验证 Openresty+Lua+GraphicsMagick

Posted 2021-01-28 zhance

1 环境准备

1.1 CentOS 安装 Openresty

Openresty 的下载及安装请参考：http://openresty.org/cn/。

1.2 安装 GraphicsMagick

源码安装，源码下载地址：https://sourceforge.net/projects/graphicsmagick/。

源码下载后解压，切换到源码目录：

./configure
make
make install

2 测试代码

代码参考：(linsir/ngx-lua-images)[https://github.com/linsir/ngx-lua-images]

2.1 nginx 配置

# 设置默认 lua 搜索路径，添加 lua 路径
    lua_package_path "/usr/local/share/lua/5.1/?.lua;/usr/local/openresty/ngx-lua-images/lua_tmp/?.lua;;";

    gzip            on;
    gzip_min_length 1000;
    gzip_types text/xml text/css application/javascript;

    server {
        listen 8000;
        charset utf-8;
        server_name localhost;
        default_type text/plain;
        root /usr/local/openresty/ngx-lua-images/;

        set $app_path "/usr/local/openresty/ngx-lua-images/";

        location /proxy/ {
            internal;
            set_unescape_uri $date $arg_date;
            set_unescape_uri $auth $arg_auth;
            set_unescape_uri $file $arg_file;
            set_unescape_uri $mime $arg_mime;

            proxy_pass_request_headers off;
            more_clear_headers ‘Host‘;
            more_clear_headers ‘Connection‘;
            more_clear_headers ‘Content-Length‘;
            more_clear_headers ‘User-Agent‘;
            more_clear_headers ‘Accept‘;

            proxy_set_header Date $date;
            proxy_set_header Authorization $auth;
            proxy_set_header content-type $mime;
            # proxy_set_header x-amz-acl ‘public-read‘;
            proxy_set_header Content-MD5 ‘‘;

            proxy_read_timeout 1s;
            proxy_send_timeout 1s;
            proxy_connect_timeout 1s;

            proxy_pass http://[ip]:[port]$file;  # ceph rgw
        }

        location ^~ /resize {
            default_type image/png;
            content_by_lua_block {
                require("resize").run()
            }
        }

        error_log  /home/files/error_log info;
    }

2.2 resize.lua 脚本

local _M = {}
_M._VERSION = ‘0.01‘

local url = "/proxy"
local id = "** your access key **"
local key = "** your secret access key **"
local bucket = "upload"  -- bucket name
local file = "test.png"   -- object name


-- ******************************************************************* --

function forbidden(info)
    ngx.status = 403
    ngx.header["Content-Type"] = "text/plain"
    ngx.say("Opps, ", info)
    ngx.exit(403)
end

-- ******************************************************************* --

function get_obj()
    local destination = "/" .. bucket .. "/" .. file
    headers = generate_auth_headers("GET", destination)

    local res = ngx.location.capture(url..destination,
            { method = ngx.HTTP_GET,
              args = {date=headers.date, auth=headers.auth, file=destination}}
        )
    if not res then
      ngx.log(ngx.ERR, "failed to get_obj: ", destination, ": ", err)
      return
    end
    if res.status == 404 then
        ngx.status = 404
        ngx.header["Content-Type"] = "text/plain"
        ngx.say("Opps, file not found.")
        ngx.exit(404)
    end
    ngx.log(ngx.INFO, res.status)
    return res.body
end

function generate_auth_headers(method, destination, content_type)

    if content_type == nil then
        content_type = ‘‘
    end

    local timestamp = os.date("!%a, %d %b %Y %H:%M:%S +0000")

    local StringToSign = method..string.char(10)..string.char(10)..content_type..string.char(10)..timestamp..string.char(10)..destination
    local signed = ngx.encode_base64(ngx.hmac_sha1(key, StringToSign))
    signed = ‘AWS‘ .. ‘ ‘ .. id .. ‘:‘ .. signed

    headers = {}
    headers[‘auth‘] = signed
    headers[‘Content-Type‘] = content_type
    headers[‘date‘] = timestamp

    return headers
end

-- ******************************************************************* --

local function resize_image_rgw(data, file, w, h)
    ngx.log(ngx.INFO, "resizing img ",file)

    if not w and not h then
        return data
    end

    local f = io.open("/home/files/images/tmp.png", "w")
    f:write(data)
    f:flush()
    f:close()

    local cmd0 = "/usr/bin/gm convert /home/files/images/tmp.png -resize ";
    local cmd1 = "X";
    local cmd2 = " /home/files/images/tmp-tmp.png";
    local cmd_real = cmd0 .. w .. cmd1 .. h .. cmd2
    
    os.execute(cmd_real)

    local f1 = io.open("/home/files/images/tmp-tmp.png", "rb")
    if not f1 then 
        return ngx.exit(ngx.HTTP_NOT_FOUND) 
    end

    data1 = f1:read("*all")
    f1:close()
    
    os.execute("/usr/bin/rm -rf /home/files/images/*")
    
    return data1
end

local function response_from_rgw(w, h)
    local data = get_obj()
    if not data then
        forbidden("orgin image is not found...")
    else
        local data_final = resize_image_rgw(data, "test.png", w, h)
        if data_final then
            ngx.print(data_final)
        else
            forbidden("maybe is not a image file..")
        end
    end
end

-- ******************************************************************* --

function _M.run()
    local w = tonumber(ngx.var.arg_w)
    local h = tonumber(ngx.var.arg_h)

    response_from_rgw(w, h)
end

return _M

2.3 验证

可以根据以上的代码进行验证，resize 操作是否可行。

http://[ip]:8000/resize?w=50&h=50