recentpopularlog in

rdark : nginx   12

Dynamic NGINX Upstreams from Consul via lua-nginx-module
In 2016, I delivered a short talk at DevOps Days Austin contrasting the difference between hacking and engineering utilizing the problem of resolving NGINX upstreams dynamically from Consul. This article presents the technical solution sparing you the rhetoric.
consul  lua  nginx  service_discovery  architecture 
february 2017 by rdark
Kong - Open-Source API Management and Microservice Management
The open-source API Gateway and Microservices Management Layer, delivering high performance and reliability.
api  nginx  microservices  rate_limiting  logging 
december 2016 by rdark
maiome-development/lsso: Nginx SSO middleware for protecting your internets.
lsso is a SSO middleware written in Lua to sit between Nginx and server endpoints.

lsso uses client-side cookies alongside a Redis database of session hashes to track session. In our setup, we use a fork of Osiris with a Redis token store as an OAuth endpoint.

SAML 2.0 is not yet supported but is on the roadmap
authentication  nginx  SAML  github  lua  oauth 
february 2016 by rdark
pingidentity/lua-resty-openidc
lua-resty-openidc is a library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality.

When used as an OpenID Connect Relying Party it authenticates users against an OpenID Connect Provider using OpenID Connect Discovery and the Basic Client Profile (i.e. the Authorization Code flow). When used as an OAuth 2.0 Resource Server it can validate OAuth 2.0 Bearer Access Tokens against an Authorization Server.
authentication  authorisation  openID  oauth  lua  nginx  oidc 
february 2016 by rdark
Hardening Your Web Server’s SSL Ciphers · Homepage of Hynek Schlawack
Disclaimer: I’m updating this post continually in order to represent what I consider the best practice in the moment – there are way too many dangerously outdated articles about TLS-deployment out there already.
apache  ssl  tls  security  cipher_suite  nginx 
january 2016 by rdark
fcambus/telize
Telize is a REST API built on Nginx and Lua allowing to get a visitor IP address and to query location information from any IP address. It outputs JSON-encoded IP geolocation data, and supports both JSON and JSONP.
api  ruby  lua  nginx  JSON 
june 2015 by rdark
How Balanced does Database Migrations with Zero-Downtime » Balanced: Blog
Some time ago, we had to perform a fairly intensive database migration. Since we process payments for a number of marketplaces who don’t want any downtime at all, scheduling a maintenance window to perform the migration wasn’t an option. We had to do everything without taking our app offline for even a short period of time.
tl;dr

We used HAProxy to suspend traffic for a short period of time, while we switched out DBs.
haproxy  migration  devops  sysadmin  aws  ELB  nginx 
march 2013 by rdark
jsDelivr Official Blog: Nginx Load Balancing Basics
more interesting parts are the max_fails and backup pool functionality. Didn't know that ngnix reverse proxy did that..
sysadmin  nginx  load_balancing 
january 2013 by rdark
Version 1.1.6 of Better Cacti Templates released at Xaprb
I’ve released version 1.1.6 of the Better Cacti Templates project. This release includes a bunch of bug fixes (but not all of them!) and two new sets of graphs. One set is for disk I/O on GNU/Linux, and the other is a new set of templates for OpenVZ.
cacti  templates  monitoring  linux  unix  mysql  apache  memcached  openVZ  nginx 
january 2010 by rdark

Copy this bookmark:





to read