-
-
Save AJMaxwell/f6793605068813aae888216b02364d85 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
############################################################################################## | |
## Install Nginx with OpenSSL, and ngx_pagespeed | |
## | |
## Author: Andrew Maxwell <amaxwell@ajmaxwell.com> | |
## Date: 2017/09/18 | |
## Version: 0.3 | |
## | |
## Disclaimer: I am not responsible for how you use this script. Do not assume this script | |
## will work in all envrionments or any Ubuntu version other than 14.04. This script assumes | |
## you have had a version of nginx already installed from Ubuntu PPAs and that it has been | |
## removed via `sudo apt-get remove nginx nginx-common` | |
## | |
############################################################################################## | |
# Versions of nginx, openssl, and ngx_pagespeed you want to install | |
NGINX_VERSION=1.12.1 | |
OPENSSL_VERSION=1.0.2l | |
NPS_VERSION=1.12.34.2-stable | |
## Get currently installed version of openssl | |
OPENSSL_CURRENT_VERSION=$(openssl version | awk '{ print $2 }') | |
# Customize the general nginx flags | |
NGINX_FLAGS="--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_realip_module --with-http_geoip_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-file-aio --with-pcre --with-ipv6 --with-http_v2_module --with-image_filter_module" | |
# Customize the openssl nginx flags | |
OPENSSL_FLAGS="--with-openssl=/usr/local/src/openssl-${OPENSSL_VERSION}" | |
# Customize the ngx_pagespeed nginx flags | |
NPS_FLAGS="--add-module=/usr/local/src/ngx_pagespeed-${NPS_VERSION}" | |
# Customize various 'security' related nginx flags | |
SECURITY_FLAGS="--without-http_ssi_module --without-http_scgi_module --without-http_uwsgi_module --without-http_autoindex_module" | |
############################################################################################## | |
########## STOP EDITING | |
############################################################################################## | |
NGINX_CONFIG="${NGINX_FLAGS} ${OPENSSL_FLAGS} ${NPS_FLAGS} ${SECURITY_FLAGS} --with-cc-opt='-g' --with-ld-opt='-Wl,-Bsymbolic-functions'" | |
# Install dependencies | |
sudo apt-get update | |
sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev | |
# Ensure /usr/local/src is writeable by current user, then enter that directory | |
sudo chmod +w /usr/local/src | |
cd /usr/local/src | |
## Download sources | |
# Download nginx | |
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -O nginx-${NGINX_VERSION}.tar.gz | |
# Download openssl | |
wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz -O openssl-${OPENSSL_VERSION}.tar.gz | |
# Download ngx_pagespeed | |
wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}.tar.gz -O v${NPS_VERSION}.tar.gz | |
## Extract sources | |
tar -xvzf nginx-${NGINX_VERSION}.tar.gz | |
tar -xvzf openssl-${OPENSSL_VERSION}.tar.gz | |
tar -xvzf v${NPS_VERSION}.tar.gz | |
## Download and Extract PSOL (PageSpeed Optimization Library) | |
cd ngx_pagespeed-${NPS_VERSION}/ | |
NPS_RELEASE_NUMBER=${NPS_VERSION/beta/} | |
NPS_RELEASE_NUMBER=${NPS_VERSION/stable/} | |
PSOL_URL=https://dl.google.com/dl/page-speed/psol/${NPS_RELEASE_NUMBER}.tar.gz | |
[ -e scripts/format_binary_url.sh ] && PSOL_URL=$(scripts/formate_binary_url.sh PSOL_BINARY_URL) | |
wget ${PSOL_URL} | |
tar -xvzf $(basename ${PSOL_URL}) | |
## Install openssl\ | |
cd ../openssl-${OPENSSL_VERSION} | |
./config | |
make depend | |
make | |
make test | |
# Move old OpenSSL files if they exist | |
sudo mv /usr/bin/openssl /usr/bin/openssl_${OPENSSL_CURRENT_VERSION} | |
# If you prefer to install straight from source | |
#sudo make install | |
# If you prefer to create a .deb file and use your package manager | |
sudo checkinstall | |
sudo ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl | |
## Install nginx + modules | |
cd ../nginx-${NGINX_VERSION} | |
# PageSpeed Cache | |
sudo mkdir -p /var/cache/pagespeed | |
# nginx cache | |
sudo mkdir -p /var/cache/nginx/{client_temp,fastcgi_temp,proxy_temp} | |
# nginx logs | |
sudo mkdir -p /var/log/nginx | |
