6033N/A<?
xml version='1.0' encoding='UTF-8' ?>
6033N/A<!-- $LastChangedRevision: 1353955 $ --> 6033N/A Licensed to the Apache Software Foundation (ASF) under one or more 6033N/A contributor license agreements. See the NOTICE file distributed with 6033N/A this work for additional information regarding copyright ownership. 6033N/A The ASF licenses this file to You under the Apache License, Version 2.0 6033N/A (the "License"); you may not use this file except in compliance with 6033N/A the License. You may obtain a copy of the License at 6033N/A Unless required by applicable law or agreed to in writing, software 6033N/A distributed under the License is distributed on an "AS IS" BASIS, 6033N/A WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 6033N/A See the License for the specific language governing permissions and 6033N/A limitations under the License. 6033N/A<
parentdocument href="./">Developer</
parentdocument>
6033N/A <
title>Creating hooks and scripts with mod_lua</
title>
6033N/A<
p>This document expands on the <
module>mod_lua</
module> documentation and explores
6033N/A additional ways of using mod_lua for writing hooks and scripts.</
p>
6033N/A<
section id="introduction"><
title>Introduction</
title>
6033N/A<
section id="what"><
title>What is mod_lua</
title>
6033N/AStuff about what <
module>mod_lua</
module> is goes here.
<
section id="contents"><
title>What we will be discussing in this document</
title>
This document will discuss several cases where <
module>mod_lua</
module> can be used
to either ease up a phase of the request processing or create more transparency in
the logic behind a decision made in a phase.
<
section id="prerequisites"><
title>Prerequisites</
title>
First and foremost, you are expected to have a basic knowledge of how the Lua
programming language works. In most cases, we will try to be as pedagogical
as possible and link to documents describing the functions used in the
examples, but there are also many cases where it is necessary to either
just assume that "it works" or do some digging yourself into what the hows
and whys of various function calls.
<
section id="enabling"><
title>Optimizing mod_lua for production servers</
title>
<
section><
title>Setting a scope for Lua states</
title>
Setting the right <
directive module="mod_lua">LuaScope</
directive> setting
for your Lua scripts can be essential to your server's
performance. By default, the scope is set to <
code>once</
code>, which means
that every call to a Lua script will spawn a new Lua state that handles that
script and is destroyed immediately after. This option keeps the memory
footprint of mod_lua low, but also affects the processing speed of a request.
If you have the memory to spare, you can set the scope to <
code>thread</
code>,
which will make mod_lua spawn a Lua state that lasts the entirity of a thread's
lifetime, speeding up request processing by 2-3 times. Since mod_lua will create
a state for each script, this may be an expensive move, memory-wise, so to
compromise between speed and memory usage, you can choose the <
code>server</
code>
option to create a pool of Lua states to be used. Each request for a Lua script or
a hook function will then acquire a state from the pool and release it back when it's
done using it, allowing you to still gain a significant performance increase, while
keeping your memory footprint low. Some examples of possible settings are:
<
highlight language="config">
As a general rule of thumb: If your server has none to low usage, use <
code>once</
code>
or <
code>request</
code>, if your server has low to medium usage, use the <
code>server</
code>
pool, and if it has high usage, use the <
code>thread</
code> setting. As your server's
load increases, so will the number of states being actively used, and having your scope
set to <
code>
once/
request/
conn</
code> will stop being beneficial to your memory footprint.
<
strong>Note:</
strong> The <
code>min</
code> and <
code>max</
code> settings for the
<
code>server</
code> scope denotes the minimum and maximum states to keep in a pool per
server <
em>process</
em>, so keep this below your <
code>ThreadsPerChild</
code> limit.
<
section><
title>Using code caching</
title>
By default, <
module>mod_lua</
module> stats each Lua script to determine whether a reload
(and thus, a re-interpretation and re-compilation) of a script is required. This is managed
through the <
directive module="mod_lua">LuaCodeCache</
directive> directive. If you are running
your scripts on a production server, and you do not need to update them regularly, it may be
advantageous to set this directive to the <
code>forever</
code> value, which will cause mod_lua
to skip the stat process and always reuse the compiled byte-code from the first access to the
script, thus speeding up the processing. For Lua hooks, this can prove to increase peformance,
while for scripts handled by the <
code>lua-script</
code> handler, the increase in performance
may be negligible, as files httpd will stat the files regardless.
