Skip to content

Instantly share code, notes, and snippets.

View lcrilly's full-sized avatar

Liam Crilly lcrilly

View GitHub Profile
@lcrilly
lcrilly / sinbin.conf
Created May 17, 2024 17:01
Implementing a sin bin with NGINX Plus
limit_req_zone $remote_addr zone=per_ip:1M rate=5r/s sync; # Cluster-aware rate limiting
limit_req_status 429;
keyval_zone zone=sinbin:1M timeout=60 sync;
keyval $remote_addr $sinbin_rate zone=sinbin;
# Frontend
#
server {
listen 80;
@lcrilly
lcrilly / oas2nginx.sh
Created December 19, 2023 16:00
Converts OpenAPI/Swagger spec into nginx.conf snippet (server context)
#!/usr/bin/env bash
#
# oas2nginx.sh (c) NGINX, Inc. [v0.5 13-Jan-2020] Liam Crilly <liam.crilly@nginx.com>
#
# Converts OpenAPI/Swagger spec into nginx.conf snippet (server context) as per
# https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/
# Requires shyaml for YAML processing: https://github.com/0k/shyaml
# Defaults
#
@lcrilly
lcrilly / Dockerfile
Created November 27, 2023 22:34
Dockerfile for building NGINX Unit from source
# This Dockerfile builds NGINX Unit from source, including njs, and
# by applying any .patch files found in the current directory. The
# latest Docker Official Image is used to select the code branch and
# copies the configure arguments so that the lanauge module in the
# Docker Image is compatible with the new unitd binary.
#
# Build by specifying the tag of the most suitable Docker Official Image
# from <https://hub.docker.com/_/unit/tags> as
# docker build --build-arg TAG=php -t unit:test .
#
@lcrilly
lcrilly / README.md
Last active September 27, 2024 12:47
Prometheus exporter for NGINX Unit metrics

Prometheus exporter for NGINX Unit metrics

The NGINX Unit control API includes a /status endpoint for usage statistics. This is a solution for exposing these metrics in Prometheus format.

The application (run by Unit) queries the /status URI on the control socket and converts the JSON response into Prometheus text format. PHP and Python implementations are available.

These instructions assume an existing Unit installation with a working configuration. We will add a new listener on the default prometheus port (9090) and route it directly to the Prometheus app.

Step 0. Install the preferred Unit language module (unit-php or unit-python)

@lcrilly
lcrilly / build_unit.sh
Last active February 7, 2024 19:03
build_unit.sh - builds NGINX Unit from source based on installed version
#!/bin/bash
NJS_VER=""
RBT=0
UNIT_VER=""
SUFFIX=()
PATCH_FILES=()
CONFIGURE_OPTIONS=""
STARTDIR=$PWD
WORKDIR=/tmp/build_unit.$$
@lcrilly
lcrilly / tcp-jwt.mermaid
Created November 2, 2022 09:53
JWT authentication for TCP traffic
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@lcrilly
lcrilly / README.md
Last active October 1, 2022 16:35
Unit intro demo

Simple demo for NGINX Unit

JSON/REST API for simple addition in several languages and a hello world web page.

echo '{"operands": [100,25]}' | curl -d@- localhost:9000/add
@lcrilly
lcrilly / README.md
Last active November 25, 2022 17:45
unitc - a curl wrapper for configuring NGINX Unit
@lcrilly
lcrilly / README.md
Last active October 21, 2021 12:19
Prometheus metrics for NGINX OSS using stub_status and js_body_filter

Prometheus metrics for NGINX open source

Converts the output of the NGINX stub_status module to Prometheus format so that basic metrics can be scraped from a /metrics endpoint.

The NGINX JavaScript module is used to filter the stub_status response.

$ curl -i http://localhost:8080/metrics
@lcrilly
lcrilly / Dockerfile
Last active January 24, 2023 07:09
NGINX + OpenSSL 3.0
FROM nginx AS build
WORKDIR /src
RUN apt-get update && \
apt-get install -y git gcc make mercurial libperl-dev libpcre3-dev zlib1g-dev libxslt1-dev libgd-ocaml-dev libgeoip-dev
RUN git clone -b openssl-3.0 https://github.com/openssl/openssl openssl-3.0 && \
hg clone https://hg.nginx.org/nginx && \
hg clone http://hg.nginx.org/njs
RUN cd nginx && \
auto/configure `nginx -V 2>&1 | sed "s/ \-\-/ \\\ \n\t--/g" | grep "\-\-" | grep -ve opt= -e param=` \