Skip to content

Instantly share code, notes, and snippets.

@AJMaxwell
Last active September 12, 2021 20:57
Show Gist options
  • Save AJMaxwell/f6793605068813aae888216b02364d85 to your computer and use it in GitHub Desktop.
Save AJMaxwell/f6793605068813aae888216b02364d85 to your computer and use it in GitHub Desktop.
Install Nginx, OpenSSL, and ngx_pagespeed from source on Ubuntu 14.04
#!/bin/bash
##############################################################################################
## Install Nginx with OpenSSL, and ngx_pagespeed
##
## Author: Andrew Maxwell <amaxwell@ajmaxwell.com>
## Date: 2017/09/18
## Version: 0.3
##
## Disclaimer: I am not responsible for how you use this script. Do not assume this script
## will work in all envrionments or any Ubuntu version other than 14.04. This script assumes
## you have had a version of nginx already installed from Ubuntu PPAs and that it has been
## removed via `sudo apt-get remove nginx nginx-common`
##
##############################################################################################
# Versions of nginx, openssl, and ngx_pagespeed you want to install
NGINX_VERSION=1.12.1
OPENSSL_VERSION=1.0.2l
NPS_VERSION=1.12.34.2-stable
## Get currently installed version of openssl
OPENSSL_CURRENT_VERSION=$(openssl version | awk '{ print $2 }')
# Customize the general nginx flags
NGINX_FLAGS="--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_realip_module --with-http_geoip_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-file-aio --with-pcre --with-ipv6 --with-http_v2_module --with-image_filter_module"
# Customize the openssl nginx flags
OPENSSL_FLAGS="--with-openssl=/usr/local/src/openssl-${OPENSSL_VERSION}"
# Customize the ngx_pagespeed nginx flags
NPS_FLAGS="--add-module=/usr/local/src/ngx_pagespeed-${NPS_VERSION}"
# Customize various 'security' related nginx flags
SECURITY_FLAGS="--without-http_ssi_module --without-http_scgi_module --without-http_uwsgi_module --without-http_autoindex_module"
##############################################################################################
########## STOP EDITING
##############################################################################################
NGINX_CONFIG="${NGINX_FLAGS} ${OPENSSL_FLAGS} ${NPS_FLAGS} ${SECURITY_FLAGS} --with-cc-opt='-g' --with-ld-opt='-Wl,-Bsymbolic-functions'"
# Install dependencies
sudo apt-get update
sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev
# Ensure /usr/local/src is writeable by current user, then enter that directory
sudo chmod +w /usr/local/src
cd /usr/local/src
## Download sources
# Download nginx
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -O nginx-${NGINX_VERSION}.tar.gz
# Download openssl
wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz -O openssl-${OPENSSL_VERSION}.tar.gz
# Download ngx_pagespeed
wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}.tar.gz -O v${NPS_VERSION}.tar.gz
## Extract sources
tar -xvzf nginx-${NGINX_VERSION}.tar.gz
tar -xvzf openssl-${OPENSSL_VERSION}.tar.gz
tar -xvzf v${NPS_VERSION}.tar.gz
## Download and Extract PSOL (PageSpeed Optimization Library)
cd ngx_pagespeed-${NPS_VERSION}/
NPS_RELEASE_NUMBER=${NPS_VERSION/beta/}
NPS_RELEASE_NUMBER=${NPS_VERSION/stable/}
PSOL_URL=https://dl.google.com/dl/page-speed/psol/${NPS_RELEASE_NUMBER}.tar.gz
[ -e scripts/format_binary_url.sh ] && PSOL_URL=$(scripts/formate_binary_url.sh PSOL_BINARY_URL)
wget ${PSOL_URL}
tar -xvzf $(basename ${PSOL_URL})
## Install openssl\
cd ../openssl-${OPENSSL_VERSION}
./config
make depend
make
make test
# Move old OpenSSL files if they exist
sudo mv /usr/bin/openssl /usr/bin/openssl_${OPENSSL_CURRENT_VERSION}
# If you prefer to install straight from source
#sudo make install
# If you prefer to create a .deb file and use your package manager
sudo checkinstall
sudo ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
## Install nginx + modules
cd ../nginx-${NGINX_VERSION}
# PageSpeed Cache
sudo mkdir -p /var/cache/pagespeed
# nginx cache
sudo mkdir -p /var/cache/nginx/{client_temp,fastcgi_temp,proxy_temp}
# nginx logs
sudo mkdir -p /var/log/nginx
sudo touch /var/log/nginx/{error,access}.log
./configure ${NGINX_CONFIG}
make
# If you prefer to install straight from source
#sudo make install
# If you prefer to create a .deb file and use your package manager
sudo checkinstall
#cd ..
# Download nginx startup script and make executable
sudo wget https://gist.githubusercontent.com/AJMaxwell/2c06c3704fac46d14939419c8ad1807e/raw/f8818e55b28ff8fa12531d7d7220c5c48de9eba3/nginx -O /etc/init.d/nginx
sudo chmod +x /etc/init.d/nginx
# Add nginx to system startup
sudo /usr/sbin/update-rc.d -f nginx defaults
echo "Installation Complete!"
@anmolnagpal
Copy link

