ecc256/_usr_local_openresty_nginx_conf_conf.d_azure_storage_proxy_pass.conf-x

## _usr_local_openresty_nginx_conf_conf.d_azure_storage_proxy_pass.conf-x
location ~* "a regex to match content from Azure storage" {
	set $uri_x 0; # dummy declare
	rewrite_by_lua_file "lua/redis.lua";
}

location /azure_storage_proxy_pass_sas {
	internal;

	# rewrite_log on;
	rewrite ^ $uri_x break;

	proxy_set_header	Connection	close; # need at least one proxy_set_header
	proxy_pass http://qamfiles.file.core.windows.net;
	header_filter_by_lua_file "lua/header_filter.lua";
}

## _usr_local_openresty_nginx_conf_conf.d_cn-area-pub.conf
server {
	listen ...:80;
	server_name ~.;

	set $azure_storage_prefix "pub/";
	set $redis_key_prefix "cn-area-pub/";
	include conf.d/azure_storage_proxy_pass.conf-x;
	location / {
		proxy_pass http://...;
	}
}

## _usr_local_openresty_nginx_conf_nginx.conf
#user nginx;
worker_processes	2;

error_log	/var/log/nginx/error.log notice;
#error_log	/var/log/nginx/error.log warn;
#error_log	/var/log/nginx/error.log info;
#error_log	/var/log/nginx/error.log;

pid	/var/run/nginx.pid;
worker_rlimit_nofile	10240;

events {
	use	epoll;
	worker_connections	10240;
}

http {
	lua_package_path "$prefix/lua/?.lua;;";

	default_type	application/octet-stream;
	include	mime.types;

	#log_format	main	'$remote_addr $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	#log_format	main	'$server_name $host $remote_addr $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	log_format	main	'$server_name $host $remote_addr $remote_user [$time_local] "$request" $request_time $upstream_response_time $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	access_log	/var/log/nginx/access.log	main;

	server_names_hash_bucket_size 1024;
	proxy_read_timeout 200;

	keepalive_timeout 65;
	sendfile on;
	#tcp_nopush on;
	tcp_nodelay on;
	server_tokens off;

	gzip on;
	gzip_min_length 1k;
	gzip_proxied any;
	gzip_buffers 4 32k;
	gzip_types text/plain text/css text/xml application/xml application/atom+xml;
	#gzip_types text/plain text/css text/xml;
	gzip_disable "MSIE [1-6]\.";

	ignore_invalid_headers	on;
	client_header_buffer_size 32k;
	large_client_header_buffers 4 128k;

		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;

		proxy_http_version 1.1;
		proxy_buffering off;

		proxy_buffer_size 32k;
		proxy_buffers 8 16k;

		proxy_request_buffering off;

		client_max_body_size 32m;


	include conf.d/*.conf;

	lua_socket_log_errors off;
	lua_shared_dict healthcheck 1m; # the size depends on the number of servers in upstream {}:
	init_worker_by_lua_file "lua/init_worker.lua";
} #end http

## _usr_local_openresty_nginx_lua_header_filter.lua
local headers = { "x-ms-request-id", "x-ms-version", "x-ms-meta-DateSchemeVersion", "x-ms-meta-SyncFileMetadata", "x-ms-type", "x-ms-server-encrypted", }

local mime_types = {
	["css"] = "text/css",
	["xml"] = "text/xml",
	["js"] = "application/javascript",
	--["gif"] = "image/gif",
	["jpeg"] = "image/jpeg",
	["jpg"] = "image/jpeg",
	["png"] = "image/png",
	["ico"] = "image/x-icon",
}

local function set_content_type(name)
	local res = name:find("%.[^.]+$")
	if res then
		res = mime_types[name:sub(res + 1):lower()]
		if res then
			ngx.header.content_type = res
		end
	end
end

local function main()
	--ngx.header.content_type = nil
	for _, header in ipairs(headers) do
		ngx.header[header] = nil
	end
	set_content_type(ngx.var.file_name)
end

main()

