From fae0cfaf65f5e80b268a36b9e8368d295b7b847f Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Mon, 29 Oct 2018 09:17:46 +0200 Subject: [PATCH 1/7] Prioritization HTTP/2 with BBR & tcp_notsent_lowat --- README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/README.md b/README.md index 686635d..169dd18 100644 --- a/README.md +++ b/README.md @@ -312,3 +312,19 @@ NGINX config formatter NGINX configuration tools ------------------------- * https://github.com/nginxinc/crossplane + +BBR (Linux 4.9+) +---------------- +* https://blog.cloudflare.com/http-2-prioritization-with-nginx/ +* Linux v4.13+ as no longer required FQ (`q_disc`) with BBR. +* https://github.com/google/bbr/blob/master/Documentation/bbr-quick-start.md +* https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=218af599fa635b107cfe10acf3249c4dfe5e4123 +* https://github.com/systemd/systemd/issues/9725#issuecomment-413369212 +* If the latest Linux kernel distribution does not have `tcp_bbr` enabled by default: +```sh +modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf +echo 'net.ipv4.tcp_congestion_control=bbr' >> /etc/sysctl.d/99-bbr.conf +# Recommended for production, but with Linux v4.13rc1+ can be used not only in FQ (`q_disc') in BBR mode. +echo 'net.core.default_qdisc=fq' >> /etc/sysctl.d/99-bbr.conf +sysctl --system +``` From 7125b34945cbadec026770ea18711e72bee6648e Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Fri, 16 Nov 2018 16:54:13 +0200 Subject: [PATCH 2/7] MIT License --- LICENSE | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..acfd2b7 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2014-2018 Denis Denisov + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. From 30207709d43359a38d1e3ac57531dab04f4da775 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Fri, 16 Nov 2018 17:07:21 +0200 Subject: [PATCH 3/7] Update LICENSE --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index acfd2b7..318fd12 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2014-2018 Denis Denisov +Copyright (c) 2014-2018 Denis Denisov and other contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal From b0915412723297712bf195c08b0670474a760d9f Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Tue, 20 Nov 2018 20:20:13 +0200 Subject: [PATCH 4/7] =?UTF-8?q?NGi=D0=98X=20config=20webui=20generator?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 169dd18..5ec5a74 100644 --- a/README.md +++ b/README.md @@ -312,6 +312,7 @@ NGINX config formatter NGINX configuration tools ------------------------- * https://github.com/nginxinc/crossplane +* https://github.com/valentinxxx/nginxconfig.io BBR (Linux 4.9+) ---------------- From 0b15adbfb5ae77b3e0e393d9d0873fddc1c77589 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Tue, 11 Dec 2018 20:31:56 +0200 Subject: [PATCH 5/7] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5ec5a74..0a723ae 100644 --- a/README.md +++ b/README.md @@ -213,7 +213,7 @@ Trying with the `worker_rlimit_nofile` directive in `{,/usr/local}/etc/nginx/ngi #### `nolimit` with Systemd $ mkdir -p /etc/systemd/system/nginx.service.d - $ nano /etc/security/limits.d/nginx.conf + $ nano /etc/systemd/system/nginx.service.d/nginx.conf [Service] LimitNOFILE=30000 $ systemctl daemon-reload From d10b8022279eec3635e527662a1726bf5a2d0ea6 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Sun, 13 Jan 2019 11:24:36 +0200 Subject: [PATCH 6/7] Nginx Secure Configuration --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 0a723ae..31f1c4a 100644 --- a/README.md +++ b/README.md @@ -269,6 +269,7 @@ Happy Hacking! Reference links --------------- +* https://8gwifi.org/docs/nginx-secure.jsp * http://www.codestance.com/tutorials-archive/nginx-tuning-for-best-performance-255 * https://www.keycdn.com/support/tcp-fast-open/ * https://www.masv.io/enabling-tcp-fast-open-nginx-centos-7/ From 24e1a2046ee5e4219a65ffd83150d41ac5a0e360 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Sun, 13 Jan 2019 11:25:23 +0200 Subject: [PATCH 7/7] NGINX server and improve its performance Powerful ways to supercharge your NGINX server and improve its performance --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 31f1c4a..5c0b9fa 100644 --- a/README.md +++ b/README.md @@ -294,6 +294,7 @@ Reference links * https://www.maxcdn.com/blog/nginx-application-performance-optimization/ * https://www.linode.com/docs/websites/nginx/configure-nginx-for-optimized-performance * https://haydenjames.io/nginx-tuning-tips-tls-ssl-https-ttfb-latency/ +* https://medium.freecodecamp.org/a8afdbfde64d Static analyzers ----------------