Permalink
Browse files

add optional Cloudflare zlib performance fork support in 123.09beta01

- for nginx compiles when you set in persistent config file /etc/centminmod/custom_config.inc variable CLOUDFLARE_ZLIB='y' (disabled by default) + recompile nginx via centmin.sh menu option 4, you can optionally choose using Cloudflare zlib performance fork which is reversioned from 1.2.8 to 1.3.0 in centmin mod as opposed to standard stock zlib 1.2.11 version https://github.com/cloudflare/zlib zlib-cloudflare
- https://blog.cloudflare.com/cloudflare-fights-cancer/
- benchmarks http://www.htslib.org/benchmarks/zlib.html
- https://community.centminmod.com/threads/patch-fix-error-when-building-a-nginx-source-rpm-with-custom-zlib-nginx-1-13-7.13489/
- only test on test vps servers and not live servers for now as the long term issues of using Cloudflare zlib fork is unknow for Centmin Mod Nginx server environments.
  • Loading branch information...
centminmod committed Dec 13, 2017
1 parent f6407bd commit e8d813ddc99517754a1ce6c6b4282588e3636da2
Showing with 84 additions and 19 deletions.
  1. +1 −0 centmin.sh
  2. +1 −0 example/custom_config.inc
  3. +9 −4 inc/nginx_configure.inc
  4. +29 −0 inc/nginx_upgrade.inc
  5. +43 −15 inc/zlib.inc
  6. +1 −0 tools/nginxupdate.sh
@@ -550,6 +550,7 @@ OPENSSL_VERSIONFALLBACK='1.0.2n' # fallback if OPENSSL_VERSION uses openssl 1.
OPENSSL_THREADS='y' # control whether openssl 1.1 branch uses threading or not
OPENSSL_CUSTOMPATH='/opt/openssl' # custom directory path for OpenSSL 1.0.2+
CLOUDFLARE_PATCHSSL='n' # set 'y' to implement Cloudflare's chacha20 patch https://github.com/cloudflare/sslconfig
CLOUDFLARE_ZLIB='n' # use Cloudflare optimised zlib fork https://blog.cloudflare.com/cloudflare-fights-cancer/
NGINX_DYNAMICTLS='n' # set 'y' and recompile nginx https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency/
# LibreSSL
@@ -231,6 +231,7 @@ OPENSSL_VERSIONFALLBACK='1.0.2n' # fallback if OPENSSL_VERSION uses openssl 1.
OPENSSL_THREADS='y' # control whether openssl 1.1 branch uses threading or not
OPENSSL_CUSTOMPATH='/opt/openssl' # custom directory path for OpenSSL 1.0.2+
CLOUDFLARE_PATCHSSL='n' # set 'y' to implement Cloudflare's chacha20 patch https://github.com/cloudflare/sslconfig
CLOUDFLARE_ZLIB='n' # use Cloudflare optimised zlib fork https://blog.cloudflare.com/cloudflare-fights-cancer/
NGINX_DYNAMICTLS='n' # set 'y' and recompile nginx https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency/
# LibreSSL
@@ -643,10 +643,15 @@ if [[ "$CENTOS_SEVEN" = '7' || "$CENTOS_SIX" = '6' ]]; then
fi
fi
if [[ "$NGINX_ZLIBCUSTOM" = [yY] ]]; then
ZLIBCUSTOM_DIR=$(tar -tzf "$DIR_TMP/${NGX_ZLIBLINKFILE}" 2>&1 | head -1 | cut -f1 -d"/" | grep zlib)
ZLIBCUSTOM_OPT=" --with-zlib=../zlib-${NGINX_ZLIBVER}"
fi
if [[ "$NGINX_ZLIBCUSTOM" = [yY] ]]; then
ZLIBCUSTOM_DIR=$(tar -tzf "$DIR_TMP/${NGX_ZLIBLINKFILE}" 2>&1 | head -1 | cut -f1 -d"/" | grep zlib)
ZLIBCUSTOM_OPT=" --with-zlib=../zlib-${NGINX_ZLIBVER}"
fi
if [[ "$CLOUDFLARE_ZLIB" = [yY] ]]; then