<
section><
title>Keeping the scope clean</
title>
For maximum performance, it is generally recommended that any initialization of libraries,
constants and master tables be kept outside the handle's scope:
<
highlight language="lua">
--[[ This is good practice ]]--
local constant = "Foo bar baz"
<
highlight language="lua">
--[[ This is bad practice ]]--
local constant = "Foo bar baz"
<
section id="basic_remap"><
title>Example 1: A basic remapping module</
title>
These first examples show how mod_lua can be used to rewrite URIs in the same
way that one could do using <
directive module="mod_alias">Alias</
directive> or
<
directive module="mod_rewrite">RewriteRule</
directive>, but with more clarity
on how the decision-making takes place, as well as allowing for more complex
decisions than would otherwise be allowed with said directives.
<
highlight language="config">
<!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
This example will rewrite /
foo/
test.bar to the physical file
-- Test if the URI matches our criteria
local barFile =
r.uri:match("/foo/([a-zA-Z0-9]+)%.bar")
<!-- END EXAMPLE CODE --> <!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
This example will evaluate some conditions, and based on that,
remap a file to one of two destinations, using a rewrite map.
This is similar to mixing AliasMatch and ProxyPass, but
without them clashing in any way. Assuming we are on
example.com, then:
URIs that do not match, will be served by their respective default handlers
source = [[^/photos/(.+)\.png$]],
source = [[^/ext/(.*)$]],
function interpolateString(s,v)
return s:gsub("%$(%d+)", function(a) return v[tonumber(a)] end)
-- browse through the rewrite map
for key, entry in pairs(map) do
-- Match source regex against URI
if match and match[0] then
-- Is this a proxied remap?
r.handler = "proxy-server" -- tell mod_proxy to handle this
<!-- END EXAMPLE CODE --> <
section id="mass_vhost"><
title>Example 2: Mass virtual hosting</
title>
As with simple and advanced rewriting, you can use mod_lua for dynamically
assigning a hostname to a specific document root, much like
<
module>mod_vhost_alias</
module> does, but with more control over what goes
where. This could be as simple as a table holding the information about which
host goes into which folder, or more advanced, using a database holding the
document roots of each hostname.
<
highlight language="config">
<!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
This example will check a map for a virtual host and rewrite filename and
document root accordingly.
-- Match against our hostname
for key, entry in pairs(vhosts) do
-- match against either host or *.host:
-- If it matches, rewrite filename and set document root
<!-- END EXAMPLE CODE --> <!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
Advanced mass virtual hosting
This example will query a database for vhost entries and save them for
60 seconds before checking for updates. For best performance, such scripts
should generally be run with LuaScope set to 'thread' or 'server'
-- Function for querying the database for saved vhost entries
if not cached_vhosts[host] or (cached_vhosts[host] and cached_vhosts[host].updated <
os.time() - timeout) then
local _host = db:escape(r,host)
local res, err = db:query(r, ("SELECT `destination` FROM `vhosts` WHERE `hostname` = '%s' LIMIT 1"):format(_host) )
if res and #res == 1 then
cached_vhosts[host] = { updated =
os.time(), destination = res[1][1] }
cached_vhosts[host] = { updated =
os.time(), destination = nil } -- don't re-query whenever there's no result, wait a while.
if cached_vhosts[host] then
return cached_vhosts[host].destination
-- Check whether the hostname is in our database
local destination = query_vhosts(r)
-- If found, rewrite and change document root
<!-- END EXAMPLE CODE --> <
section id="basic_auth"><
title>Example 3: A basic authorization hook</
title>
With the authorization hooks, you can add custom auth phases to your request
processing, allowing you to either add new requirements that were not previously
supported by httpd, or tweaking existing ones to accommodate your needs.
<
highlight language="config">
<!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
A simple authentication hook that checks a table containing usernames and
passwords of two accounts.
