+++ /dev/null
-#
-# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-types {
- text/html html htm shtml;
- text/css css;
- text/xml xml rss;
- image/gif gif;
- image/jpeg jpeg jpg;
- application/x-javascript js;
- application/atom+xml atom;
-
- text/mathml mml;
- text/plain txt;
- text/vnd.sun.j2me.app-descriptor jad;
- text/vnd.wap.wml wml;
- text/x-component htc;
-
- image/png png;
- image/tiff tif tiff;
- image/vnd.wap.wbmp wbmp;
- image/x-icon ico;
- image/x-jng jng;
- image/x-ms-bmp bmp;
- image/svg+xml svg svgz;
-
- application/java-archive jar war ear;
- application/json json;
- application/mac-binhex40 hqx;
- application/msword doc;
- application/pdf pdf;
- application/postscript ps eps ai;
- application/rtf rtf;
- application/vnd.ms-excel xls;
- application/vnd.ms-powerpoint ppt;
- application/vnd.wap.wmlc wmlc;
- application/vnd.google-earth.kml+xml kml;
- application/vnd.google-earth.kmz kmz;
- application/x-7z-compressed 7z;
- application/x-cocoa cco;
- application/x-java-archive-diff jardiff;
- application/x-java-jnlp-file jnlp;
- application/x-makeself run;
- application/x-perl pl pm;
- application/x-pilot prc pdb;
- application/x-rar-compressed rar;
- application/x-redhat-package-manager rpm;
- application/x-sea sea;
- application/x-shockwave-flash swf;
- application/x-stuffit sit;
- application/x-tcl tcl tk;
- application/x-x509-ca-cert der pem crt;
- application/x-xpinstall xpi;
- application/xhtml+xml xhtml;
- application/zip zip;
-
- application/octet-stream bin exe dll;
- application/octet-stream deb;
- application/octet-stream dmg;
- application/octet-stream eot;
- application/octet-stream iso img;
- application/octet-stream msi msp msm;
- application/ogg ogx;
-
- audio/midi mid midi kar;
- audio/mpeg mpga mpega mp2 mp3 m4a;
- audio/ogg oga ogg spx;
- audio/x-realaudio ra;
- audio/webm weba;
-
- video/3gpp 3gpp 3gp;
- video/mp4 mp4;
- video/mpeg mpeg mpg mpe;
- video/ogg ogv;
- video/quicktime mov;
- video/webm webm;
- video/x-flv flv;
- video/x-mng mng;
- video/x-ms-asf asx asf;
- video/x-ms-wmv wmv;
- video/x-msvideo avi;
-}
\ No newline at end of file
-#
-# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-#user nobody;
-worker_processes auto;
-worker_rlimit_nofile 50000;
-
-error_log logs/error.log warn;
-pid logs/nginx.pid;
+#user xfs xfs;
+worker_processes 1;
+
+error_log logs/error.log warn;
+pid logs/nginx.pid;
events {
- #linux下打开提高性能
- #use epoll;
- worker_connections 2048;
- multi_accept on;
+ worker_connections 1024;
}
http {
- server_tokens off;
- include mime.types;
- default_type text/html;
+ include mime.types;
+
+ upstream iui {
+ server 127.0.0.1:8202;
+ }
+
+ upstream nsoc {
+ server 127.0.0.1:8203;
+ }
+
+ upstream roc {
+ server 127.0.0.1:8204;
+ }
- #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- # '$status $body_bytes_sent "$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
+ upstream umc {
+ server 127.0.0.1:8205;
+ }
- #access_log logs/access.log main;
- access_log off;
+ upstream ssh {
+ server 127.0.0.1:8209;
+ }
- sendfile on;
- tcp_nopush on;
+ upstream yamlparser {
+ server 127.0.0.1:8210;
+ }
+
+ upstream dac {
+ server 127.0.0.1:8206;
+ }
+
+ upstream cmcc {
+ server 127.0.0.1:8207;
+ }
+
+ upstream tacker {
+ server 127.0.0.1:8208;
+ }
+
+ upstream winery {
+ server 127.0.0.1:8080;
+ }
+
+ upstream etsi {
+ server 127.0.0.1:8211;
+ }
+
+ upstream openstackadapter {
+ server 127.0.0.1:8217;
+ }
+
+ upstream vimadapter {
+ server 127.0.0.1:8218;
+ }
+
+ upstream odlsdn {
+ server 127.0.0.1:8216;
+ }
+ # Basic Settings
+ default_type application/octet-stream;
+ sendfile on;
+ tcp_nopush on;
+ server_names_hash_bucket_size 128;
keepalive_timeout 120s;
- gzip on;
+ #the maximum allowed size of the client request body,current 10G
+ client_max_body_size 10240m;
+ client_body_buffer_size 128k;
+
+ #set the time wait for connect to proxy_pass target,avoid waiting too long
+ proxy_connect_timeout 10s;
+ proxy_read_timeout 120s;
+ proxy_send_timeout 120s;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host:$server_port;
+ proxy_buffers 4 32k;
+
+ #set the nginx_cache parameter
+ #proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:10m inactive=1d max_size=100m;
+
+ # Logging
+ access_log off;
- include ../msb-enabled/*.conf;
- include ../sites-enabled/*.conf;
- include ../sites-enabled-mount/*.conf;
-}
+ # Lua settings
+ lua_package_path "$prefix/../lualib/?.lua;;";
+ lua_package_cpath "$prefix/../lualib/?.so;;";
+
+ lua_shared_dict ceryx 10M;
+ lua_code_cache on;
+
+ server {
+ listen 80;
+ default_type text/html;
+
+ location = / {
+ rewrite ^ /iui/framework redirect;
+ }
+
+ location = /openo {
+ rewrite ^ /iui/framework redirect;
+ }
+
+ location = /iui/openo {
+ rewrite ^ /iui/framework redirect;
+ }
+
+ location = /iui/framework/login.html {
+ access_by_lua_file luaext/iui_auth.lua;
+ proxy_pass http://iui;
+ }
+
+ location = /api/uiframe/v1/login {
+ rewrite ^ /api/umcsm/v1/login break;
+ proxy_pass http://umc;
+ header_filter_by_lua_file luaext/login.lua;
+ }
+
+ location = /api/uiframe/v1/loginOut {
+ access_by_lua_file luaext/logout.lua;
+ rewrite ^ /api/umcsm/v1/loginOut break;
+ proxy_pass http://umc;
+ }
+
+ location = /api/hsif/v1/authentication {
+ access_by_lua_file luaext/make_authed.lua;
+ }
+
+ location /iui {
+ access_by_lua_file luaext/iui_auth.lua;
+ proxy_pass http://iui;
+ }
+
+ location ~ ^/api/(?:vim|nsoc)/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://nsoc;
+ }
+
+ location = /api/nsoc/v1/vnfgrantinfo {
+ rewrite ^ /api/vim/v1/vnfgrantinfo break;
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://nsoc;
+ }
+
+ location /api/nsocnotification/v1 {
+ rewrite ^/api/nsocnotification/v1/(.*) /nsocnotification/v1/$1 break;
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://nsoc;
+ }
+
+ location ~ ^/api/(?:roc|rocnotification)/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://roc;
+ }
+
+ location /api/uiframe/v1 {
+ rewrite ^/api/uiframe/v1/(.*) /api/umcsm/v1/$1 break;
+ access_by_lua_file luaext/iui_auth.lua;
+ proxy_pass http://umc;
+ }
+
+ location ~ ^/api/umc(?:pm|fm|drill|sm|monitor)/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://umc;
+ }
+
+ location ~ ^/api/ssh/v1 {
+ proxy_pass http://ssh;
+ }
+
+ location ~ ^/api/yamlparser/v1 {
+ proxy_pass http://yamlparser;
+ }
+
+ location ~ ^/api/(?:dac|dacnotification)/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://dac;
+ }
+
+ location /api/cmccia/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://cmcc;
+ }
+
+ location /api/tackeria/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://tacker;
+ }
+
+ location /winery {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://winery;
+ }
+
+ location = /api/microservices/v1/apiRoute {
+ access_by_lua_file luaext/auth.lua;
+ content_by_lua_file luaext/serviceaccess.lua;
+ }
+
+ location /api/umcswagger/v1 {
+ rewrite ^/api/umcswagger/v1/(.*) /api/$1 break;
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://umc;
+ }
+
+ location /api/etsiia/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://etsi;
+ }
-stream {
- include ../stream-enabled/*;
+ location /api/odlsdnia/v1 {
+ access_by_lua_file luaext/auth.lua;
+ proxy_pass http://odlsdn;
+ }
+ }
}
--- /dev/null
+local cache = ngx.shared.ceryx
+local client_ip = ngx.var.remote_addr
+local host = ngx.var.host
+if client_ip == '127.0.0.1' or client_ip == host or client_ip == ngx.var.server_addr then
+ return
+end
+local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600)
+if not succ then
+ if err == 'not found' then
+ ngx.log(ngx.WARN, "access record not found for "..client_ip)
+ ngx.exit(401)
+ else
+ ngx.log(ngx.WARN, err)
+ end
+end
\ No newline at end of file
+++ /dev/null
---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local modulename = "msbinit"
-local _M = {}
-_M._VERSION = '1.0.0'
-
-_M.systemConf = {
- ["defaultport"] = "10080",
- ["defaultprefix"] = "msb:routing",
- ["enablefullsearch"] = true, --whether test against the custom services after common match processing
- ["enablerefercheck"] = true, --whether use refer to test against the service names as the last solution
- ["enableauthcheck"] = true, --whether add custom auth header or not
- ["useconsultemplate"] = false --whether using consul template or not
-}
-_M.redisConf = {
- ["host"] = "127.0.0.1",
- ["port"] = 6379,
- ["poolsize"] = 100,
- ["idletimeout"] = 90000,
- ["timeout"] = 1000,
- ["dbid"] = 0
-}
-_M.cacheConf = {
- ["positive_ttl"] = 60, --shcache use,in seconds
- ["negative_ttl"] = 2, --shcache use,in seconds
- ["lru_ttl"] = 10 --in seconds
-}
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-_M.apiRelatedTypes = {\r
- ["api"] = true,\r
- ["admin"] = true,\r
- ["apijson"] = true\r
-}\r
-_M.urlfieldMap = {\r
- ["api"] = "url",\r
- ["admin"] = "metricsUrl",\r
- ["apijson"] = "apijson",\r
- ["iui"] = "url",\r
- ["custom"] = "url"\r
-}\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
---This module integrates the shcache with an abstraction for various databases(redis and so on)\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-local shcache = require("vendor.shcache")\r
-local cjson = require "cjson"\r
-local msbConf = require('conf.msbinit')\r
-\r
-local DB = require('dao.redis_db')\r
-local options = msbConf.redisConf\r
-\r
-local cacheConf = msbConf.cacheConf\r
-local positive_ttl = cacheConf.positive_ttl or 60\r
-local negative_ttl = cacheConf.negative_ttl or 2\r
-\r
-local svc_shcache = ngx.shared.svc_cache\r
-\r
-local function load_serviceinfo(key)\r
-\r
- -- closure to perform external lookup to redis\r
- local fetch_svcinfo_from_db = function ()\r
- local _db = DB:new(options)\r
- return _db:getserviceinfo(key)\r
- end\r
-\r
- local svcinfo_cache_table = shcache:new(\r
- svc_shcache,\r
- { external_lookup = fetch_svcinfo_from_db,\r
- --encode = cmsgpack.pack,\r
- encode = cjson.encode,\r
- --decode = cmsgpack.unpack\r
- decode = cjson.decode\r
- },\r
- { positive_ttl = positive_ttl, -- default cache good data for 60s \r
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s\r
- name = 'svcinfo_cache' -- "named" cache, useful for debug / report\r
- }\r
- )\r
-\r
- local serviceinfo, from_cache = svcinfo_cache_table:load(key)\r
-\r
- return serviceinfo\r
-end\r
-_M.load_serviceinfo = load_serviceinfo\r
-\r
-local function load_backservers(keypattern)\r
-\r
- -- closure to perform external lookup to redis\r
- local fetch_servers_from_db = function ()\r
- local _db = DB:new(options)\r
- return _db:getbackservers(keypattern)\r
- end\r
-\r
- local servers_cache_table = shcache:new(\r
- svc_shcache,\r
- { external_lookup = fetch_servers_from_db,\r
- --encode = cmsgpack.pack,\r
- encode = cjson.encode,\r
- --decode = cmsgpack.unpack\r
- decode = cjson.decode\r
- },\r
- { positive_ttl = positive_ttl, -- default cache good data for 60s \r
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s\r
- name = 'servers_cache' -- "named" cache, useful for debug / report\r
- }\r
- )\r
-\r
- local servers_table, from_cache = servers_cache_table:load(keypattern)\r
-\r
- return servers_table\r
-end\r
-_M.load_backservers = load_backservers\r
-\r
-\r
-local function load_customsvcnames(keypattern)\r
- -- closure to perform external lookup to redis\r
- local fetch_svcnames_from_db = function ()\r
- local _db = DB:new(options)\r
- return _db:getcustomsvcnames(keypattern)\r
- end\r
-\r
- local svcnames_cache_table = shcache:new(\r
- svc_shcache,\r
- { external_lookup = fetch_svcnames_from_db,\r
- --encode = cmsgpack.pack,\r
- encode = cjson.encode,\r
- --decode = cmsgpack.unpack\r
- decode = cjson.decode\r
- },\r
- { positive_ttl = positive_ttl, -- default cache good data for 60s \r
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s\r
- name = 'svcnames_cache' -- "named" cache, useful for debug / report\r
- }\r
- )\r
-\r
- local service_names, from_cache = svcnames_cache_table:load(keypattern)\r
-\r
- return service_names\r
-end\r
-_M.load_customsvcnames = load_customsvcnames\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
--- unified layer to access back DB, using two levels of cache mechanism(LRUCache and shcache)\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-local cache = require('lib.tools.db_cache')\r
-local dao = require('dao.dao')\r
-local msbConf = require('conf.msbinit')\r
-\r
-local cacheConf = msbConf.cacheConf\r
-local lru_ttl = cacheConf.lru_ttl or 10\r
-\r
-function _M.load_serviceinfo(key)\r
- local value, err\r
- -- Try to get from cache\r
- value = cache.get(key)\r
- if not value then\r
- -- Get from shcache or backend redis\r
- value = dao.load_serviceinfo(key)\r
- cache.set(key,value,lru_ttl)\r
- end\r
- if cache.is_empty(value) then\r
- return nil\r
- end\r
- return value\r
-end\r
-\r
-function _M.load_backservers(keypattern)\r
- local value, err\r
- -- Try to get from cache\r
- value = cache.get(keypattern)\r
- if not value then\r
- -- Get from shcache or backend redis\r
- value = dao.load_backservers(keypattern)\r
- cache.set(keypattern,value,lru_ttl)\r
- end\r
- if cache.is_empty(value) then\r
- return nil\r
- end\r
- return value\r
-end\r
-\r
-function _M.load_customsvcnames(keypattern)\r
- local value, err\r
- -- Try to get from cache\r
- value = cache.get(keypattern)\r
- if not value then\r
- -- Get from shcache or backend redis\r
- value = dao.load_customsvcnames(keypattern)\r
- cache.set(keypattern,value,lru_ttl)\r
- end\r
- if cache.is_empty(value) then\r
- return nil\r
- end\r
- return value\r
-end\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
--- the client for redis, include the connection pool management and api implements\r
