Linux 下编译译 NGINX_QUIC ,支持HTTP3/QUIC 协议
Linux 基本上都可以用,快速搭建自己的 nginx 网站
0. 编译前准备资源
## 如果有编译好的 nignx, 只安装 libpcre3 即可
apt update
apt install libpcre3 libpcre3-dev gcc make perl cmake
cd /usr/local/src/
## 下载资源
wget https://nginx.org/download/nginx-1.28.0.tar.gz
wget https://zlib.net/zlib-1.3.1.tar.gz
wget https://github.com/openssl/openssl/releases/download/openssl-3.5.0/openssl-3.5.0.tar.gz
git clone --recursive https://github.com/google/ngx_brotli.git
## 解压
tar -zxvf nginx-1.28.0.tar.gz
tar -zxvf zlib-1.3.1.tar.gz
tar -zxvf openssl-3.5.0.tar.gz
## 简单编个 brotli
cd /usr/local/src/ngx_brotli/deps/brotli
rm -rf out && mkdir out && cd out
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr/local ..
make -j$(nproc)
make install
附个
brotli
ngx_brotli是一个为 Nginx 提供的 Brotli 压缩模块,它允许 Nginx 服务器通过 Brotli 算法压缩传输的内容,从而提高传输效率并减少带宽使用.
1. 编译 NGINX 本体
cd /usr/local/src/nginx-1.28.0
make clean
./configure \
--with-debug \
--with-pcre-jit \
--with-pcre \
--with-stream \
--with-mail \
--with-stream_ssl_module \
--with-http_v2_module \
--with-http_v3_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-threads \
--with-openssl-opt=enable-tls1_3 \
--prefix=/usr/local/nginx \
--with-zlib=../zlib-1.3.1 \
--add-module=../ngx_brotli \
--with-openssl=../openssl-3.5.0
make -j$(nproc)
make install
## --add-module=../ngx_cache_purge
## --add-module=../ngx_http_upstream_session_module
## --with-http_log_module \
## --with-http_redis_module \
2. 配置 systemctl
vim /etc/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
3. 其他: 自定义服务器
- 修改
Nginx内部名称vim /usr/local/src/nginx-1.28.0/src/core/nginx.h
##define nginx_version 155000
##define NGINX_VERSION "15.5 (24F74)"
##define NGINX_VER "macOS/" NGINX_VERSION
- 修改 HTTP Response Header
vim /usr/local/src/nginx-1.28.0/src/http/ngx_http_header_filter_module.c
static u_char ngx_http_server_string[] = "Server: macOS" CRLF;
- 修改错误页的底部 Footer
vim /usr/local/src/nginx-1.28.0/src/http/ngx_http_special_response.c
static u_char ngx_http_error_tail[] =
"<hr><center>macOS/15.5 (24F74)</center>" CRLF;
4. 配置
一个我自己在用的配置
注意改动内容:
变更内容 默认值 变更值 备注 proxy_cache_path none /www/nginx_temp web 缓存,不需要可以删除 include server none /etc/nginx/*.conf server 配置文件 include stream none /etc/nginx/*.stream stream 配置文件
如果是用这个配置,就需要创建对应的目录和文件:
## nginx 基本配置目录
mkdir -p /etc/nginx
cd /etc/nginx
## location 放这里 # 注意加个序号可以按顺序匹配
touch /etc/nginx/01.default.conf
## stream 放这里 # 注意加个序号可以按顺序匹配
touch /etc/nginx/02.default.stream
## proxy_cache_path 缓存
## 里面会自动创建 proxy_cache_path 目录: /www/nginx_temp
mkdir /www
完整配置:
vim /usr/local/nginx/conf/nginx.conf
user root;
worker_processes auto;
worker_rlimit_nofile 65536; # {{ worker_connections * worker_processes + 1024 }};
pid /usr/local/nginx/logs/nginx.pid;
events{
use epoll;
multi_accept on; # 适合高并发
accept_mutex off; # 新版 Linux 已经解决鲸群问题
worker_connections 8192; # CPU吃得消!
