QUIC-enabled HAProxy on Debian Trixie
构建 aws-lc 作为 SSL 库并静态链接进 haproxy
Build SSL lib
git clone https://github.com/aws/aws-lc.git
cd aws-lc
git checkout $(git describe --tags --abbrev=0)
mkdir -p build/staging
mkdir -p build/install
cmake -B build/staging -DCMAKE_INSTALL_PREFIX=$(pwd)/build/install -GNinja -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=0
ninja -C build/staging install
Build HAProxy 3.0 deb
mkdir haproxy-aws-lc
apt-get source haproxy
sudo apt-get build-dep haproxy
cd haproxy-*
debuild -b -uc -us
修改 debian/rules:
- 禁用
USE_OPENSSL=1 - 启用
USE_OPENSSL_AWSLC=1 - 禁用 QUIC 的 COMPAT
- 配置
SSL_INC和SSL_LIB到 aws-lc 的build/install/xxx
重新打包
debuild -b -uc -us
cd ..
sudo apt-get install ./haproxy_*.deb
sudo apt-mark hold haproxy