-- Function for parsing the Authorization header into a username and a password
local user,pass = nil, nil
if str and str:len() > 0 then
user, pass = auth:match("([^:]+)%:([^:]+)")
-- The authentication hook
local user, pass = parse_auth(
r.headers_in['Authorization'])
local authenticated = false
if accounts[user] and accounts[user] == pass then
r.headers_out["WWW-Authenticate"] = 'Basic realm="Super secret zone"'
if not authenticated then
<!-- END EXAMPLE CODE --> <!-- BEGIN EXAMPLE CODE --> <
highlight language="lua">
An advanced authentication checker with a database backend,
caching account entries for 1 minute
local timeout = 60 -- Set account info to be refreshed every minute
-- Function for parsing the Authorization header into a username and a password
local user,pass = nil, nil
if str and str:len() > 0 then
user, pass = auth:match("([^:]+)%:([^:]+)")
-- Function for querying the database for the account's password (stored as a salted SHA-1 hash)
function fetch_password(user)
if not accounts[user] or (accounts[user] and accounts[user].updated <
os.time() - timeout) then
local usr = db:escape(user)
local res, err = db:query( ("SELECT `password` FROM `accounts` WHERE `user` = '%s' LIMIT 1"):format(usr) )
if res and #res == 1 then
accounts[user] = { updated =
os.time(), password = res[1][1] }
return accounts[user].password
-- The authentication hook
local user, pass = parse_auth(
r.headers_in['Authorization'])
local authenticated = false
local stored_pass = fetch_password(user)
if stored_pass and pass == stored_pass then
r.headers_out["WWW-Authenticate"] = 'Basic realm="Super secret zone"'
if not authenticated then
<!-- END EXAMPLE CODE --> <
section id="authz"><
title>Example 4: Authorization using LuaAuthzProvider</
title>
If you require even more advanced control over your authorization phases,
you can add custom authz providers to help you manage your server. The
example below shows you how you can split a single htpasswd file into
groups with different permissions:
<
highlight language="config">
<
highlight language="lua">
This script has two user groups; members and admins, and whichever
is refered to by the "Require rights" directive is checked to see
if the authenticated user belongs to this group.
local members = { "rbowen", "humbedooh", "igalic", "covener" }
local admins = { "humbedooh" }
function rights_handler(r, what)
for k, v in pairs(members) do
elseif what == "admin" then
for k, v in pairs(admins) do
<
section id="map_handler"><
title>Example 5: Overlays using LuaMapHandler</
title>
<
highlight language="config">
<
section id="mod_status_lua"><
title>Example 6: Basic Lua scripts</
title>
<
section id="String_manipulation">
<
title>HTTPd bindings: String manipulation</
title>
request_rec<
em> r</
em>, string<
em> string</
em>
Decodes a base64-encoded string
<
td>The mod_lua request handle</
td>
<
td>The string to decode</
td>
<
em>Return value(s):</
em>
The base64-decoded string.
<
highlight language="lua">
local str = "This is a test"
request_rec<
em> r</
em>, string<
em> string</
em>
Encodes a string using the base64 encoding scheme.
<
td>The mod_lua request handle</
td>
<
td>The string to encode</
td>
<
highlight language="lua">
local str = "This is a test"
request_rec<
em> r</
em>, string<
em> string</
em>
<
td>The mod_lua request handle</
td>
<
td>The string to escape</
td>
<
em>Return value(s):</
em>
<
highlight language="lua">
local str = "This is a test"
print(escaped) -- prints "This+is+a+test"
request_rec<
em> r</
em>, string<
em> path</
em>
Escape a string for logging
<
td>The mod_lua request handle</
td>
<
td>The string to escape</
td>
<
em>Return value(s):</
em>
request_rec<
em> r</
em>, string<
em> html</
em>, boolean<
em> toasc</
em>
<
td>The mod_lua request handle</
td>
<
td>The HTML code to escape</
td>
<
td>Whether to escape all non-ASCI characters as &#nnn;</
td>
<
em>Return value(s):</
em>
<
highlight language="lua">
local html = "<b>Testing!</b>"
r:puts(escaped) -- prints "&lt;b&gt;Testing!&lt;/b&gt;"
request_rec<
em> r</
em>, string<
em> string</
em>
Computes an MD5 digest sum based on a string (binary safe)
<
td>The mod_lua request handle</
td>
<
td>The (binary) string to digest</
td>
<
em>Return value(s):</
em>
The MD5 digest sum of the data provided
<
highlight language="lua">
local text = "The quick brown fox jumps over the lazy dog"
r:puts(md5) -- prints out "9e107d9d372bb6826bd81d3542a419d6"
request_rec<
em> r</
em>, string<
em> path</
em>, boolean<
em> partial</
em>
convert an OS path to a URL in an OS dependent way.
<
td>The mod_lua request handle</
td>
<
td>The path to convert</
td>
<
td>partial if set, assume that the path will be appended to something with a '/' in it (and thus does not prefix "./")</
td>
<
em>Return value(s):</
em>
<
highlight language="lua">
request_rec<
em> r</
em>, string<
em> string</
em>
Computes an SHA-1 digest sum based on a string (binary safe)
<
td>The mod_lua request handle</
td>
<
td>The (binary) string to digest</
td>
<
em>Return value(s):</
em>
The SHA-1 digest sum of the data provided
<
highlight language="lua">
local text = "The quick brown fox jumps over the lazy dog"
r:puts(sha1) -- prints out "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"
request_rec<
em> r</
em>, string<
em> string</
em>
unescapes an URL-escaped string
<
td>The mod_lua request handle</
td>
<
td>The string to unescape</
td>
<
em>Return value(s):</
em>
<
highlight language="lua">
local str = "This+is+a+test"
print(unescaped) -- prints "This is a test"
<
section id="Request_handling">
<
title>HTTPd bindings: Request handling</
title>
request_rec<
em> r</
em>, string<
em> filter</
em>
Adds an input filter to the request
<
td>The mod_lua request handle</
td>
<
td>The name of the filter handler to add</
td>
<
highlight language="lua">
Returns the password from a basic authorization request or nil if none was supplied
<
td>The mod_lua request handle</
td>
<
em>Return value(s):</
em>
The password from a basic authorization request or nil if none was supplied
Get the current server name from the request for the purposes of using in a URL.
