Change

davidmerfield · Oct 27, 2023 · 65a8e19 · 65a8e19
1 parent 24a0171
commit 65a8e19
Show file tree

Hide file tree

Showing 17 changed files with 1,372 additions and 36 deletions.
diff --git a/.github/workflows/proxy-tests.yml b/.github/workflows/proxy-tests.yml
@@ -27,11 +27,6 @@ jobs:
           which luarocks
           sudo /home/runner/work/Blot/Blot/.luarocks/bin/luarocks install lua-resty-auto-ssl
 
-      - name: generate self-signed SSL certs
-        run: |
-          mkdir -p /home/runner/work/Blot/Blot/config/openresty/data
-          openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /home/runner/work/Blot/Blot/config/openresty/data/selfsigned.key -out /home/runner/work/Blot/Blot/config/openresty/data/selfsigned.crt -subj "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=localhost"
-
       - name: Set up Redis
         uses: shogo82148/actions-setup-redis@v1
         with:
@@ -70,9 +65,15 @@ jobs:
           node config/openresty/build-config.js
           cat config/openresty/data/openresty.conf
 
+      # run this after building config since building config will overwrite the data directory
+      - name: generate self-signed SSL certs
+        run: |
+          mkdir -p /home/runner/work/Blot/Blot/config/openresty/data
+          openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /home/runner/work/Blot/Blot/config/openresty/data/selfsigned.key -out /home/runner/work/Blot/Blot/config/openresty/data/selfsigned.crt -subj "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=localhost"
+
       - name: run openresty
         run: |
-          sudo /usr/local/openresty/bin/openresty -c /home/runner/work/Blot/Blot/config/openresty/default.conf
+          sudo /usr/local/openresty/bin/openresty -c /home/runner/work/Blot/Blot/config/openresty/data/openresty.conf
 
       - name: check openresty is running on port 80
         run: |

diff --git a/config/openresty/build-config.js b/config/openresty/build-config.js
@@ -1,54 +1,54 @@
-const mustache = require('mustache')
-const config = require('config')
-const fs = require('fs-extra')
+const mustache = require("mustache");
+const config = require("config");
+const fs = require("fs-extra");
 
-const NODE_SERVER_IP = process.env.NODE_SERVER_IP
-const REDIS_IP = process.env.REDIS_IP
+const NODE_SERVER_IP = process.env.NODE_SERVER_IP;
+const REDIS_IP = process.env.REDIS_IP;
 
-const OUTPUT = __dirname + '/data'
-const CONFIG_DIRECTORY = __dirname + '/conf'
+const OUTPUT = __dirname + "/data";
+const CONFIG_DIRECTORY = __dirname + "/conf-new";
 
-const template = fs.readFileSync(`${CONFIG_DIRECTORY}/server.conf`, 'utf8')
-const partials = {}
+const template = fs.readFileSync(`${CONFIG_DIRECTORY}/server.conf`, "utf8");
+const partials = {};
 const locals = {
   blot_directory: config.blot_directory,
   // development: config.environment === "development",
-  host: 'blot.im',
+  host: "blot.im",
   disable_http2: process.env.DISABLE_HTTP2,
   node_ip: NODE_SERVER_IP,
   node_port: config.port,
   redis: { host: REDIS_IP },
   reverse_proxy_ip: process.env.PUBLIC_IP,
-  user: process.env.OPENRESTY_USER || 'ec2-user',
+  user: process.env.OPENRESTY_USER || "ec2-user",
   config_directory:
-    process.env.OPENRESTY_CONFIG_DIRECTORY || '/home/ec2-user/openresty',
+    process.env.OPENRESTY_CONFIG_DIRECTORY || "/home/ec2-user/openresty",
   // if you change the cache directory, you must also update the
   // script mount-instance-store.sh
-  cache_directory: process.env.OPENRESTY_CACHE_DIRECTORY || '/var/www/cache',
+  cache_directory: process.env.OPENRESTY_CACHE_DIRECTORY || "/var/www/cache",
   ssl_certificate:
-    process.env.SSL_CERTIFICATE || '/etc/ssl/private/letsencrypt-domain.pem',
+    process.env.SSL_CERTIFICATE || "/etc/ssl/private/letsencrypt-domain.pem",
   ssl_certificate_key:
-    process.env.SSL_CERTIFICATE_KEY || '/etc/ssl/private/letsencrypt-domain.key'
-}
+    process.env.SSL_CERTIFICATE_KEY || "/etc/ssl/private/letsencrypt-domain.key"
+};
 
