-
-
Save Belphemur/3c022598919e6a1788fc to your computer and use it in GitHub Desktop.
#!/usr/bin/env bash | |
# names of latest versions of each package | |
export NGINX_VERSION=1.15.5 | |
export VERSION_NGINX=nginx-$NGINX_VERSION | |
export VERSION_LIBRESSL=libressl-2.8.1 | |
export VERSION_PCRE=pcre-8.42 | |
#export NPS_VERSION=1.9.32.10 | |
#export VERSION_PAGESPEED=v${NPS_VERSION}-beta | |
# URLs to the source directories | |
export SOURCE_LIBRESSL=https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ | |
export SOURCE_PCRE=ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ | |
export SOURCE_NGINX=http://nginx.org/download/ | |
#export SOURCE_RTMP=https://github.com/arut/nginx-rtmp-module.git | |
#export SOURCE_PAGESPEED=https://github.com/pagespeed/ngx_pagespeed/archive/ | |
# clean out any files from previous runs of this script | |
rm -rf build | |
mkdir build | |
# proc for building faster | |
NB_PROC=$(grep -c ^processor /proc/cpuinfo) | |
# ensure that we have the required software to compile our own nginx | |
sudo apt-get -y install curl wget build-essential libgd-dev libgeoip-dev checkinstall git | |
# grab the source files | |
echo "Download sources" | |
wget -P ./build $SOURCE_PCRE$VERSION_PCRE.tar.gz | |
wget -P ./build $SOURCE_LIBRESSL$VERSION_LIBRESSL.tar.gz | |
wget -P ./build $SOURCE_NGINX$VERSION_NGINX.tar.gz | |
#wget -P ./build $SOURCE_PAGESPEED$VERSION_PAGESPEED.tar.gz | |
#wget -P ./build https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}.tar.gz | |
git clone $SOURCE_RTMP ./build/rtmp | |
# expand the source files | |
echo "Extract Packages" | |
cd build | |
tar xzf $VERSION_NGINX.tar.gz | |
tar xzf $VERSION_LIBRESSL.tar.gz | |
tar xzf $VERSION_PCRE.tar.gz | |
#tar xzf $VERSION_PAGESPEED.tar.gz | |
#tar xzf ${NPS_VERSION}.tar.gz -C ngx_pagespeed-${NPS_VERSION}-beta | |
cd ../ | |
# set where LibreSSL and nginx will be built | |
export BPATH=$(pwd)/build | |
export STATICLIBSSL=$BPATH/$VERSION_LIBRESSL | |
# build static LibreSSL | |
echo "Configure & Build LibreSSL" | |
cd $STATICLIBSSL | |
./configure LDFLAGS=-lrt --prefix=${STATICLIBSSL}/.openssl/ && make install-strip -j $NB_PROC | |
# build nginx, with various modules included/excluded | |
echo "Configure & Build Nginx" | |
cd $BPATH/$VERSION_NGINX | |
#echo "Download and apply path" | |
#wget -q -O - $NGINX_PATH | patch -p0 | |
mkdir -p $BPATH/nginx | |
./configure --with-openssl=$STATICLIBSSL \ | |
--with-ld-opt="-lrt" \ | |
--sbin-path=/usr/sbin/nginx \ | |
--conf-path=/etc/nginx/nginx.conf \ | |
--error-log-path=/var/log/nginx/error.log \ | |
--http-log-path=/var/log/nginx/access.log \ | |
--with-pcre=$BPATH/$VERSION_PCRE \ | |
--with-http_ssl_module \ | |
--with-http_v2_module \ | |
--with-file-aio \ | |
--with-ipv6 \ | |
--with-http_gzip_static_module \ | |
--with-http_stub_status_module \ | |
--without-mail_pop3_module \ | |
--without-mail_smtp_module \ | |
--without-mail_imap_module \ | |
--with-http_image_filter_module \ | |
--lock-path=/var/lock/nginx.lock \ | |
--pid-path=/run/nginx.pid \ | |
--http-client-body-temp-path=/var/lib/nginx/body \ | |
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ | |
--http-proxy-temp-path=/var/lib/nginx/proxy \ | |
--http-scgi-temp-path=/var/lib/nginx/scgi \ | |
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ | |
--with-debug \ | |
--with-pcre-jit \ | |
--with-http_stub_status_module \ | |
--with-http_realip_module \ | |
--with-http_auth_request_module \ | |
--with-http_addition_module \ | |
--with-http_geoip_module \ | |
--with-http_gzip_static_module | |
# --add-module=$BPATH/rtmp | |
#--add-module=$BPATH/ngx_pagespeed-${NPS_VERSION}-beta | |
touch $STATICLIBSSL/.openssl/include/openssl/ssl.h | |
make -j $NB_PROC && sudo checkinstall --pkgname="nginx-libressl" --pkgversion="$NGINX_VERSION" \ | |
--provides="nginx" --requires="libc6, libpcre3, zlib1g" --strip=yes \ | |
--stripso=yes --backup=yes -y --install=yes | |
echo "All done."; | |
echo "This build has not edited your existing /etc/nginx directory."; | |
echo "If things aren't working now you may need to refer to the"; | |
echo "configuration files the new nginx ships with as defaults,"; | |
echo "which are available at /etc/nginx-default"; |
@partounian: I stopped using it because it wasn't compatible with HTTP2.
I haven't tried since.
Just built mainline 1.13.0 with http2 support and latest-stable pagespeed, it required a couple of modification to the build script so I could use the latest-stable tagged archive but seems to work fine with HTTP2 and pagespeed is working fine, just FYI
Hi. What's the main purpose of `--with-ld-opt="-lrt"'? I know it's for realtime library, but what happens if I omit it?
Thanks for your script! I am curious why you are doing this:
touch $STATICLIBSSL/.openssl/include/openssl/ssl.h
nginx 1.13.5 is building perfectly fine without it. I don't even need to ./configure
LibreSSL manually:
https://gist.github.com/nshtg/059b2db767cbc92bc566085100e662f6
@Belphemur -- you have a couple of duplicate build options:
--with-http_gzip_static_module
--with-http_stub_status_module
Out of curiousity, why did you stop compiling with PageSpeed? Also isn't there a way of checking for the newest version versus manually typing in the newest versions?