirname $(readlink -f "$0"))
DEP_DOWLOAD_PATH=$SCRIPT_PATH/dev_env
echo "nameserver 114.114.114.114" >> /etc/resolv.conf
yum install wget ntpdate -y
yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y
ntpdate ntp.aliyun.com
timedatectl set-timezone Asia/Shanghai
if [ ! -d $DEP_DOWLOAD_PATH ]; then
mkdir -p $DEP_DOWLOAD_PATH
fi
cd $DEP_DOWLOAD_PATH
# LuaJIT
if [ ! -f LuaJIT-2.0.4.tar.gz ]; then
wget -c http://luajit.org/download/LuaJIT-2.0.4.tar.gz
fi
tar xzvf LuaJIT-2.0.4.tar.gz
cd LuaJIT-2.0.4
make install PREFIX=$NGINX_INSTALL_PATH/luajit
export LUAJIT_LIB=$NGINX_INSTALL_PATH/luajit/lib
export LUAJIT_INC=$NGINX_INSTALL_PATH/luajit/include/luajit-2.0
cd $DEP_DOWLOAD_PATH
#ngx_devel_kit
if [ ! -f v0.3.0.tar.gz ]; then
wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz
fi
tar -xzvf v0.3.0.tar.gz
#lua-nginx-module
if [ ! -f v0.10.9rc7.tar.gz ]; then
wget https://github.com/openresty/lua-nginx-module/archive/v0.10.9rc7.tar.gz
fi
tar -xzvf v0.10.9rc7.tar.gz
#lua-resty-http
if [ ! -f v0.16.1.tar.gz ]; then
wget https://github.com/ledgetech/lua-resty-http/archive/refs/tags/v0.16.1.tar.gz
fi
tar -zxvf v0.16.1.tar.gz
\cp -r lua-resty-http-0.16.1/lib/resty/ $NGINX_INSTALL_PATH/luajit/lib/lua/5.1/
\cp -r lua-resty-http-0.16.1/lib/resty/ $NGINX_INSTALL_PATH/luajit/share/lua/5.1/
if [ ! -f v0.29.tar.gz ]; then
wget https://github.com/openresty/lua-resty-redis/archive/refs/tags/v0.29.tar.gz
fi
tar -zxvf v0.29.tar.gz
\cp -r lua-resty-redis-0.29/lib/resty $NGINX_INSTALL_PATH/luajit/lib/lua/5.1/
\cp -r lua-resty-redis-0.29/lib/resty $NGINX_INSTALL_PATH/luajit/share/lua/5.1/
# nginx
if [ ! -f nginx-1.20.1.tar.gz ]; then
wget https://nginx.org/download/nginx-1.20.1.tar.gz
fi
tar -xzvf nginx-1.20.1.tar.gz
cd nginx-1.20.1
./configure --prefix=$NGINX_INSTALL_PATH --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_realip_module --with-pcre --add-module=../lua-nginx-module-0.10.9rc7 --add-module=../ngx_devel_kit-0.3.0
make -j32
make install
echo "$NGINX_INSTALL_PATH/luajit/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
ldconfig
cd $DEP_DOWLOAD_PATH
if [ ! -f redis-7.0.12.tar.gz ]; then
wget http://download.redis.io/releases/redis-7.0.12.tar.gz
fi
tar -zxvf redis-7.0.12.tar.gz
cd redis-7.0.12
make -j32
make install PREFIX=/usr/cloudland/redis/
if [ ! -d $REDIS_INSTALL_PATH/conf ]; then
mkdir $REDIS_INSTALL_PATH/conf
fi
\cp redis.conf $REDIS_INSTALL_PATH/conf