ZLIBCUSTOM_DIR='zlib-cloudflare'
ZLIBCUSTOM_OPT=" --with-zlib=../zlib-cloudflare"
fi
if [[ "$NGINX_OPENRESTY" = [yY] ]]; then
MEMCDIR=$(tar -tzf "$DIR_TMP/${NGX_MEMCLINKFILE}" | head -1 | cut -f1 -d"/")
@@ -903,6 +903,35 @@ fi
# empty pagespeed cache
clear_ps
if [[ "$CLOUDFLARE_ZLIB" = [yY] ]]; then
echo
# fix symlink
rm -rf /usr/local/lib/libz.so
rm -rf /usr/local/lib/libz.so.1
pushd /usr/local/lib/
ln -s "libz.so.1.3.0" libz.so
ln -s "libz.so.1.3.0" libz.so.1
popd
echo
echo "lsof | grep nginx | egrep -v 'php-fpm|scheduler' | grep libz"
lsof | grep nginx | egrep -v 'php-fpm|scheduler' | grep libz
echo
echo "ls -lahrt /usr/local/lib | grep libz"
ls -lahrt /usr/local/lib | grep libz
echo
echo "ls -lahrt /usr/local/include | grep z"
ls -lahrt /usr/local/include | grep z
echo
else
# fix symlink
rm -rf /usr/local/lib/libz.so
rm -rf /usr/local/lib/libz.so.1
pushd /usr/local/lib/
ln -s "libz.so.${NGINX_ZLIBVER}" libz.so
ln -s "libz.so.${NGINX_ZLIBVER}" libz.so.1
popd
fi
if [[ "$NGINX_ZERODT" = [nN] ]]; then
/etc/init.d/nginx restart
elif [[ "$NGINX_ZERODT" = [yY] ]]; then
@@ -21,21 +21,49 @@ zlibng_install() {
nginxzlib_install() {
if [[ "$NGINX_ZLIBCUSTOM" = [yY] ]]; then
echo
echo "install zlib ${NGINX_ZLIBVER}..."
echo
if [[ ! -f "${DIR_TMP}/${NGX_ZLIBLINKFILE}" || ! -d "${DIR_TMP}/zlib-${NGINX_ZLIBVER}" ]]; then
nginxzlibtarball
if [[ "$CLOUDFLARE_ZLIB" = [yY] ]]; then
echo
echo "install zlib cloudflare..."
echo
pushd "$DIR_TMP"
if [ ! -d zlib-cloudflare ]; then
git clone https://github.com/cloudflare/zlib zlib-cloudflare
elif [ -d zlib-cloudflare/.git ]; then
pushd "zlib-cloudflare"
git stash
git pull
popd
fi
cd "zlib-cloudflare"
sed -i 's|\#define ZLIB_VERSION .*|\#define ZLIB_VERSION \"1.3.0\"|' zlib.h
ldconfig
make -f Makefile.in distclean
./configure
make${MAKETHREADS}
make install
popd
echo
echo "zlib cloudflare installed"
echo
else
echo
echo "install zlib ${NGINX_ZLIBVER}..."
echo
if [[ ! -f "${DIR_TMP}/${NGX_ZLIBLINKFILE}" || ! -d "${DIR_TMP}/zlib-${NGINX_ZLIBVER}" ]]; then
nginxzlibtarball
fi
pushd "$DIR_TMP"
cd "zlib-${NGINX_ZLIBVER}"
make clean
./configure
make${MAKETHREADS}
make install
popd
echo
echo "zlib ${NGINX_ZLIBVER} installed"
echo
fi
pushd "$DIR_TMP"
cd "zlib-${NGINX_ZLIBVER}"
make clean
./configure
make${MAKETHREADS}
make install
popd
echo
echo "zlib ${NGINX_ZLIBVER} installed"
echo
fi
}
@@ -328,6 +328,7 @@ OPENSSL_VERSION='1.1.0g' # Use this version of OpenSSL http://openssl.org/
OPENSSL_VERSIONFALLBACK='1.0.2n' # fallback if OPENSSL_VERSION uses openssl 1.1.x branch
OPENSSL_THREADS='y' # control whether openssl 1.1 branch uses threading or not
CLOUDFLARE_PATCHSSL='n' # set 'y' to implement Cloudflare's chacha20 patch https://github.com/cloudflare/sslconfig
CLOUDFLARE_ZLIB='n' # use Cloudflare optimised zlib fork https://blog.cloudflare.com/cloudflare-fights-cancer/
NGINX_DYNAMICTLS='n' # set 'y' and recompile nginx https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency/
# LibreSSL

0 comments on commit e8d813d

Please sign in to comment.