search

auto-ssl / lua-resty-auto-ssl

On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.
MIT License
1.94k stars 181 forks source link

Install in ubuntu on ARM is missing resty.random #15

Open jalberto opened 8 years ago

jalberto commented 8 years ago

Following install process get this error on start:

init_by_lua error: /usr/local/share/lua/5.1/resty/auto-ssl/init.lua:1: module 'resty.random' not found:
        no field package.preload['resty.random']
        no file './resty/random.lua'
        no file '/usr/share/luajit-2.0.4/resty/random.lua'
        no file '/usr/local/share/lua/5.1/resty/random.lua'
        no file '/usr/local/share/lua/5.1/resty/random/init.lua'
        no file '/usr/share/lua/5.1/resty/random.lua'
        no file '/usr/share/lua/5.1/resty/random/init.lua'
        no file './resty/random.so'
        no file '/usr/local/lib/lua/5.1/resty/random.so'
        no file '/usr/lib/arm-linux-gnueabihf/lua/5.1/resty/random.so'
        no file '/usr/local/lib/lua/5.1/loadall.so'
        no file './resty.so'
        no file '/usr/local/lib/lua/5.1/resty.so'
        no file '/usr/lib/arm-linux-gnueabihf/lua/5.1/resty.so'
        no file '/usr/local/lib/lua/5.1/loadall.so'
stack traceback:
        [C]: in function 'require'
        /usr/local/share/lua/5.1/resty/auto-ssl/init.lua:1: in main chunk
        [C]: in function 'require'
        /usr/local/share/lua/5.1/resty/auto-ssl.lua:59: in function 'init'
        init_by_lua:11: in main chunk
GUI commented 8 years ago

How have you installed nginx? Is it via OpenResty, or are you running stock nginx plus the ngx_lua module? In general, I'd recommend OpenResty, since that's what this is tested against. However, it should be possible to get this running against stock nginx, but it looks like there might be some missing dependencies beyond just ngx_lua if that's how you've installed it.

On a quick search through the code, I think these would be the other modules you'd need to include if you're installing lua manually:

jalberto commented 8 years ago

trying to use stock nginx +lua

Looks like is missin glot of deps, I installe done by one as it was requesting more, but stoppe din openresty-core as there is not lua pkg

yuvipanda commented 8 years ago

I dug into this some more, and even after I got the rest of resty to load up, it fails on the nginx-extras in debian-jessie because the ngx_lua there is too old for resty master. I kept going back releases, but couldn't find any where I could get it to work.

gjongenelen commented 7 years ago

I was also struggeling with this, but installing modules was a bitch. I came far, but gave up at the end. This is what I got, maybe it can help you: 

FROM ubuntu:16.04

ENV VER_OPENSSL=1.0.2h
ENV VER_NGINX_DEVEL_KIT=0.3.0
ENV VER_LUA_NGINX_MODULE=0.10.6rc1
ENV VER_NGINX=1.11.3
ENV VER_LUAJIT=2.1.0-beta2
ENV VER_LUA_ROCKS=2.3.0

ENV NGINX_DEVEL_KIT ngx_devel_kit-${VER_NGINX_DEVEL_KIT}
ENV LUA_NGINX_MODULE lua-nginx-module-${VER_LUA_NGINX_MODULE}
ENV NGINX_ROOT=/nginx
ENV WEB_DIR ${NGINX_ROOT}/html

ENV LUAJIT_LIB /usr/local/lib
ENV LUAJIT_INC /usr/local/include/luajit-2.1

# Initial fresh updates
RUN apt-get -qq update && apt-get -qq -y upgrade && apt-get -qq -y install wget build-essential zlib1g-dev libpcre3 zlib1g-dev libpcre3-dev gcc unzip curl

# Update OpenSSL
RUN wget https://openssl.org/source/openssl-${VER_OPENSSL}.tar.gz && tar xvf openssl-${VER_OPENSSL}.tar.gz && rm -rf openssl-${VER_OPENSSL}.tar.gz && cd openssl-${VER_OPENSSL} && ./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib shared zlib-dynamic && make && make install