sudo touch /var/log/nginx/{error,access}.log | |
./configure ${NGINX_CONFIG} | |
make | |
# If you prefer to install straight from source | |
#sudo make install | |
# If you prefer to create a .deb file and use your package manager | |
sudo checkinstall | |
#cd .. | |
# Download nginx startup script and make executable | |
sudo wget https://gist.githubusercontent.com/AJMaxwell/2c06c3704fac46d14939419c8ad1807e/raw/f8818e55b28ff8fa12531d7d7220c5c48de9eba3/nginx -O /etc/init.d/nginx | |
sudo chmod +x /etc/init.d/nginx | |
# Add nginx to system startup | |
sudo /usr/sbin/update-rc.d -f nginx defaults | |
echo "Installation Complete!" |
AJMaxwell- thanks for sharing the script. Some of the variables and links became broken so I made the necessary changes to get it working again.
Diff is available here: https://www.diffchecker.com/nD9Sc0Br
Note: Please refer to AJ's disclaimer at the top of the script before running.
#!/bin/sh
##############################################################################################
## Install Nginx with OpenSSL and ngx_pagespeed
## Author: Andrew Maxwell <amaxwell@traffixdevices.com>
## Date: 2016/05/27
## Version: 0.1
##
## Disclaimer: I am not responsible for how you use this script. Do not assume this script
## will work in all envrionments or any Ubuntu version other than 14.04. This script assumes
## you have had a version of nginx already installed from Ubuntu PPAs and that it has been
## removed via `sudo apt-get remove nginx nginx-common`
##
## ngx_pagespeed code adapted from:
## https://developers.google.com/speed/pagespeed/module/build_ngx_pagespeed_from_source
## openssl code adapted from:
## https://www.digitalocean.com/community/questions/how-to-get-already-installed-nginx-to-use-openssl-1-0-2-for-alpn#answer_27588
##############################################################################################
# Current version of nginx, openssl, and ngx_pagespeed you want to install
NGINX_VERSION=1.11.13
OPENSSL_VERSION=1.1.0e
NPS_VERSION=1.12.34.2
##############################################################################################
########## STOP EDITING
##############################################################################################
## Currently installed version of openssl
OPENSSL_CURRENT_VERSION=$(openssl version | awk '{ print $2 }')
## Nginx ./configure flags
# Automagically grab current Nginx flags
#NGINX_USER_FLAGS="$(nginx -V 2>&1 | tail -1| tr ' ' '\n' | tail -n +3)"
# Or use default Nginx flags
NGINX_USER_FLAGS="--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module"
OPENSSL_FLAGS="--with-openssl=$HOME/openssl-$OPENSSL_VERSION"
NPS_FLAGS="--add-module=$HOME/ngx_pagespeed-$NPS_VERSION-beta"
NGINX_FLAGS="$NGINX_USER_FLAGS $OPENSSL_FLAGS $NPS_FLAGS"
# Ensure lib and build packages are installed
sudo apt-get update
sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev unzip
## Ensure we are in home directory
cd $HOME
## Download sources
# Download nginx
wget http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
# Download openssl
wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz
# Download ngx_pagespeed
wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}-beta.zip
## Extract sources
# Extract nginx
tar -xvzf nginx-${NGINX_VERSION}.tar.gz
# Extract openssl
tar -xvzf openssl-${OPENSSL_VERSION}.tar.gz
# Extract ngx_pagespeed
unzip v${NPS_VERSION}-beta.zip
## Download and Extract PSOL (PageSpeed Optimization Library)
cd ngx_pagespeed-v${NPS_VERSION}-beta/
wget https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}-x64.tar.gz
tar -xzvf ${NPS_VERSION}-x64.tar.gz # extracts to psol/
cd $HOME
## Install openssl
cd openssl-${OPENSSL_VERSION}/
./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
make depend
make
make test
sudo make install
sudo mv /usr/bin/openssl /usr/bin/openssl_${OPENSSL_CURRENT_VERSION}
sudo ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
cd $HOME
## Install nginx + ngx_pagespeed
cd nginx-${NGINX_VERSION}/
./configure ${NGINX_FLAGS}
make
sudo make install
echo "Installation Complete!"