If the server name is an IPv6 literal address, it will be returned in URL format (
e.g., "[fe80::1]").
<
td>The mod_lua request handle</
td>
request_rec<
em> r</
em>, boolean<
em> force_weak</
em>
Constructs an entity tag from the resource information. If it's a real file, build in some of the file characteristics.
<
td>The mod_lua request handle</
td>
<
td>force_weak Force the entity tag to be weak - it could be modified again in as short an interval.</
td>
<
em>Return value(s):</
em>
request_rec<
em> r</
em>, number<
em> size</
em>, string<
em> filename</
em>
Reads the request body. If a filename is specified, the request body will be written to that file and the number of bytes written returned, otherwise, the full request body will be returned as a string.
<
td>The mod_lua request handle</
td>
<
td>The maximum size allowed, or
0/
nil for unlimited size</
td>
<
td>The file to save the output to, or nil to return it as a string</
td>
<
em>Return value(s):</
em>
The number of bytes written if a filename was specified, otherwise it returns the entire request body as a string.
<
highlight language="lua">
if tonumber(
r.headers_in['Content-Length'] or 0) < 10000 then
r:puts("I saved the uploaded file in memory")
r:puts("I saved the uploaded file in a temp directory. Total bytes written was: ", read)
request_rec<
em> r</
em>, boolean<
em> send_headers</
em>
Sends an interim (HTTP 1xx) response immediately.
<
td>The mod_lua request handle</
td>
<
td>send_headers Whether to send&clear headers in r->headers_out</
td>
<
highlight language="lua">
request_rec<
em> r</
em>, string<
em> prefix</
em>, string<
em> document</
em>
Set context_prefix and context_document_root for a request.
<
td>The mod_lua request handle</
td>
<
td>The URI prefix, without trailing slash</
td>
<
td>The corresponding directory on disk, without trailing slash</
td>
request_rec<
em> r</
em>, string<
em> root</
em>
Sets the document root of the request.
<
td>The mod_lua request handle</
td>
<
highlight language="lua">
-- Suppose our real document root is /
var/
bar, then...
Sets the keepalive status for this request
<
td>The mod_lua request handle</
td>
<
em>Return value(s):</
em>
True if keepalive can be set, false otherwise
<
section id="Parser_functions">
<
title>HTTPd bindings: Parser functions</
title>
request_rec<
em> r</
em>, string<
em> expression</
em>
Evaluates an ap_expr (think <If ...>) expression and returns true if the expression is true, false otherwise. A second value containing an error string is returned if the expression is invalid.
<
td>The mod_lua request handle</
td>
<
em>Return value(s):</
em>
True if the expression evaluates as true, false if the expression doesn't evaluate as true or if an error occurred. If an error occurred during parsing, a second value will be returned, containng the error string.
<
highlight language="lua">
r:addoutputfilter("DEFLATE")
request_rec<
em> r</
em>, string<
em> expression</
em>, string<
em> source</
em>
Evaluates a regular expression and, if it matches the source string, captures the variables and returns the matches as a table. On error, it returns nil.
<
td>The mod_lua request handle</
td>
<
td>expression to match for</
td>
<
td>the source string to capture from</
td>
<
em>Return value(s):</
em>
True if the expression evaluates as true, false if the expression doesn't evaluate as true or if an error occurred. If an error occurred during parsing, a second value will be returned, containng the error string.
<
highlight language="lua">
if matches and matches[1] then
r:puts("You said ", matches[1], " to kitty")
string<
em> str</
em>, string<
em> expexted</
em>, boolean<
em> ignoreCase</
em>
Determines if a string matches a pattern containing the wildcards '?' or '*'
<
td>The string to check</
td>
<
td>The pattern to match against</
td>
<
td>Whether to ignore case when matching</
td>
<
em>Return value(s):</
em>
True if the two strings match, false otherwise.
