Created
November 11, 2015 06:05
-
-
Save identityclash/99d01daf35905bb26e53 to your computer and use it in GitHub Desktop.
Nginx compile from source on Debian
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apt-get -y install build-essential zlib1g-dev libpcre3 libpcre3-dev libssl-dev libbz2-dev libpcrecpp0 tar unzip | |
# http://nginx.org/en/download.html | |
cd /tmp | |
wget http://nginx.org/download/nginx-1.8.0.tar.gz | |
tar -xzvf nginx-1.8.0.tar.gz | |
mkdir /nginx-modules | |
cd /nginx-modules | |
# https://github.com/openresty/headers-more-nginx-module/tags | |
wget https://github.com/openresty/headers-more-nginx-module/archive/v0.26.tar.gz | |
tar -xzvf v0.26.tar.gz | |
cd /tmp/nginx-1.8.0 | |
./configure \ | |
--prefix=/usr/share/nginx \ | |
--sbin-path=/usr/sbin/nginx \ | |
--conf-path=/etc/nginx/nginx.conf \ | |
--pid-path=/var/run/nginx.pid \ | |
--lock-path=/var/lock/nginx.lock \ | |
--error-log-path=/var/log/nginx/error.log \ | |
--http-log-path=/var/log/access.log \ | |
--user=www-data \ | |
--group=www-data \ | |
--without-mail_pop3_module \ | |
--without-mail_imap_module \ | |
--without-mail_smtp_module \ | |
--without-http_fastcgi_module \ | |
--without-http_uwsgi_module \ | |
--without-http_scgi_module \ | |
--without-http_memcached_module \ | |
--with-ipv6 \ | |
--with-http_ssl_module \ | |
--with-http_spdy_module \ | |
--with-http_stub_status_module \ | |
--with-http_gzip_static_module \ | |
--add-module=/nginx-modules/headers-more-nginx-module-0.26 | |
make | |
make install | |
vim /etc/init.d/nginx | |
chmod 755 /etc/init.d/nginx | |
vim /etc/default/nginx | |
update-rc.d nginx defaults | |
vim /etc/nginx/nginx.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
### BEGIN INIT INFO | |
# Provides: nginx | |
# Required-Start: $local_fs $remote_fs $network $syslog | |
# Required-Stop: $local_fs $remote_fs $network $syslog | |
# Default-Start: 2 3 4 5 | |
# Default-Stop: 0 1 6 | |
# Short-Description: starts the nginx web server | |
# Description: starts nginx using start-stop-daemon | |
### END INIT INFO | |
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin | |
DAEMON=/usr/sbin/nginx | |
NAME=nginx | |
DESC=nginx | |
# Include nginx default if available | |
if [ -f /etc/default/nginx ]; then | |
. /etc/default/nginx | |
fi | |
test -x $DAEMON || exit 0 | |
set -e | |
. /lib/lsb/init-functions | |
test_nginx_config() { | |
if $DAEMON -t $DAEMON_OPTS >/dev/null 2>&1; then | |
return 0 | |
else | |
$DAEMON -t $DAEMON_OPTS | |
return $? | |
fi | |
} | |
case "$1" in | |
start) | |
echo -n "Starting $DESC: " | |
test_nginx_config | |
# Check if the ULIMIT is set in /etc/default/nginx | |
if [ -n "$ULIMIT" ]; then | |
# Set the ulimits | |
ulimit $ULIMIT | |
fi | |
start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \ | |
--exec $DAEMON -- $DAEMON_OPTS || true | |
echo "$NAME." | |
;; | |
stop) | |
echo -n "Stopping $DESC: " | |
start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid \ | |
--exec $DAEMON || true | |
echo "$NAME." | |
;; | |
restart|force-reload) | |
echo -n "Restarting $DESC: " | |
start-stop-daemon --stop --quiet --pidfile \ | |
/var/run/$NAME.pid --exec $DAEMON || true | |
sleep 1 | |
test_nginx_config | |
# Check if the ULIMIT is set in /etc/default/nginx | |
if [ -n "$ULIMIT" ]; then | |
# Set the ulimits | |
ulimit $ULIMIT | |
fi | |
start-stop-daemon --start --quiet --pidfile \ | |
/var/run/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS || true | |
echo "$NAME." | |
;; | |
reload) | |
echo -n "Reloading $DESC configuration: " | |
test_nginx_config | |
start-stop-daemon --stop --signal HUP --quiet --pidfile /var/run/$NAME.pid \ | |
--exec $DAEMON || true | |
echo "$NAME." | |
;; | |
configtest|testconfig) | |
echo -n "Testing $DESC configuration: " | |
if test_nginx_config; then | |
echo "$NAME." | |
else | |
exit $? | |
fi | |
;; | |
status) | |
status_of_proc -p /var/run/$NAME.pid "$DAEMON" nginx && exit 0 || exit $? | |
;; | |
*) | |
echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest}" >&2 | |
exit 1 | |
;; | |
esac | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Note: You may want to look at the following page before setting the ULIMIT. | |
# http://wiki.nginx.org/CoreModule#worker_rlimit_nofile | |
# Set the ulimit variable if you need defaults to change. | |
# Example: ULIMIT="-n 4096" | |
#ULIMIT="-n 4096" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
worker_processes 1; | |
events { | |
use epoll; | |
multi_accept on; | |
worker_connections 2048; | |
} | |
http { | |
ssl_certificate example.com.crt; | |
ssl_certificate_key example.com.key; | |
access_log /home/admin/log/nginx_access.log; | |
error_log /home/admin/log/nginx_error.log; | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
default_type application/octet-stream; | |
include mime.types; | |
send_timeout 2; | |
keepalive_timeout 30; | |
client_body_timeout 10; | |
reset_timedout_connection on; | |
gzip on; | |
gzip_proxied expired no-cache no-store private auth; | |
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml; | |
gzip_disable "MSIE [1-6]\."; | |
server_tokens off; | |
if_modified_since off; | |
types_hash_max_size 2048; | |
server { | |
listen 8080 ssl spdy; | |
charset utf-8; | |
server_name _; | |
error_page 404 /404.html; | |
error_page 500 502 503 504 /50x.html; | |
root /home/admin/www; | |
index index.html index.htm; | |
more_clear_headers 'Server' | |
'Last-Modified'; | |
more_set_headers 'Expires: -1' | |
'Pragma: no-cache' | |
'X-Frame-Options: SAMEORIGIN' | |
'X-XSS-Protection: 1; mode=block' | |
'X-Content-Type-Options: nosniff' | |
'X-UA-Compatible: IE=edge, chrome=1' | |
'Strict-Transport-Security: max-age=31536000; includeSubDomains' | |
'Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0, pre-check=0, post-check=0'; | |
#'X-Permitted-Cross-Domain-Policies' | |
#'Content-Security-Policy: ' | |
location / { | |
try_files $uri $uri/ =404; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
location /status { | |
stub_status on; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment