Last active
December 10, 2023 03:18
-
-
Save marklkelly/1573afc9986e9bb341c3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Setup Redis connection | |
| local redis = require "resty.redis" | |
| local red = redis:new() | |
| local ok, err = red:connect("127.0.0.1", "6379") | |
| if not ok then | |
| ngx.log(ngx.INFO, "REDIS: Failed to connect to redis: " .. err) | |
| return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) | |
| end | |
| -- Setup TLS related. | |
| local ssl = require "ngx.ssl" | |
| local server_name = ssl.server_name() | |
| local addr, addrtyp, err = ssl.raw_server_addr() | |
| local byte = string.byte | |
| local key, cert | |
| ssl.clear_certs() | |
| -- Check for SNI request - if we don't have the server name, attempt to use the IP address instead. | |
| if server_name == nil then | |
| ngx.log(ngx.INFO, "SNI Not present - performing IP lookup") | |
| -- Set server name as IP address. | |
| server_name = string.format("%d.%d.%d.%d", byte(addr, 1), byte(addr, 2), byte(addr, 3), byte(addr, 4)) | |
| ngx.log(ngx.INFO, "IP Address: ", server_name) | |
| end | |
| -- Retrieve key and cert for this domain | |
| key = red:hget("domain:" .. server_name, "key") | |
| cert = red:hget("domain:" .. server_name, "cert") | |
| -- Set cert | |
| local ok, err = ssl.set_der_cert(cert) | |
| if not ok then | |
| ngx.log(ngx.ERR, "failed to set DER cert: ", err) | |
| return | |
| end | |
| -- Set key | |
| local ok, err = ssl.set_der_priv_key(key) | |
| if not ok then | |
| ngx.log(ngx.ERR, "failed to set DER key: ", err) | |
| return | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment