Supercharging NGINX with Lua (Part 2)

In Supercharging NGINX with Lua (Part 1) we demonstrated how to install NGINX with Lua support (via the OpenResty package). In this post I'll walk through some simple, but powerful examples of Lua integrations.

For the below examples I am assuming that you have installed NGINX capable of handling Lua scripts, and have a basic working NGINX configuration file (to embed the location blocks below in).

Important: Although the examples below will work, they are somewhat contrived (over-simplified) and are primarily intended for demonstration of Lua capabilities; if you decide to use the examples in your own environments, please make sure that you understand what they are doing and tailor them to your own requirements; Phew... legal stuff done!

Lastly, there is very comprehensive NGINX Lua Module Documentation and OpenResty Documentation in which the NGINX Lua commands and constructs are explained in detail; if you are unsure about a particular command or method I highly recommend starting there!

Example 1. Basic Lua handler (embedded)

Here we utilize Lua to respond with: "OK":

location /example1 {  
  content_by_lua_block {
    ngx.say("OK")
  }
}

Example 2. Basic Lua handler (modular)

Here we again utilize Lua to respond with: "OK!", however we use a separate Lua file. This is recommended to allow you to separate your concerns.

Note: that with later versions of Lua NGINX you can also provide these files in pre-compiled Lua/LuaJIT bytecode (for faster start times).

To start we create file /etc/lua/example2.lua with content:

ngx.say("OK!")  

Then include the following in our NGINX config:

location /example2 {  
  content_by_lua_file /etc/lua/example2.lua;
}

Example 3. Lua for auth

Here we utilize Lua to authorize a request based on the remote_user, remote_address and URI. We create file /etc/lua/example3.lua with content:

local remote_user = ngx.var.remote_user  
local remote_addr = ngx.var.remote_addr  
local uri = ngx.var.uri

if string.match(remote_user, "frankie") and  
   string.match(remote_addr, "123.123.123.123") and 
   string.match(uri, "[%a%d_%-.]+") then
  -- we are ok here!
else  
  ngx.exit(ngx.HTTP_FORBIDDEN)
end

Then include the following in our NGINX config:

location /example3 {  
  access_by_lua_file /etc/lua/example3.lua;
}

Next Steps

Part 3 of this series will illustrate some more advanced examples of how we can now use Lua modules to do some ultra-cool stuff like request-caching and embedded http requests.


Part I: To learn about Lua, read part 1 article "Supercharging NGINX with LUA (Part 1)".

Part III: For more advanced examples of NGINX Lua, check out "Supercharging NGINX with Lua (Part 3)".


Vic van Gool

Vic is the CTO of Cloud 66. He oversees development, infrastructure and architecture at Cloud 66.

Subscribe and get updates

Have feedback? Please get in touch @cloud66 on Twitter.

Everything you need to build, manage and maintain containers in production on your own servers and any cloud

Try Cloud 66 — 14 Days Free Trial, No credit card required