Spaces:

airsltd
/

ocngx

Sleeping

tanbushi commited on Jan 8

Commit

09af5b8

1 Parent(s): fffb5c4

update

Files changed (5) hide show

Dockerfile CHANGED Viewed

@@ -1,14 +1,20 @@
-FROM nginx:latest
 # 复制自定义配置文件
-COPY nginx/nginx.conf /etc/nginx/nginx.conf
-COPY nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf
 # 复制静态文件
-COPY nginx/html/ /usr/share/nginx/html/
 # 暴露端口（Hugging Face Spaces 通常使用 7860）
 EXPOSE 7860
-# 启动 nginx，监听在 7860 端口
-CMD ["nginx", "-g", "daemon off;"]

+FROM openresty/openresty:latest
 # 复制自定义配置文件
+COPY nginx/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
+COPY nginx/conf.d/default.conf /usr/local/openresty/nginx/conf/conf.d/default.conf
 # 复制静态文件
+COPY nginx/html/ /usr/local/openresty/nginx/html/
+# 创建密码文件目录
+RUN mkdir -p /usr/local/openresty/nginx/conf
+# 创建简单的用户认证
+RUN echo "admin:$(openssl passwd -crypt admin123)" > /usr/local/openresty/nginx/conf/.htpasswd
 # 暴露端口（Hugging Face Spaces 通常使用 7860）
 EXPOSE 7860
+# 启动 OpenResty
+CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]

README.md CHANGED Viewed

@@ -7,17 +7,29 @@ sdk: docker
 pinned: false
 ---
-# Nginx 服务 for Hugging Face Space
 ## 本地开发
-使用 Docker Compose 运行 nginx 服务器：
 ```bash
 docker-compose up -d
 ```
-访问 http://localhost:8080 查看服务。
 停止服务：
 ```bash
@@ -26,7 +38,14 @@ docker-compose down
 ## Hugging Face Space 部署
-此 Space 使用自定义 Dockerfile 配置 nginx 服务器，监听在 7860 端口（Hugging Face Spaces 默认端口）。
 ## 配置文件说明

 pinned: false
 ---
+# OpenResty 服务 with Authentication for Hugging Face Space
+## 功能特性
+- 🔐 **基本认证**: HTTP Basic Authentication
+- 🛡️ **Lua 安全**: 基于 Lua 脚本的访问控制
+- 🚀 **OpenResty**: 高性能 Web 平台
+- 📊 **健康检查**: 内置健康检查端点
+## 认证信息
+- **Username**: `admin`
+- **Password**: `admin123`
 ## 本地开发
+使用 Docker Compose 运行 OpenResty 服务器：
 ```bash
 docker-compose up -d
 ```
+访问 http://localhost:8080，使用上述凭据进行认证。
 停止服务：
 ```bash
 ## Hugging Face Space 部署
+此 Space 使用 OpenResty Dockerfile，监听在 7860 端口，提供带认证的 Web 服务。
+## 安全特性
+1. **Basic Authentication**: 保护所有页面
+2. **Lua 脚本过滤**: 阻止恶意 User-Agent
+3. **自定义响应头**: 识别服务类型
+4. **健康检查**: `/health` 端点无需认证
 ## 配置文件说明

nginx/conf.d/default.conf CHANGED Viewed

@@ -2,13 +2,38 @@ server {
     listen 7860;
     server_name localhost;
     location / {
-        root   /usr/share/nginx/html;
         index  index.html index.htm;
     }
     error_page   500 502 503 504  /50x.html;
     location = /50x.html {
-        root   /usr/share/nginx/html;
     }
 }

     listen 7860;
     server_name localhost;
+    # 基本认证
+    auth_basic "Restricted Area";
+    auth_basic_user_file /usr/local/openresty/nginx/conf/.htpasswd;
+    # 使用 Lua 进行更复杂的认证
+    access_by_lua_block {
+        local headers = ngx.req.get_headers()
+        local user_agent = headers["User-Agent"] or ""
+        -- 简单的用户代理检查
+        if string.find(user_agent, "bot") then
+            ngx.exit(403)
+        end
+    }
     location / {
+        root   /usr/local/openresty/nginx/html;
         index  index.html index.htm;
+        # 添加自定义响应头
+        add_header X-Powered-By "OpenResty";
+        add_header X-Auth-Type "Basic + Lua";
+    }
+    location /health {
+        access_log off;
+        return 200 "OK\n";
+        add_header Content-Type text/plain;
     }
     error_page   500 502 503 504  /50x.html;
     location = /50x.html {
+        root   /usr/local/openresty/nginx/html;
     }
 }

nginx/html/index.html CHANGED Viewed

@@ -1,17 +1,46 @@
 <!DOCTYPE html>
 <html>
 <head>
-    <title>Welcome to nginx!</title>
     <style>
         body {
             width: 35em;
             margin: 0 auto;
             font-family: Tahoma, Verdana, Arial, sans-serif;
         }
     </style>
 </head>
 <body>
-    <h1>Welcome to nginx!</h1>
-    <p>If you see this page, the nginx web server is successfully installed and working.</p>
 </body>
 </html>

 <!DOCTYPE html>
 <html>
 <head>
+    <title>OpenResty with Authentication</title>
     <style>
         body {
             width: 35em;
             margin: 0 auto;
             font-family: Tahoma, Verdana, Arial, sans-serif;
+            padding: 2em;
+            background-color: #f5f5f5;
+        }
+        .container {
+            background: white;
+            padding: 2em;
+            border-radius: 8px;
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+        }
+        .auth-info {
+            background: #e7f3ff;
+            padding: 1em;
+            border-radius: 4px;
+            margin: 1em 0;
         }
     </style>
 </head>
 <body>
+    <div class="container">
+        <h1>🔐 OpenResty with Authentication</h1>
+        <p>Welcome to a secure OpenResty server!</p>
+        <div class="auth-info">
+            <h3>Authentication Details:</h3>
+            <ul>
+                <li><strong>Username:</strong> admin</li>
+                <li><strong>Password:</strong> admin123</li>
+                <li><strong>Auth Method:</strong> Basic HTTP + Lua Script</li>
+            </ul>
+        </div>
+        <p>This server is protected with both basic authentication and Lua-based access control.</p>
+        <p><a href="/health">Health Check</a></p>
+    </div>
 </body>
 </html>

nginx/nginx.conf CHANGED Viewed

@@ -3,11 +3,14 @@ events {
 }
 http {
-    include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
     sendfile        on;
     keepalive_timeout  65;
-    include /etc/nginx/conf.d/*.conf;
 }

 }
 http {
+    include       /usr/local/openresty/nginx/conf/mime.types;
     default_type  application/octet-stream;
     sendfile        on;
     keepalive_timeout  65;
+    # Lua 模块配置
+    lua_package_path "/usr/local/openresty/nginx/conf/?.lua;;";
+    include /usr/local/openresty/nginx/conf/conf.d/*.conf;
 }