1

Am following below blog (https://developers.redhat.com/blog/2018/10/08/configuring-nginx-keycloak-oauth-oidc/) to setup an NGINX lua oidc. Below is my installation and setup, am unable to run below commands 

Install all the Lua modules using luarocks:

# luarocks install lua-cjson
# luarocks install lua-resty-openidc

Results:

[root@samplesys nginx-lua]# yum install luarocks
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirror.netdepot.com
 * epel: mirror.lax.genesisadaptive.com
 * extras: mirror.netdepot.com
 * updates: mirror.netdepot.com
Package luarocks-2.3.0-1.el7.x86_64 already installed and latest version
Nothing to do



[root@sample nginx-lua]# luarocks install lua-cjson
Warning: falling back to curl - install luasec to get native HTTPS support
Warning: Failed searching manifest: Failed fetching manifest for https://luarocks.org - Failed downloading https://luarocks.org/manifest-5.1 - /var/cache/luarocks/https___luarocks.org/manifest-5.1
Warning: Failed searching manifest: Failed fetching manifest for https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master/ - Failed downloading https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master/manifest-5.1 - /var/cache/luarocks/https___raw.githubusercontent.com_rocks-moonscript-org_moonrocks-mirror_master_/manifest-5.1
Warning: Failed searching manifest: Failed extracting manifest file: failed extracting /var/cache/luarocks/http___luafr.org_moonrocks_/manifest-5.1.zip
Warning: Failed searching manifest: Failed extracting manifest file: failed extracting /var/cache/luarocks/http___luarocks.logiceditor.com_rocks/manifest-5.1.zip
lua-cjson not found for Lua 5.1.
Checking if available for other Lua versions...
Checking for Lua 5.2...
Checking for Lua 5.3...
Checking for Lua 5.4...

Error: No results matching query were found for Lua 5.1.




[root@sample nginx-lua]# luarocks install lua-resty-openidc
Warning: falling back to curl - install luasec to get native HTTPS support
Warning: Failed searching manifest: Failed fetching manifest for https://luarocks.org - Failed downloading https://luarocks.org/manifest-5.1 - /var/cache/luarocks/https___luarocks.org/manifest-5.1
Warning: Failed searching manifest: Failed fetching manifest for https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master/ - Failed downloading https://raw.githubusercontent.com/rocks-moonscript-org/moonrocks-mirror/master/manifest-5.1 - /var/cache/luarocks/https___raw.githubusercontent.com_rocks-moonscript-org_moonrocks-mirror_master_/manifest-5.1
Warning: Failed searching manifest: Failed extracting manifest file: failed extracting /var/cache/luarocks/http___luafr.org_moonrocks_/manifest-5.1.zip
Warning: Failed searching manifest: Failed extracting manifest file: failed extracting /var/cache/luarocks/http___luarocks.logiceditor.com_rocks/manifest-5.1.zip
lua-resty-openidc not found for Lua 5.1.
Checking if available for other Lua versions...
Checking for Lua 5.2...
Checking for Lua 5.3...
Checking for Lua 5.4...

Error: No results matching query were found for Lua 5.1.
Satscreate
  • 495
  • 12
  • 38
  • You don't need to install cjson; that comes packaged with Openresty. `lua-resty-openidc` doesn't seem to exist as a rock. You might have to install the rock from the repository instead. But your error seems to be unrelated from that; in fact it tells you: `Failed downloading https://luarocks.org/manifest-5.1` so it's probably a connection issue – DarkWiiPlayer Feb 17 '20 at 09:46
  • Also, the recommended way of installing openresty is through their fork of `nginx`, not by manually installing nginx with lua-nginx-module as the article suggests. The nginx version linked in the article is also somewhat outdated. Furthermore, using PUC Lua with openresty is a bad idea; I'm not sure if it's even supported anymore, but you should use LuaJIT instead. Again, just install openresty and you won't have to bother with those details. – DarkWiiPlayer Feb 17 '20 at 09:53
  • How to resolve this. @DarkWiiPlayer. is the rock file can be downloaded from repository? i tried download manually these files and dependent, (lua-resty-jwt-0.2.1.tar.gz, lua-resty-openidc-1.7.2.tar.gz). How to get it installed? also am using nginx version: nginx/1.17.8. – Satscreate Feb 17 '20 at 10:01
  • i tried installed LuaJIT too==== Successfully installed LuaJIT 2.0.5 to /usr/local ==== – Satscreate Feb 17 '20 at 10:06
  • You can just follow the installation instructions from [openresty.org](http://openresty.org/en/installation.html); I also have a [script](https://gist.github.com/DarkWiiPlayer/126c4247814b70434069d7cdf4b300ce) to install openresty on ubuntu-like systems, but you might want to throw out some of my custom changes if you decide to use that. – DarkWiiPlayer Feb 17 '20 at 10:13
  • As for installing the rock from the repo, just clone the git repository, check out whichever version tag you want to use and run `luarocks make *.rockspec` to install it – DarkWiiPlayer Feb 17 '20 at 10:15
  • Actually, give me a few minute and I'll write this all as an actual answer – DarkWiiPlayer Feb 17 '20 at 10:15
  • thanks appreciated your help and please. the idea is to make use of nginx for doing oidc using lua packages. i hope you probably know about this too.. may be this is early "unknown directive "lua_package_path" in /etc/nginx/nginx.conf:22" once i did run ./configure from the resty-install.sh then i tried adding path in nginx file. but may be something has to be done before.. – Satscreate Feb 17 '20 at 10:32
  • `lua_package_path` is an openresty directive; you're probably still running a vanilla nginx, so it doesn't recognize it and gives you an error. You'll have to uninstall that nginx first :) (see which `nginx` executable gets used by default with `which nginx` and `file $(which nginx)`) – DarkWiiPlayer Feb 17 '20 at 10:44
  • yah i still keep the nginx as base. right now the requirement is only nginx and openresty is something which will run as server which am not looking for right now. And is there a way we can only have nginx and install all the dependencies for archiving https://github.com/zmartzone/lua-resty-openidc . Thanks – Satscreate Feb 17 '20 at 11:27
  • Quoting the readme from `lua-nginx-module`: "*This module is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty.*" – DarkWiiPlayer Feb 17 '20 at 11:39
  • Thanks for letting me know too. so if we want to compile and add this into our module then it behaves as we have openresty and nginx been installed too? am i right. Also ./configure is missing in my installation that means should i reinstall from the beginning? – Satscreate Feb 17 '20 at 11:57
  • `configure` isn't part of the installation; it's the script that configures the nginx build so you can then run `make` to compile everything. Openresty is just nginx with some modules, so you still run `nginx`, but it will have `lua-nginx-module` and some other stuff built in. You can just install openresty and use it as an nginx replacement. – DarkWiiPlayer Feb 17 '20 at 12:12

1 Answers1

1

There's a few things that are wrong here:

  1. Compiling nginx and manually adding lua-nginx-module is not the recommended way to install openresty. Quoting the readme:

It is highly recommended to use OpenResty releases which bundle Nginx, ngx_lua (this module), LuaJIT, as well as other powerful companion Nginx modules and Lua libraries.

  1. The Lua version used in the tutorial seems to be PUC Lua 5.1, which really doesn't have anything going for it anymore; the reason people use 5.1 is that LuaJIT implements that version. I don't remember to which extent openresty even still supports that version, but later versions of it are certainly built mainly to work with LuaJIT.

  2. You don't need to install lua-cjson if you're using an openresty release, as it already comes bundled (see readme)

  3. Looking at the error you're getting Failed fetching manifest for https://luarocks.org - Failed downloading https://luarocks.org/manifest-5.1 it seems that luarocks can't download the manifest file, which is either a temporary problem with luarocks.org (It works for me as I am writing this answer), or a problem with your network. Try downloading the URL from the error message using a tool like wget or curl and see if that works (is curl even installed?)

DarkWiiPlayer
  • 6,871
  • 3
  • 23
  • 38