Closed FlurryNight closed 2 years ago
MaximeMichaud
commented
2 years ago Hi, really interesting. Everything is working without any problem(s) ? I could test it when I come back at home :) For VTS, I don't know, I never had the chance for using it.
FlurryNight
commented
2 years ago Hi, really interesting. Everything is working without any problem(s) ? I could test it when I come back at home :) For VTS, I don't know, I never had the chance for using it.
Hi, Thank you
Yes just VTS , if u don't mind i'd appreciate,
Im on it tho https://github.com/vozlt/nginx-module-vts/issues/223
FlurryNight
commented
2 years ago Got VTS building, testing now
MaximeMichaud
commented
2 years ago I got errors. (
)
Do you mainline or stable?
I'm retrying without Quiche
FlurryNight
commented
2 years ago VTS okay!
Modules to install :
HTTP/3 (⚠️ Patch by Cloudflare, will install BoringSSL, Quiche, Rust and Go) [y/n]: y
Cloudflare's TLS Dynamic Record Resizing patch [y/n]: y
Cloudflare's full HPACK encoding patch [y/n]: y
Cloudflare ZLIB Fork [y/n]: y
With PCRE v2 (Only works on NGINX Mainline) [y/n]: n
PageSpeed 1.13.35.2 [y/n]: n
Brotli [y/n]: y
Headers More 0.33 [y/n]: y
GeoIP (BROKEN) [y/n]: n
Fancy index [y/n]: n
ngx_cache_purge [y/n]: n
nginx_substitutions_filter [y/n]: n
ngx_http_lua_module [y/n]: n
nginx WebDAV [y/n]: n
nginx VTS [y/n]: y
nginx RTMP [y/n]: n
nginx testcookie [y/n]: n
nginx ModSecurity [y/n]: n
Saving to: ‘nginx’
nginx 100%[========================================================>] 355 --.-KB/s in 0s
2022-02-15 16:41:03 (5.27 MB/s) - ‘nginx’ saved [355/355]
Installation done.I built with both and goes okay
FlurryNight
commented
2 years ago @MaximeMichaud
Updated the commit to include VTS fix
FlurryNight
commented
2 years ago @MaximeMichaud
Any updates ?
Just rebuild with mainline and went okay, Strange
/usr/bin/cmake -E cmake_progress_start /usr/local/src/nginx/modules/quiche/quiche/deps/boringssl/build/CMakeFiles 0
make[2]: Leaving directory '/usr/local/src/nginx/modules/quiche/quiche/deps/boringssl/build'
cd /usr/local/src/nginx/modules/quiche && cargo build --package quiche --verbose --no-default-features --features ffi --release
Updating crates.io index
Compiling cc v1.0.72
Running `rustc --crate-name cc --edition=2018 /root/.cargo/registry/src/github.com-1ecc6299db9ec823/cc-1.0.72/src/lib.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts --crate-type lib --emit=dep-info,metadata,link -C embed-bitcode=no -C debuginfo=2 -C debug-assertions=off -C metadata=bbda7c9b978db63f -C extra-filename=-bbda7c9b978db63f --out-dir /usr/local/src/nginx/modules/quiche/target/release/deps -L dependency=/usr/local/src/nginx/modules/quiche/target/release/deps --cap-lints allow`
I've searched and that errors occurs on unsuccessful installation of rust
what's the output of this command rustup toolchain list ?
FlurryNight
commented
2 years ago It seems that if i set --with-cc-opt=-Wno-stringop-overread, --with-cc-opt=-Wno-ignored-qualifiers which is needed is not added to CFLAGS
MaximeMichaud
commented
2 years ago Select an option [1-5]: 1
This script will install Nginx with some optional modules.
Do you want to install Nginx stable or mainline?
1) Stable 1.20.2
2) Mainline 1.21.6
Select an option [1-2]: 2
Please tell me which modules you want to install.
