• Categories
    • Recent
    • Tags
    • Popular
    • Register
    • Login

    Speeding up nginx mycontroller proxy

    Scheduled Pinned Locked Moved General
    nginxproxycache
    7 Posts 3 Posters 1.2k Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • AvamanderA Offline
      Avamander
      last edited by Avamander

      To increase security, place nginx under a subdomain and to get rid of "insecure" https warning I set up nginx as a proxy. The downside was that this significantly increased the load on the Raspberry Pi making mycontroller load really slowly, so I found a workaround and even managed to make the proxied version load a bit faster (about 33% (1sec)) than mycontroller alone did and that all with stronger crypto and smaller download sizes :D.

      Nginx configuration:

         location / {
             # I'm sending HSTS header with this config
             include security_headers.conf;
             # Should contain pushed files
             include mycontroller_http2_push.conf;
             # CPU becomes a bottleneck with this many files or is just ineffective, workaround for that is below
             gzip off; 
             tcp_nopush on;
             tcp_nodelay on;
             # This would benefit if mycontroller sent `Link` headers
             http2_push_preload on;
             # You'll get smaller overhead if this is disabled 
             proxy_buffering off;
      
             # Just as a courtesy
             proxy_set_header        X-Real-IP $remote_addr;
             proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      
            # Port and IP of mycontroller
             proxy_pass              http://127.0.0.1:8443;
             charset                 utf-8;
         }
      
         location ~ ^/(app.js|app.css|services|partials|libs|languages|images|_configurations|controllers){
             gzip on;
             gzip_static on;
             root /[mycontroller_install_directory]/www/;
         }
      

      In order to actually make gzip_static on work you should compress all the files in mycontroller's installation's subdirectory www before with this script, it should be ran every time you update mycontroller:

      find . -type f -name "*.css" -exec sh -c "touch {} && \
          gzip -9v < {} > {}.gz" \;
      
      find . -type f -name "*.js" -exec sh -c "touch {} && \
          gzip -9v < {} > {}.gz" \;
      
      find . -type f -name "*.html" -exec sh -c "touch {} && \
          gzip -9v < {} > {}.gz" \;
      

      In order to speed up downloads I recommend you utilize http2 push too, a separate configuration file for that is a good idea:

      http2_push /libs/angular-resource/angular-resource.min.js?mcv=20;
      http2_push /libs/bootstrap-duallistbox/dist/jquery.bootstrap-duallistbox.min.js?mcv=20;
      http2_push /controllers/resources-group.js?mcv=20;
      http2_push /controllers/sensors.js?mcv=20;
      http2_push /libs/patternfly/dist/css/patternfly.min.css?mcv=20;
      http2_push /libs/weather-icons/css/weather-icons.min.css?mcv=20;
      http2_push /libs/angular-bootstrap-datetimepicker/css/datetimepicker.css?mcv=20;
      http2_push /libs/kubernetes-topology-graph/topology-graph.css?mcv=20;
      http2_push /libs/d3/d3.min.js?mcv=20;
      http2_push /libs/bootstrap-switch/dist/js/bootstrap-switch.min.js?mcv=20;
      

      I tried pushing more but either nginx or chrome does not accept any other files than these, further improvement could be made by making the controller push resources with Link and nginx having http2_push_preload on; but it doesn't matter much on LAN because round trip takes so little time.

      For a few additional milliseconds shaved off you can add fastopen=100 to your listen lines (make sure TCP fast open is also enabled by your OS).

      If you want you can also compile nginx with brotli support and further compress all the required files, my tests have shown it's about 5% increase in speed compared to static gzip.

      jkandasaJ skywatchS 2 Replies Last reply Reply Quote 1
      • jkandasaJ Offline
        jkandasa @Avamander
        last edited by

        @avamander This is great sharing! Thank you so much!
        Let me know If I have any action item on this task.

        1 Reply Last reply Reply Quote 0
        • skywatchS Offline
          skywatch @Avamander
          last edited by

          @Avamander It would be great to have a tutorial on how to do this in a step-by-step type instruction. 😉

          I tried it today and got to a dead end. I maybe will try again later.

          AvamanderA 1 Reply Last reply Reply Quote 0
          • AvamanderA Offline
            Avamander @skywatch
            last edited by

            @skywatch What part did you get stuck on?

            skywatchS 1 Reply Last reply Reply Quote 1
            • AvamanderA Offline
              Avamander
              last edited by

              It's worth keeping in mind that if you copy the contents of www to some other folder, make sure you also create _configurations folder in it and allow mycontroller to write into it, otherwise the UI doesn't load.

              1 Reply Last reply Reply Quote 1
              • skywatchS Offline
                skywatch @Avamander
                last edited by

                @Avamander said in Speeding up nginx mycontroller proxy:

                @skywatch What part did you get stuck on?

                Everything after you said "To increase security," 😞

                I get the idea, I just don't know what commands to follow to make it all happen. I have a DDNS domain I can use and can install nginx, then I get lost. !

                But lets wait for ver 2.0 of MyController before you put any time into helping on this, it might not be needed....

                AvamanderA 1 Reply Last reply Reply Quote 1
                • AvamanderA Offline
                  Avamander @skywatch
                  last edited by

                  @skywatch Hm, I'll try splitting it once again:

                  1. Preliminary requirement, when you have your domain and nginx, follow a tutorial to set up LetsEncrypt with nginx, there are plethora of guides way better than what I can explain

                  2. If you have your configuration (probably in /etc/nginx/sites-available/default) then you find the server { section that has your TLS (SSL) configured in step 1, then you just paste in the described content

                  3. Find the folder where you installed mycontroller, the folder has a www folder in, find [mycontroller_install_directory] with that path (e.g. /home/mycontroller/www)

                  4. The same www folder, run the find ... commands in the folder, it automatically precompresses the folders's contents

                  5. Make a new configuration file in /etc/nginx (e.g. mycontroller_http2_push.conf) and place the lines that start with http2_push in the file. Make sure the filename in the location / block matches with the configuration file name you made.

                  6. Restart nginx and it should now display you mycontroller with encrypted connection and really rather fast.

                  1 Reply Last reply Reply Quote 1
                  • First post
                    Last post

                  0

                  Online

                  586

                  Users

                  529

                  Topics

                  3.4k

                  Posts
                  Copyright © 2015-2025 MyController.org | Contributors | Localization