I have a rails app and want to set up the google SPDY protocol support. But after installing Nginx with SPDY patch and then enabling the spdy in virtual host it does not allow me to restart the nginx instead throws following error.
Restarting nginx: nginx: [emerg] invalid parameter "spdy" in /etc/nginx/sites-enabled/default:112
nginx: configuration file /etc/nginx/nginx.conf test failed
I have compiled latest nginx 1.3.13 with spdy patch, here I am mentioning my steps of install
wget http://nginx.org/download/nginx-1.3.13.tar.gz
tar xvfz nginx-1.3.13.tar.gz
cd nginx-1.3.13
# Fetch the SPDY patch and apply it
wget http://nginx.org/patches/spdy/patch.spdy.txt
patch -p1 < patch.spdy.txt
./configure \
--sbin-path=/usr/local/sbin/nginx \
--prefix=/etc/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-log-path=/var/log/nginx/access.log \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid \
--with-debug \
--with-http_addition_module \
--with-http_dav_module \
--with-http_gzip_static_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_xslt_module \
--with-http_spdy_module \
--with-ipv6 \
--with-sha1=/usr/include/openssl \
--with-md5=/usr/include/openssl \
--with-mail \
--with-mail_ssl_module \
# wget https://you.googlecode.com/files/ngx_cache_purge-1.6.tar.gz
--add-module=/software/ngx_cache_purge-1.6 \
#http://www.openssl.org/source/openssl-1.0.1e.tar.gz
--with-openssl='/software/openssl-1.0.1e'
# Build and install nginx
make && sudo make install
It compiles successfully without any error.
Result 0f nginx -V gives following
nginx version: nginx/1.3.13
built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5)
TLS SNI support enabled
configure arguments: --sbin-path=/usr/local/sbin/nginx --prefix=/etc/nginx --conf- path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-debug --with-http_addition_module --with-http_dav_module --with-http_gzip_static_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_xslt_module --with-http_spdy_module --with-ipv6 --with-sha1=/usr/include/openssl --with-md5=/usr/include/openssl --with-mail --with-mail_ssl_module --add-module=/software/ngx_cache_purge-1.6 --with-openssl=/software/openssl-1.0.1e
My /etc/nginx/site-enabled config has
server {
listen 443 ssl spdy;
ssl_certificate server.crt;
ssl_certificate_key server.key;
...
}
After all this successfull installation nginx does not restart with spdy param in server block of site-enabled file.
Any suggestions? I am sure of missing something here but can't figure out.
UPDATE (November 19th, 2013): Modified script for nginx 1.4.3 (Does not need spdy patch)
https://gist.github.com/deepak-kumar/7541199#file-compile_nginx_1-4-3_with-spdy-sh
I wrote Shell Script for the setup
https://gist.github.com/deepak-kumar/5069550#file-compile_nginx_with_spdy-sh
I have found the solution to the problem.
I already had nginx package installed on my ubuntu 12.04 even before compiling this 1.3.13 which was causing the problem.$ sudo apt-get install nginx
To solve this issue I made sure that /etc/init.d/nginx should use the correct binary.
I did following on terminal:
$ which nginx
$ /usr/local/sbin/nginx
Checked my existing /etc/init.d/nginx script it was using wrong DAEMON path so I changed it to look like this (works)
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/sbin/nginx # $which nginx
Earlier above values were (does not work)
#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#DAEMON=/usr/sbin/nginx
Rest of the file remains same. So essentially I used the correct version binary.
Update: This blog is also a very good reference point in case you guys are interested.
http://blog.bubbleideas.com/2012/08/How-to-set-up-SPDY-on-nginx-for-your-rails-app-and-test-it.html
Related
Based on what I've read, it looks like I should be able to specify a new configuration file path when running nginx reload:
sudo nginx -c ${config_file_path} -s reload
But what I'm finding is that the config argument will only set the config to be loaded when initially starting nginx. So if I started nginx using...
sudo nginx -c /path/to/first/config/nginx.conf
Then later I create a different path /path/to/second/config/nginx.conf and try to run...
sudo nginx -c /path/to/second/config/nginx.conf -s reload
The second configuration is not loaded. In my logs/errors.log I see [notice] PID/PID: signal process started, but what's reloaded are really changes to /path/to/first/config/nginx.conf, even though I specified the second config in the reload call.
Is this expected behavior? Namely that -c argument when starting nginx will set the configuration value to be used until nginx is stopped, and the parameter really has no effect on subsequent reload calls?
For what it's worth, this is my nginx version information:
nginx version: openresty/1.19.9.1
built by gcc 7.3.1 20180712 (Red Hat 7.3.1-13) (GCC)
built with OpenSSL 1.1.1k 25 Mar 2021 (running with OpenSSL 1.1.1l 24 Aug 2021)
TLS SNI support enabled
arguments:
--prefix=/usr/local/openresty/nginx
--with-cc-opt='-O2
-DNGX_LUA_ABORT_AT_PANIC
-I/usr/local/openresty/zlib/include
-I/usr/local/openresty/pcre/include
-I/usr/local/openresty/openssl111/include'
--add-module=../ngx_devel_kit-0.3.1
--add-module=../echo-nginx-module-0.62
--add-module=../xss-nginx-module-0.06
--add-module=../ngx_coolkit-0.2
--add-module=../set-misc-nginx-module-0.32
--add-module=../form-input-nginx-module-0.12
--add-module=../encrypted-session-nginx-module-0.08
--add-module=../srcache-nginx-module-0.32
--add-module=../ngx_lua-0.10.20
--add-module=../ngx_lua_upstream-0.07
--add-module=../headers-more-nginx-module-0.33
--add-module=../array-var-nginx-module-0.05
--add-module=../memc-nginx-module-0.19
--add-module=../redis2-nginx-module-0.15
--add-module=../redis-nginx-module-0.3.7
--add-module=../ngx_stream_lua-0.0.10
--with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib
-L/usr/local/openresty/zlib/lib
-L/usr/local/openresty/pcre/lib
-L/usr/local/openresty/openssl111/lib
-Wl,-rpath,/usr/local/openresty/zlib/lib:/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl111/lib'
--with-cc='ccache
gcc
-fdiagnostics-color=always'
--with-pcre-jit
--with-stream
--with-stream_ssl_module
--with-stream_ssl_preread_module
--with-http_v2_module
--without-mail_pop3_module
--without-mail_imap_module
--without-mail_smtp_module
--with-http_stub_status_module
--with-http_realip_module
--with-http_addition_module
--with-http_auth_request_module
--with-http_secure_link_module
--with-http_random_index_module
--with-http_gzip_static_module
--with-http_sub_module
--with-http_dav_module
--with-http_flv_module
--with-http_mp4_module
--with-http_gunzip_module
--with-threads
--with-compat
--with-stream
--with-http_ssl_module
The config file path feed into nginx -c is mostly let the ad-hoc nginx process know where to read the pid file(it's pid directive inside config file), not for the daemon nginx process reloading config.
On Centos 6, I am rebuilding nginx to add the module "nginx-rtmp-module-master"
./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
--lock-path=/var/run/nginx.lock
--http-client-body-temp-path=/var/cache/nginx/client_temp
--http-proxy-temp-path=/var/cache/nginx/proxy_temp
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
--http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx
--group=nginx
--with-openssl=/builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c
--with-openssl-opt=enable-tls1_3 --with-http_ssl_module
--with-http_realip_module --with-http_addition_module
--with-http_sub_module --with-http_dav_module --with-http_flv_module
--with-http_mp4_module --with-http_gunzip_module
--with-http_gzip_static_module --with-http_random_index_module
--with-http_secure_link_module --with-http_stub_status_module
--with-http_auth_request_module --with-http_v2_module --with-mail
--with-mail_ssl_module --with-file-aio --with-ipv6
--add-module=../nginx-rtmp-module-master
After the configuration is completed in the console, the following:
....