-local redis = require('resty.redis')\r
-local tbl_util = require('lib.utils.table_util')\r
-\r
-local _M = {\r
-}\r
-_M._VERSION = '0.0.1'\r
-_M._DESCRIPTION = 'msb_redis_module'\r
-\r
-local mt = { __index = _M }\r
-\r
-local tbl_insert = table.insert\r
-local tbl_sort = table.sort\r
-local tbl_isempty = tbl_util.isempty\r
-\r
-function _M.new(self, conf)\r
- self.host = conf.host\r
- self.port = conf.port\r
- self.timeout = conf.timeout\r
- self.dbid = conf.dbid\r
- self.poolsize = conf.poolsize\r
- self.idletimeout = conf.idletimeout\r
-\r
- local red = redis:new()\r
- return setmetatable({redis = red}, mt)\r
-end\r
-\r
-function _M.connectdb(self)\r
- local host = self.host\r
- local port = self.port\r
- local dbid = self.dbid\r
- local red = self.redis\r
-\r
- if not (host and port) then\r
- return nil, 'no host:port avaliable provided'\r
- end\r
-\r
- --set default value\r
- if not dbid then dbid = 0 end\r
- local timeout = self.timeout \r
- if not timeout then \r
- timeout = 1000 -- 1s\r
- end\r
-\r
- red:set_timeout(timeout)\r
-\r
- local ok, err \r
- if host and port then\r
- ok, err = red:connect(host, port)\r
- if ok then return red:select(dbid) end\r
- end\r
-\r
- return ok, err\r
-end\r
-\r
-function _M.keepalivedb(self)\r
- local max_idle_timeout = self.idletimeout --ms\r
- local pool_size = self.poolsize\r
-\r
- if not pool_size then pool_size = 100 end\r
- if not max_idle_timeout then max_idle_timeout = 90000 end --90s\r
-\r
- local ok, err = self.redis:set_keepalive(max_idle_timeout, pool_size)\r
- if not ok then\r
- ngx.log(ngx.ERR, "redis pool keepalive error",err)\r
- return\r
- end\r
- return\r
-end\r
-\r
---inner function,only used in this module\r
-local function _hgetall(red,key)\r
- local resp,err = red:hgetall(key)\r
- --if not resp or next(resp) == nil then\r
- if tbl_isempty(resp) then\r
- return nil, "key "..key.." not found"\r
- end\r
- local hashinfo = red:array_to_hash(resp)\r
- return hashinfo,nil\r
-end\r
-\r
-function _M.getserviceinfo(self,key)\r
- if not key then\r
- return nil,'no key is provided'\r
- end\r
- local c, err = self:connectdb()\r
- if not c then\r
- return nil, err\r
- end\r
-\r
- local red = self.redis\r
-\r
- local resp,err = red:hgetall(key) --the key will create dynamically\r
- --if not resp or next(resp) == nil then\r
- if tbl_isempty(resp) then\r
- self:keepalivedb()\r
- return nil, "key "..key.." not found"\r
- end\r
-\r
- local serviceinfo = red:array_to_hash(resp)\r
-\r
- self:keepalivedb()\r
-\r
- return serviceinfo,nil\r
-end\r
-\r
-function _M.getbackservers(self,keypattern)\r
- if not keypattern then\r
- return nil,'no keypattern is provided'\r
- end\r
- local c, err = self:connectdb()\r
- if not c then\r
- return nil, err\r
- end\r
-\r
- local red = self.redis\r
-\r
- local resp, err = red:keys(keypattern)\r
- if tbl_isempty(resp) then\r
- self:keepalivedb()\r
- return nil, "no server matched"\r
- end\r
-\r
- local servers = {}\r
- for i, v in ipairs(resp) do\r
- local serverinfo,err = _hgetall(red,v)\r
- if serverinfo then\r
- tbl_insert(servers,serverinfo)\r
- end\r
- end\r
- self:keepalivedb()\r
- return servers,nil\r
-end\r
-\r
-function _M.getcustomsvcnames(self,keypattern)\r
- if not keypattern then\r
- return nil,'no keypattern is provided'\r
- end\r
- local c, err = self:connectdb()\r
- if not c then\r
- return nil, err\r
- end\r
-\r
- local red = self.redis\r
-\r
- local resp, err = red:keys(keypattern)\r
- if tbl_isempty(resp) then\r
- self:keepalivedb()\r
- return {}, "no custome service name found"\r
- end\r
-\r
- local svcnames = {}\r
- --store svc names into the Set\r
- local key_set={}\r
- local name\r
- for key, value in ipairs(resp) do\r
- local m, err = ngx.re.match(value, "^.+:custom:([^:]+):.*", "o")\r
- if m then\r
- name = m[1]\r
- key_set[name]=true \r
- end\r
- end\r
-\r
- for key,_ in pairs(key_set) do\r
- tbl_insert(svcnames,key)\r
- end\r
- --sort the key_table in reverse order\r
- tbl_sort(svcnames, function (a, b)\r
- return a > b\r
- end)\r
-\r
- self:keepalivedb()\r
- return svcnames,nil\r
-end\r
-return _M
\ No newline at end of file
--- /dev/null
+local cache = ngx.shared.ceryx
+local client_ip = ngx.var.remote_addr
+local uri = ngx.var.uri
+if uri == "/iui/framework/login.html" then
+ local value, flags = cache:get(client_ip)
+ if not value then
+ return
+ else
+ ngx.redirect("/iui/framework/main-page.html")
+ end
+end
+
+local referer = ngx.var.http_referer
+local refererList = {
+ "/iui/framework/login.html",
+ "/iui/framework/css/login.css",
+ "/iui/component/thirdparty/font%-awesome/css/font%-awesome.min.css",
+ "/iui/framework/css/style%-custom.css"
+}
+local function referer_matches(t, r)
+ for k,_ in pairs(t) do
+ if string.match(r, t[k]) then
+ return true
+ end
+ end
+ return false
+end
+
+if referer and referer_matches(refererList, referer) then
+ return
+end
+
+local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600)
+if not succ then
+ if err == 'not found' then
+ ngx.log(ngx.WARN, "access record not found for "..client_ip..",redirect to login page")
+ ngx.redirect("/iui/framework/login.html")
+ else
+ ngx.log(ngx.WARN, err)
+ end
+end
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
--- db cache over LRUCache, used within one worker processes\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-local lrucache = require "resty.lrucache"\r
-\r
-local EMPTY_DATA = '_EMPTY_'\r
-\r
--- we need to initialize the cache on the lua module level so that\r
--- it can be shared by all the requests served by each nginx worker process:\r
-local cache,err = lrucache.new(200) -- allow up to 200 items in the cache\r
-if not cache then\r
- return ngx.log(ngx.ERR,"failed to create the cache: " .. (err or "unknown"))\r
-end\r
-\r
-function _M.get(key)\r
- return cache:get(key)\r
-end\r
-\r
-function _M.set(key,value)\r
- return _M:set(key, value, nil)\r
-end\r
-\r
-function _M.set(key,value,ttl)\r
- if not value then \r
- value = EMPTY_DATA\r
- end\r
- return cache:set(key, value, ttl)\r
-end\r
-\r
--- check if the data returned by get() is considered empty\r
-function _M.is_empty(data)\r
- return data == EMPTY_DATA\r
-end\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-function _M.log(k, v)\r
- --if empty,initialize it\r
- if not ngx.ctx.logtbl then ngx.ctx.logtbl = {} end \r
- ngx.ctx.logtbl[k] = v\r
-end\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-local tbl_util = require('lib.utils.table_util')\r
-local msbConf= require('conf.msbinit')\r
-local log_util = require('lib.utils.log_util')\r
-local tbl_isempty = tbl_util.isempty\r
-local enableauthcheck = msbConf.systemConf.enableauthcheck\r
-local log = log_util.log\r
-\r
-function _M.isactive(svcinfo)\r
- if tbl_isempty(svcinfo) then\r
- return false\r
- end\r
- if svcinfo["status"] == "1" then\r
- return true\r
- else\r
- return false\r
