-
-
Save maszd/ef4eeed4c6e100dbcc843a4b1d1be7fd to your computer and use it in GitHub Desktop.
Compile nginx from source with latest openssl, without-mail, modules: pagespeed, echo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies | |
| # | |
| # Setup adjustable vars | |
| NGX_MODULE_PATH=$HOME/source | |
| NGX_VERSION=1.10.2 | |
| OPENSSL_VERSION=1.0.2j | |
| NGX_MODULE_ECHO=0.60 | |
| NGX_MODULE_CACHEPURGE=2.3 | |
| NGX_MODULE_HEALTHCHECK=0.3.0 | |
| NGX_MODULE_HEADERSMORE=0.31 | |
| NGX_MODULE_MODESECURE=2.9.1 | |
| NGX_MODULE_PAGESPEED=latest_stable | |
| # Pagespeed module relies on Google's | |
| # pagespeed optimization library | |
| NGX_MODULE_PAGESPEED_PSOL=1.11.33.4 | |
| # https://github.com/openresty/echo-nginx-module/archive/v$NGX_MODULE_ECHO.tar.gz | |
| # https://github.com/pagespeed/ngx_pagespeed/archive/$NGX_MODULE_PAGESPEED.tar.gz | |
| # https://dl.google.com/dl/page-speed/psol/$NGX_MODULE_PAGESPEED_PSOL.tar.gz | |
| # https://github.com/FRiCKLE/ngx_cache_purge/archive/$NGX_MODULE_CACHEPURGE.tar.gz | |
| # https://github.com/yaoweibin/nginx_upstream_check_module/archive/v$NGX_MODULE_HEALTHCHECK.tar.gz | |
| # https://github.com/openresty/headers-more-nginx-module/archive/v$NGX_MODULE_HEADERSMORE.tar.gz | |
| # mod_security to nginx -> https://github.com/SpiderLabs/ModSecurity | |
| # https://github.com/SpiderLabs/ModSecurity/archive/v$NGX_MODULE_MODESECURE/modsecurity-$NGX_MODULE_MODESECURE.tar.gz | |
| # * checkinstall: package the .deb | |
| # * libpcre3, libpcre3-dev: required for HTTP rewrite module | |
| # * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module | |
| # * libssl-dev: required by openssl | |
| apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev libssl-dev && \ | |
| mkdir -p $NGX_MODULE_PATH && \ | |
| # Compile against OpenSSL to enable NPN | |
| cd $NGX_MODULE_PATH && \ | |
| wget https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz && \ | |
| tar -zxvf openssl-$OPENSSL_VERSION.tar.gz && \ | |
| echo "OpenSSL Ready" | |
| # Download PageSpeed | |
| cd $NGX_MODULE_PATH && \ | |
| wget https://github.com/pagespeed/ngx_pagespeed/archive/latest-stable.tar.gz && \ | |
| mv latest-stable.tar.gz ngx_pagespeed-latest-stable.tgz && \ | |
| tar -zxvf ngx_pagespeed-latest-stable.tgz && \ | |
| echo "pagespeed Ready" | |
| # Google PageSpeed Library | |
| cd ngx_pagespeed-latest-stable && \ | |
| wget https://dl.google.com/dl/page-speed/psol/$NGX_MODULE_PAGESPEED_PSOL.tar.gz && \ | |
| tar -zxvf $NGX_MODULE_PAGESPEED_PSOL.tar.gz && \ | |
| echo "mod_pagespeed Ready" | |
| # Module: Echo | |
| cd $NGX_MODULE_PATH && \ | |
| wget https://github.com/openresty/echo-nginx-module/archive/v$NGX_MODULE_ECHO.tar.gz && \ | |
| mv v$NGX_MODULE_ECHO.tar.gz echo-nginx-module-$NGX_MODULE_ECHO.tgz && \ | |
| tar -zxvf echo-nginx-module-$NGX_MODULE_ECHO.tgz && \ | |
| echo "ngx_echo Ready" | |
| # Get the Nginx source. | |
| # | |
| # Best to get the latest mainline release. Of course, your mileage may | |
| # vary depending on future changes | |
| cd $NGX_MODULE_PATH && \ | |
| wget http://nginx.org/download/nginx-$NGX_VERSION.tar.gz && \ | |
| tar zxf nginx-$NGX_VERSION.tar.gz && \ | |
| cd nginx-$NGX_VERSION && \ | |
| echo "nginx $NGX_VERSION Ready" | |
| # Configure nginx. | |
| # | |
| # This is based on the default package in Debian. Additional flags have | |
| # been added: | |
| # | |
| # * --with-debug: adds helpful logs for debugging | |
| # * --with-openssl=$NGX_MODULE_PATH/openssl-1.0.1e: compile against newer version | |
| # of openssl | |
| # * --with-http_v2_module: include the http2 module | |
| ./configure --prefix=/etc/nginx \ | |
| --sbin-path=/usr/sbin/nginx \ | |
| --conf-path=/etc/nginx/nginx.conf \ | |
| --error-log-path=/var/log/nginx/error.log \ | |
| --http-log-path=/var/log/nginx/access.log \ | |
| --pid-path=/var/run/nginx.pid \ | |
| --lock-path=/var/run/nginx.lock \ | |
| --http-client-body-temp-path=/var/cache/nginx/client_temp \ | |
| --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ | |
| --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ | |
| --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ | |
| --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ | |
| --user=www-data \ | |
| --group=www-data \ | |
| --with-http_ssl_module \ | |
| --with-http_realip_module \ | |
| --with-http_addition_module \ | |
| --with-http_sub_module \ | |
| --with-http_dav_module \ | |
| --with-http_mp4_module \ | |
| --with-http_gunzip_module \ | |
| --with-http_gzip_static_module \ | |
| --with-http_random_index_module \ | |
| --with-http_secure_link_module \ | |
| --with-http_stub_status_module \ | |
| --with-http_v2_module \ | |
| --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2' \ | |
| --with-ld-opt='-Wl,-z,relro -Wl,--as-needed' \ | |
| --with-ipv6 \ | |
| --with-debug \ | |
| --add-module=$NGX_MODULE_PATH/echo-nginx-module-$NGX_MODULE_ECHO \ | |
| --add-dynamic-module=$NGX_MODULE_PATH/ngx_pagespeed-latest-stable \ | |
| --with-openssl=$NGX_MODULE_PATH/openssl-$OPENSSL_VERSION && \ | |
| # Make the package. | |
| make && \ | |
| # Create a .deb package. | |
| # | |
| # Instead of running `make install`, create a .deb and install from there. This | |
| # allows you to easily uninstall the package if there are issues. | |
| checkinstall --install=no -y |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment