Want more timely Centmin Mod News Updates?
Become a Member

Nginx Enabling HTTP/3 QUIC on Centmin

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Shirkit, Sep 12, 2024.

  1. Shirkit

    Shirkit New Member

    20
    4
    3
    Feb 6, 2019
    Ratings:
    +7
    Local Time:
    4:04 AM
    • CentOS Version: AlmaLinux 8.10
    • Centmin Mod Version Installed: 140.00beta01
    • Nginx Version Installed: 1.27.1
    • PHP Version Installed: 8.0.30
    • MariaDB MySQL Version Installed: 10.6.18
    • When was last time updated Centmin Mod code base ? : few minutes ago
    • Persistent Config:
      Code (Text):
      SELFSIGNEDSSL_ECDSA='y'
      PHPFINFO='y'
      PHP_OVERWRITECONF='n'
      PYTHON_INSTALL_ALTERNATIVES='y'
      MARIADB_INSTALLTENTHREE='n'
      MARIADB_INSTALLTENFOUR='n'
      MARIADB_INSTALLTENFIVE='n'
      MARIADB_INSTALLTENSIX='y'
      
      MARCH_TARGETNATIVE='n'
      LETSENCRYPT_DETECT='y'
      
      DISABLE_IPVSIX='n'

    Hello,

    First thank you again for sharing this awesome project, Geroge!

    I'd like to know if anyone managed to get HTTP/3 support on Centmin. I saw that I'd need to recompile with `--with-http_v3_module` flags, but I assume that maybe this is already being done. Also saw that I need to listen on 443 and reuseport to enable it, but again, I assume maybe someone did this already.

    Anyone tried enabling HTTP3? Also, I know I don't expect major gains as it was with HTTP2, but still, it's a win for most users.

    If you got any tips and configurations on how you did would be helpful. If Centmin already supports this and I missed something please let me know.

    Also, yeah, I know PHP 8.0 is EOL for some time, but the last major software (required for our company) updated 2.5 months ago and I was waiting till the next patch fix, which finally came out. Finally I feel that's now safe to migrate it. Gonna update it when I figure HTTP3

     
  2. eva2000

    eva2000 Administrator Staff Member

    53,567
    12,136
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,679
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  3. upgrade81

    upgrade81 Member

    295
    17
    18
    Sep 5, 2016
    CH
    Ratings:
    +30
    Local Time:
    9:04 AM
    1.17
    10.3
    I followed the guide, but it doesn't seem to work with WordPress and FastCGI. I haven't noticed any other issues.

    131 stable


    nginx version: nginx/1.27.1 (210924-194914-almalinux9-kvm-8663c34-br-a71f931)
    built by gcc 13.3.1 20240611 (Red Hat 13.3.1-2) (GCC)
    built with OpenSSL 1.1.1w+quic 11 Sep 2023
    TLS SNI support enabled


    nginx -V 2>&1 | grep -o with-http_v3_module
    with-http_v3_module
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,567
    12,136
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,679
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    how are you testing if HTTP/3 works?
     
  5. upgrade81

    upgrade81 Member

    295
    17
    18
    Sep 5, 2016
    CH
    Ratings:
    +30
    Local Time:
    9:04 AM
    1.17
    10.3
    I use the same online tool you posted above, I also tried another one because on cloudflare sites says http3 is not present.

    Which is also possible, since Cloudflare is literally doing shit in the last months.
     
  6. eva2000

    eva2000 Administrator Staff Member

    53,567
    12,136
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,679
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    try testing on a static HTML page instead of PHP served HTML page and see if the online tool reports HTTP/3
     
  7. upgrade81

    upgrade81 Member

    295
    17
    18
    Sep 5, 2016
    CH
    Ratings:
    +30
    Local Time:
    9:04 AM
    1.17
    10.3
    Hi, it works on a static file like ads.txt or a Js file!

    What could be the issue at the PHP level?

    chrome_cJlmjCSooh.jpg
     
  8. upgrade81

    upgrade81 Member

    295
    17
    18
    Sep 5, 2016
    CH
    Ratings:
    +30
    Local Time:
    9:04 AM
    1.17
    10.3
    Anyway, even when testing on your site, it doesn't work.
    I’ve tried a dozen other sites on Cloudflare, and HTTP/3 hasn't worked on any of them for days. I don’t know why.

    chrome_5BAO4bvFZv.jpg
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,567
    12,136
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,679
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Ah you need to add Alt-Svc header to php include file at /usr/local/nginx/conf/php.conf

    Then restart both nginx and php-fpm services
    Code (Text):
    nprestart
     
  10. eva2000

    eva2000 Administrator Staff Member

    53,567
    12,136
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,679
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Seperate issue is that HTTP/3 Check seems to be broken or bugged not detecting HTTP/3. If i use my custom curl 8.10.1 with HTTP/3 QUIC support it is confirmed working

    curl HTTP response shows = HTTP/3 200
    Code (Text):
    curl -I --http3 https://centminmod.com 2>&1 | egrep -v '^link|^referrer|^permissions|^strict|^x-|^set|^report|^nel|^cw|^cr'
    
    HTTP/3 200
    date: Wed, 25 Sep 2024 17:08:01 GMT
    content-type: text/html; charset=utf-8
    vary: Accept-Encoding
    expires: Wed, 02 Oct 2024 17:08:01 GMT
    cache-control: public, max-age=604800
    last-modified: Wed, 25 Sep 2024 16:30:17 GMT
    cf-cache-status: HIT
    age: 2167
    server: cloudflare
    cf-ray: 8c8c9d26bcbd05a5-IAD
    

    using custom curl 8.10 I built with HTTP/3 QUIC via quicTLS 3.1.7 OpenSSL fork and zstd additional support

     
  11. upgrade81

    upgrade81 Member

    295
    17
    18
    Sep 5, 2016
    CH
    Ratings:
    +30
    Local Time:
    9:04 AM
    1.17
    10.3
    Thank you! I’ll try adding it to the php.conf or maybe better in php-fastcgi.

    All these verification systems are buggy... Cloudflare, on all the sites I've tested, is not returning the alt-svc header.

    Cloudflare has been having serious issues over the last few months. From invoices not working, to Argo sending GBs of optimized data—four times higher than before. ZSTD compression worked with the new rules two days ago and now only returns Brotli, HTTP/3 issues, etc. Something serious is definitely happening on their end.

    Here's a simple curl test: the first website is on Cloudflare, the second on Fastly.


    SecureCRT_5uErXIpEqU.jpg chrome_E6HBWgZjDY.jpg