- end\r
-end\r
-\r
-function _M.isautodiscover(svcinfo)\r
- if tbl_isempty(svcinfo) then\r
- return false\r
- end\r
- if svcinfo["autoDiscover"] == "1" then\r
- return true\r
- else\r
- return false\r
- end\r
-end\r
-\r
-function _M.setauthheader(svcinfo)\r
- --if auth check enabled and this service is inter-system then add sth\r
- if enableauthcheck and svcinfo["visualRange"] == "0" then\r
- ngx.req.set_header("Z-EXTENT", "C012089CF43DE687B23B2C0176B344EE")\r
- log("add Z-EXTENT",true)\r
- end\r
-end\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-function _M.isempty(t)\r
- if t == nil or next(t) == nil then\r
- return true\r
- else\r
- return false\r
- end\r
-end\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local b = require "ngx.balancer"\r
-local policymodule = require "loadbalance.policy.roundrobin"\r
-local log_util = require('lib.utils.log_util')\r
-\r
-local ngx_ctx = ngx.ctx\r
-local log = log_util.log\r
-\r
-local doservernil = function() \r
- ngx.status = ngx.HTTP_NOT_FOUND\r
- ngx.say("no on-line server found!")\r
- return ngx.exit(ngx.status)\r
-end\r
-\r
-local servers = ngx_ctx.backservers\r
-local svckeypattern = ngx_ctx.svcserverpattern\r
-local server,err = policymodule.get_backserver(servers,svckeypattern)\r
-if not server then \r
- doservernil()\r
-end\r
---b.set_current_peer(server["ip"]..":"..server["port"])\r
-b.set_current_peer(server["ip"],server["port"])\r
-log("upstreamserver",server["ip"]..":"..server["port"])
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local _M = {}\r
-_M._VERSION = '1.0.0'\r
-\r
-local tbl_util = require('lib.utils.table_util')\r
-local tbl_isempty = tbl_util.isempty\r
-\r
-function _M.get_backserver(servers,svckey)\r
- if tbl_isempty(servers) then return nil,"input server list is empty" end\r
-\r
- local length = #servers\r
- if length==1 then\r
- -- return it directly if there is only one server\r
- return servers[1],nil\r
- end\r
-\r
- local resty_lock = require "resty.lock"\r
- local roundrobin_cache = ngx.shared.rr_cache\r
-\r
- --step1:acquire lock\r
- local opts = {["timeout"] = 0.002,["exptime"] = 0.05}--this can be set using the conf file\r
- local rrlock = resty_lock:new("rr_locks",opts)\r
- local elapsed, err = rrlock:lock(svckey)\r
- if not elapsed then\r
- --return fail("failed to acquire the lock: ", err)\r
- end\r
- --step2:lock successfully acquired!incr the index\r
- local index, err = roundrobin_cache:get(svckey)\r
- if not index then\r
- index = 0\r
- end\r
- index = index%length+1\r
-\r
- --step3:update the shm cache with the new index\r
- roundrobin_cache:set(svckey,index)\r
-\r
- --step4:release the lock\r
- local ok, err = rrlock:unlock()\r
-\r
- return servers[index],nil\r
-end\r
-\r
-return _M
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local cjson = require "cjson"\r
-\r
-local ngx_ctx = ngx.ctx\r
-\r
-if ngx_ctx.logtbl then\r
- local jsonData = cjson.encode(ngx_ctx.logtbl)\r
- ngx.log(ngx.WARN, string.gsub(jsonData,"\\/","/"))\r
-end
\ No newline at end of file
--- /dev/null
+local h = ngx.resp.get_headers()
+if h["openoauth"] and h["openoauth"] == "true" then
+ local cache = ngx.shared.ceryx
+ local client_ip = ngx.var.remote_addr
+ local succ, err, forcible = cache:set(client_ip, "place_holder", 3600)
+ if not succ then
+ ngx.log(ngx.WARN, err)
+ end
+end
\ No newline at end of file
--- /dev/null
+local cache = ngx.shared.ceryx
+local client_ip = ngx.var.remote_addr
+local succ, err, forcible = cache:delete(client_ip)
+if not succ then
+ ngx.log(ngx.WARN, err)
+end
\ No newline at end of file
--- /dev/null
+function ipValidator(ip)\r
+ local chunks = {ip:match("(%d+)%.(%d+)%.(%d+)%.(%d+)")}\r
+ if #chunks == 4 then\r
+ for _,v in pairs(chunks) do\r
+ if tonumber(v) > 255 then return R.STRING end\r
+ end\r
+ return true\r
+ end\r
+ local chunks = {ip:match(("([a-fA-F0-9]*):"):rep(8):gsub(":$","$"))}\r
+ if #chunks == 8 then\r
+ for _,v in pairs(chunks) do\r
+ if #v > 0 and tonumber(v, 16) > 65535 then return R.STRING end\r
+ end\r
+ return true\r
+ end\r
+ return false\r
+end \r
+\r
+if ngx.req.get_method() == "POST" then\r
+ ngx.req.read_body()\r
+ local body = ngx.req.get_body_data() \r
+ local json = require('cjson')\r
+ local tab = json.decode(body)\r
+ local ip = tab["passIp"]\r
+ if not ip then\r
+ ngx.log(ngx.WARN, "ip is nil.")\r
+ ngx.exit(500)\r
+ end\r
+ if ipValidator(ip) then\r
+ local cache = ngx.shared.ceryx\r
+ local succ, err, forcible = cache:set(ip, "place_holder", 3600)\r
+ if not succ then\r
+ ngx.log(ngx.WARN, err)\r
+ ngx.exit(500)\r
+ end\r
+ else\r
+ ngx.log(ngx.WARN, "not a valid ip.")\r
+ ngx.exit(500)\r
+ end \r
+ ngx.exit(201)\r
+else\r
+ ngx.log(ngx.WARN, "not a POST request.")\r
+ ngx.exit(500)\r
+end
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local msbConf = require('conf.msbinit')\r
-local svcConf = require('conf.svcconf')\r
-local dbclient = require('dao.db_access')\r
-local tbl_util = require('lib.utils.table_util')\r
-local svc_util = require('lib.utils.svc_util')\r
-local log_util = require('lib.utils.log_util')\r
-\r
-local tbl_concat = table.concat\r
-local tbl_isempty = tbl_util.isempty\r
-local svc_isactive = svc_util.isactive\r
-local svc_setauthheader = svc_util.setauthheader\r
-local svc_isautodiscover = svc_util.isautodiscover\r
-\r
-local str_sub = string.sub\r
-local str_len = string.len\r
-local str_low = string.lower\r
-local ngx_var = ngx.var\r
-local ngx_ctx = ngx.ctx\r
-local log = log_util.log\r
-\r
-local defaultport = msbConf.systemConf.defaultport\r
-local defaultprefix = msbConf.systemConf.defaultprefix\r
-local enablefullsearch = msbConf.systemConf.enablefullsearch\r
-local useconsultemplate = msbConf.systemConf.useconsultemplate\r
-local apiRelatedTypes = svcConf.apiRelatedTypes\r
-local urlfieldMap = svcConf.urlfieldMap\r
-\r
-local donotfound = function()\r
- if enablefullsearch then\r
- -- test against the custom services after the commonrewrite phase\r
- ngx.status = ngx.HTTP_GONE\r
- else\r
- ngx.status = ngx.HTTP_NOT_FOUND\r
- ngx.say("service info not found!")\r
- end\r
- return ngx.exit(ngx.status)\r
-end\r
-\r
----------------------------------------------------------------\r
---preCheck:\r
--- determine whether it is websocket request \r
--- and do internal redirect\r
----------------------------------------------------------------\r
-local http_upgrade = ngx_var.http_upgrade\r
-if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade) == "websocket" then\r
- ngx.log(ngx.ERR, "Websocket request and redirect to @commonwebsocket")\r
- return ngx.exec("@commonwebsocket");\r
-end\r
-\r
----------------------------------------------------------------\r
---step0:Preparation\r
--- svc_info_key\r
--- svc_server_keypattern\r
----------------------------------------------------------------\r
