nginx mainline (1.13) with openssl 1.1.1 to support TLSv1.3

nginx-tls1.3

# Based on CentOS7 fork of @smartmadsoft: https://gist.github.com/moneytoo/ab3f34e4fddc2110675952f8280f49c5

# "6" for CentOS6 or Amazon Linux, "7" for CentOS7
CENTVER="6"

OPENSSL="openssl-1.1.0-pre5"
NGINX="nginx-1.13.0-1"

#yum clean all
# Install epel packages (required for GeoIP-devel)
#yum -y install http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum -y groupinstall 'Development Tools'
yum -y install wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel pcre-devel

useradd builder
groupadd builder

#mkdir -p /opt/lib

# Untar, but don't compile openssl to /opt/lib
#wget https://www.openssl.org/source/$OPENSSL.tar.gz -O /opt/lib/$OPENSSL.tar.gz
#tar -zxvf /opt/lib/open* -C /opt/lib

# Build source nginx (no auto-updates), statically link to /opt/lib/openssl* (no OS effects)
rpm -ivh http://nginx.org/packages/mainline/centos/$CENTVER/SRPMS/$NGINX.el$CENTVER.ngx.src.rpm
sed -i "s|--with-http_ssl_module|--with-http_ssl_module --with-openssl=/root/openssl-1.1.1-tls1.3-draft-18 --with-openssl-opt=enable-tls1_3 |g" /root/rpmbuild/SPECS/nginx.spec
# Compile it
rpmbuild -ba /root/rpmbuild/SPECS/nginx.spec
# Install it
rpm -ivh /root/rpmbuild/RPMS/x86_64/$NGINX.el$CENTVER.ngx.x86_64.rpm