## _usr_local_openresty_nginx_lua_redis.lua
local redis = require "resty.redis"

local function lookup(key)
	local red = redis:new()
	red:set_timeout(1000) -- 1 second

	local ok, err = red:connect("...", 6379)
	if not ok then
		ngx.log(ngx.ERR, "failed to connect to redis: ", err)
		return nil, err
	end

	local res, err = red:auth("...")
	if not res then
		ngx.log(ngx.ERR, "failed to authenticate: ", err)
		return nil, err
	end

	local times, err = red:get_reused_times()
	if not times then
		ngx.log(ngx.ERR, "failed to get_reused_times: ", err)
		return nil, err
	end
	ngx.log(ngx.NOTICE, "reused times: ", times)

	local res, err = red:get(key)
	if res == ngx.null then
    	ngx.log(ngx.NOTICE, "failed to get redis key: ", key, ", err: ", err)
		return nil, err
	end

	local ok, err = red:set_keepalive(10000, 100) -- 10 seconds, 100 connections
	if not ok then
		ngx.log(ngx.ERR, "failed to set_keepalive(): ", err)
		return nil, err
	end
	ngx.log(ngx.NOTICE, "set_keepalive(): ", ok)

	--local ok, err = red:close()
	--if not ok then
	--	ngx.log(ngx.ERR, "failed to close: ", err)
	--end

	return res
end

local function main()
	--local key = "cn-qa-pub/orientalmotor.cn-qa-pub.catnav.us"
	local key = ngx.var.redis_key_prefix .. ngx.var.host
	--print(string.format("key: %s", key))

	local vd = lookup(key)
	if not vd then
		return ngx.exec("/");
	end

	ngx.var.uri_x = string.format("/%s%s%s/%s/%s", ngx.var.azure_storage_prefix, ngx.var.redis_key_prefix, vd, ngx.var.asset, ngx.var.file_name)
	--print(string.format("azure_storage_uri: '%s'", ngx.var.uri_x))

	local sas = "..."
	return ngx.exec("/azure_storage_proxy_pass_sas", sas);
end

return main()
	location ~* "a regex to match content from Azure storage" {
	set $uri_x 0; # dummy declare
	rewrite_by_lua_file "lua/redis.lua";
	}

	location /azure_storage_proxy_pass_sas {
	internal;

	# rewrite_log on;
	rewrite ^ $uri_x break;

	proxy_set_header Connection close; # need at least one proxy_set_header
	proxy_pass http://qamfiles.file.core.windows.net;
	header_filter_by_lua_file "lua/header_filter.lua";
	}
	server {
	listen ...:80;
	server_name ~.;

	set $azure_storage_prefix "pub/";
	set $redis_key_prefix "cn-area-pub/";
	include conf.d/azure_storage_proxy_pass.conf-x;
	location / {
	proxy_pass http://...;
	}
	}
	#user nginx;
	worker_processes 2;

	error_log /var/log/nginx/error.log notice;
	#error_log /var/log/nginx/error.log warn;
	#error_log /var/log/nginx/error.log info;
	#error_log /var/log/nginx/error.log;

	pid /var/run/nginx.pid;
	worker_rlimit_nofile 10240;

	events {
	use epoll;
	worker_connections 10240;
	}

	http {
	lua_package_path "$prefix/lua/?.lua;;";

	default_type application/octet-stream;
	include mime.types;