If you select none, Nginx will be installed with its default modules.
Modules to install :
HTTP/3 (⚠️ Patch by Cloudflare, will install BoringSSL, Quiche, Rust and Go) [y/n]: n
Cloudflare's TLS Dynamic Record Resizing patch [y/n]: y
Cloudflare's full HPACK encoding patch [y/n]: y
Cloudflare ZLIB Fork [y/n]: y
With PCRE v2 (Only works on NGINX Mainline) [y/n]: y
PageSpeed 1.13.35.2 [y/n]: n
Brotli [y/n]: y
Headers More 0.33 [y/n]: y
GeoIP (BROKEN) [y/n]: n
Fancy index [y/n]: nn
Fancy index [y/n]: nn
Fancy index [y/n]: n
ngx_cache_purge [y/n]: n
nginx_substitutions_filter [y/n]: n
ngx_http_lua_module [y/n]: n
nginx WebDAV [y/n]: n
nginx VTS (BROKEN) [y/n]: n
nginx RTMP [y/n]: n
nginx testcookie [y/n]: n
nginx ModSecurity [y/n]: y
Enable nginx ModSecurity? [y/n]: y
Choose your OpenSSL implementation:
1) System's OpenSSL (1.1.1k)
2) OpenSSL 1.1.1l from source
3) LibreSSL 3.4.2 from source
Select an option [1-3]: 1
Will retry exactly the same, but I need ModSecurity :)
FlurryNight
commented
2 years ago @MaximeMichaud
Okay, Thanks
Still fighting to get all the needed CFLAGS, it gets replaced with the last one
Will try modsecurity too
MaximeMichaud
commented
2 years ago @MaximeMichaud
Okay, Thanks
Still fighting to get all the needed CFLAGS, it gets replaced with the last one
Will try modsecurity too
Without ModSecurity, same options than you. Everything seems to be working. IS HTTP/3 better than it was before ? I didn't check more in deep , HTTP/3 was not always working with the PATCH.
FlurryNight
commented
2 years ago @MaximeMichaud Okay, Thanks Still fighting to get all the needed CFLAGS, it gets replaced with the last one Will try modsecurity too
Without ModSecurity, same options than you. Everything seems to be working. IS HTTP/3 better than it was before ? I didn't check more in deep , HTTP/3 was not always working with the PATCH.
The HTTP3 stuff i dind't change,just switched from getting golang from the website instead of a repo
I think they have fixed it in the latest commit
I will test after tho
MaximeMichaud
commented
2 years ago @MaximeMichaud Okay, Thanks Still fighting to get all the needed CFLAGS, it gets replaced with the last one Will try modsecurity too
Without ModSecurity, same options than you. Everything seems to be working. IS HTTP/3 better than it was before ? I didn't check more in deep , HTTP/3 was not always working with the PATCH.
The HTTP3 stuff i dind't change,just switched from getting golang from the website instead of a repo
I think they have fixed it in the latest commit
I will test after tho
OK, an issue was speaking about it in this repo. HTTP/3 was not always working properly, it was really intermittent.
FlurryNight
commented
2 years ago I think it's fixed yeah
https://github.com/angristan/nginx-autoinstall/commit/65076c2ffe743550d573604131a5e8ecc78edd7f
However i will still test that
Do you know why a third --with-cc-opt discards the last one?
ModSecurity still building
FlurryNight
commented
2 years ago ModSecurity is related to NGINX changes, guess we have to delay PCRE v2
MaximeMichaud
commented
2 years ago I think it's fixed yeah
However i will still test that
Do you know why a third --with-cc-opt discards the last one?
ModSecurity still building
No, don't know.
Fix [#222]
Add [#208]
Getting golang from website [#115]
Build 1 - Stable
Build 2 - Mainline
Was not able to build Nginx VTS module, maybe broken??
Everything else smooth , tested with diferent options.
Feel free to improve!