-local svc_name = ngx_var.svc_name\r
-local req_res = ngx_var.req_res\r
-local svc_type = ngx_var.svc_type\r
-\r
-local sys_prefix = ""\r
-local server_port = ngx_var.server_port\r
-if(server_port == defaultport) then\r
- sys_prefix = defaultprefix\r
-else\r
- sys_prefix = server_port\r
-end\r
-\r
-local svc_info_key = ""\r
-local svc_server_keypattern = ""\r
-local upstream_name_consultemplate = ""\r
-if(apiRelatedTypes[svc_type]) then\r
- -- process version info first\r
- local version1 = ngx_var.svc_version1\r
- local version2 = ngx_var.svc_version2\r
- local version = ""\r
- -- check version info appearing befor or after\r
- if(not version2) then version2 = "" end --convert nil to empty sting avoiding throw error\r
- if(not version1 or version1 == "") then\r
- version = version2\r
- else\r
- version = version1\r
- req_res = version2..req_res\r
- end\r
- -- remove the slash in front of the version (e.g. /V1.0)\r
- local svc_version=str_sub(version,2,str_len(version))\r
- svc_info_key = tbl_concat({sys_prefix,"api",svc_name,svc_version,"info"},":")\r
- svc_server_keypattern = tbl_concat({sys_prefix,"api",svc_name,svc_version,"lb:server*"},":")\r
- upstream_name_consultemplate = svc_name\r
-else\r
- svc_info_key = tbl_concat({sys_prefix,"iui",svc_name,"info"},":")\r
- svc_server_keypattern = tbl_concat({sys_prefix,"iui",svc_name,"lb:server*"},":")\r
- upstream_name_consultemplate = "IUI_"..svc_name\r
-end\r
-\r
----------------------------------------------------------------\r
---step1:query the service info from share memory or back db\r
--- svcinfo: the requested service information\r
----------------------------------------------------------------\r
-local svcinfo = dbclient.load_serviceinfo(svc_info_key)\r
-if not svc_isactive(svcinfo) then \r
- donotfound()\r
-end\r
-\r
-local svc_url = svcinfo[urlfieldMap[svc_type]]\r
-if not svc_url then \r
- donotfound()\r
-end\r
-\r
----------------------------------------------------------------\r
---step2:rewrite the request uri using the svcinfo\r
----------------------------------------------------------------\r
-local rewrited_uri = svc_url..req_res\r
---special handling: avoid throws internal error when it is empty\r
-if (rewrited_uri == "") then rewrited_uri = "/" end \r
-ngx.req.set_uri(rewrited_uri)\r
-\r
-log("matchedservice",svc_name)\r
-log("rewrited_uri",rewrited_uri)\r
----------------------------------------------------------------\r
---step2.1:if this service is inter-system,add custom http header\r
----------------------------------------------------------------\r
-svc_setauthheader(svcinfo)\r
-\r
----------------------------------------------------------------\r
---step3:process the proxy upstream part\r
--- con1-using consul template:set the upstream name\r
--- con2-using msb balancer:query the server list and store in the ctx\r
----------------------------------------------------------------\r
-if useconsultemplate and svc_isautodiscover(svcinfo) then \r
- ngx_var.backend = upstream_name_consultemplate\r
-else\r
- local backservers = dbclient.load_backservers(svc_server_keypattern) \r
- if tbl_isempty(backservers) then\r
- donotfound()\r
- end\r
- ngx_ctx.backservers = backservers\r
- ngx_ctx.svcserverpattern = svc_server_keypattern\r
-end
\ No newline at end of file
+++ /dev/null
---[[\r
-\r
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)\r
-\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
-\r
- http://www.apache.org/licenses/LICENSE-2.0\r
-\r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
-\r
---]]\r
-\r
-local msbConf = require('conf.msbinit')\r
-local svcConf = require('conf.svcconf')\r
-local dbclient = require('dao.db_access')\r
-local tbl_util = require('lib.utils.table_util')\r
-local svc_util = require('lib.utils.svc_util')\r
-local log_util = require('lib.utils.log_util')\r
-\r
-local tbl_concat = table.concat\r
-local tbl_isempty = tbl_util.isempty\r
-local svc_isactive = svc_util.isactive\r
-local svc_setauthheader = svc_util.setauthheader\r
-local svc_isautodiscover = svc_util.isautodiscover\r
-local str_sub = string.sub\r
-local str_len = string.len\r
-local str_low = string.lower\r
-local ngx_var = ngx.var\r
-local ngx_ctx = ngx.ctx\r
-local log = log_util.log\r
-\r
-local defaultport = msbConf.systemConf.defaultport\r
-local defaultprefix = msbConf.systemConf.defaultprefix\r
-local enablerefercheck = msbConf.systemConf.enablerefercheck\r
-local useconsultemplate = msbConf.systemConf.useconsultemplate\r
-local urlfieldMap = svcConf.urlfieldMap\r
-\r
-local donotfound = function() \r
- ngx.status = ngx.HTTP_NOT_FOUND\r
- ngx.say("service info not found!")\r
- return ngx.exit(ngx.status)\r
-end\r
-\r
----------------------------------------------------------------\r
---preCheck:\r
--- determine whether it is websocket request \r
--- and do internal redirect\r
----------------------------------------------------------------\r
-local http_upgrade = ngx_var.http_upgrade\r
-if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade)== "websocket" then\r
- ngx.log(ngx.ERR, "Websocket request and redirect to @customwebsocket")\r
- return ngx.exec("@customwebsocket");\r
-end\r
-\r
----------------------------------------------------------------\r
---step0:Preparation\r
--- svcnames:service names registered under this port\r
----------------------------------------------------------------\r
-local sys_prefix = ""\r
-local server_port = ngx_var.server_port\r
-if(server_port == defaultport) then\r
- sys_prefix = defaultprefix\r
-else\r
- sys_prefix = server_port\r
-end\r
-\r
-local custom_svc_keypattern = tbl_concat({sys_prefix,"custom","*"},":")\r
-\r
-local get_svcinfokey_custom = function(svcname) \r
- return tbl_concat({sys_prefix,"custom",svcname,"info"},":")\r
-end\r
-\r
-local get_svcserverpattern_custom = function(svcname) \r
- return tbl_concat({sys_prefix,"custom",svcname,"lb:server*"},":")\r
-end\r
-\r
-local svcnames,err = dbclient.load_customsvcnames(custom_svc_keypattern)\r
-if not svcnames then \r
- donotfound()\r
-end\r
-\r
----------------------------------------------------------------\r
---step1:run the match process(check whether the request \r
--- match the name in the svcnames one by one) \r
--- and return the matched serice info\r
----------------------------------------------------------------\r
-local req_res = ngx_var.uri\r
-local svc_type = ngx_var.svc_type\r
-local matchedsvcname\r
-local svcinfo\r
---add by wangyg:20160418 special handler for refer\r
-local matched_usingrefer = false\r
---end of add by wangyg:20160418 special handler for refer\r
-for _, svcname in ipairs(svcnames) do\r
- if (svcname == "/") then\r
- local svc_info_key = get_svcinfokey_custom(svcname)\r
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)\r
- if svc_info and svc_isactive(svc_info)then\r
- matchedsvcname = svcname\r
