使用h2o作为nginx前置代理开启Server Push
本文发布于 ,内容可能和实际情况存在出入。如果文章存在错误欢迎指正,我会根据情况对文章进行修改或做隐藏处理
其实这个特性很早就想搞搞玩了,不过nginx虽然已经支持了HTTP/2,但是Server Push一直没有得到支持
先去https://cmake.org/download/下载CMAKE并安装(因为懒得编译了所以我直接下载的Binary版本)
去https://www.openssl.org/source/下载最新版的OpenSSL
去https://github.com/h2o/h2o/releases下载最新版本的h2o源码
wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz
tar zxf openssl-1.1.0c.tar.gz
wget https://github.com/h2o/h2o/archive/v2.1.0.tar.gz
tar zxf v2.1.0.tar.gz
cd h2o-2.1.0
OPENSSL_ROOT_DIR=/root/openssl-1.1.0c cmake -DWITH_BUNDLED_SSL=off
make & make install之后添加启动脚本
vi /etc/init.d/h2o
#!/bin/bash
#
# chkconfig: - 85 15
# description: H2O - the optimized HTTP/1, HTTP/2 server
# processname: h2o
# config: /etc/h2o/h2o.conf
# pidfile: /var/run/h2o/h2o.pid
### BEGIN INIT INFO
# Provides: h2o
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Should-Start: distcache
# Short-Description: start and stop h2o HTTP Server
# Description: H2O - the optimized HTTP/1, HTTP/2 server
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/h2o ]; then
. /etc/sysconfig/h2o
fi
# Path to the server binary, and short-form for messages.
h2o=/usr/local/bin/h2o
prog=h2o
configfile=/etc/h2o/h2o.conf
lockfile=${LOCKFILE-/var/lock/subsys/h2o}
RETVAL=0
options="-m daemon -c $configfile"
pidfile=`sed -ne 's|pid-file:\s*\([-_./0-9a-zA-Z]\{1,\}\)|\1|p' $configfile`
if [ -z "$pidfile" ]; then
echo $"pid-file must be defined in $configfile"
exit 1
fi
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} $h2o $options
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} $h2o -TERM
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
if ! $h2o -t -c ${configfile} >&/dev/null; then
RETVAL=6
echo $"not reloading due to configuration syntax error"
failure $"not reloading $h2o due to configuration syntax error"
else
# Force LSB behaviour from killproc
LSB=1 killproc -p ${pidfile} $h2o -HUP
RETVAL=$?
if [ $RETVAL -eq 7 ]; then
failure $"h2o shutdown"
fi
fi
echo
}
configtest() {
$h2o -t -c ${configfile}
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} $h2o
RETVAL=$?
;;
restart)
stop
start
;;
condrestart|try-restart)
if status -p ${pidfile} $h2o >&/dev/null; then
stop
start
fi
;;
force-reload|reload)
reload
;;
configtest)
configtest
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|configtest}"
RETVAL=2
esac
exit $RETVALchmod +x /etc/init.d/h2o
因为h2o现在很多常用的功能还不支持(比如Rewrite),所以还是需要nginx来处理请求
为了性能,nginx直接listen一个socket地址
vi /etc/nginx/conf.d/bilibibi.me.sock.conf
server {
listen unix:/dev/shm/nginx_bilibibi.me.sock;
charset utf-8;
root /web/BILIBIBI;
location / {
index index.php;
if (!-e $request_filename) {
rewrite (.*) /index.php last;
}
}
location ~ \.php$ {
if (!-e $request_filename) {
rewrite (.*) /index.php break;
}
include fastcgi.conf;
}
}接下来配置h2o
vi /etc/h2o/h2o.conf
user: nginx
hosts:
"bilibibi.me":
listen:
port: 80
listen:
port: 443
ssl:
certificate-file: "/web/letsencrypt/chained.pem"
key-file: "/web/letsencrypt/domain.key"
paths:
"/":
proxy.reverse.url: "http://[unix:/dev/shm/nginx_bilibibi.me.sock]/"
proxy.preserve-host: ON
error-log: /var/log/h2o/error.log
pid-file: /var/run/h2o/h2o.pid
重启nginx并启动h2o
/etc/nginx/sbin/nginx -s reload
service h2o start然后,因为加了层代理,需要配置一下nginx的fastcgi
vi /etc/nginx/fastcgi.conf
if (!-e $request_filename) {
return 404;
}
fastcgi_pass unix:/dev/shm/php.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
#fastcgi_param HTTPS $https if_not_empty;
set $prt 80;
if ($http_x_forwarded_proto = "https") {
set $ssl on;
set $prt 443;
}
fastcgi_param HTTPS $ssl if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $http_x_forwarded_for;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR "服务器IP";
fastcgi_param SERVER_PORT $prt;
fastcgi_param SERVER_NAME $http_host;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
大功告成
接下来就是在程序里加入link头了
元旦快乐
话说这个个人网站的带宽也太强了吧,有兴趣用17ce测了一下,100+MB/s。这是1Gbps的带宽啊
哪个
就是bilibibi.me的服务器呀?IP 59.110.104.52,测速工具17ce。能否问一下是什么配置
瞬时速率而已,我开的20M带宽
悠着点我按流量付费的
这测速结果,比我腾讯CDN还快呢。以前用Webkaka探测人家网速,还可能造成一小波CCDD
以前我自己租服务器的时候用卡卡1000并发持续10M/s都扛下来了,现在估计50都顶不住