- Machine with sudo access
- Brotli installed
sudo apt install brotli
- fd installed
sudo apt install fd-find
- build tools installed
sudo apt install build-essential libpcre3 libpcre3-dev libssl-dev zlib1g-dev
-
Clone ngx_brotli
git clone https://github.com/google/ngx_brotli.git /opt/ngx_brotli cd /opt/ngx_brotli git submodule update --init --recursive
-
Build Nginx from source with Brotli and http2
cd /usr/src wget http://nginx.org/download/nginx-1.21.3.tar.gz tar xf nginx-1.21.3.tar.gz cd nginx-1.21.3 ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --with-file-aio --with-threads --with-http_ssl_module --with-http_v2_module --add-module=/opt/ngx_brotli make make install
-
Add
mjs
to/etc/nginx/mime.types
- Change line
application/javascript js;
toapplication/javascript js mjs;
- Change line
-
Configure Nginx
-
copy stuff from nginx.conf to your
/etc/nginx/nginx.conf
file -
add ssl.conf and compression.conf to the
/etc/nginx/conf.d/
folder -
add or replace
/etc/nginx/proxy_params
with proxy_params -
add foundry.example.com.conf (probably under better name) to your
/etc/nginx/sites-available/
folder and create symlink in/etc/nginx/sites-enabled/
folder:sudo ln -sn ../sites-available/foundry.example.com.conf /etc/nginx/sites-enabled/foundry.example.com.conf
-
you need to change the following
/etc/nginx/conf.d/ssl.conf
- you probably want to change the path to your SSL certificate
- or replace it completely with your configuration (not critical for the setup but some SSL config needs to be present for HTTP/2 to work)
/etc/nginx/sites-available/foundry.example.com.conf
- Foundry upstream - if you are running it on different port than 30000
- Foundry core and data paths
- Add your server_name
-
-
Add compression script to your Foundry parrent folder (
/home/foundry
), make it executable and edit your core and data paths at the top of the file -
Run the
compress.sh
script under user which owns Foundry files
-
compress.sh
script can take a long time to run and it needs to be run after every update (core or any module or system), so it contains helpful options to run it just on the subset of files (files you know changed). E.g.:./compress.sh --core # Run after just Foundry update ./compress.sh --data # Run after bulk module/system update ./compress.sh --module plutonium # Run after just one specific module update
-
compress.sh
script creates new files in Foundry folders so it should be executed under user which you use to run Foundrysudo -u foundry bash cd /home/foundry ./compress.sh
-
Foundry folders needs to be readable by Nginx user. I recommend adding
www-data
to thefoundry
group (if you are usingfoundry
user to run Foundry) and make all Foundry files readable by group:usermod -aG foundry www-data chown -R foundry:foundry /home/foundry/core chown -R foundry:foundry /home/foundry/data chmod -R g+r /home/foundry/core chmod -R g+r /home/foundry/data
PoC confimed - Works! :)
Greetings from Kay in Discord :)