准备

1.下载PCRE库,并解压
2.下载zlib库,并解压
3.下载Nginx的最新代码,解压
4.安装openssl和openssl-dev

apt-get install openssl
apt-get install libssl-dev

5.创建目录

mkdir /etc/nginx/
mkdir /var/log/nginx/
mkdir /var/tmp/nginx/

6.下载最新的CloudFlare QUICHE及其子项目,其实子项目就是BoringSSL

git clone --recursive https://github.com/cloudflare/quiche

7.运用QUCHE中的NGINX补丁包为NGINX打上补丁

cd nginx-1.16.1
patch -p01 < ../quiche/extras/nginx/nginx-1.16.patch

8.安装rust

curl https://sh.rustup.rs -sSf | sh

编译安装过程

写好各种参数,到Nginx的源码目录下运行配置命令。其中,还要使用参数指向刚才下载的PCRE和zlib库的位置。

./configure \
 --prefix=/usr/local/nginx \
 --conf-path=/etc/nginx/nginx.conf \
 --sbin-path=/usr/sbin/ \
 --pid-path=/var/run/nginx.pid \
 --lock-path=/var/lock/nginx.lock \
 --user=www-data \
 --group=www-data \
 --with-http_ssl_module \
 --with-http_v2_module \
 --with-http_v3_module \
 --with-openssl=../quiche/deps/boringssl \
 --with-quiche=../quiche \
 --with-http_dav_module \
 --with-http_flv_module \
 --with-http_realip_module \
 --with-http_gzip_static_module \
 --with-http_stub_status_module \
 --with-mail --with-mail_ssl_module \
 --with-pcre=../pcre-8.44 \
 --with-zlib=../zlib-1.2.11 \
 --with-debug \
 --http-log-path=/var/log/nginx/access.log \
 --error-log-path=/var/log/nginx/error.log \
 --http-client-body-temp-path=/var/tmp/nginx/client \
 --http-proxy-temp-path=/var/tmp/nginx/proxy \
 --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
 --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
 --http-scgi-temp-path=/var/tmp/nginx/scgi

编译并安装

make && make install

其他

quic配置

http {
    server {
        # Enable QUIC and HTTP/3.
        listen 443 quic reuseport;

        # Enable HTTP/2 (optional).
        listen 443 ssl http2;

        ssl_certificate      cert.crt;
        ssl_certificate_key  cert.key;

        # Enable all TLS versions (TLSv1.3 is required for QUIC).
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        
        # Add Alt-Svc header to negotiate HTTP/3.
        add_header alt-svc 'h3-23=":443"; ma=86400';
    }
}

标签: Debian, nginx, 编译安装

添加新评论