This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Based on CentOS7 fork of @smartmadsoft: https://gist.github.com/moneytoo/ab3f34e4fddc2110675952f8280f49c5 | |
# "6" for CentOS6 or Amazon Linux, "7" for CentOS7 | |
CENTVER="7" | |
OPENSSL="openssl-1.1.0c" | |
NGINX="nginx-1.11.6-1" | |
yum clean all | |
# Install epel packages (required for GeoIP-devel) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Install dependencies | |
# | |
# Setup adjustable vars | |
NGX_MODULE_PATH=$HOME/source | |
NGX_VERSION=1.10.2 | |
OPENSSL_VERSION=1.0.2j | |
NGX_MODULE_ECHO=0.60 | |
NGX_MODULE_CACHEPURGE=2.3 | |
NGX_MODULE_HEALTHCHECK=0.3.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Based on CentOS7 fork of @smartmadsoft: https://gist.github.com/moneytoo/ab3f34e4fddc2110675952f8280f49c5 | |
# "6" for CentOS6 or Amazon Linux, "7" for CentOS7 | |
CENTVER="6" | |
OPENSSL="openssl-1.0.2h" | |
NGINX="nginx-1.10.1-1" | |
http://nginx.org/packages/centos/6/SRPMS/nginx-1.10.1-1.el6.ngx.src.rpm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Based on CentOS7 fork of @smartmadsoft: https://gist.github.com/moneytoo/ab3f34e4fddc2110675952f8280f49c5 | |
# "6" for CentOS6 or Amazon Linux, "7" for CentOS7 | |
CENTVER="6" | |
OPENSSL="openssl-1.1.0-pre5" | |
NGINX="nginx-1.11.0-1" | |
yum clean all | |
# Install epel packages (required for GeoIP-devel) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### No longer needed as of nginx-1.13.6-1.el7_4.ngx.x86_64.rpm from nginx.org | |
### it was compiled against OpenSSL 1.0.2 from CentoOS 7.4 so it supports ALPN (HTTP2 works) | |
yum -y groupinstall 'Development Tools' | |
yum -y install wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel rpmdevtools | |
OPENSSL="openssl-1.0.2l" | |
NGINX_VERSION="1.13.5-1" | |
NJS_VERSION="1.13.5.0.1.13-1" |
Prerequisites : the letsencrypt CLI tool
This method allows your to generate and renew your Lets Encrypt certificates with 1 command. This is easily automatable to renew each 60 days, as advised.
You need nginx to answer on port 80 on all the domains you want a certificate for. Then you need to serve the challenge used by letsencrypt on /.well-known/acme-challenge
.
Then we invoke the letsencrypt command, telling the tool to write the challenge files in the directory we used as a root in the nginx configuration.
I redirect all HTTP requests on HTTPS, so my nginx config looks like :
server {
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Additional modules follow Download to SOURCE directory | |
# for TCP proxy module untar the source and patch with | |
# patch -p1 < /path/to/nginx_tcp_proxy_module/tcp.patch | |
# recreate the tar and replace in SOURCE directory | |
# | |
# * git clone https://github.com/yaoweibin/nginx_tcp_proxy_module.git | |
# * wget https://www.openssl.org/source/openssl-{ STABLE }.tar.gz | |
# * wget https://github.com/openresty/headers-more-nginx-module/archive/v0.25.tar.gz | |
# * git clone https://github.com/nulab/nginx-length-hiding-filter-module.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
upstream phpfpm { | |
server unix:/var/run/php5-fpm.sock; | |
} | |
upstream hhvm { | |
server unix:/var/run/hhvm/hhvm.sock; | |
} | |
# SSL | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
The following instructions will get you setup to run Dropbox at system start. Below, also find instructions on how to install the Dropbox CLI.
# Login as root and go into home dir.
sudo su && cd ~
# Download Dropbox depending on architecture (uname -a) and unpack.
# You will need to repeat this "download and unpack" step for all users