It's not working 👎

@arvin-foroutan
Copy link

AJMaxwell- thanks for sharing the script. Some of the variables and links became broken so I made the necessary changes to get it working again.

Diff is available here: https://www.diffchecker.com/nD9Sc0Br

Note: Please refer to AJ's disclaimer at the top of the script before running.

#!/bin/sh

##############################################################################################
## Install Nginx with OpenSSL and ngx_pagespeed
## Author: Andrew Maxwell <amaxwell@traffixdevices.com>
## Date: 2016/05/27
## Version: 0.1
##
## Disclaimer: I am not responsible for how you use this script. Do not assume this script
##  will work in all envrionments or any Ubuntu version other than 14.04. This script assumes
##  you have had a version of nginx already installed from Ubuntu PPAs and that it has been
##  removed via `sudo apt-get remove nginx nginx-common`
##
## ngx_pagespeed code adapted from:
## https://developers.google.com/speed/pagespeed/module/build_ngx_pagespeed_from_source
## openssl code adapted from:
## https://www.digitalocean.com/community/questions/how-to-get-already-installed-nginx-to-use-openssl-1-0-2-for-alpn#answer_27588
##############################################################################################

# Current version of nginx, openssl, and ngx_pagespeed you want to install
NGINX_VERSION=1.11.13
OPENSSL_VERSION=1.1.0e
NPS_VERSION=1.12.34.2

##############################################################################################
########## STOP EDITING
##############################################################################################

## Currently installed version of openssl
OPENSSL_CURRENT_VERSION=$(openssl version | awk '{ print $2 }')
## Nginx ./configure flags
# Automagically grab current Nginx flags
#NGINX_USER_FLAGS="$(nginx -V  2>&1 | tail -1| tr ' ' '\n' | tail -n +3)"
# Or use default Nginx flags
NGINX_USER_FLAGS="--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module"
OPENSSL_FLAGS="--with-openssl=$HOME/openssl-$OPENSSL_VERSION"
NPS_FLAGS="--add-module=$HOME/ngx_pagespeed-$NPS_VERSION-beta"
NGINX_FLAGS="$NGINX_USER_FLAGS $OPENSSL_FLAGS $NPS_FLAGS"

# Ensure lib and build packages are installed
sudo apt-get update
sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev unzip

## Ensure we are in home directory
cd $HOME

## Download sources
# Download nginx
wget http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
# Download openssl
wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz
# Download ngx_pagespeed
wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}-beta.zip

## Extract sources
# Extract nginx
tar -xvzf nginx-${NGINX_VERSION}.tar.gz
# Extract openssl
tar -xvzf openssl-${OPENSSL_VERSION}.tar.gz
# Extract ngx_pagespeed
unzip v${NPS_VERSION}-beta.zip

## Download and Extract PSOL (PageSpeed Optimization Library)
cd ngx_pagespeed-v${NPS_VERSION}-beta/
wget https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}-x64.tar.gz
tar -xzvf ${NPS_VERSION}-x64.tar.gz # extracts to psol/
cd $HOME

## Install openssl
cd openssl-${OPENSSL_VERSION}/
./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
make depend
make
make test
sudo make install
sudo mv /usr/bin/openssl /usr/bin/openssl_${OPENSSL_CURRENT_VERSION}
sudo ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
cd $HOME

## Install nginx + ngx_pagespeed
cd nginx-${NGINX_VERSION}/
./configure ${NGINX_FLAGS}
make
sudo make install

echo "Installation Complete!"

Note: After installing, there are a couple issues that we'll need to solve:

make[1]: Leaving directory '/root/nginx-1.11.13'
Installation Complete!
$ nginx -V
nginx version: nginx/1.11.13
built by gcc 4.9.2 (Debian 4.9.2-10) 
built with OpenSSL 1.1.0e  16 Feb 2017
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module --with-openssl=/root/openssl-1.1.0e --add-module=/root/ngx_pagespeed-1.12.34.2-beta

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (2: No such file or directory)
nginx: configuration file /etc/nginx/nginx.conf test failed

To fix this, create the following directory: $ sudo mkdir -p /var/cache/nginx/client_temp

Now if we try again:

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Great, but if we try to restart the service:

$ sudo service nginx restart
Failed to restart nginx.service: Unit nginx.service is masked.

To fix this, create the following file: /lib/systemd/system/nginx.service and paste the following:

[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
 
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
 
[Install]
WantedBy=multi-user.target

Then run the following: (credit here for this one)

$ sudo systemctl unmask nginx.service
$ sudo systemctl enable nginx
$ sudo systemctl restart nginx

And finally, all done. HTTP/2 and ALPN verified on https://tools.keycdn.com/http2-test.

Hope that helps anyone stuck!

@RaphaelBronsveld-zz
Copy link

Needed some extra libraries but eventually worked for me. Thanks 👍

@AJMaxwell
Copy link
Author

AJMaxwell commented Sep 18, 2017

Thanks for the feedback everyone! I have just updated the script.

Changes:

  • Moved the source files to /usr/local/src
  • Updated version numbers
  • Tweaked $NGINX_FLAGS
  • Added missing Nginx cache directory to mkdir
  • New PageSpeed installation process

This script was made to run on Ubuntu 14.04; if you need it to run on 16.04, see @arvin-foroutan's comment.

@elephantux
Copy link

elephantux commented Sep 19, 2017

Can't understand...

# nginx -v
The program 'nginx' can be found in the following packages:
 * nginx-core
 * nginx-extras
 * nginx-full
 * nginx-light
 * nginx-naxsi
Try: apt-get install <selected package>

sudo service nginx start
return nothing and service don't start

How to start/stop/restart nginx?

@AJMaxwell
Copy link
Author

@elephantux Are you on Ubuntu 14.04? If you're running 16.04, checkout @arvin-foroutan's comment.

@zhex900
Copy link

zhex900 commented Feb 9, 2018

./configure: error: no /root/ngx_pagespeed-1.12.34.2-beta/config was found
make: *** No rule to make target 'build', needed by 'default'. Stop.
make: *** No rule to make target 'install'. Stop.
Installation Complete!

I tried to run this script in ubuntu:xenial container

@zhex900
Copy link

zhex900 commented Feb 9, 2018

pagespeed download file changed its name to incubator-pagespeed-ngx-1.12.34.2-beta. But I still get errors:
ngx_pagespeed: pagespeed optimization library not found:
./configure: 31: /root/ngx_pagespeed-1.12.34.2-beta/config: [[: not found

You need to separately download the pagespeed library:
$ cd /root/ngx_pagespeed-1.12.34.2-beta
$ wget https://dl.google.com/dl/page-speed/psol/1.12.34.2-x64.tar.gz
$ tar -xzvf 1.12.34.2-x64.tar.gz # expands to psol/

Or see the installation instructions:
https://developers.google.com/speed/pagespeed/module/build_ngx_pagespeed_from_source
make: *** No rule to make target 'build', needed by 'default'. Stop.
make: *** No rule to make target 'install'. Stop.
Installation Complete!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment