xfy/lolly
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
lolly/docs/lua/api-gateway/nginx.conf
xfy 6543422281 docs: 添加 Nginx 配置和 Lua 脚本示例文档 
- config: 反向代理、缓存、负载均衡、安全、SSL 等配置模板
- lua: API 网关、认证、动态路由、限流、WebSocket 等脚本示例

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 17:59:22 +08:00

132 lines
3.7 KiB
Nginx Configuration File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# nginx.conf - API Gateway 配置示例
# 适用于 OpenResty / lua-nginx-module
# 加载 Lua 模块OpenResty 已内置)
load_module modules/ndk.so;
load_module modules/ngx_http_lua_module.so;
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
}
http {
include mime.types;
default_type application/json;
# ---- Lua 全局配置 ----
lua_package_path "/etc/nginx/lua/?.lua;/usr/local/openresty/lualib/?.lua;;";
lua_package_cpath "/usr/local/openresty/lualib/?.so;;";
lua_code_cache on; # 生产环境务必开启
lua_max_pending_timers 1024;
lua_max_running_timers 256;
# ---- 共享字典 ----
# 限流计数器
lua_shared_dict rate_limit 10m;
# 上游健康状态
lua_shared_dict upstream_health 1m;
# API Key 缓存
lua_shared_dict api_keys 1m;
# ---- 日志格式 ----
log_format api_gateway
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'route=$arg_route upstream=$upstream_addr '
'rt=$request_time';
access_log /var/log/nginx/access.log api_gateway;
# ---- 基础优化 ----
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
client_max_body_size 10m;
# ---- 上游服务器组(由 Lua 动态选择) ----
upstream default_backend {
server 127.0.0.1:8080;
keepalive 32;
}
server {
listen 80;
server_name api.example.com;
# ---- 健康检查端点 ----
location /health {
access_log off;
default_type application/json;
return 200 '{"status":"ok"}';
}
# ---- 网关统计信息 ----
location /gateway/stats {
internal;
default_type application/json;
content_by_lua_block {
local upstream = require("upstream")
ngx.say(upstream.stats_json())
}
}
# ---- 网关主入口 ----
location / {
default_type application/json;
# ---- 阶段 1: 路由匹配 ----
access_by_lua_block {
local gateway = require("gateway")
gateway.handle()
}
# ---- 阶段 2: 请求体处理 ----
body_filter_by_lua_block {
local gateway = require("gateway")
gateway.filter_response()
}
# ---- 阶段 3: 日志统计 ----
log_by_lua_block {
local gateway = require("gateway")
gateway.log_request()
}
# ---- 代理到动态选择的上游 ----
proxy_pass http://default_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时设置
proxy_connect_timeout 5s;
proxy_read_timeout 30s;
proxy_send_timeout 15s;
}
# ---- 静态资源 ----
location /static/ {
alias /usr/share/nginx/html/;
expires 30d;
add_header Cache-Control "public, immutable";
}
# ---- 错误页 ----
error_page 502 503 504 /50x.json;
location = /50x.json {
internal;
default_type application/json;
return 502 '{"error":"bad_gateway","message":"上游服务不可用"}';
}
}
}
Reference in New Issue View Git Blame Copy Permalink