In this article, we'll walk through the complete process of working with openresty in a server environment. Understanding lua is essential for maintaining a reliable and performant infrastructure.
Server Installation
The openresty configuration requires careful attention to resource limits and security settings. On a VPS with limited resources, it's important to tune these parameters according to your available RAM and CPU cores.
# /etc/nginx/sites-available/openresty.conf
server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Make sure to restart the service after applying these changes. Some settings require a full restart rather than a reload to take effect.
Virtual Host Configuration
When scaling this setup, consider vertical scaling (adding more RAM/CPU) first, as it's simpler to implement. Horizontal scaling adds complexity but may be necessary for high-traffic applications.
# Test and reload Nginx configuration
sudo nginx -t
sudo systemctl reload nginx
# Check access and error logs
sudo tail -f /var/log/nginx/access.log
sudo tail -f /var/log/nginx/error.log
The output should show the service running without errors. If you see any warning messages, address them before proceeding to the next step.
SSL/TLS Setup
Regular maintenance is essential for keeping your openresty installation running smoothly. Schedule periodic reviews of log files, disk usage, and security updates to prevent issues before they occur.
# Install Nginx with modules
sudo apt update
sudo apt install -y nginx
# Enable the site
sudo ln -s /etc/nginx/sites-available/openresty.conf /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default
sudo systemctl restart nginx
These commands should be run as root or with sudo privileges. If you're using a non-root user, prefix each command with sudo.
Performance Tuning
It's recommended to test this configuration in a staging environment before deploying to production. This helps identify potential compatibility issues and allows you to benchmark performance differences.
# /etc/nginx/sites-available/openresty.conf
server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
These commands should be run as root or with sudo privileges. If you're using a non-root user, prefix each command with sudo.
Wrapping Up
Following this guide, your openresty setup should be production-ready. Keep an eye on resource usage as your traffic grows and don't forget to test your backup and recovery procedures periodically.