jsorrell/build_nginx.sh

## build_nginx.sh
#!/usr/bin/env bash

# This is free and unencumbered software released into the public domain.

# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
# binary, for any purpose, commercial or non-commercial, and by any
# means.

# In jurisdictions that recognize copyright laws, the author or authors
# of this software dedicate any and all copyright interest in the
# software to the public domain. We make this dedication for the benefit
# of the public at large and to the detriment of our heirs and
# successors. We intend this dedication to be an overt act of
# relinquishment in perpetuity of all present and future rights to this
# software under copyright law.

# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.

# For more information, please refer to <http://unlicense.org>


# versions of each package
export VERSION_NGINX=1.15.3
export VERSION_LIBRESSL=2.8.0
export VERSION_HEADERS_MORE=0.33
export VERSION_CACHE_PURGE=2.3

# URLs to the source directories
export SOURCE_NGINX=https://nginx.org/download/nginx-$VERSION_NGINX.tar.gz
export SOURCE_LIBRESSL=https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-$VERSION_LIBRESSL.tar.gz
export SOURCE_HEADERS_MORE=https://github.com/openresty/headers-more-nginx-module/archive/v$VERSION_HEADERS_MORE.tar.gz
export SOURCE_CACHE_PURGE=https://github.com/FRiCKLE/ngx_cache_purge/archive/$VERSION_CACHE_PURGE.tar.gz

# local download names
export NAME_NGINX=nginx-$VERSION_NGINX
export NAME_LIBRESSL=libressl-$VERSION_LIBRESSL
export NAME_HEADERS_MORE=headers-more-nginx-module-$VERSION_HEADERS_MORE
export NAME_CACHE_PURGE=ngx_cache_purge-$VERSION_CACHE_PURGE

# set build path
export BPATH=$(pwd)/build

# colors
GREEN='\033[0;32m'
ORANGE='\033[0;33m'
NC='\033[0m' # No Color

# clean out any files from previous runs of this script
rm -rf $BPATH
mkdir $BPATH

# ensure that we have the required software to compile our own nginx
sudo apt -y install curl build-essential libgd-dev libgeoip-dev checkinstall git

cd $BPATH

# grab the source files
echo -e "${ORANGE}Download and extract sources${NC}"
curl -Lo $NAME_NGINX.tar.gz $SOURCE_NGINX
tar xzf $NAME_NGINX.tar.gz
rm $NAME_NGINX.tar.gz

curl -Lo $NAME_LIBRESSL.tar.gz $SOURCE_LIBRESSL
tar xzf $NAME_LIBRESSL.tar.gz
rm $NAME_LIBRESSL.tar.gz

curl -Lo $NAME_HEADERS_MORE.tar.gz $SOURCE_HEADERS_MORE
tar xzf $NAME_HEADERS_MORE.tar.gz
rm $NAME_HEADERS_MORE.tar.gz

curl -Lo $NAME_CACHE_PURGE.tar.gz $SOURCE_CACHE_PURGE
tar xzf $NAME_CACHE_PURGE.tar.gz
rm $NAME_CACHE_PURGE.tar.gz

# build static LibreSSL
echo -e "${ORANGE}Configure & Build LibreSSL${NC}"
cd $NAME_LIBRESSL
./configure LDFLAGS=-lrt --prefix=$BPATH/$NAME_LIBRESSL/.openssl/ && make install-strip

# build nginx, with various modules included/excluded
echo -e "${ORANGE}Configure & Build Nginx${NC}"
cd $BPATH/$NAME_NGINX
./configure \
--with-openssl=$BPATH/$NAME_LIBRESSL \
--with-ld-opt="-lrt"  \
--prefix=/usr/share/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=www-data \
--group=www-data \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--with-file-aio \
--with-threads \
--with-http_ssl_module \
--with-http_v2_module \
--add-module=$BPATH/$NAME_HEADERS_MORE \
--add-module=$BPATH/$NAME_CACHE_PURGE

#touch $STATICLIBSSL/.openssl/include/openssl/ssl.h
make && sudo checkinstall --pkgname="nginx-libressl" --pkgversion="$NGINX_VERSION" \
--provides="nginx" --requires="libc6, libpcre3, zlib1g" --strip=yes \
--stripso=yes --backup=yes -y --install=yes

echo -e "${GREEN}All done.";
echo -e "This build has not edited your existing /etc/nginx directory.";
echo -e "If things aren't working now you may need to refer to the";
echo -e "configuration files the new nginx ships with as defaults,";
echo -e "which are available at /etc/nginx-default${NC}";
	#!/usr/bin/env bash

	# This is free and unencumbered software released into the public domain.

	# Anyone is free to copy, modify, publish, use, compile, sell, or
	# distribute this software, either in source code form or as a compiled
	# binary, for any purpose, commercial or non-commercial, and by any
	# means.

	# In jurisdictions that recognize copyright laws, the author or authors
	# of this software dedicate any and all copyright interest in the
	# software to the public domain. We make this dedication for the benefit
	# of the public at large and to the detriment of our heirs and
	# successors. We intend this dedication to be an overt act of
	# relinquishment in perpetuity of all present and future rights to this
	# software under copyright law.

	# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
	# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
	# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
	# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
	# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
	# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
	# OTHER DEALINGS IN THE SOFTWARE.

	# For more information, please refer to <http://unlicense.org>


	# versions of each package
	export VERSION_NGINX=1.15.3
	export VERSION_LIBRESSL=2.8.0
	export VERSION_HEADERS_MORE=0.33
	export VERSION_CACHE_PURGE=2.3

	# URLs to the source directories
	export SOURCE_NGINX=https://nginx.org/download/nginx-$VERSION_NGINX.tar.gz
	export SOURCE_LIBRESSL=https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-$VERSION_LIBRESSL.tar.gz
	export SOURCE_HEADERS_MORE=https://github.com/openresty/headers-more-nginx-module/archive/v$VERSION_HEADERS_MORE.tar.gz
	export SOURCE_CACHE_PURGE=https://github.com/FRiCKLE/ngx_cache_purge/archive/$VERSION_CACHE_PURGE.tar.gz

	# local download names
	export NAME_NGINX=nginx-$VERSION_NGINX
	export NAME_LIBRESSL=libressl-$VERSION_LIBRESSL
	export NAME_HEADERS_MORE=headers-more-nginx-module-$VERSION_HEADERS_MORE
	export NAME_CACHE_PURGE=ngx_cache_purge-$VERSION_CACHE_PURGE

	# set build path
	export BPATH=$(pwd)/build

	# colors
	GREEN='\033[0;32m'
	ORANGE='\033[0;33m'
	NC='\033[0m' # No Color

	# clean out any files from previous runs of this script
	rm -rf $BPATH
	mkdir $BPATH

	# ensure that we have the required software to compile our own nginx
	sudo apt -y install curl build-essential libgd-dev libgeoip-dev checkinstall git

	cd $BPATH

	# grab the source files
	echo -e "${ORANGE}Download and extract sources${NC}"
	curl -Lo $NAME_NGINX.tar.gz $SOURCE_NGINX
	tar xzf $NAME_NGINX.tar.gz
	rm $NAME_NGINX.tar.gz

	curl -Lo $NAME_LIBRESSL.tar.gz $SOURCE_LIBRESSL
	tar xzf $NAME_LIBRESSL.tar.gz
	rm $NAME_LIBRESSL.tar.gz

	curl -Lo $NAME_HEADERS_MORE.tar.gz $SOURCE_HEADERS_MORE
	tar xzf $NAME_HEADERS_MORE.tar.gz
	rm $NAME_HEADERS_MORE.tar.gz

	curl -Lo $NAME_CACHE_PURGE.tar.gz $SOURCE_CACHE_PURGE
	tar xzf $NAME_CACHE_PURGE.tar.gz
	rm $NAME_CACHE_PURGE.tar.gz

	# build static LibreSSL
	echo -e "${ORANGE}Configure & Build LibreSSL${NC}"
	cd $NAME_LIBRESSL
	./configure LDFLAGS=-lrt --prefix=$BPATH/$NAME_LIBRESSL/.openssl/ && make install-strip

	# build nginx, with various modules included/excluded
	echo -e "${ORANGE}Configure & Build Nginx${NC}"
	cd $BPATH/$NAME_NGINX
	./configure \
	--with-openssl=$BPATH/$NAME_LIBRESSL \
	--with-ld-opt="-lrt" \
	--prefix=/usr/share/nginx \
	--sbin-path=/usr/sbin/nginx \
	--modules-path=/usr/lib/nginx/modules \
	--conf-path=/etc/nginx/nginx.conf \
	--error-log-path=/var/log/nginx/error.log \
	--http-log-path=/var/log/nginx/access.log \
	--pid-path=/run/nginx.pid \
	--lock-path=/var/lock/nginx.lock \
	--user=www-data \
	--group=www-data \
	--http-client-body-temp-path=/var/lib/nginx/body \
	--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
	--http-proxy-temp-path=/var/lib/nginx/proxy \
	--http-scgi-temp-path=/var/lib/nginx/scgi \
	--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
	--with-file-aio \
	--with-threads \
	--with-http_ssl_module \
	--with-http_v2_module \
	--add-module=$BPATH/$NAME_HEADERS_MORE \
	--add-module=$BPATH/$NAME_CACHE_PURGE

	#touch $STATICLIBSSL/.openssl/include/openssl/ssl.h
	make && sudo checkinstall --pkgname="nginx-libressl" --pkgversion="$NGINX_VERSION" \
	--provides="nginx" --requires="libc6, libpcre3, zlib1g" --strip=yes \
	--stripso=yes --backup=yes -y --install=yes

	echo -e "${GREEN}All done.";
	echo -e "This build has not edited your existing /etc/nginx directory.";
	echo -e "If things aren't working now you may need to refer to the";
	echo -e "configuration files the new nginx ships with as defaults,";
	echo -e "which are available at /etc/nginx-default${NC}";