pymro 发布的文章

HTTP 方法常量
ngx.HTTP_GET
ngx.HTTP_HEAD
ngx.HTTP_PUT
ngx.HTTP_POST
ngx.HTTP_DELETE
ngx.HTTP_OPTIONS (v0.5.0rc24 版本加入)
ngx.HTTP_MKCOL (v0.8.2 版本加入)
ngx.HTTP_COPY (v0.8.2 版本加入)
ngx.HTTP_MOVE (v0.8.2 版本加入)
ngx.HTTP_PROPFIND (v0.8.2 版本加入)
ngx.HTTP_PROPPATCH (v0.8.2 版本加入)
ngx.HTTP_LOCK (v0.8.2 版本加入)
ngx.HTTP_UNLOCK (v0.8.2 版本加入)
ngx.HTTP_PATCH (v0.8.2 版本加入)
ngx.HTTP_TRACE (v0.8.2 版本加入)

HTTP 状态常量
value = ngx.HTTP_OK (200)
value = ngx.HTTP_CREATED (201)
value = ngx.HTTP_SPECIAL_RESPONSE (300)
value = ngx.HTTP_MOVED_PERMANENTLY (301)
value = ngx.HTTP_MOVED_TEMPORARILY (302)
value = ngx.HTTP_SEE_OTHER (303)
value = ngx.HTTP_NOT_MODIFIED (304)
value = ngx.HTTP_BAD_REQUEST (400)
value = ngx.HTTP_UNAUTHORIZED (401)
value = ngx.HTTP_FORBIDDEN (403)
value = ngx.HTTP_NOT_FOUND (404)
value = ngx.HTTP_NOT_ALLOWED (405)
value = ngx.HTTP_GONE (410)
value = ngx.HTTP_INTERNAL_SERVER_ERROR (500)
value = ngx.HTTP_METHOD_NOT_IMPLEMENTED (501)
value = ngx.HTTP_SERVICE_UNAVAILABLE (503)
value = ngx.HTTP_GATEWAY_TIMEOUT (504) (v0.3.1rc38 版本加入)

日志级别常量
ngx.STDERR
ngx.EMERG
ngx.ALERT
ngx.CRIT
ngx.ERR
ngx.WARN
ngx.NOTICE
ngx.INFO
ngx.DEBUG

-- 读取所有url参数
local arg = ngx.req.get_uri_args()
ngx.say("读取的参数类型是:"..type(arg)) -- table

-- 遍历table并打印参数
for k,v in pairs(arg) do
    ngx.say("[GET ] key:", k, " v:", v)
end

-- 获取请求URI
local req_uri = ngx.var.request_uri

-- 获取请求域名
local req_host = ngx.var.host

-- 获取请求方法
local req_method = ngx.var.request_method

-- 只取name,取不到就是nil
ngx.say(arg["name"])

-- 获取cookie中的pcip值
local pcip = ngx.var.cookie_pcip

-- get请求
local getParams = ngx.req.get_uri_args()

-- post请求
ngx.req.read_body()
local postParams = ngx.req.get_post_args()

-- json参数
ngx.req.read_body()
local jsonBody = ngx.req.get_body_data()

-- 获取header
local headers = ngx.req.get_headers()
local foo = ngx.header.x_foo
local foo = ngx.header["X-Foo"]
ngx.req.raw_header(true)

local h = ngx.resp.get_headers()
for k, v in pairs(h) do
end

-- 设置header
ngx.header.content_type = 'text/plain';
ngx.header['Set-Cookie'] = {'a=32; path=/', 'b=4; path=/'}

1)使用ngx.location.capture

返回一个包含四个元素的 Lua 表 (res.status, res.header, res.body, 和 res.truncated)。
因为 Nginx 内核限制,子请求不允许类似 @foo 命名 location。请使用标准 location,并设置 internal 指令,仅服务内部请求。
有以下参数:
method, body, args, ctx, vars, copy_all_vars, share_all_vars, always_forward_body。

location /product {
    internal;
    echo "商品请求";
}

location /order {
    content_by_lua_block {
        ngx.req.read_body()
        local args, err = ngx.req.get_post_args(100)
        -- 返回 res.status, res.header, res.body, res.truncated
        local res = ngx.location.capture("/product", {
            method = ngx.HTTP_GET,
            args = {a = args.a, b = args.b}
        })
        ngx.say(res.status)
        ngx.say(res.body)
    }
}

2)使用ngx.location.capture_multi

local res1, res2 = ngx.location.capture_multi({
    {"/sum", {args={a=3, b=4}}},
    {"/sub", {args={a=3, b=4}}}
})
ngx.say(res1.status, res1.body)
ngx.say(res2.status, res2.body)


res1, res2, res3 = ngx.location.capture_multi{
    { "/foo", { args = "a=3&b=4" } },
    { "/bar" },
    { "/baz", { method = ngx.HTTP_POST, body = "hello" } },
}

if res1.status == ngx.HTTP_OK then
end

if res2.body == "BLAH" then
end


local reqs = {}
table.insert(reqs, { "/mysql" })
table.insert(reqs, { "/postgres" })
table.insert(reqs, { "/redis" })
table.insert(reqs, { "/memcached" })
local resps = { ngx.location.capture_multi(reqs) }
for i, resp in ipairs(resps) do
    -- process the response table "resp"
end

1)安装lua-resty-http
opm get agentzh/lua-resty-http

2)编辑nginx.conf,在http块增加以下配置。
resolver 114.114.114.114 8.8.8.8;
lua_ssl_verify_depth 2;
lua_ssl_trusted_certificate '/etc/ssl/certs/ca-certificates.crt';

备注:如果/etc/ssl/certs/ca-certificates.crt不存在,则安装ca-certificates(例:apt-get install ca-certificates)。

3)代码示例

local http = require "resty.http"
local json = require "cjson"

local httpc = http:new()
local res, err = httpc:request_uri("http://127.0.0.1:80/", {
    method = "POST/GET",
    query = "a=1&b=2",
    body = "c=3&d=4",
    path = "/",
    headers = {
        ["Content-Type"] = "application/json",
        -- ["Content-Type"] = "application/x-www-form-urlencoded",
        ["User-Agent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36",
    },
    ssl_verify = false,
})

if err ~= nil then
    ngx.log(ngx.ERR, "http request err:", err)
    return ngx.exit(0)
end

if 200 ~= res.status then
    ngx.exit(res.status)
end

local jsondata = json.decode(res.body)["data"]

httpc:close()
-- httpc:set_keepalive()

1)生成SSH密钥对

ssh-keygen -t rsa

2)将公钥添加到服务器的.ssh/authorized_keys文件中

3)修改SSH配置文件

编辑/etc/ssh/sshd_config文件,找到PasswordAuthentication yes这一行,并将其修改为PasswordAuthentication no,以禁用密码登录。

4)重启SSH服务

systemctl restart sshd