- svcinfo = svc_info\r
- break\r
- end\r
- end\r
- local from, to, err = ngx.re.find(req_res, "^"..svcname.."(/(.*))?$", "jo")\r
- --check whether svcname is the prefix of the req uri\r
- if from then\r
- local svc_info_key = get_svcinfokey_custom(svcname)\r
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)\r
- if svc_info and svc_isactive(svc_info) then \r
- matchedsvcname = svcname\r
- svcinfo = svc_info\r
- break\r
- end\r
- else\r
- --do nothing\r
- end\r
-end\r
----------------------------------------------------------------\r
---step1.1:additional process,test against the refer \r
--- similar to step1\r
----------------------------------------------------------------\r
---add by wangyg:20160418 special handler for refer\r
-if not matchedsvcname and enablerefercheck then \r
- local refer = ngx_var.http_referer\r
- if(refer and refer~="") then\r
- for _, svcname in ipairs(svcnames) do\r
- local urlreg ="^(https://|http://|)(([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.)(([0-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.){2}([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))(:\\d{1,5})?"..svcname.."(/(.*))?$";\r
- local from, to, err = ngx.re.find(refer, urlreg, "jo")\r
- ----check whether svcname is the prefix of the req refer\r
- if from then\r
- local svc_info_key = get_svcinfokey_custom(svcname)\r
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)\r
- if svc_info and svc_isactive(svc_info) then \r
- matchedsvcname = svcname\r
- svcinfo = svc_info\r
- matched_usingrefer = true\r
- break\r
- end\r
- end\r
- end\r
- end\r
-end\r
---end of add by wangyg:20160418 special handler for refer\r
-\r
-if not matchedsvcname or tbl_isempty(svcinfo) then \r
- donotfound()\r
-end\r
-\r
-local svc_url = svcinfo[urlfieldMap[svc_type]]\r
-if not svc_url then \r
- donotfound()\r
-end\r
-\r
----------------------------------------------------------------\r
---step2:rewrite the request uri using the svcinfo\r
----------------------------------------------------------------\r
-local rewrited_uri =""\r
-if (matchedsvcname == "/") then\r
- --special handling: if "/" matched, contact directly\r
- rewrited_uri = svc_url..req_res\r
-else\r
- --rewrited_uri = ngx.re.sub(req_res, "^"..matchedsvcname.."(.*)", svc_url.."$1", "o")\r
- local newuri,n,err = ngx.re.sub(req_res, "^"..matchedsvcname.."(/.*)?", svc_url.."$1", "o")\r
- --add by wangyg:20160418 special handler for refer\r
- if(n==0 and matched_usingrefer) then newuri = svc_url..req_res end --special handling if matched using refer\r
- --end of add by wangyg:20160418 special handler for refer\r
- rewrited_uri = newuri\r
-end\r
-if (rewrited_uri == "") then rewrited_uri = "/" end --avoid throws internal error when it is empty\r
-ngx.req.set_uri(rewrited_uri)\r
-\r
---set the matched service info,used in the proxy_redirect directive \r
-ngx_var.svc_name = matchedsvcname\r
-ngx_var.svc_url = svc_url\r
-\r
---log the route info\r
-log("matchedservice",matchedsvcname)\r
-if(matched_usingrefer) then log("matched_usingrefer",true) end \r
-log("rewrited_uri",rewrited_uri)\r
-\r
----------------------------------------------------------------\r
---step2.1:if this service is inter-system,add custom http header\r
----------------------------------------------------------------\r
-svc_setauthheader(svcinfo)\r
-\r
----------------------------------------------------------------\r
---step3:process the proxy upstream part\r
--- con1-using consul template:set the upstream name\r
--- con2-using msb balancer:query the backserver list and store in the ctx\r
----------------------------------------------------------------\r
-if useconsultemplate and svc_isautodiscover(svcinfo) then\r
- --FIX ME:if svcname contains "/", the upstream name may be illegal\r
- ngx_var.backend = ngx.re.sub(matchedsvcname, "^/(.*)", "$1", "o")\r
-else\r
- local svc_server_keypattern = get_svcserverpattern_custom(matchedsvcname)\r
- local backservers,err = dbclient.load_backservers(svc_server_keypattern)\r
- if tbl_isempty(backservers) then\r
- donotfound()\r
- end\r
- ngx_ctx.backservers = backservers\r
- ngx_ctx.svcserverpattern = svc_server_keypattern\r
-end
\ No newline at end of file
--- /dev/null
+if ngx.req.get_method() == "GET" then\r
+ local services = {\r
+ {serviceName="odlsdnia",apiJson="/api/odlsdnia/v1/swagger.json"},\r
+ {serviceName="roc",apiJson="/api/roc/v1/swagger.json"},\r
+ {serviceName="tackeria",apiJson="/api/tackeria/v1/swagger.json"},\r
+ {serviceName="etsi",apiJson="/api/etsiia/v1/swagger.json"}\r
+ }\r
+ local cjson = require "cjson"\r
+ local jsonData = cjson.encode(services)\r
+ jsonData = string.gsub(jsonData,"\\/","/")\r
+ ngx.print(jsonData)\r
+else\r
+ ngx.log(ngx.WARN, "not a GET request.")\r
+ ngx.exit(500)\r
+end
\ No newline at end of file
+++ /dev/null
--- Copyright (C) 2013 Matthieu Tourne
--- @author Matthieu Tourne <matthieu@cloudflare.com>
-
--- small overlay over shdict, smart cache load mechanism
-
-local M = {}
-
-local resty_lock = require("resty.lock")
-
-local DEBUG = false
-
--- defaults in secs
-local DEFAULT_POSITIVE_TTL = 10 -- cache for, successful lookup
-local DEFAULT_NEGATIVE_TTL = 2 -- cache for, failed lookup
-local DEFAULT_ACTUALIZE_TTL = 2 -- stale data, actualize data for
-
--- default lock options, in secs
-local function _get_default_lock_options()
- return {
- exptime = 1, -- max wait if failing to call unlock()
- timeout = 0.5, -- max waiting time of lock()
- max_step = 0.1, -- max sleeping interval
- }
-end
-
-local function prequire(m)
- local ok, err_or_module = pcall(require, m)
- if not ok then
- return nil, err_or_module
- end
- return err_or_module
-end
-
-local conf = prequire("conf")
-if conf then
- DEFAULT_NEGATIVE_TTL = conf.DEFAULT_NEGATIVE_TTL or DEFAULT_NEGATIVE_TTL
- DEFAULT_ACTUALIZE_TTL = conf.DEFAULT_ACTUALIZE_TTL or DEFAULT_ACTUALIZE_TTL
-end
-
-local band = bit.band
-local bor = bit.bor
-local st_format = string.format
-
--- there are only really 5 states total
- -- is_stale is_neg is_from_cache
-local MISS_STATE = 0 -- 0 0 0
-local HIT_POSITIVE_STATE = 1 -- 0 0 1
-local HIT_NEGATIVE_STATE = 3 -- 0 1 1
-local STALE_POSITIVE_STATE = 5 -- 1 0 1
-
--- stale negative doesn't really make sense, use HIT_NEGATIVE instead
--- local STALE_NEGATIVE_STATE = 7 -- 1 1 1
-
--- xor to set
-local NEGATIVE_FLAG = 2
-local STALE_FLAG = 4
-
-local STATES = {
- [MISS_STATE] = 'MISS',
- [HIT_POSITIVE_STATE] = 'HIT',
- [HIT_NEGATIVE_STATE] = 'HIT_NEGATIVE',
- [STALE_POSITIVE_STATE] = 'STALE',
- -- [STALE_NEGATIVE_STATE] = 'STALE_NEGATIVE',
-}
-
-local function get_status(flags)
- return STATES[flags] or st_format('UNDEF (0x%x)', flags)
-end
-
-local EMPTY_DATA = '_EMPTY_'
-
--- install debug functions
-if DEBUG then
- local resty_lock_lock = resty_lock.lock
-
- resty_lock.lock = function (...)
