我有一个手动编译的nginx/1.21.3 w http3 + quic 的实验设置。
我还成功编译了一个实验性curl w http3 实现:
root@domac:~# curl --version
curl 7.80.0-DEV (x86_64-pc-linux-gnu) libcurl/7.80.0-DEV OpenSSL/1.1.1k zlib/1.2.11 ngtcp2/0.1.0-DEV nghttp3/0.1.0-DEV
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HSTS HTTP3 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets
root@domac:~#
但是,当我下载https://domac.alu.hr:8443/test.php时,我收到以下信息:
mtodorov@domac:~$ curl --http3 https://domac.alu.hr:8443/test.php
<?php var_export($_SERVER)?>
mtodorov@domac:~$
我的 nginx 是:
root@domac:~# nginx -V
nginx version: nginx/1.21.3 (nginx-quic)
built by gcc 8.3.0 (Debian 8.3.0-6)
built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL)
TLS SNI support enabled
configure arguments: --build=nginx-quic --with-debug --add-module=../njs/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/run/lock/subsys/nginx --user=www-data --group=www-data --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_slice_module --with-http_stub_status_module --with-http_v3_module --with-http_quic_module --with-stream_quic_module --with-cc-opt=-I../boringssl/include --with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto'
root@domac:~#
我的 /etc/nginx/nginx.conf 是:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
error_log /var/log/nginx/error.log info;
pid /var/run/nginx/nginx.pid;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
index index.php index.html index.htm;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 8080;
server_name domac.alu.hr;
#charset koi8-r;
#access_log logs/host.access.log main;
root /srv/www/nginx;
location / {
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ [^/]\.php(/|$) {
# root /srv/www/nginx;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# if (!-f $document_root$fastcgi_script_name) {
# return 404;
# }
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
server {
listen 8443 ssl; # TCP listener for HTTP/1.1
listen 8443 http3 reuseport; # UDP listener for QUIC+HTTP/3
ssl_protocols TLSv1.3; # QUIC requires TLS 1.3
ssl_certificate certs/domac_alu_hr_20201111.pem;
ssl_certificate_key certs/private/domac_alu_hr_20201111.key;
add_header Alt-Svc 'h3=":8443"'; # Advertise that HTTP/3 is available
add_header QUIC-Status $quic; # Sent when QUIC was used
root /srv/www/nginx;
location / {
}
access_log /var/log/nginx/access-ssl.log main;
error_log /var/log/nginx/error-ssl.log info;
}
# server {
# listen 8443 ssl http3 quic;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
# }
}
问题似乎是没有调用php7.4-fpm,但是nginx显示逐字test.php文件,而不是它的运行结果?
在同一台服务器上,有一个 apache2 守护程序可以很好地与 php7.4-fpm 和 HTTP/2 配合使用,但我想实现 HTTP/3,目前(2021 年 10 月 1 日)不支持 apache2 AFAIK。
非常感谢,我什至尝试过strace -p <proc>
在主 nginx proc 上,但它似乎甚至没有尝试打开/var/run/php/php7.4-fpm.sock ...
我知道这是一个实验性构建,但我想让它工作。我以为fastcgi支持可能已经编译出来了,但是这样的./configure选项没有打开。
知道我可能做错了什么吗?
在侦听端口 8443(您从中访问它的位置)的服务器块中,没有配置 PHP 处理程序。显然,您应该为 PHP-FPM 添加它来处理脚本。
使用 8443 端口复制
location ~ [^/]\.php(/|$) { .. }
到内部。server { }