	#log_format main '$remote_addr $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	#log_format main '$server_name $host $remote_addr $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	log_format main '$server_name $host $remote_addr $remote_user [$time_local] "$request" $request_time $upstream_response_time $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
	access_log /var/log/nginx/access.log main;

	server_names_hash_bucket_size 1024;
	proxy_read_timeout 200;

	keepalive_timeout 65;
	sendfile on;
	#tcp_nopush on;
	tcp_nodelay on;
	server_tokens off;

	gzip on;
	gzip_min_length 1k;
	gzip_proxied any;
	gzip_buffers 4 32k;
	gzip_types text/plain text/css text/xml application/xml application/atom+xml;
	#gzip_types text/plain text/css text/xml;
	gzip_disable "MSIE [1-6]\.";

	ignore_invalid_headers on;
	client_header_buffer_size 32k;
	large_client_header_buffers 4 128k;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	proxy_http_version 1.1;
	proxy_buffering off;

	proxy_buffer_size 32k;
	proxy_buffers 8 16k;

	proxy_request_buffering off;

	client_max_body_size 32m;


	include conf.d/*.conf;

	lua_socket_log_errors off;
	lua_shared_dict healthcheck 1m; # the size depends on the number of servers in upstream {}:
	init_worker_by_lua_file "lua/init_worker.lua";
	} #end http
	local headers = { "x-ms-request-id", "x-ms-version", "x-ms-meta-DateSchemeVersion", "x-ms-meta-SyncFileMetadata", "x-ms-type", "x-ms-server-encrypted", }

	local mime_types = {
	["css"] = "text/css",
	["xml"] = "text/xml",
	["js"] = "application/javascript",
	--["gif"] = "image/gif",
	["jpeg"] = "image/jpeg",
	["jpg"] = "image/jpeg",
	["png"] = "image/png",
	["ico"] = "image/x-icon",
	}

	local function set_content_type(name)
	local res = name:find("%.[^.]+$")
	if res then
	res = mime_types[name:sub(res + 1):lower()]
	if res then
	ngx.header.content_type = res
	end
	end
	end

	local function main()
	--ngx.header.content_type = nil
	for _, header in ipairs(headers) do
	ngx.header[header] = nil
	end
	set_content_type(ngx.var.file_name)
	end

	main()
	local redis = require "resty.redis"

	local function lookup(key)
	local red = redis:new()
	red:set_timeout(1000) -- 1 second

	local ok, err = red:connect("...", 6379)
	if not ok then
	ngx.log(ngx.ERR, "failed to connect to redis: ", err)
	return nil, err
	end

	local res, err = red:auth("...")
	if not res then
	ngx.log(ngx.ERR, "failed to authenticate: ", err)
	return nil, err
	end

	local times, err = red:get_reused_times()
	if not times then
	ngx.log(ngx.ERR, "failed to get_reused_times: ", err)
	return nil, err
	end
	ngx.log(ngx.NOTICE, "reused times: ", times)

	local res, err = red:get(key)
	if res == ngx.null then
	ngx.log(ngx.NOTICE, "failed to get redis key: ", key, ", err: ", err)
	return nil, err
	end

	local ok, err = red:set_keepalive(10000, 100) -- 10 seconds, 100 connections
	if not ok then
	ngx.log(ngx.ERR, "failed to set_keepalive(): ", err)
	return nil, err
	end
	ngx.log(ngx.NOTICE, "set_keepalive(): ", ok)

	--local ok, err = red:close()
	--if not ok then
	-- ngx.log(ngx.ERR, "failed to close: ", err)
	--end

	return res
	end

	local function main()
	--local key = "cn-qa-pub/orientalmotor.cn-qa-pub.catnav.us"
	local key = ngx.var.redis_key_prefix .. ngx.var.host
	--print(string.format("key: %s", key))

	local vd = lookup(key)
	if not vd then
	return ngx.exec("/");
	end

	ngx.var.uri_x = string.format("/%s%s%s/%s/%s", ngx.var.azure_storage_prefix, ngx.var.redis_key_prefix, vd, ngx.var.asset, ngx.var.file_name)
	--print(string.format("azure_storage_uri: '%s'", ngx.var.uri_x))

	local sas = "..."
	return ngx.exec("/azure_storage_proxy_pass_sas", sas);
	end

	return main()