- local _, key = unpack({...})
- print("lock key: ", tostring(key))
- return resty_lock_lock(...)
- end
-
- local resty_lock_unlock = resty_lock.unlock
-
- resty_lock.unlock = function (...)
- print("unlock")
- return resty_lock_unlock(...)
- end
-end
-
-
--- store the object in the context
--- useful for debugging and tracking cache status
-local function _store_object(self, name)
- if DEBUG then
- print('storing shcache: ', name, ' into ngx.ctx')
- end
-
- local ngx_ctx = ngx.ctx
-
- if not ngx_ctx.shcache then
- ngx_ctx.shcache = {}
- end
- ngx_ctx.shcache[name] = self
-end
-
-local obj_mt = {
- __index = M,
-}
-
--- default function for callbacks.encode / decode.
-local function _identity(data)
- return data
-end
-
--- shdict: ngx.shared.DICT, created by the lua_shared_dict directive
--- callbacks: see shcache state machine for user defined functions
--- * callbacks.external_lookup is required
--- * callbacks.encode : optional encoding before saving to shmem
--- * callbacks.decode : optional decoding when retreiving from shmem
--- opts:
--- * opts.positive_ttl : save a valid external loookup for, in seconds
--- * opts.positive_ttl : save a invalid loookup for, in seconds
--- * opts.actualize_ttl : re-actualize a stale record for, in seconds
--- * opts.lock_options : set option to lock see : http://github.com/agentzh/lua-resty-lock
--- for more details.
--- * opts.locks_shdict : specificy the name of the shdict containing the locks
--- (useful if you might have locks key collisions)
--- uses "locks" by default.
--- * opts.name : if shcache object is named, it will automatically
--- register itself in ngx.ctx.shcache (useful for logging).
-local function new(self, shdict, callbacks, opts)
- if not shdict then
- return nil, "shdict does not exist"
- end
-
- -- check that callbacks.external_lookup is set
- if not callbacks or not callbacks.external_lookup then
- return nil, "no external_lookup function defined"
- end
-
- if not callbacks.encode then
- callbacks.encode = _identity
- end
-
- if not callbacks.decode then
- callbacks.decode = _identity
- end
-
- local opts = opts or {}
-
- -- merge default lock options with the ones passed to new()
- local lock_options = _get_default_lock_options()
- if opts.lock_options then
- for k, v in pairs(opts.lock_options) do
- lock_options[k] = v
- end
- end
-
- local name = opts.name
-
- local obj = {
- shdict = shdict,
- callbacks = callbacks,
-
- positive_ttl = opts.positive_ttl or DEFAULT_POSITIVE_TTL,
- negative_ttl = opts.negative_ttl or DEFAULT_NEGATIVE_TTL,
-
- -- ttl to actualize stale data to
- actualize_ttl = opts.actualize_ttl or DEFAULT_ACTUALIZE_TTL,
-
- lock_options = lock_options,
-
- locks_shdict = opts.lock_shdict or "locks",
-
- -- STATUS --
-
- from_cache = false,
- cache_status = 'UNDEF',
- cache_state = MISS_STATE,
- lock_status = 'NO_LOCK',
-
- -- shdict:set() pushed out another value
- forcible_set = false,
-
- -- cache hit on second attempt (post lock)
- hit2 = false,
-
- name = name,
- }
-
- local locks = ngx.shared[obj.locks_shdict]
-
- -- check for existence, locks is not directly used
- if not locks then
- ngx.log(ngx.CRIT, 'shared mem locks is missing.\n',
- '## add to you lua conf: lua_shared_dict locks 5M; ##')
- return nil
- end
-
- local self = setmetatable(obj, obj_mt)
-
- -- if the shcache object is named
- -- keep track of the object in the context
- -- (useful for gathering stats at log phase)
- if name then
- _store_object(self, name)
- end
-
- return self
-end
-M.new = new
-
--- acquire a lock
-local function _get_lock(self)
- local lock = self.lock
- if not lock then
- lock = resty_lock:new(self.locks_shdict, self.lock_options)
- self.lock = lock
- end
- return lock
-end
-
--- remove the lock if there is any
-local function _unlock(self)
- local lock = self.lock
- if lock then
- local ok, err = lock:unlock()
- if not ok then
- ngx.log(ngx.ERR, "failed to unlock :" , err)
- end
- self.lock = nil
- end
-end
-
-local function _return(self, data, flags)
- -- make sure we remove the locks if any before returning data
- _unlock(self)
-
- -- set cache status
- local cache_status = get_status(self.cache_state)
-
- if cache_status == 'MISS' and not data then
- cache_status = 'NO_DATA'
- end
-
- self.cache_status = cache_status
-
- return data, self.from_cache
-end
-
-local function _set(self, ...)
- if DEBUG then
- local key, data, ttl, flags = unpack({...})
- print("saving key: ", key, ", for: ", ttl)
- end
-
- local ok, err, forcible = self.shdict:set(...)
-
- self.forcible_set = forcible
-
- if not ok then
- local key, data, ttl, flags = unpack({...})
- ngx.log(ngx.ERR, 'failed to set key: ', key, ', err: ', err)
- end
-
- return ok
-end
-
--- check if the data returned by :get() is considered empty
-local function _is_empty(data, flags)
- return flags and band(flags, NEGATIVE_FLAG) and data == EMPTY_DATA
-end
-
--- save positive, encode the data if needed before :set()
-local function _save_positive(self, key, data)
- if DEBUG then
- print("key: ", key, ". save positive, ttl: ", self.positive_ttl)
- end
- data = self.callbacks.encode(data)
- return _set(self, key, data, self.positive_ttl, HIT_POSITIVE_STATE)
-end
-
--- save negative, no encoding required (no data actually saved)
-local function _save_negative(self, key)
- if DEBUG then
- print("key: ", key, ". save negative, ttl: ", self.negative_ttl)
- end
- return _set(self, key, EMPTY_DATA, self.negative_ttl, HIT_NEGATIVE_STATE)
-end
-
--- save actualize, will boost a stale record to a live one
-local function _save_actualize(self, key, data, flags)
- local new_flags = bor(flags, STALE_FLAG)
-
- if DEBUG then
- print("key: ", key, ". save actualize, ttl: ", self.actualize_ttl,
- ". new state: ", get_status(new_flags))
- end
-
- _set(self, key, data, self.actualize_ttl, new_flags)
- return new_flags
-end
-
-local function _process_cached_data(self, data, flags)
- if DEBUG then
- print("data: ", data, st_format(", flags: %x", flags))
- end
-
- self.cache_state = flags
- self.from_cache = true
-
- if _is_empty(data, flags) then
- -- empty cached data
- return nil
- else
- return self.callbacks.decode(data)
- end
-end
-
--- wrapper to get data from the shdict
-local function _get(self, key)
- -- always call get_stale() as it does not free element
- -- like get does on each call
- local data, flags, stale = self.shdict:get_stale(key)
-
- if data and stale then
- if DEBUG then
- print("found stale data for key : ", key)
- end
-
- self.stale_data = { data, flags }
-
- return nil, nil
- end
-
- return data, flags
-end
-
-local function _get_stale(self)
- local stale_data = self.stale_data
- if stale_data then
- return unpack(stale_data)
- end
-
- return nil, nil
-end
-
-local function load(self, key)
- -- start: check for existing cache
- local data, flags = _get(self, key)
-
- -- hit: process_cache_hit
- if data then
- data = _process_cached_data(self, data, flags)
- return _return(self, data)
- end
-
- -- miss: set lock
-
- -- lock: set a lock before performing external lookup
- local lock = _get_lock(self)
- local elapsed, err = lock:lock(key)
-
- if not elapsed then
- -- failed to acquire lock, still proceed normally to external_lookup
- -- unlock() might fail.
