Luci on nginx compile

ok tested with a wrt3200acm it's faster than r7800 don't know why... and can confirm that it does work

Hope one day Lede will be totally on nginx and uhttpd comes past.

If this was to be done, some work on LuCI would have to occur in order to garnish the benefits of an asynchronous web server.

With nginx being 10x the size of uhttpd this is unlikely to happen in the forseeable future.

2 Likes

anyway just as a info, all the pr needed to fix luci problem with uwsgi are getting merged (waiting for the ddns module optimizzation)
it's 10 days that i use nginx+uwsgi with a r7800 and a wrt3200 with no problem. Can someone go to the uwsgi pr (and ddns script pr) and ask for merge so that we can test this with more people?

@jow that's right for router with small flash, but newer router have at least 20 mb of flash, so use nginx instead of uhttpd is not a problem.

Especially if people use webserver for something more than just Luci i.e. verification free certs from LE is just is just a line in nginx config :slight_smile: , owncloud, simple web hosting etc.
Some time ago I've even added headers_more addon for nginx and patch for footer in static pages so now it's harder to check on which webserver website is hosted :wink:

Edit: Headers_more dirty patch

Maybe these files shoud be copied during install and package should have option like "Integrate nginx with Luci"?
And init.d script for complete package :slight_smile: and maybe luci.conf.example file with nginx server{} block config?

yes i will create a package that will do this... ibut first we need uwsgi to be pushed...

1 Like

some of us have the space. :slight_smile: when and where is this package going to be available to try it out?

we need this

https://github.com/openwrt/packages/pull/6083

1 Like

this got merged and also the luci fix so if someone wants to test it... just use this 2 config

nginx.conf modify to respect your needs (for cert position for example) (or to disable https or http)

[uwsgi]
stric = True
plugins = cgi
uwsgi_modifier1 = 9
socket = 127.0.0.1:9090
cgi-mode = true
cgi = /www/cgi-bin/luci
threads = 2
processes = 4
chdir = /usr/lib/lua/luci/
master = True
buffer-size = 10000
reload-mercy=8
max-requests=2000
limit-as=200
reload-on-as=256
reload-on-rss=192
no-orphans=True
vacuum=True
enable-threads=True
post-buffering=8192
socket-timeout=120
thunder-lock = True
disable-logging=True

user root;
worker_processes  2;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  /var/log/nginx/error.log  debug;

#pid        logs/nginx.pid;


events {
    worker_connections  5000;
}




http {
    include       mime.types;
    #default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    #tcp_nopush     on;
    sendfile on;
    keepalive_timeout 0;
	
	client_body_buffer_size 10K;
	client_header_buffer_size 1k;
	client_max_body_size 1G;
	large_client_header_buffers 2 1k;
    

    gzip             on;
	gzip_comp_level  2;
	gzip_min_length  1000;
	gzip_proxied     expired no-cache no-store private auth;
	gzip_types       text/plain application/x-javascript text/xml text/css application/xml;
	
	root /www;

	server {
		listen 80 default_server;
		listen [::]:80 default_server;
		server_name _;
		return 301 https://$host$request_uri;
	}
	
    server {
		listen 443 ssl http2 default_server;
		listen [::]:443 ssl http2 default_server;
        server_name  localhost;
		
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
		ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:DHE+AESGCM:DHE:!RSA!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!CAMELLIA:!SEED";
        ssl_session_tickets off;
		RSA
		ssl_certificate /etc/config/https/ansuel.com/fullchain.cer;
        ssl_certificate_key /etc/config/https/ansuel.com/ansuel.com.key;
		#ECDE
		ssl_certificate /etc/config/https/ansuel.com_ecc/fullchain.cer;
        ssl_certificate_key /etc/config/https/ansuel.com_ecc/ansuel.com.key;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
		
		location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
			expires 365d;
		}

        location / {
            index  index.html;
			include /etc/nginx/uwsgi_params;
			uwsgi_modifier1 9;
			uwsgi_pass 127.0.0.1:9090;
			uwsgi_param QUERY_STRING $query_string;
			uwsgi_param REQUEST_METHOD $request_method;
			uwsgi_param CONTENT_TYPE $content_type;
			uwsgi_param CONTENT_LENGTH $content_length if_not_empty;
			uwsgi_param REQUEST_URI $request_uri;
			uwsgi_param PATH_INFO $document_uri;
			uwsgi_param SERVER_PROTOCOL $server_protocol;
			uwsgi_param REMOTE_ADDR $remote_addr;
			uwsgi_param REMOTE_PORT $remote_port;
			uwsgi_param SERVER_ADDR $server_addr;
			uwsgi_param SERVER_PORT $server_port;
			uwsgi_param SERVER_NAME $server_name;
        }
		
		location /luci-static {
			
		}
		
		location /ariang {
			index index.html;
			alias /www/ariang/;
		}
    }

}

According to your profile, I have another issue

%E6%8D%95%E8%8E%B7

If I use fastwrap, I will get another error
1 upstream prematurely closed FastCGI stdout while reading response header from upstream, client: 192.168.2.138, server: localhost, request: "GET /cgi-bin/luci HTTP/1.1", upstream: "fastcgi://127.0.0.1:12345", host: "192.168.2.1", referrer: "http://192.168.2.1/

It's not fcgi in nginx
Check my nginx config

Uwsgi module should be compiled by default in nginx

Yes, I know, I have tried two ways to make luci on nginx.

  1. uwsgi, same uwsgi.ini and nginx.conf. I get the error shown in the pic, can't open cgi_plugin.so
  2. fcgi way according to that chinese website

Cgi plugin is not an error as cgi plugin is built-in

Now I'm using your makefile, it's OK now. Thank you!

1 Like

tought you were using the precompiled package

new uwsgi file

[uwsgi]
stric = True
plugins = cgi
uwsgi_modifier1 = 9
socket = 127.0.0.1:9090
cgi-mode = true
cgi = /www/cgi-bin/luci
threads = 2
processes = 4
chdir = /usr/lib/lua/luci/
master = True
buffer-size = 10000
reload-mercy=8
max-requests=2000
limit-as=200
reload-on-as=256
reload-on-rss=192
no-orphans=True
vacuum=True
enable-threads=True
post-buffering=8192
socket-timeout=120
thunder-lock = True
logger = syslog:uwsgi
daemonize = True
log-format = %(addr) %(method) %(uri) => generated %(rsize) bytes in %(msecs) msecs

reverse proxy!!!
i'd like so much to have nginx on my 7800 without fighting with uhttpd :slight_smile:

by chance are you thinking about creating a specific package like to install all is needed for luci under nginx and remove uhhtpd?