Skip to content

Instantly share code, notes, and snippets.

@nicolasazrak
Forked from moneytoo/gist:ab3f34e4fddc2110675952f8280f49c5
Last active December 23, 2019 04:56
Show Gist options
  • Save nicolasazrak/e96f707e6ba816d31e438aa2e58f27ff to your computer and use it in GitHub Desktop.
Save nicolasazrak/e96f707e6ba816d31e438aa2e58f27ff to your computer and use it in GitHub Desktop.
nginx with OpenSSL 1.0.2 (ALPN) on CentOS 7, also available from https://brouken.com/brouken-centos-7-repo/
yum -y groupinstall 'Development Tools'
yum -y install wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel rpmdevtools
OPENSSL="openssl-1.0.2k"
NGINX_VERSION="1.13.1-1"
NJS_VERSION="1.13.1.0.1.10-1"
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-$NGINX_VERSION.el7.ngx.src.rpm
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-module-geoip-$NGINX_VERSION.el7.ngx.src.rpm
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-module-image-filter-$NGINX_VERSION.el7.ngx.src.rpm
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-module-njs-$NJS_VERSION.el7.ngx.src.rpm
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-module-perl-$NGINX_VERSION.el7.ngx.src.rpm
rpm -ivh http://nginx.org/packages/mainline/centos/7/SRPMS/nginx-module-xslt-$NGINX_VERSION.el7.ngx.src.rpm
sed -i "/Source12: .*/a Source100: https://www.openssl.org/source/$OPENSSL.tar.gz" /root/rpmbuild/SPECS/nginx.spec
sed -i "s|--with-http_ssl_module|--with-http_ssl_module --with-openssl=$OPENSSL|g" /root/rpmbuild/SPECS/nginx.spec
sed -i '/%setup -q/a tar zxf %{SOURCE100}' /root/rpmbuild/SPECS/nginx.spec
sed -i '/.*Requires: openssl.*/d' /root/rpmbuild/SPECS/nginx.spec
# hardening whatnots since 1.11.9
sed -i 's|%define WITH_LD_OPT .*|%define WITH_LD_OPT ""|g' /root/rpmbuild/SPECS/nginx.spec
sed -i 's| -fPIC||g' /root/rpmbuild/SPECS/nginx.spec
spectool -g -R /root/rpmbuild/SPECS/nginx.spec
# if '.rpmmacros' contains "%_sourcedir %{_topdir}/SOURCES/%{name}"
#spectool -g -C /root/rpmbuild/SOURCES/nginx/ /root/rpmbuild/SPECS/nginx.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx-module-geoip.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx-module-image-filter.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx-module-njs.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx-module-perl.spec
rpmbuild -ba /root/rpmbuild/SPECS/nginx-module-xslt.spec
#rpm -Uvh /root/rpmbuild/RPMS/x86_64/nginx-$NGINX_VERSION.el7.centos.ngx.x86_64.rpm
#!/usr/bin/env bash
docker build -t build-nginx .
docker run -it --rm -v $PWD:/root/rpmbuild/RPMS/x86_64/ build-nginx
FROM centos:7
RUN mkdir -p /tmp/nginx /root/rpmbuild/RPMS/x86_64/
ADD build.sh /tmp/nginx/
WORKDIR /tmp/nginx
CMD /tmp/nginx/build.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment