dptole/centos-nginx.sh

## centos-nginx.sh
yum -y update
yum -y install libmaxminddb-devel geoip-devel

mkdir -p /app/nginx
cd /app/nginx
wget https://nginx.org/download/nginx-1.22.1.tar.gz
tar xzf nginx-1.22.1.tar.gz
cd nginx-1.22.1

sed -r -i 's/(static u_char ngx_http_server_string\[\]).*/\1 = "";/'       src/http/ngx_http_header_filter_module.c
sed -r -i 's/(static u_char ngx_http_server_full_string\[\]).*/\1 = "";/'  src/http/ngx_http_header_filter_module.c
sed -r -i 's/(static u_char ngx_http_server_build_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c
sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/'            src/http/ngx_http_header_filter_module.c

sed -r -i 's/(static const u_char nginx)\[5\].*/\1[1]="\\x80";/'           src/http/v2/ngx_http_v2_filter_module.c
sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/'            src/http/v2/ngx_http_v2_filter_module.c

sed -r -i 's/"<hr><center>nginx<\/center>"//'                              src/http/ngx_http_special_response.c

sed -r -i 's/nginx//'                                                      html/index.html

rm /var/mail/nginx
rm -rf /home/nginx
userdel nginx
useradd nginx -M -l -s /sbin/nologin -U

mkdir -p /app/nginx/etc/conf.d/shared
mkdir -p /app/nginx/var/log
mkdir -p /app/nginx/var/run
mkdir -p /app/nginx/var/cache/client_temp
mkdir -p /app/nginx/var/cache/proxy_temp
mkdir -p /app/nginx/var/cache/fastcgi_temp
mkdir -p /app/nginx/var/cache/uwsgi_temp
mkdir -p /app/nginx/var/cache/scgi_temp
mkdir -p /app/nginx/usr/lib/modules
mkdir -p /app/nginx/usr/lib/git-modules/ngx_brotli
mkdir -p /app/nginx/usr/lib/git-modules/ngx_geoip2
mkdir -p /app/nginx/usr/sbin

git clone --recursive https://github.com/google/ngx_brotli.git /app/nginx/usr/lib/git-modules/ngx_brotli
cd /app/nginx/usr/lib/git-modules/ngx_brotli
git reset --hard e505dce68acc190cc5a1e780a3b0275e39f160ca

git clone --recursive https://github.com/leev/ngx_http_geoip2_module.git /app/nginx/usr/lib/git-modules/ngx_geoip2
cd /app/nginx/usr/lib/git-modules/ngx_geoip2
git reset --hard 1cabd8a1f68ea3998f94e9f3504431970f848fbf

chown -R nginx.nginx /app
cd /app/nginx/nginx-1.22.1

CONFIG="--prefix=/app/nginx \
--conf-path=/app/nginx/etc/nginx.conf \
--pid-path=/app/nginx/var/run/nginx.pid \
--lock-path=/app/nginx/var/run/nginx.lock \
--http-client-body-temp-path=/app/nginx/var/cache/client_temp \
--http-proxy-temp-path=/app/nginx/var/cache/proxy_temp \
--http-fastcgi-temp-path=/app/nginx/var/cache/fastcgi_temp \
--http-uwsgi-temp-path=/app/nginx/var/cache/uwsgi_temp \
--http-scgi-temp-path=/app/nginx/var/cache/scgi_temp \
--modules-path=/app/nginx/usr/lib/modules \
--add-module=/app/nginx/usr/lib/git-modules/ngx_brotli \
--add-module=/app/nginx/usr/lib/git-modules/ngx_geoip2 \
--sbin-path=/app/nginx/usr/sbin/nginx \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-http_perl_module=dynamic \
--with-threads \
--with-stream_geoip_module=dynamic \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module"

./configure $CONFIG && make -j4 && make install
chown -R nginx.nginx /app

rm /usr/local/bin/nginx
ln -s /app/nginx/usr/sbin/nginx /usr/local/bin/nginx

cat <<'EOF' -> /lib/systemd/system/nginx.service
[Unit]
Description=Nginx
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=/app/nginx/usr/sbin/nginx -c /app/nginx/etc/nginx.conf
ExecStop=/app/nginx/usr/sbin/nginx -s stop
ExecReload=/app/nginx/usr/sbin/nginx -t && /app/nginx/usr/sbin/nginx -s reload
PrivateTmp=true
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable nginx.service
nginx -t && service nginx restart && chown -R nginx.nginx /app
	yum -y update
	yum -y install libmaxminddb-devel geoip-devel

	mkdir -p /app/nginx
	cd /app/nginx
	wget https://nginx.org/download/nginx-1.22.1.tar.gz
	tar xzf nginx-1.22.1.tar.gz
	cd nginx-1.22.1

	sed -r -i 's/(static u_char ngx_http_server_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c
	sed -r -i 's/(static u_char ngx_http_server_full_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c
	sed -r -i 's/(static u_char ngx_http_server_build_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c
	sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/' src/http/ngx_http_header_filter_module.c

	sed -r -i 's/(static const u_char nginx)\[5\].*/\1[1]="\\x80";/' src/http/v2/ngx_http_v2_filter_module.c
	sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/' src/http/v2/ngx_http_v2_filter_module.c

	sed -r -i 's/"<hr><center>nginx<\/center>"//' src/http/ngx_http_special_response.c

	sed -r -i 's/nginx//' html/index.html

	rm /var/mail/nginx
	rm -rf /home/nginx
	userdel nginx
	useradd nginx -M -l -s /sbin/nologin -U

	mkdir -p /app/nginx/etc/conf.d/shared
	mkdir -p /app/nginx/var/log
	mkdir -p /app/nginx/var/run
	mkdir -p /app/nginx/var/cache/client_temp
	mkdir -p /app/nginx/var/cache/proxy_temp
	mkdir -p /app/nginx/var/cache/fastcgi_temp
	mkdir -p /app/nginx/var/cache/uwsgi_temp
	mkdir -p /app/nginx/var/cache/scgi_temp
	mkdir -p /app/nginx/usr/lib/modules
	mkdir -p /app/nginx/usr/lib/git-modules/ngx_brotli
	mkdir -p /app/nginx/usr/lib/git-modules/ngx_geoip2
	mkdir -p /app/nginx/usr/sbin

	git clone --recursive https://github.com/google/ngx_brotli.git /app/nginx/usr/lib/git-modules/ngx_brotli
	cd /app/nginx/usr/lib/git-modules/ngx_brotli
	git reset --hard e505dce68acc190cc5a1e780a3b0275e39f160ca

	git clone --recursive https://github.com/leev/ngx_http_geoip2_module.git /app/nginx/usr/lib/git-modules/ngx_geoip2
	cd /app/nginx/usr/lib/git-modules/ngx_geoip2
	git reset --hard 1cabd8a1f68ea3998f94e9f3504431970f848fbf

	chown -R nginx.nginx /app
	cd /app/nginx/nginx-1.22.1

	CONFIG="--prefix=/app/nginx \
	--conf-path=/app/nginx/etc/nginx.conf \
	--pid-path=/app/nginx/var/run/nginx.pid \
	--lock-path=/app/nginx/var/run/nginx.lock \
	--http-client-body-temp-path=/app/nginx/var/cache/client_temp \
	--http-proxy-temp-path=/app/nginx/var/cache/proxy_temp \
	--http-fastcgi-temp-path=/app/nginx/var/cache/fastcgi_temp \
	--http-uwsgi-temp-path=/app/nginx/var/cache/uwsgi_temp \
	--http-scgi-temp-path=/app/nginx/var/cache/scgi_temp \
	--modules-path=/app/nginx/usr/lib/modules \
	--add-module=/app/nginx/usr/lib/git-modules/ngx_brotli \
	--add-module=/app/nginx/usr/lib/git-modules/ngx_geoip2 \
	--sbin-path=/app/nginx/usr/sbin/nginx \
	--user=nginx \
	--group=nginx \
	--with-http_ssl_module \
	--with-http_realip_module \
	--with-http_addition_module \
	--with-http_sub_module \
	--with-http_dav_module \
	--with-http_flv_module \
	--with-http_mp4_module \
	--with-http_gunzip_module \
	--with-http_gzip_static_module \
	--with-http_random_index_module \
	--with-http_secure_link_module \
	--with-http_stub_status_module \
	--with-http_auth_request_module \
	--with-http_xslt_module=dynamic \
	--with-http_image_filter_module=dynamic \
	--with-http_geoip_module=dynamic \
	--with-http_perl_module=dynamic \
	--with-threads \
	--with-stream_geoip_module=dynamic \
	--with-stream \
	--with-stream_ssl_module \
	--with-stream_ssl_preread_module \
	--with-stream_realip_module \
	--with-http_slice_module \
	--with-mail \
	--with-mail_ssl_module \
	--with-compat \
	--with-file-aio \
	--with-http_v2_module"

	./configure $CONFIG && make -j4 && make install
	chown -R nginx.nginx /app

	rm /usr/local/bin/nginx
	ln -s /app/nginx/usr/sbin/nginx /usr/local/bin/nginx

	cat <<'EOF' -> /lib/systemd/system/nginx.service
	[Unit]
	Description=Nginx
	After=network.target remote-fs.target nss-lookup.target
	[Service]
	Type=forking
	ExecStart=/app/nginx/usr/sbin/nginx -c /app/nginx/etc/nginx.conf
	ExecStop=/app/nginx/usr/sbin/nginx -s stop
	ExecReload=/app/nginx/usr/sbin/nginx -t && /app/nginx/usr/sbin/nginx -s reload
	PrivateTmp=true
	Restart=on-failure
	[Install]
	WantedBy=multi-user.target
	EOF

	systemctl daemon-reload
	systemctl enable nginx.service
	nginx -t && service nginx restart && chown -R nginx.nginx /app