yum install mercurial psmisc net-tools wget curl build-essential lsb-release cmake golang libunwind-dev git libpcre3-dev zlib1g-dev hg
hg clone -b quic https://hg.nginx.org/nginx-quic --insecure
git clone https://boringssl.googlesource.com/boringssl
cd boringssl
mkdir -p build .openssl/lib .openssl/include
# 建立軟鏈接
ln -sf /root/src/boringssl/include/openssl /root/src/boringssl/.openssl/include/openssl
# 生成庫文件
touch /root/src/boringssl/.openssl/include/openssl/ssl.h
# 預編譯
cmake -B/root/src/boringssl/build -H/root/src/boringssl
# 編譯
make -C /root/src/boringssl/build
# 拷貝編譯好的庫文件
cp /root/src/boringssl/build/crypto/libcrypto.a /root/src/boringssl/build/ssl/libssl.a /root/src/boringssl/.openssl/lib
/usr/sbin/groupadd -f www
/usr/sbin/useradd -g www www
cd ..
cd nginx-quic
sed -i 's@CFLAGS="$CFLAGS -g"@#CFLAGS="$CFLAGS -g"@' auto/cc/gcc
./auto/configure \
--prefix=/usr/local/nginx? \
--user=www? \
--group=www \
--with-http_stub_status_module \
--with-http_v2_module \
--with-http_ssl_module \
--with-http_gzip_static_module \
--with-http_realip_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-pcre\
--with-pcre-jit \
--with-zlib=../zlib-cf? \
--add-module=../nginx-ct \
--add-module=../ngx_brotli \
--with-ld-opt='-ljemalloc' \
--with-debug --with-http_v3_module? \
--with-cc-opt="-I../boringssl/include"? \
--with-ld-opt="-L../boringssl/build/ssl \
-L../boringssl/build/crypto"? \
--with-http_quic_module \
--with-stream_quic_module
make && make install
#其他參照nginx編譯后配置如下:
vim /etc/profile
#末尾增加以下內(nèi)容
PATH=$PATH:/usr/local/php/bin:/usr/local/nginx/sbin
export PATH
#內(nèi)容結尾
source /etc/profile
vim? /lib/systemd/system/nginx.service
#輸入以下內(nèi)容
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPost=/bin/sleep 0.1
ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
LimitNOFILE=1000000
LimitNPROC=1000000
LimitCORE=1000000
[Install]
WantedBy=multi-user.target
#內(nèi)容結束
chmod +x? /lib/systemd/system/nginx.service
systemctl enable nginx
vim /usr/local/nginx/conf/nginx.conf
#輸入以下內(nèi)容
user www www;
worker_processes auto;
error_log /data/wwwlogs/error_nginx.log crit;
pid /var/run/nginx.pid;
worker_rlimit_nofile 51200;
events {
? use epoll;
? worker_connections 51200;
? multi_accept on;
}
http {
? include mime.types;
? default_type application/octet-stream;
? server_names_hash_bucket_size 128;
? client_header_buffer_size 32k;
? large_client_header_buffers 4 32k;
? client_max_body_size 1024m;
? client_body_buffer_size 10m;
? sendfile on;
? tcp_nopush on;
? keepalive_timeout 120;
? server_tokens off;
? tcp_nodelay on;
? fastcgi_connect_timeout 300;
? fastcgi_send_timeout 300;
? fastcgi_read_timeout 300;
? fastcgi_buffer_size 64k;
? fastcgi_buffers 4 64k;
? fastcgi_busy_buffers_size 128k;
? fastcgi_temp_file_write_size 128k;
? fastcgi_intercept_errors on;
? #Gzip Compression
? gzip on;
? gzip_buffers 16 8k;
? gzip_comp_level 6;
? gzip_http_version 1.1;
? gzip_min_length 256;
? gzip_proxied any;
? gzip_vary on;
? gzip_types
? ? text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
? ? text/javascript application/javascript application/x-javascript
? ? text/x-json application/json application/x-web-app-manifest+json
? ? text/css text/plain text/x-component
? ? font/opentype application/x-font-ttf application/vnd.ms-fontobject
? ? image/x-icon;
? gzip_disable "MSIE [1-6]\.(?!.*SV1)";
? ##Brotli Compression
? #brotli on;
? #brotli_comp_level 6;
? #brotli_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
? ##If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
? #open_file_cache max=1000 inactive=20s;
? #open_file_cache_valid 30s;
? #open_file_cache_min_uses 2;
? #open_file_cache_errors on;
######################## default ############################
? server {
? ? listen 80;
? ? server_name _;
? ? access_log /data/wwwlogs/access_nginx.log combined;
? ? root /data/wwwroot/default;
? ? index index.html index.htm index.php;
? ? #error_page 404 /404.html;
? ? #error_page 502 /502.html;
? ? location /nginx_status {
? ? ? stub_status on;
? ? ? access_log off;
? ? ? allow 127.0.0.1;
? ? ? deny all;
? ? }
? ? location ~ [^/]\.php(/|$) {
? ? ? #fastcgi_pass remote_php_ip:9000;
? ? ? fastcgi_pass unix:/dev/shm/php-cgi.sock;
? ? ? fastcgi_index index.php;
? ? ? include fastcgi.conf;
? ? }
? ? location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
? ? ? expires 30d;
? ? ? access_log off;
? ? }
? ? location ~ .*\.(js|css)?$ {
? ? ? expires 7d;
? ? ? access_log off;
? ? }
? ? location ~ ^/(\.user.ini|\.ht|\.git|\.svn|\.project|LICENSE|README.md) {
? ? ? deny all;
? ? }
? }
########################## vhost #############################
? include vhost/*.conf;
}
#輸入內(nèi)容結束
mkdir -p /data/wwwlogs/
mkdir -p /data/wwwroot/default
mkdir -p /usr/local/nginx/conf/vhost
vim /data/wwwlogs/access_nginx.log
service nginx start
service nginx status
#官方啟用配置設置
# 以官方配置為例
server {
? ? ? ? ? ? # for better compatibility it's recommended
? ? ? ? ? ? # to use the same port for quic and https
? ? ? ? ? ? listen 443 http3 reuseport;
#注意reuseport參數(shù)只能在整個nginx配置文件中出現(xiàn)一次,不必每個vhost都使用,否則會報錯
? ? ? ? ? ? listen 443 ssl http2;
? ? ? ? ? ? ssl_certificate? ? certs/example.com.crt;
? ? ? ? ? ? ssl_certificate_key certs/example.com.key;
? ? ? ? ? ? ssl_protocols? ? ? TLSv1.3;
? ? ? ? ? ? location / {
? ? ? ? ? ? ? ? # required for browsers to direct them into quic port
? ? ? ? ? ? ? ? add_header Alt-Svc '$http3=":443"; ma=86400';
? ? ? ? ? ? ? ? # add_header Alt-Svc? 'h3-29=":443"; ma=2592000,h3-28=":443";ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443";ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443";ma=2592000,h3-Q049=":443";ma=2592000,h3-Q048=":443";ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443";ma=2592000,quic=":443"; ma=2592000; v="46,43"';
? ? ? ? ? ? }
? ? ? ? }