Note: After installing, there are a couple issues that we'll need to solve:
make[1]: Leaving directory '/root/nginx-1.11.13'
Installation Complete!
$ nginx -V
nginx version: nginx/1.11.13
built by gcc 4.9.2 (Debian 4.9.2-10)
built with OpenSSL 1.1.0e 16 Feb 2017
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module --with-openssl=/root/openssl-1.1.0e --add-module=/root/ngx_pagespeed-1.12.34.2-beta
$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (2: No such file or directory)
nginx: configuration file /etc/nginx/nginx.conf test failed
To fix this, create the following directory: $ sudo mkdir -p /var/cache/nginx/client_temp
Now if we try again:
$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Great, but if we try to restart the service:
$ sudo service nginx restart
Failed to restart nginx.service: Unit nginx.service is masked.
To fix this, create the following file: /lib/systemd/system/nginx.service
and paste the following:
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
Then run the following: (credit here for this one)
$ sudo systemctl unmask nginx.service
$ sudo systemctl enable nginx
$ sudo systemctl restart nginx
And finally, all done. HTTP/2 and ALPN verified on https://tools.keycdn.com/http2-test.
Hope that helps anyone stuck!
Needed some extra libraries but eventually worked for me. Thanks 👍
Thanks for the feedback everyone! I have just updated the script.
Changes:
- Moved the source files to
/usr/local/src
- Updated version numbers
- Tweaked $NGINX_FLAGS
- Added missing Nginx cache directory to
mkdir
- New PageSpeed installation process
This script was made to run on Ubuntu 14.04; if you need it to run on 16.04, see @arvin-foroutan's comment.
Can't understand...
# nginx -v
The program 'nginx' can be found in the following packages:
* nginx-core
* nginx-extras
* nginx-full
* nginx-light
* nginx-naxsi
Try: apt-get install <selected package>
sudo service nginx start
return nothing and service don't start
How to start/stop/restart nginx?
@elephantux Are you on Ubuntu 14.04? If you're running 16.04, checkout @arvin-foroutan's comment.
./configure: error: no /root/ngx_pagespeed-1.12.34.2-beta/config was found
make: *** No rule to make target 'build', needed by 'default'. Stop.
make: *** No rule to make target 'install'. Stop.
Installation Complete!
I tried to run this script in ubuntu:xenial container
pagespeed download file changed its name to incubator-pagespeed-ngx-1.12.34.2-beta. But I still get errors:
ngx_pagespeed: pagespeed optimization library not found:
./configure: 31: /root/ngx_pagespeed-1.12.34.2-beta/config: [[: not found
You need to separately download the pagespeed library:
$ cd /root/ngx_pagespeed-1.12.34.2-beta
$ wget https://dl.google.com/dl/page-speed/psol/1.12.34.2-x64.tar.gz
$ tar -xzvf 1.12.34.2-x64.tar.gz # expands to psol/
Or see the installation instructions:
https://developers.google.com/speed/pagespeed/module/build_ngx_pagespeed_from_source
make: *** No rule to make target 'build', needed by 'default'. Stop.
make: *** No rule to make target 'install'. Stop.
Installation Complete!
It's not working 👎