search close

Amazon Linux NGINX 1.10-1.14

access_time Updated Jun 10, 2021

Add the Package Repositories

First, set up the key and package sources for the Signal Sciences repository:

Note: Our distribution release depends on the EPEL repository, you will need to ensure your system also has it installed.

Note: We are currently supporting Amazon Linux 2018.03 or earlier RHEL6 based OS.

Red Hat CentOS 7

Cut-and-paste the following script:

sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.signalsciences.net/release/el/7/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.signalsciences.net/release/gpgkey
       https://dl.signalsciences.net/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF

Red Hat CentOS 6

Note: After Q2 2017, RHEL6 and CentOS 6 will exit “Production Phase 2” according to the Red Hat Enterprise Linux Life Cycle. Only limited “critical” security fixes will be issued. You will need to review the lifecycle document for details and plan appropriately.

Cut-and-paste the following script:

sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.signalsciences.net/release/el/6/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.signalsciences.net/release/gpgkey
       https://dl.signalsciences.net/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF

Enabling Lua for NGINX

For older versions of NGINX, we require NGINX to be built with Lua and Luajit support. It is recommended to first ensure that Lua is installed and enabled for NGINX before enabling the Signal Sciences NGINX module.

Install the Lua NGINX Module

The first step is to install the dynamic Lua NGINX Module appropriate for your NGINX distribution:

NGINX 1.10

sudo yum install nginx110-lua-module

NGINX 1.11

sudo yum install nginx111-lua-module

NGINX 1.12.1 or higher

sudo yum install nginx-module-lua-`rpm -q --qf "%{VERSION}" nginx`

NGINX 1.10

sudo yum install nginx110-lua-module-amzn

NGINX 1.11

sudo yum install nginx111-lua-module

NGINX 1.12.1 or higher

sudo yum install nginx-module-lua-amzn-`rpm -q --qf "%{VERSION}" nginx`

Enable the Lua NGINX Module

  1. Next we will modify the nginx.conf (default /etc/nginx/nginx.conf) to load the dynamic Lua NGINX module. Directly below the line that starts with pid add:

    load_module /usr/lib64/nginx/modules/ndk_http_module.so;
    load_module /usr/lib64/nginx/modules/ngx_http_lua_module.so;
  2. Restart the NGINX Service to initialize the new module:

    Amazon Linux 2

    systemctl restart nginx

    Amazon Linux 2015.09.01

    restart nginx

Check that Lua is loaded correctly

To verify that Lua has been loaded properly load the following config(ex: sigsci_check_lua.conf) with nginx:

  # Config just to test for lua jit support
#
# Test from commandline as follows:
# nginx -t -c <explicit path>/sigsci_check_lua.conf
#

# The following load_module directives are required if you have installed
# any of: nginx110-lua-module, nginx111-lua-module, or nginx-lua-module
# for your nginx.org installation.
# Also, for some nginx-1.10.nn installed from nginx-extras package, you may
# need to specify the load directives.
# Given the above uncomment the following:
#
# load_module modules/ndk_http_module.so;
# load_module modules/ngx_http_lua_module.so;

events {
    worker_connections 768;
    # multi_accept on;
}
http {
init_by_lua '

local m = {}
local ngx_lua_version = "dev"

if ngx then
  -- if not in testing environment
  ngx_lua_version = tostring(ngx.config.ngx_lua_version)
  ngx.log(ngx.STDERR, "INFO:", " Check for jit: lua version: ", ngx_lua_version)
end

local r, jit = pcall(require, "jit")
if not r then
  error("ERROR: No lua jit support: No support for SigSci Lua module")
else

  if jit then
    m._SERVER_FLAVOR = ngx_lua_version .. ", lua=" .. jit.version
    if os.getenv("SIGSCI_NGINX_DISABLE_JIT") == "true" then
      nginx.log(ngx.STDERR, "WARNING:", "Disabling lua jit because env var: SIGSCI_NGINX_DISABLE_JIT=", "true")
    end
    ngx.log(ngx.STDERR, "INFO:", " Bravo! You have lua jit support=", m._SERVER_FLAVOR)
  else
    error("ERROR: No luajit support: No support for SigSci")
  end

end

';

}

Example of successfully loading the config and its output:

$ nginx -t -c <your explicit path>/sigsci_check_lua.conf

nginx: [] [lua] init_by_lua:9: INFO: Check for jit: lua version: 10000
nginx: [] [lua] init_by_lua:22: INFO: Bravo! You have lua jit support=10000, lua=LuaJIT 2.0.4
nginx: the configuration file <your explicit path>/sigsci_check_lua.conf syntax is ok
nginx: configuration file <your explicit path>/sigsci_check_lua.conf test is successful

Install and Configure the Signal Sciences NGINX Module

  1. Install the module

    sudo yum install sigsci-module-nginx
  2. Add the following to your NGINX configuration file in the http context (default: /etc/nginx/nginx.conf)

    include "/opt/sigsci/nginx/sigsci.conf";
  3. Restart the NGINX Service to initialize the new module

    Amazon Linux 2

    systemctl restart nginx

    Amazon Linux 2015.09.01

    restart nginx