configuring additional modules
adding module in ../nginx-rtmp-module-master
+ ngx_rtmp_module was configured
checking for PCRE library ... found
checking for PCRE JIT support ... not found
checking for zlib library ... found
creating objs/Makefile
Configuration summary
+ using system PCRE library
+ using OpenSSL library:
/builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c
+ using system zlib library
nginx path prefix: "/etc/nginx"
nginx binary file: "/usr/sbin/nginx"
nginx modules path: "/etc/nginx/modules"
nginx configuration prefix: "/etc/nginx"
nginx configuration file: "/etc/nginx/nginx.conf"
nginx pid file: "/var/run/nginx.pid"
nginx error log file: "/var/log/nginx/error.log"
nginx http access log file: "/var/log/nginx/access.log"
nginx http client request body temporary files:
"/var/cache/nginx/client_temp"
nginx http proxy temporary files: "/var/cache/nginx/proxy_temp"
nginx http fastcgi temporary files: "/var/cache/nginx/fastcgi_temp"
nginx http uwsgi temporary files: "/var/cache/nginx/uwsgi_temp"
nginx http scgi temporary files: "/var/cache/nginx/scgi_temp"
./configure: warning: the "--with-ipv6" option is deprecated
After trying to build using the make command, I get an error:
[root#216501 nginx-1.16.1]# make
make -f objs/Makefile
make[1]: Entering directory `/root/nginx-1.16.1'
cd /builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c \
&& if [ -f Makefile ]; then make clean; fi \
&& ./config
--prefix=/builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c/.openssl
no-shared no-threads enable-tls1_3 \
&& make \
&& make install_sw LIBDIR=lib
/bin/sh: line 0: cd:
/builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c: No such file or
directory
make[1]: ***
[/builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c/.openssl/include/openssl/ssl.h]
Error 1
make[1]: Leaving directory `/root/nginx-1.16.1'
make: *** [build] Error 2
How to fix the error to correctly install the module I need ?
Your openssl path in the configure command is most likely wrong
Make sure that /builddir/build/BUILD/bx-nginx-1.16.1/openssl-1.1.1c is correct and includes all the openssl development files, like include/openssl/ssl.h
I need to install push stream module for nignx.
cd /
wget http://nginx.org/download/nginx-1.7.12.tar.gz
tar -xvf nginx-1.7.12.tar.gz
cd nginx-1.7.12
git clone http://github.com/wandenberg/nginx-push-stream-module.git
next...
./configure --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --user=nginx --group=nginx --with-http_gzip_static_module --add-module=nginx-push-stream-module
after result...
adding module in nginx-push-stream-module
checking for http_push_stream_module ... found
+ ngx_http_push_stream_module was configured
make && make install
make - OK
run command "nginx -V"
nginx version: nginx/1.7.12
built by gcc 4.8.2 20140120 (Red Hat 4.8.2-16) (GCC)
TLS SNI support enabled
configure arguments: --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --user=nginx --group=nginx --with-http_gzip_static_module --with-http_realip_module --with-http_mp4_module --with-http_flv_module --with-http_dav_module --with-http_secure_link_module --with-http_geoip_module --with-http_ssl_module --with-http_spdy_module --add-module=nginx-push-stream-module
service nginx start
[root#p11 nginx-1.7.12]# systemctl status nginx.service
апр 14 03:26:02 p11.ihc.ru nginx[31057]: Starting nginx: nginx: [emerg] unknown directive "push_stream_shared_memory_size" in /etc/nginx/nginx.conf:59
апр 14 03:26:02 p11.ihc.ru nginx[31057]: [FAILED]
[root#p11 nginx-1.7.12]# nginx -V
nginx version: nginx/1.7.12
built by gcc 4.8.2 20140120 (Red Hat 4.8.2-16) (GCC)
TLS SNI support enabled
configure arguments: --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --user=nginx --group=nginx --with-http_gzip_static_module --with-http_realip_module --with-http_mp4_module --with-http_flv_module --with-http_dav_module --with-http_secure_link_module --with-http_geoip_module --with-http_ssl_module --with-http_spdy_module --add-module=nginx-push-stream-module
Check you nginx install:
nginx -V
This command view all compile options etc.
