使用h2o作为nginx前置代理开启Server Push

本文发布于 ,内容可能和实际情况存在出入。如果文章存在错误欢迎指正,我会根据情况对文章进行修改或做隐藏处理

其实这个特性很早就想搞搞玩了,不过nginx虽然已经支持了HTTP/2,但是Server Push一直没有得到支持

先去https://cmake.org/download/下载CMAKE并安装(因为懒得编译了所以我直接下载的Binary版本)

https://www.openssl.org/source/下载最新版的OpenSSL
https://github.com/h2o/h2o/releases下载最新版本的h2o源码

wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz
tar zxf openssl-1.1.0c.tar.gz
wget https://github.com/h2o/h2o/archive/v2.1.0.tar.gz
tar zxf v2.1.0.tar.gz
cd h2o-2.1.0
OPENSSL_ROOT_DIR=/root/openssl-1.1.0c cmake -DWITH_BUNDLED_SSL=off
make & make install

之后添加启动脚本

vi /etc/init.d/h2o
#!/bin/bash
#
# chkconfig: - 85 15
# description: H2O - the optimized HTTP/1, HTTP/2 server
# processname: h2o
# config: /etc/h2o/h2o.conf
# pidfile: /var/run/h2o/h2o.pid

### BEGIN INIT INFO
# Provides: h2o
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Should-Start: distcache
# Short-Description: start and stop h2o HTTP Server
# Description: H2O - the optimized HTTP/1, HTTP/2 server
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/h2o ]; then
    . /etc/sysconfig/h2o
fi

# Path to the server binary, and short-form for messages.
h2o=/usr/local/bin/h2o
prog=h2o
configfile=/etc/h2o/h2o.conf
lockfile=${LOCKFILE-/var/lock/subsys/h2o}
RETVAL=0
options="-m daemon -c $configfile"

pidfile=`sed -ne 's|pid-file:\s*\([-_./0-9a-zA-Z]\{1,\}\)|\1|p' $configfile`
if [ -z "$pidfile" ]; then
    echo $"pid-file must be defined in $configfile"
    exit 1
fi

start() {
    echo -n $"Starting $prog: "
    daemon --pidfile=${pidfile} $h2o $options
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && touch ${lockfile}
    return $RETVAL
}

stop() {
    echo -n $"Stopping $prog: "
    killproc -p ${pidfile} $h2o -TERM
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}

reload() {
    echo -n $"Reloading $prog: "
    if ! $h2o -t -c ${configfile} >&/dev/null; then
        RETVAL=6
        echo $"not reloading due to configuration syntax error"
        failure $"not reloading $h2o due to configuration syntax error"
    else
        # Force LSB behaviour from killproc
        LSB=1 killproc -p ${pidfile} $h2o -HUP
        RETVAL=$?
        if [ $RETVAL -eq 7 ]; then
            failure $"h2o shutdown"
        fi
    fi
    echo
}

configtest() {
    $h2o -t -c ${configfile}
}

# See how we were called.
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        status -p ${pidfile} $h2o
        RETVAL=$?
        ;;
  restart)
        stop
        start
        ;;
  condrestart|try-restart)
        if status -p ${pidfile} $h2o >&/dev/null; then
            stop
            start
        fi
        ;;
  force-reload|reload)
        reload
        ;;
  configtest)
        configtest
        RETVAL=$?
        ;;
  *)
        echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|configtest}"
        RETVAL=2
esac

exit $RETVAL
chmod +x /etc/init.d/h2o

因为h2o现在很多常用的功能还不支持(比如Rewrite),所以还是需要nginx来处理请求
为了性能,nginx直接listen一个socket地址

vi /etc/nginx/conf.d/bilibibi.me.sock.conf
server {
    listen unix:/dev/shm/nginx_bilibibi.me.sock;

    charset utf-8;
    root   /web/BILIBIBI;
    
    location / {
        index  index.php;
        if (!-e $request_filename) {
          rewrite (.*) /index.php last;
        }
    }

    location ~ \.php$ {
        if (!-e $request_filename) {
          rewrite (.*) /index.php break;
        }
        include fastcgi.conf;
    }
}

接下来配置h2o

vi /etc/h2o/h2o.conf
user: nginx
hosts:
  "bilibibi.me":
    listen:
      port: 80
    listen:
      port: 443
      ssl:
        certificate-file: "/web/letsencrypt/chained.pem"
        key-file: "/web/letsencrypt/domain.key"
    paths:
      "/":
        proxy.reverse.url: "http://[unix:/dev/shm/nginx_bilibibi.me.sock]/"
        proxy.preserve-host: ON
error-log: /var/log/h2o/error.log
pid-file: /var/run/h2o/h2o.pid

重启nginx并启动h2o

/etc/nginx/sbin/nginx -s reload
service h2o start

然后,因为加了层代理,需要配置一下nginx的fastcgi

vi /etc/nginx/fastcgi.conf
if (!-e $request_filename) {
  return 404;
}

fastcgi_pass   unix:/dev/shm/php.sock;
fastcgi_index  index.php;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
#fastcgi_param  HTTPS              $https if_not_empty;
set $prt 80;
if ($http_x_forwarded_proto = "https") {
    set $ssl on;
    set $prt 443;
}
fastcgi_param  HTTPS              $ssl if_not_empty;
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $http_x_forwarded_for;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        "服务器IP";
fastcgi_param  SERVER_PORT        $prt;
fastcgi_param  SERVER_NAME        $http_host;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

大功告成
接下来就是在程序里加入link头了

标签: none

已有 6 条评论

  1. 话说这个个人网站的带宽也太强了吧,有兴趣用17ce测了一下,100+MB/s。这是1Gbps的带宽啊

    1. 哪个

      1. 就是bilibibi.me的服务器呀?IP 59.110.104.52,测速工具17ce。能否问一下是什么配置

    2. 瞬时速率而已,我开的20M带宽
      悠着点我按流量付费的

      1. 这测速结果,比我腾讯CDN还快呢。以前用Webkaka探测人家网速,还可能造成一小波CCDD

        1. 以前我自己租服务器的时候用卡卡1000并发持续10M/s都扛下来了,现在估计50都顶不住

添加新评论