Skip to content

Instantly share code, notes, and snippets.

@elpescador-nl

elpescador-nl/Build_nginx_brotli_FreeBSD.md

Created April 28, 2020 13:51
Show Gist options
  • Save elpescador-nl/a885b3e6c5d0720556df0322882504dc to your computer and use it in GitHub Desktop.
Save elpescador-nl/a885b3e6c5d0720556df0322882504dc to your computer and use it in GitHub Desktop.
Download ZIP
Build nginx with brotli support on FreeBSD
Raw
Build_nginx_brotli_FreeBSD.md

Based on Self hosting WordPress securely in 2018 on FreeBSD with nginx, PHP 7.2, ModSecurity, brotli, Let's Encrypt SSL

First install all required packages:

pkg install git-lite libtool automake autoconf curl

Set up the building blocks:

mkdir /root/build && cd /root/build
fetch https://nginx.org/download/nginx-1.17.10.tar.gz
git clone https://github.com/google/ngx_brotli
cd ngx_brotli && git submodule update --init && cd ..
tar -zxf nginx-1.17.10.tar.gz && rm -f nginx*tar.gz

Configure and make:

cd nginx-*/
./configure --add-module=../ngx_brotli/ --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --user=www --group=www --modules-path=/usr/local/libexec/nginx --with-file-aio --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx/access.log --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_stub_status_module --with-http_sub_module --with-pcre --with-http_v2_module --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --with-threads --with-mail=dynamic --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module --with-mail_ssl_module --with-http_ssl_module 
make && make install
cd ..

Add to the rc.d (see the actual nginx_freebsd_rcd_script in this Gist):

mkdir -p /usr/local/etc/rc.d
fetch -o /usr/local/etc/rc.d/nginx https://.../nginx_freebsd_rcd_script
chmod 555 /usr/local/etc/rc.d
chmod 555 /usr/local/etc/rc.d/nginx
sysrc nginx_enable="YES"
Raw
nginx_freebsd_rcd_script
#!/bin/sh
# $FreeBSD: branches/2018Q1/www/nginx-devel/files/nginx.in 340872 2014-01-24 00:14:07Z mat $
# PROVIDE: nginx
# REQUIRE: LOGIN cleanvar
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable nginx:
# nginx_enable (bool): Set to "NO" by default.
# Set it to "YES" to enable nginx
# nginx_profiles (str): Set to "" by default.
# Define your profiles here.
# nginx_pid_prefix (str): Set to "" by default.
# When using profiles manually assign value to "nginx_"
# for prevent collision with other PIDs names.
# nginxlimits_enable (bool): Set to "NO" by default.
# Set it to yes to run `limits $limits_args`
# just before nginx starts.
# nginx_flags (str): Set to "" by default.
# Extra flags passed to start command.
# nginxlimits_args (str): Default to "-e -U www"
# Arguments of pre-start limits run.
. /etc/rc.subr
name="nginx"
rcvar=nginx_enable
start_precmd="nginx_precmd"
restart_precmd="nginx_checkconfig"
reload_precmd="nginx_checkconfig"
configtest_cmd="nginx_checkconfig"
gracefulstop_cmd="nginx_gracefulstop"
upgrade_precmd="nginx_checkconfig"
upgrade_cmd="nginx_upgrade"
command="/usr/local/sbin/nginx"
_pidprefix="/var/run"
pidfile="${_pidprefix}/${name}.pid"
_tmpprefix="/var/tmp/nginx"
required_files=/usr/local/etc/nginx/nginx.conf
extra_commands="reload configtest upgrade gracefulstop"
[ -z "$nginx_enable" ] && nginx_enable="NO"
[ -z "$nginxlimits_enable" ] && nginxlimits_enable="NO"
[ -z "$nginxlimits_args" ] && nginxlimits_args="-e -U www"
load_rc_config $name
if [ -n "$2" ]; then
profile="$2"
if [ "x${nginx_profiles}" != "x" ]; then
pidfile="${_pidprefix}/${nginx_pid_prefix}${profile}.pid"
eval nginx_configfile="\${nginx_${profile}_configfile:-}"
if [ "x${nginx_configfile}" = "x" ]; then
echo "You must define a configuration file (nginx_${profile}_configfile)"
exit 1
fi
required_files="${nginx_configfile}"
eval nginx_enable="\${nginx_${profile}_enable:-${nginx_enable}}"
eval nginx_flags="\${nginx_${profile}_flags:-${nginx_flags}}"
eval nginxlimits_enable="\${nginxlimits_${profile}_enable:-${nginxlimits_enable}}"
eval nginxlimits_args="\${nginxlimits_${profile}_args:-${nginxlimits_args}}"
nginx_flags="-c ${nginx_configfile} -g \"pid ${pidfile};\" ${nginx_flags}"
else
echo "$0: extra argument ignored"
fi
else
if [ "x${nginx_profiles}" != "x" -a "x$1" != "x" ]; then
for profile in ${nginx_profiles}; do
echo "===> nginx profile: ${profile}"
/usr/local/etc/rc.d/nginx $1 ${profile}
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
exit 0
fi
fi
# tmpfs(5)
nginx_checktmpdir()
{
if [ ! -d ${_tmpprefix} ] ; then
install -d -o www -g www -m 755 ${_tmpprefix}
fi
}
nginx_checkconfig()
{
nginx_checktmpdir
echo "Performing sanity check on nginx configuration:"
eval ${command} ${nginx_flags} -t
}
nginx_gracefulstop()
{
echo "Performing a graceful stop:"
sig_stop="QUIT"
run_rc_command ${rc_prefix}stop $rc_extra_args || return 1
}
nginx_upgrade()
{
echo "Upgrading nginx binary:"
reload_precmd=""
sig_reload="USR2"
run_rc_command ${rc_prefix}reload $rc_extra_args || return 1
sleep 1
echo "Stopping old binary:"
sig_reload="QUIT"
pidfile="$pidfile.oldbin"
run_rc_command ${rc_prefix}reload $rc_extra_args || return 1
}
nginx_precmd()
{
nginx_checkconfig
if checkyesno nginxlimits_enable
then
eval `/usr/bin/limits ${nginxlimits_args}` 2>/dev/null
else
return 0
fi
}
run_rc_command "$1"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment