Skip to main content

Backend server monitoring

If the feature backend_server_monitorin is turned on, the following functions are available in filters:

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

nauthilus_backend.get_backend_servers

This function returns a backend_server UserData object.

Usage example:

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

local backend_servers = nauthilus_backend.get_backend_servers()

  ---@type table
  local valid_servers = {}

  for _, server in ipairs(backend_servers) do
    -- server.ip
    -- server.port
    -- server.protocol
    -- server.haproxy_v2
    -- server.tls
    -- You may select only HAproxy enabled backends... server.haproxy_v2
    table.insert(valid_servers, server)
  end

nauthilus_backend.select_backend_server and nauthilus_backend.apply_backend_result

If you use the Nginx endpoint in NAuthilus, you can select a backend server with this function:

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

-- See nauthilus_backend.get_backend_servers above!
local server = valid_servers[some_number] -- You must define some logic on how to chose a backend server from the list

nauthilus_backend.select_backend_server(server.ip, server.port)

This will return the appropriate HTTP response header Auth-Server and Auth-Port

If you use a different endpoint, you may add the result to the attributes. In case of Dovecot this might look like this (untested):

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

local b = nauthilus_backend_result:new()
local attributes = {}
-- See nauthilus_backend.get_backend_servers above!
local server = valid_servers[some_number] -- You must define some logic on how to chose a backend server from the list

attributes["hostip"] = server.ip
b:attributes(attributes)
nauthilus_backend.apply_backend_result(b)

The result will be available as HTTP-response header X-Nauthilus-Hostip and can easily be parsed in a Dovecot Lua backend.

This example lacks persistent routing from users to backend servers. But it is a good starting point. Combine it with Redis or SQL databases...

nauthilus_backend.remove_from_backend_result

Remove attributes from the final result attributes

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

nauthilus_backend.remove_from_backend_result({ "Proxy-Host" })
note

Removeing attributes is always done before adding attributes (from apply_backend_result()-calls)

This removes the Proxy-Host "header" attribute from the result.

nauthilus_backend.check_backend_connection

Before using a backend server, you could double-check with the following function:

dynamic_loader("nauthilus_backend")
local nauthilus_backend = require("nauthilus_backend")

local server_ip = "10.10.10.10"
local server_port = 993
local is_haproxy_v2 = true
local uses_tls = true

local error = nauthilus_backend.check_backend_connection(server_ip, server_port, is_haproxy_v2, uses_tls)

If anything went fine, error equals nil, else it stores a string with an error message.

warning

Normally you should not do this, as this will open a connection for each client request!