Hi folks,
I’m new to Lua. Trying to use a Lua script in integration with Haproxy.
We are trying to create a setup in which we want to conduct authorization of an incoming request at haproxy level before sending it to the application , for authorization we will use an external application which will be called from haproxy itself. If the result is true then we will further send the request to the application else we will reject it.
Here we have created a test scenario, on the basis of true/false value from lua function, it should redirect to the respective backend in haproxy.
If we run lua script separately for the boolean value then it’s returning the correct value but it is giving an error on running using Haproxy.
<—Haproxy.cfg—>
global
log /dev/log local0 debug
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
#lua file load
lua-load /etc/haproxy/test.lua
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# Hardening Your Web Server’s SSL Ciphers
# An alternative list with additional directives can be obtained from
# Redirecting to ssl-config.mozilla.org...
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
#frontend stats
#bind *:8404
#stats enable
#stats uri /
#stats refresh 10s
frontend myfrontend
bind *:80
mode http
use_backend %[lua.validation_fetch]
#http-request use-service lua.validation_fetch
default_backend failure
backend web1
mode http
balance roundrobin
option forwardfor
server app_1 testapp.maropost.com:81 check
backend failure
errorfile 403 /etc/haproxy/errors/403.http
<—test.lua---->
local json = require’json’
local http = require “socket.http”
local http_request = require “http.request”
–local cURL = require(“cURL”)
core.register_fetches(“validation_fetch”, function()
local call_value = call_result()
if call_value == true then
return “web1”
else
return “failure”
end
end)
function call_result()
local headers, stream = assert(http_request.new_from_uri(“http://localhost:4567/auth?url=testapp.maropost.com”):go())
local body = assert(stream:get_body_as_string())
local value = json.decode(body).boolean
return value
end
<–Error–>
[NOTICE] (3615) : haproxy version is 2.4.0-6cbbecf0973
[NOTICE] (3615) : path to executable is /usr/local/sbin/haproxy
[ALERT] (3615) : Lua sample-fetch ‘validation_fetch’: [state-id 0] runtime error: /etc/haproxy/test.lua:18: No such file or directory from [C]: in global ‘assert’, /etc/haproxy/test.lua:18: in global ‘call_result’, /etc/haproxy/test.lua:7: in function line 6.
00000000:failure.clicls[0008:ffffffff]
00000000:failure.closed[0008:ffffffff]
<–Versions–>
[root@lua haproxy]# luarocks --version
/usr/local/bin/luarocks 3.9.1
LuaRocks main command-line interface
[root@lua haproxy]# lua -v
Lua 5.3.5 Copyright (C) 1994-2018 Lua.org, PUC-Rio
[root@lua haproxy]# haproxy -vv | grep Lua
Built with Lua version : Lua 5.3.5
Any help would be highly appreciated!!
Thanks!