What is VeryNginx
VeryNginx is developed based on Lua ﹣ Nginx ﹣ module (openretry), which implements advanced firewall, access statistics and other functions. The integration runs in Nginx, extends the function of Nginx itself, and provides a friendly Web interface.
How to install VeryNginx
Nginx compilation environment
yum -y install gcc gcc-c++ git python
Nginx basic dependency
- pcre
- openSSL
- zlib
# It can be installed in the way of yum yum -y install pcre-devel openssl-devel zlib-devel
# Source code can be used for installation # pcre 2-10.32 wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz tar zxvf pcre2-10.32.tar.gz # zlib 1.2.11 wget https://nchc.dl.sourceforge.net/project/libpng/zlib/1.2.11/zlib-1.2.11.tar.gz tar zxvf zlib-1.2.11.tar.gz # openssl 1.0.2p wget http://distfiles.macports.org/openssl/openssl-1.0.2p.tar.gz tar zxvf openssl-1.0.2p.tar.gz
VeryNginx dependency
The following modules are used. When compiling Nginx, you need to include the following modules for normal use.
- http_ssl_module
- http_stub_status_module
- lua_nginx_module
Only this project needs to be added at compile time
# LuaJIT 2.1.0 wget http://luajit.org/download/LuaJIT-2.1.0-beta3.tar.gz tar zxvf LuaJIT-2.1.0-beta3.tar.gz cd LuaJIT-2.1.0-beta3 make && make install # environment variable export LUAJIT_LIB=/usr/local/lib export LUAJIT_INC=/usr/local/include/luajit-2.1/
# ngx_devel_kit 0.3.1 wget https://github.com/simplresty/ngx_devel_kit/archive/v0.3.1rc1.tar.gz tar zxvf v0.3.1rc1.tar.gz
# ngx_lua 0.10.14 wget https://github.com/openresty/lua-nginx-module/archive/v0.10.14.tar.gz tar zxvf v0.10.14.tar.gz
Compile and install Nginx
# Download nginx source package wget http://nginx.org/download/nginx-1.15.9.tar.gz tar -xzvf nginx-1.15.9.tar.gz
# Configure compilation parameters ./configure --prefix=/usr/local/nginx \ --with-ld-opt=-Wl,-rpath,/usr/local/lib/ \ --with-http_ssl_module \ --with-http_stub_status_module \ --add-module=../ngx_devel_kit-0.3.0 \ --add-module=../lua-nginx-module-0.10.11rc2 # When using yum to solve nginx dependency, you do not need to specify the following three compilers --with-pcre=../pcre2-10.32 \ --with-zlib=../zlib-1.2.11 \ --with-openssl=../openssl-1.0.2p
# Compilation and installation make -j4 & make install
Install VeryNginx
git clone https://github.com/alexazhou/VeryNginx.git cd VeryNginx python install.py install verynginx
# Update Nginx profile vim /usr/local/nginx/conf/nginx.conf # In the global configuration section, add: include /opt/verynginx/verynginx/nginx_conf/in_external.conf; # In the http configuration section, add: include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf; # In the server configuration section, add: include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf;
include /opt/verynginx/verynginx/nginx_conf/in_external.conf; http { include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf; server { listen 80; server_name localhost; include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf; } }
Log in to VeryNginx
Browser access http://Server_Name/verynginx/index.html
The default username and password are verynginx
In this Dashboard, we can see the current number of TCP connections, response time, network traffic and other relevant values. In Config, we can also perform some rule matching according to the corresponding user request to realize the function of custom firewall.