# Download
RUN wget http://nginx.org/download/nginx-${VER_NGINX}.tar.gz
RUN wget http://luajit.org/download/LuaJIT-${VER_LUAJIT}.tar.gz
RUN wget https://github.com/simpl/ngx_devel_kit/archive/v${VER_NGINX_DEVEL_KIT}.tar.gz -O ${NGINX_DEVEL_KIT}.tar.gz
RUN wget https://github.com/openresty/lua-nginx-module/archive/v${VER_LUA_NGINX_MODULE}.tar.gz -O ${LUA_NGINX_MODULE}.tar.gz
# Untar
RUN tar -xzvf nginx-${VER_NGINX}.tar.gz && rm nginx-${VER_NGINX}.tar.gz
RUN tar -xzvf LuaJIT-${VER_LUAJIT}.tar.gz && rm LuaJIT-${VER_LUAJIT}.tar.gz
RUN tar -xzvf ${NGINX_DEVEL_KIT}.tar.gz && rm ${NGINX_DEVEL_KIT}.tar.gz
RUN tar -xzvf ${LUA_NGINX_MODULE}.tar.gz && rm ${LUA_NGINX_MODULE}.tar.gz

# LuaJIT
WORKDIR /LuaJIT-${VER_LUAJIT}
RUN make
RUN make install
# Nginx with LuaJIT
WORKDIR /nginx-${VER_NGINX}
RUN ./configure --prefix=${NGINX_ROOT} --with-http_v2_module --with-http_realip_module --with-http_ssl_module --with-ld-opt="-Wl,-rpath,${LUAJIT_LIB}" --add-module=/${NGINX_DEVEL_KIT} --add-module=/${LUA_NGINX_MODULE}
RUN make -j2
RUN make install
RUN ln -s ${NGINX_ROOT}/sbin/nginx /usr/local/sbin/nginx

# Install LuaRocks
RUN wget http://keplerproject.github.io/luarocks/releases/luarocks-${VER_LUA_ROCKS}.tar.gz && tar -xzvf luarocks-${VER_LUA_ROCKS}.tar.gz && rm -rf luarocks-${VER_LUA_ROCKS}.tar.gz && cd luarocks-${VER_LUA_ROCKS} && ./configure --prefix=/usr/local --with-lua=/usr/local --lua-suffix=jit-${VER_LUAJIT} --with-lua-include=/usr/local/include/luajit-2.1 && make build && make install && rm -rf /luarocks-${VER_LUA_ROCKS}

# Install resty-auto-ssl & resty-string & resty-libcjson and download resty-redis
RUN cd / && mkdir /usr/local/share/lua/5.1/ngx/ && luarocks install lua-resty-http && luarocks install lua-resty-auto-ssl && luarocks install lua-cjson && luarocks install luarestyredis && \
wget https://github.com/openresty/lua-resty-redis/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-redis-master/lib/resty/* /usr/local/share/lua/5.1/resty/ && \
wget https://github.com/openresty/lua-resty-string/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-string-master/lib/resty/* /usr/local/share/lua/5.1/resty/ && \
wget https://github.com/bungle/lua-resty-random/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-random-master/lib/resty/* /usr/local/share/lua/5.1/resty/ && \
wget https://github.com/openresty/lua-resty-lock/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-lock-master/lib/resty/* /usr/local/share/lua/5.1/resty/ && \
wget https://github.com/openresty/lua-resty-core/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-core-master/lib/resty/* /usr/local/share/lua/5.1/resty/ && mv /lua-resty-core-master/lib/ngx/* /usr/local/share/lua/5.1/ngx/ && \
wget https://github.com/openresty/lua-resty-lrucache/archive/master.zip && unzip master.zip && rm -rf master.zip && mv /lua-resty-lrucache-master/lib/resty/* /usr/local/share/lua/5.1/resty/