You will can check nginx-push-stream-module module
Your build looks good so I'd be checking that you don't have multiple nginx binaries in your $PATH that your service could be executing instead of your new build.
whereis nginx
You've installed your new binary into /usr/local/sbin, so check you haven't forgotten to remove older nginx distributed packages that could interfere.
rpm -qa | grep ^nginx
If all else fails, move the git repo out of your nginx source and try again:
git clone https://github.com/wandenberg/nginx-push-stream-module.git
wget http://nginx.org/download/nginx-1.7.12.tar.gz
tar -xvf nginx-1.7.12.tar.gz
cd nginx-1.7.12
./configure --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --user=nginx --group=nginx --with-http_gzip_static_module --add-module=../nginx-push-stream-module
make && make install
Even better, if you want to automate builds this is what I use on my servers:
https://github.com/cubicdaiya/nginx-build
Hope it helps!
I am a newB to setting up NGINX from source and every .sh configuration I try has errors of some type - I have been at this for days! - LOL
I am needing a set up with pageSpeed, OppenSSL, SPDY and Naxsi mods at minimum to drive an equal amount of static and dynamically php files on the site.
Below is my latest attempt that I put together but I get ".configure command not found" :P
If anyone can go thru it ( I am not sure about the dependencies either) and see what I have wrong?? Also any suggestions would also be greatly appreciated. Thnx!
# Since I am not going to be using a distribution to install Nginx,
# I need to ensure all the necessary dependencies are installed for it
# as well as for PageSpeed and SPDY:
sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev libbz2-dev libssl-dev tar unzip openssl
# create a directory root directory called src to download all the filles to,
# including Nginx:
sudo mkdir src
cd src
# NGINX
wget http://nginx.org/download/nginx-1.7.4.tar.gz
tar -xvzf nginx-1.7.4.tar.gz
# Google PageSpeed:
wget https://github.com/pagespeed/ngx_pagespeed/archive/release-1.8.31.4-beta.zip
unzip release-1.8.31.4-beta.zip
cd ngx_pagespeed-release-1.8.31.4-beta/
wget https://dl.google.com/dl/page-speed/psol/1.8.31.4.tar.gz
sudo tar -xzvf 1.8.31.4.tar.gz
# Switch back to src directory
cd
cd src
# HTTP Substitutions Module:
wget https://github.com/arut/nginx-dav-ext-module/archive/master.zip
unzip master.zip
# Now let’s grab the Headers More Mod:
wget https://github.com/agentzh/headers-more-nginx-module/archive/v0.25.tar.gz
tar -xvzf v0.25.tar.gz
# and the naxsi module:
wget https://github.com/nbs-system/naxsi/archive/0.53-2.tar.gz
tar -xvzf 0.53-2.tar.gz
# cd to the uncompresses Nginx directory
cd
cd nginx-1.7.4
# Run a .configure command:
.configure \
--add-module=/src/naxsi-0.53-2 \
--prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--user=www-data \
--group=www-data \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-log-path=/var/log/nginx/access.log \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--with-pcre-jit \
--with-debug \
--with-http_addition_module \
--with-http_dav_module \
--with-http_geoip_module \
--with-http_gzip_static_module \
--with-http_image_filter_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_xslt_module \
--with-ipv6 \
--with-http_spdy_module \
--add-module=/src/nginx-dav-ext-module-master \
--add-module=/src/ngx_http_substitutions_filter_module \
--add-module=/src/ngx_pagespeed-release-1.8.31.4-beta \
--add-module=/src/headers-more-nginx-module-0.25
# Now create the Makefile:
make
Are you sure it's not a typo? It should be ./configure (not .configure).
i have compiled nginx 1.5.10 with the spdy module on centos 6.5 and it is operating without a problem, as far as i know except, that spdy is apparently not being used.
i have added the 'spdy' option to the listen directive in nginx.conf and restarted the server, yet the various spdy checking methods, such as the firefox plugin that is available and also the website: https://spdycheck.org/
both show that spdy is not being used on my site.
the line in nginx.conf is:
listen 443 ssl spdy default_server;
i saw this thread: How to set up SPDY Protocol over Nginx?
and looked to see if i needed to change the DAEMON or PATH lines in /etc/init.d/nginx - yet in my versions those lines are not present at all.
the output of nginx -V is:
nginx version: nginx/1.5.10
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_spdy_module --with-cc-opt='-O2 -g'
any tips welcomed!
SPDY/3.1 isn't supported by Firefox 26. The support was added to Firefox in version 27, see release notes.