-if (!NODE_SERVER_IP) throw new Error('NODE_SERVER_IP not set')
-if (!REDIS_IP) throw new Error('REDIS_IP not set')
+if (!NODE_SERVER_IP) throw new Error("NODE_SERVER_IP not set");
+if (!REDIS_IP) throw new Error("REDIS_IP not set");
 
-fs.emptyDirSync(OUTPUT)
+fs.emptyDirSync(OUTPUT);
 
-fs.copySync(`${__dirname}/html`, `${__dirname}/data/html`)
+fs.copySync(`${__dirname}/html`, `${__dirname}/data/html`);
 
 fs.readdirSync(CONFIG_DIRECTORY).forEach(file => {
   // copy lua files to data directory so they are available to nginx
-  if (file.endsWith('.lua')) {
-    const lua = fs.readFileSync(`${CONFIG_DIRECTORY}/${file}`, 'utf8')
-    const result = mustache.render(lua, locals)
-    fs.outputFileSync(`${OUTPUT}/${file}`, result)
+  if (file.endsWith(".lua")) {
+    const lua = fs.readFileSync(`${CONFIG_DIRECTORY}/${file}`, "utf8");
+    const result = mustache.render(lua, locals);
+    fs.outputFileSync(`${OUTPUT}/${file}`, result);
   }
 
-  if (!file.endsWith('.conf')) return
-  partials[file] = fs.readFileSync(CONFIG_DIRECTORY + '/' + file, 'utf8')
-})
+  if (!file.endsWith(".conf")) return;
+  partials[file] = fs.readFileSync(CONFIG_DIRECTORY + "/" + file, "utf8");
+});
 
 const warning = `
 
@@ -65,8 +65,8 @@ const warning = `
 # !!!!!!!!!!!   WARNING                                   !!!!!!!!!!!
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
-`
+`;
 
-const result = mustache.render(template, locals, partials)
+const result = mustache.render(template, locals, partials);
 
-fs.outputFileSync(__dirname + '/data/openresty.conf', warning + result)
+fs.outputFileSync(__dirname + "/data/openresty.conf", warning + result);
diff --git a/config/openresty/conf-new/add.lua b/config/openresty/conf-new/add.lua
@@ -0,0 +1,29 @@
+package.path = package.path .. ";{{{config_directory}}}/?.lua"
+
+local md5 = require "md5"
+
+if ngx ~= nil then
+    local proxy_cache_keys_by_host = ngx.shared.proxy_cache_keys_by_host
+
+    local host = ngx.var.host
+    local request_uri = ngx.var.request_uri
+    local scheme = ngx.var.scheme
+
+    local cache_key = scheme .. "://" .. host .. request_uri
+    local cache_key_md5 = md5.sumhexa(cache_key)
+
+    -- the cache file path is in the following format:
+    -- $x/$y/$cache_key_md5
+    -- where x is the last character of the cache_key_md5
+    -- and y are the two characters before that
+    local cache_file_path = cache_key_md5:sub(-1) .. "/" .. cache_key_md5:sub(-3,-2) .. "/" .. cache_key_md5   
+    local already_stored = proxy_cache_keys_by_host:get(cache_file_path)
+
+    if (already_stored == nil) then
+        ngx.log(ngx.NOTICE,host .. " " .. cache_file_path.. "adding to dictionary")
+        proxy_cache_keys_by_host:rpush(host, cache_file_path)
+        proxy_cache_keys_by_host:set(cache_file_path, true)
+    else 
+        ngx.log(ngx.NOTICE,host .. " " .. cache_file_path.. "already stored" )
+    end
+end