RUN openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj '/CN=sni-support-required-for-valid-ssl' -keyout /etc/ssl/resty-auto-ssl-fallback.key \
    -out /etc/ssl/resty-auto-ssl-fallback.crt

ADD mime.types /opt/nginx/conf/
ADD fastcgi_params /opt/nginx/conf/

# ***** MISC *****
WORKDIR ${WEB_DIR}
EXPOSE 80
EXPOSE 443

# ***** CLEANUP *****
RUN rm -rf /nginx-${VER_NGINX}
RUN rm -rf /LuaJIT-${VER_LUAJIT}
RUN rm -rf /${NGINX_DEVEL_KIT}
RUN rm -rf /${LUA_NGINX_MODULE}
# TODO: Uninstall build only dependencies?
# TODO: Remove env vars used only for build?

ADD ./start.sh /root
RUN chmod +x /root/start.sh
jalberto commented 7 years ago

I found same barrier @gjongenelen now I use Caddy for same use case

sandrokeil commented 7 years ago

@jalberto @gjongenelen I use this dirty Dockerfile and it works so far, but the ngx lua module is to old :-(

FROM nginx:1.11.10-alpine

ENV LUAROCKS_VERSION 2.4.2

RUN set -xe \
    && apk add --no-cache --virtual .build-deps \
        nginx-lua=1.10.1-r1 \
        tar \
        curl \
        openssl \
        zip \
        unzip \
        gcc \
        g++ \
        cmake \
        lua \
        lua-dev \
        bash \
        make \
        autoconf \
        automake \
    && mkdir -p /usr/src/luarocks \
        && curl -A "Docker" -o /tmp/luarocks.tar.gz -D - -L -s https://github.com/luarocks/luarocks/archive/v${LUAROCKS_VERSION}.tar.gz \
        && tar -xzf /tmp/luarocks.tar.gz -C /usr/src/luarocks --strip-components=1 \
    && (cd /usr/src/luarocks; \
        ./configure; \
        make build; \
        make install) \
    && rm -r /usr/src/luarocks \
    && luarocks install lua-resty-libcjson \
    && luarocks install lua-cjson \
    && luarocks install lua-resty-string \
    && luarocks install lua-resty-auto-ssl

RUN curl -A "Docker" -o /usr/local/share/lua/5.1/resty/lock.lua -D - -L -s https://raw.githubusercontent.com/openresty/lua-resty-lock/master/lib/resty/lock.lua \
    && curl -A "Docker" -o /tmp/lua-resty-core.tar.gz -D - -L -s https://github.com/openresty/lua-resty-core/archive/v0.1.9.tar.gz \
    && mkdir -p /usr/src/lua-resty-core \
    && tar -xvzf /tmp/lua-resty-core.tar.gz -C /usr/src/lua-resty-core --strip-components=1 \
    && (cd /usr/src/lua-resty-core; \
        ./configure; \
        make build; \
        make install) \
    && rm -r /usr/src/lua-resty-core

RUN mkdir -p /etc/resty-auto-ssl && chown nginx /etc/resty-auto-ssl \
    && chmod +x /usr/local/share/lua/5.1/resty/auto-ssl/shell/start_sockproc \
    && chmod +x /usr/local/share/lua/5.1/resty/auto-ssl/vendor/sockproc \
    && chmod +x /usr/local/share/lua/5.1/resty/auto-ssl/vendor/dehydrated \
    && chmod +x /usr/local/share/lua/5.1/resty/auto-ssl/shell/letsencrypt_hooks

RUN cp -r /usr/local/lib/lua/resty/* /usr/local/share/lua/5.1/resty/ \
    && mv /usr/local/lib/lua/ngx /usr/local/share/lua/5.1/

COPY ./ssl /etc/resty-auto-ssl
DoobleD commented 3 years ago

I'm interested in using lua-resty-auto-ssl without OpenResty as well!