}
http{
include mime.types;
default_type application/octet-stream;
# default_type text/plain;
charset_types text/plain text/markdown; # 添加需要 charset 的类型
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 1024m; # 限制客户端上传文件大小
client_body_buffer_size 10m; # 单个请求内存缓存大小
sendfile on;
tcp_nopush on;
tcp_nodelay on;
index index.html;
charset utf-8;
server_tokens on; # 隐藏默认版本信息
proxy_connect_timeout 3s;
proxy_read_timeout 10s;
proxy_send_timeout 30s;
keepalive_timeout 60;
keepalive_requests 1000;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 64 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
gzip on;
gzip_comp_level 6;
gzip_min_length 1k;
gzip_types text/plain text/css text/xml text/javascript text/x-component application/json application/javascript application/x-javascript application/xml application/xhtml+xml application/rss+xml application/atom+xml application/x-font-ttf application/vnd.ms-fontobject image/svg+xml image/x-icon font/opentype;
gzip_disable "MSIE [1-6].(?!.*SV1)";
gzip_vary on;
gzip_proxied any;
log_format log_json
'{"timestamp":"$time_iso8601",\n'
'"response_time": "$upstream_response_time",\n'
'"client_load_time": "$request_time",\n' # 新增字段
'"remote_addr":"$remote_addr",\n'
'"http_x_forwarded_for":"$http_x_forwarded_for",\n'
'"request_status":"$request_method-$status-$http3-$upstream_cache_status",\n'
'"request_url":"$scheme://$host:$server_port$request_uri",\n'
'"referer":"$http_referer",\n' #
'"user_agent":"$http_user_agent"\n' # 浏览器
'"http_expires":"$http_expires",\n' # Expires 缓存过期
'"http_Dnt":"$http_Dnt",\n' # Do Not Track
'"http_Pragma":"$http_Pragma",\n' # 旧版 缓存控制
'"http_Cache_Control":"$http_Cache_Control",\n' # 缓存控制
'"http_Priority":"$http_Priority",\n' # 请求优先级
## 测试用
'"http_authorization":"$http_authorization",\n' # Authorization
'"http_cookie":"$http_cookie",\n' # Cookie
'"upstream_addr":"$upstream_addr",\n' # 显示实际处理请求的后端服务器IP和端口:ml-citation{ref="1,5" data="citationList"}
'"upstream_status":"$upstream_status"\n' # 后端服务器响应状态码:ml-citation{ref="3" data="citationList"}
# '"request_body":"$request_body",\n' # body
'},';
access_log /usr/local/nginx/logs/access.json log_json;
### 定义缓存路径和缓存设置
proxy_cache_path /www/nginx_temp
levels=2 keys_zone=nginx_temp:50m
max_size=20g inactive=365d
use_temp_path=on;
proxy_cache_key "$host$request_uri";
### 引入配置
include /etc/nginx/*.conf;
}
stream {
log_format proxy_json
'{"timestamp":"$time_iso8601",\n'
'"remote_addr":"$remote_addr",\n'
'"upstream_addr":"$upstream_addr",\n'
'"protocol_status":"$protocol$status",\n'
'"bytes_sent":"$bytes_sent",\n'
'"bytes_received":"$bytes_received",\n'
'"session_time":"$session_time",\n'
'"upstream_bytes_sent":"$upstream_bytes_sent",\n'
'"upstream_bytes_received":"$upstream_bytes_received",\n'
'"upstream_connect_time":"$upstream_connect_time"\n'
'},';
include /etc/nginx/*.stream;
# access_log /usr/local/nginx/logs/proxy.json proxy_json;
# open_log_file_cache off;
}
配置第一个网站
一个具体的网站配置,可以浏览整个
/www/static系统目录,仅供测试用:
mkdir -p /www/static
echo "我的第一个网站" > /www/static/index.html
#
vim /etc/nginx/01.default.conf
######## 静态服务器 ########
server {
server_name myWebServer; ## 没有域名随便写 默认匹配第一个
listen 80;
listen [::]:80;
# 动态版目录美化
location / {
root /www/static;
charset utf-8;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
# autoindex_format json;
}
}
注意 autoindex目录安全!
注意 autoindex目录安全!
注意 autoindex目录安全!