<
highlight language="lua">
<
section id="Server_settings">
<
title>HTTPd bindings: Server settings</
title>
request_rec<
em> r</
em>, string<
em> component</
em>
Adds a component to the server description and banner strings
<
td>The mod_lua request handle</
td>
<
td>The component to add</
td>
<
highlight language="lua">
if not
apache2.banner():match("FooModule") then -- Make sure we haven't added it already
request_rec<
em> r</
em>, number<
em> status</
em>, string<
em> string</
em>
Install a custom response handler for a given status
<
td>The mod_lua request handle</
td>
<
td>The status for which the custom response should be used</
td>
<
td>The custom response. This can be a static string, a file or a URL</
td>
<
highlight language="lua">
Checks for a definition from the server command line
<
td>The define to check for</
td>
<
highlight language="lua">
r:puts("This server was started with -DFOO")
Returns a table containing the name (c filename) of all loaded modules
<
em>Return value(s):</
em>
A table containing the name (c filename) of all loaded modules
string<
em> c</
em>, string<
em> file</
em>
Returns information about a specific module (if loaded)
<
em>Return value(s):</
em>
The various commands available to this module as a table, or nil if the module wasn't found.
Queries the MPM for a specific value
<
em>Return value(s):</
em>
request_rec<
em> r</
em>, string<
em> file</
em>
Returns the path of a file relative to the default runtime directory
<
td>The mod_lua request handle</
td>
<
em>Return value(s):</
em>
The path of a file relative to the default runtime directory
request_rec<
em> r</
em>, number<
em> child</
em>
Returns the scoreboard for a server daemon as a table
<
td>The mod_lua request handle</
td>
<
td>The server child to query</
td>
<
em>Return value(s):</
em>
The scoreboard for a server daemon as a table
request_rec<
em> r</
em>, number<
em> child</
em>, number<
em> thread</
em>
Returns the scoreboard for a single thread as a table
<
td>The mod_lua request handle</
td>
<
td>The server child to query</
td>
<
td>The thread to query</
td>
<
em>Return value(s):</
em>
The scoreboard for a single thread as a table
Returns a table with information about the server program
<
em>Return value(s):</
em>
A table with information about the server program
Query the server for some state information
<
td>Which information is requested</
td>
<
highlight language="lua">
r:puts("This is generation no. " .. gen .. " of the top-level parent")
Kills off a server process. This has no other use than to show how dangerous mod_lua can be ;)
<
section id="Database_connectivity">
<
title>HTTPd bindings: Database connectivity</
title>
<
a href="#db:query">db:query</
a>
<
a href="#db:do">db:do</
a>
<
a href="#db:close">db:close</
a>
request_rec<
em> r</
em>, string<
em> dbtype</
em>, string<
em> conn_string</
em>
Opens up a new database connection. See the DB functions for mod_pLua for more info on this.
<
td>The mod_lua request handle</
td>
<
td>connection string</
td>
<
em>Return value(s):</
em>
The database connection as a table with functions, or nil if the connection failed. If a connection failed, a second argument (string) with the error code is returned.
<
highlight language="lua">
r:puts("DB error: ", error)
Closes a database connection
<
td>The mod_lua request handle</
td>
<
highlight language="lua">
db:close() -- close it down
request_rec<
em> r</
em>, string<
em> query</
em>
Executes a statement that doesn't return a result set
<
td>The mod_lua request handle</
td>
<
td>The SQL statement to execute</
td>
<
em>Return value(s):</
em>
If the statement is valid, a table of results are returned. If an error occurred, the first return value is false and the second return value is a string containing an error message.
<
highlight language="lua">
local affected = db:do("DELETE FROM `table` WHERE 1")
r:puts("Affected ", affected, " rows")
request_rec<
em> r</
em>, string<
em> query</
em>
Queries the database for information using the specified statement.
<
td>The mod_lua request handle</
td>
<
td>The SQL statement to execute</
td>
<
em>Return value(s):</
em>
If the statement is valid, a table of results are returned. If an error occurred, the first return value is false and the second return value is a string containing an error message.
<
highlight language="lua">
local result, error = db:query("SELECT * FROM `table` WHERE 1")
for key, value in pairs(result)
r:puts( ("row %s: %s\n"):format(key,
table.concat(value, ", ")) )
<
section id="Miscellaneous">
<
title>HTTPd bindings: Miscellaneous</
title>
Returns the current time in microseconds.
<
em>Return value(s):</
em>
The current time in microseconds.
Sleeps for a while. Floating point values can be used to sleep for less than a second.
<
td>The number of seconds to sleep.</
td>
<
highlight language="lua">