- ngx.log(ngx.ERR, "failed to acquire the lock: ", err)
- self.lock_status = 'ERROR'
- -- _unlock won't try to unlock() without a valid lock
- self.lock = nil
- else
- -- lock acquired successfuly
-
- if elapsed > 0 then
-
- -- elapsed > 0 => waited lock (other thread might have :set() the data)
- -- (more likely to get a HIT on cache_load 2)
- self.lock_status = 'WAITED'
-
- else
-
- -- elapsed == 0 => immediate lock
- -- it is less likely to get a HIT on cache_load 2
- -- but still perform it (race condition cases)
- self.lock_status = 'IMMEDIATE'
- end
-
- -- perform cache_load 2
- data, flags = _get(self, key)
- if data then
- -- hit2 : process cache hit
-
- self.hit2 = true
-
- -- unlock before de-serializing cached data
- _unlock(self)
- data = _process_cached_data(self, data, flags)
- return _return(self, data)
- end
-
- -- continue to external lookup
- end
-
- -- perform external lookup
- data, err = self.callbacks.external_lookup()
-
- if data then
- -- succ: save positive and return the data
-
- _save_positive(self, key, data)
- return _return(self, data)
- else
- ngx.log(ngx.WARN, 'external lookup failed: ', err)
- end
-
- -- external lookup failed
- -- attempt to load stale data
- data, flags = _get_stale(self)
- if data and not _is_empty(data, flags) then
- -- hit_stale + valid (positive) data
-
- flags = _save_actualize(self, key, data, flags)
- -- unlock before de-serializing data
- _unlock(self)
- data = _process_cached_data(self, data, flags)
- return _return(self, data)
- end
-
- if DEBUG and data then
- -- there is data, but it failed _is_empty() => stale negative data
- print('STALE_NEGATIVE data => cache as a new HIT_NEGATIVE')
- end
-
- -- nothing has worked, save negative and return empty
- _save_negative(self, key)
- return _return(self, nil)
-end
-M.load = load
-
-return M
\ No newline at end of file
+++ /dev/null
-README
-===============
-Similar to the location-ext directory,but it's just a placeholder folder.
-The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory.
\ No newline at end of file
+++ /dev/null
-README
-===============
-
-The directory to store configuration files that extends locations of the default listening server(e.g 10080).
-The config file must be a *.conf file. For example:
-#testlocation.conf
-~~~
-location = /test {
- echo "test ok";
-}
-~~~
\ No newline at end of file
+++ /dev/null
-#
-# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-#the maximum allowed size of the client request body,current 10G
-client_max_body_size 10240m;
-client_body_buffer_size 128k;
-
-#set conf for proxy pass
-proxy_connect_timeout 10s;
-proxy_read_timeout 120s;
-proxy_send_timeout 120s;
-proxy_set_header X-Real-IP $remote_addr;
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header Host $host:$server_port;
-proxy_buffers 4 16k;
-
-#set the nginx_cache parameter
-proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:100m inactive=1d max_size=1g;
-proxy_cache_key $host$uri$is_args$args;
-proxy_cache_revalidate on;
-proxy_cache_min_uses 3;
-proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
-proxy_cache_lock on;
-
-# Lua settings
-lua_package_path "$prefix/../lualib/?.lua;$prefix/luaext/?.lua;;";
-lua_package_cpath "$prefix/../lualib/?.so;;";
-lua_shared_dict rr_cache 1M;
-lua_shared_dict rr_locks 100k;
-
-lua_shared_dict svc_cache 5M;
-lua_shared_dict locks 200k;
-
-lua_code_cache on;
-
-# Basic reverse proxy server processor
-upstream defaultbackend {
- server 0.0.0.1;
- balancer_by_lua_file luaext/loadbalance/balancer.lua;
- #keepalive 10;
-}
-
-server {
- listen 10080;
- default_type text/html;
-
- # the flag identify whether to check doing internal redirect or not
- set $websocket_internal_redirect "on";
-
- location = /msb {
- #try_files $uri @defaulthomepage;
- rewrite ^ /iui/microservices/default.html redirect;
- }
-
- location = /iui/microservices {
- try_files $uri @addslash;
- }
-
- location @addslash {
- return 302 $scheme://$http_host$uri/;
- }
-
- location @defaulthomepage {
- return 302 $scheme://$http_host/iui/microservices/default.html;
- }
-
- error_page 410 = @commonnotfound;
-
- location @commonnotfound {
- set $svc_type "custom";
- set $svc_name "";
- set $svc_url "";
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/customrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name;
- }
-
- location @customwebsocket {
- set $websocket_internal_redirect "off";
- #set header for websocket
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "Upgrade";
-
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host:$server_port;
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/customrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- }
-
- location @commonwebsocket {
- set $websocket_internal_redirect "off";
- #set header for websocket
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "Upgrade";
-
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host:$server_port;
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/commonrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- }
-
- location / {
- set $svc_type "custom";
- set $svc_name "";
- set $svc_url "";
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/customrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name;
- }
-
- location ~ ^/(api|admin|apijson)(/[Vv]\d+(?:\.\d+)*)?/([^/]+)(/[Vv]\d+(?:\.\d+)*)?(.*) {
- set $svc_type $1;
- set $svc_name $3;
- set $svc_version1 $2;
- set $svc_version2 $4;
- set $req_res $5;
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/commonrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- }
-
- location ~* ^/iui/([^/]+)(.*)\.(png|jpg|jpeg|gif|ico|bmp|woff)$ {
- set $svc_type "iui";
- set $svc_name $1;
- set $req_res $2.$3;
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/commonrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_cache nginx_cache;
- add_header X-Cache-Status $upstream_cache_status;
- proxy_pass http://$backend;
- }
-
- location ~ ^/iui/([^/]+)(.*) {
- set $svc_type "iui";
- set $svc_name $1;
- set $req_res $2;
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/commonrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_pass http://$backend;
- }
-
- location ~* \.(?:png|jpg|jpeg|gif|ico|bmp|woff)$ {
- set $svc_type "custom";
- set $svc_name "";
- set $svc_url "";
- set $backend "defaultbackend";
-
- #rewrite by the lua file
- rewrite_by_lua_file luaext/rewrite/customrewrite.lua;
- #log by the lua file
- log_by_lua_file luaext/log/logger.lua;
-
- proxy_cache nginx_cache;
- add_header X-Cache-Status $upstream_cache_status;
- proxy_pass http://$backend;
- proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name;
- }
-
- location = /favicon.ico {
- log_not_found off;
- }
- include ../msb-enabled/location-ext/*.conf;
- include ../msb-enabled/location-ext-mount/*.conf;
-}
\ No newline at end of file
+++ /dev/null
-<service>\r
- <id>msb_openresty</id>\r
- <name>msb_openresty</name>\r
- <description>This service runs openresty.</description>\r
- <workingdirectory>%BASE%</workingdirectory>\r
- <env name="RUNHOME" value="%BASE%"/>\r
- <executable>nginx.exe</executable>\r
- <stopexecutable>nginx.exe</stopexecutable>\r
- <stopargument>-s</stopargument>\r
- <stopargument>stop</stopargument>\r
- <logmode>rotate</logmode>\r
- <!-- stopparentprocessfirst>true</stopparentprocessfirst -->\r
-</service>
\ No newline at end of file
+++ /dev/null
-README
-===============
-Similar to the sites-enabled directory,but it's just a placeholder folder.
-The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory.
\ No newline at end of file
+++ /dev/null
-README
-===============
-
-The directory to store configuration files that configs another server except the default listening server(e.g 10080).
-The config file must be a *.conf file. For example:
-#server1.conf
-~~~
-server {
- listen 20080;
-
- location =/info {
- echo "another server 20080";
- }
-}
-~~~
\ No newline at end of file
Code Review / msb / apigateway.git / commitdiff