nginx-current: new ptrcport
This commit is contained in:
parent
573b14a691
commit
0b82aee7ae
11 changed files with 636 additions and 0 deletions
315
nginx-current/APKBUILD
Normal file
315
nginx-current/APKBUILD
Normal file
|
@ -0,0 +1,315 @@
|
||||||
|
# Maintainer: psykose <alice@ayaya.dev>
|
||||||
|
pkgname=nginx-current
|
||||||
|
pkgver=1.21.6
|
||||||
|
pkgrel=0
|
||||||
|
pkgdesc="HTTP and reverse proxy server (current version)"
|
||||||
|
url="https://www.nginx.org/"
|
||||||
|
arch="all"
|
||||||
|
license="BSD-2-Clause"
|
||||||
|
depends="!nginx"
|
||||||
|
makedepends="
|
||||||
|
brotli-dev
|
||||||
|
gd-dev
|
||||||
|
libxml2-dev
|
||||||
|
libxslt-dev
|
||||||
|
linux-headers
|
||||||
|
luajit-dev
|
||||||
|
openssl3-dev
|
||||||
|
pcre2-dev
|
||||||
|
perl-dev
|
||||||
|
zeromq-dev
|
||||||
|
zlib-dev
|
||||||
|
"
|
||||||
|
pkgusers="nginx"
|
||||||
|
_grp_ngx="nginx"
|
||||||
|
_grp_www="www-data"
|
||||||
|
pkggroups="$_grp_ngx $_grp_www"
|
||||||
|
install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-upgrade $pkgname.post-upgrade"
|
||||||
|
subpackages="$pkgname-doc $pkgname-openrc $pkgname-vim::noarch"
|
||||||
|
source="https://nginx.org/download/nginx-$pkgver.tar.gz
|
||||||
|
nginx.conf
|
||||||
|
default.conf
|
||||||
|
stream.conf
|
||||||
|
nginx.logrotate
|
||||||
|
nginx.initd
|
||||||
|
nginx.confd
|
||||||
|
"
|
||||||
|
builddir="$srcdir/nginx-$pkgver"
|
||||||
|
options="!check" # no time!
|
||||||
|
|
||||||
|
_modules_dir="usr/lib/$pkgname/modules"
|
||||||
|
|
||||||
|
# Built-in dynamic modules
|
||||||
|
for _mod in \
|
||||||
|
http-image-filter \
|
||||||
|
http-perl \
|
||||||
|
http-xslt-filter \
|
||||||
|
mail \
|
||||||
|
stream
|
||||||
|
do
|
||||||
|
subpackages="$subpackages $pkgname-mod-$_mod:_module"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Third-party dynamic modules
|
||||||
|
|
||||||
|
# For simplicity we assume that module is hosted on GitHub.
|
||||||
|
_add_module() {
|
||||||
|
local name="$1" ver="$2" url="$3" subdir="$4" enabled="${5:-true}"
|
||||||
|
local dirname=${url##*/}-${ver#v}
|
||||||
|
local varprefix="_${name//-/_}"
|
||||||
|
|
||||||
|
eval "${varprefix}_ver='$ver'; ${varprefix}_url='$url'"
|
||||||
|
|
||||||
|
# Don't add new flag and source if it's already there, i.e. two or more
|
||||||
|
# modules share the same source (e.g. geoip2 that provides http-geoip2
|
||||||
|
# and stream-geoip2).
|
||||||
|
if ! printf '%s\n' $_extra_flags | grep -qFw "$srcdir/$dirname"; then
|
||||||
|
source="$source $dirname.tar.gz::$url/archive/$ver.tar.gz"
|
||||||
|
# $source must be always in-sync with $sha512sums, so we have to
|
||||||
|
# add there source of a module that is disabled on the current arch.
|
||||||
|
[ "$enabled" = false ] && return
|
||||||
|
|
||||||
|
_extra_flags="$_extra_flags --add-dynamic-module=$srcdir/$dirname/$subdir"
|
||||||
|
fi
|
||||||
|
subpackages="$subpackages $pkgname-mod-$name:_module"
|
||||||
|
}
|
||||||
|
|
||||||
|
_add_module "devel-kit" "v0.3.1" "https://github.com/vision5/ngx_devel_kit"
|
||||||
|
_devel_kit_so="ndk_http_module.so"
|
||||||
|
|
||||||
|
_add_module "http-accounting" "v2.0" "https://github.com/Lax/traffic-accounting-nginx-module"
|
||||||
|
|
||||||
|
_add_module "http-array-var" "v0.05" "https://github.com/openresty/array-var-nginx-module"
|
||||||
|
_http_array_var_depends="$pkgname-mod-devel-kit"
|
||||||
|
|
||||||
|
_add_module "http-brotli" "v1.0.0rc" "https://github.com/google/ngx_brotli"
|
||||||
|
_http_brotli_so="ngx_http_brotli_filter_module.so ngx_http_brotli_static_module.so"
|
||||||
|
|
||||||
|
_add_module "http-cache-purge" "2.5.1" "https://github.com/nginx-modules/ngx_cache_purge"
|
||||||
|
|
||||||
|
_add_module "http-cookie-flag" "v1.1.0" "https://github.com/AirisX/nginx_cookie_flag_module"
|
||||||
|
_http_cookie_flag_so="ngx_http_cookie_flag_filter_module.so"
|
||||||
|
|
||||||
|
_add_module "http-echo" "v0.62" "https://github.com/openresty/echo-nginx-module"
|
||||||
|
|
||||||
|
_add_module "http-encrypted-session" "v0.08" "https://github.com/openresty/encrypted-session-nginx-module"
|
||||||
|
_http_encrypted_session_depends="$pkgname-mod-devel-kit"
|
||||||
|
|
||||||
|
_add_module "http-fancyindex" "v0.5.1" "https://github.com/aperezdc/ngx-fancyindex"
|
||||||
|
|
||||||
|
_add_module "http-headers-more" "v0.33" "https://github.com/openresty/headers-more-nginx-module"
|
||||||
|
_http_headers_more_so="ngx_http_headers_more_filter_module.so"
|
||||||
|
|
||||||
|
_add_module "http-log-zmq" "v1.0.0" "https://github.com/danifbento/nginx-log-zmq"
|
||||||
|
|
||||||
|
_add_module "http-nchan" "v1.2.8" "https://github.com/slact/nchan"
|
||||||
|
_http_nchan_so="ngx_nchan_module.so"
|
||||||
|
|
||||||
|
_add_module "http-redis2" "v0.15" "https://github.com/openresty/redis2-nginx-module"
|
||||||
|
|
||||||
|
_add_module "http-set-misc" "v0.32" "https://github.com/openresty/set-misc-nginx-module"
|
||||||
|
_http_set_misc_depends="$pkgname-mod-devel-kit"
|
||||||
|
|
||||||
|
_add_module "http-shibboleth" "v2.0.1" "https://github.com/nginx-shib/nginx-http-shibboleth"
|
||||||
|
|
||||||
|
_add_module "http-untar" "v1.0" "https://github.com/ajax16384/ngx_http_untar_module"
|
||||||
|
|
||||||
|
_add_module "http-upload-progress" "v0.9.2" "https://github.com/masterzen/nginx-upload-progress-module"
|
||||||
|
_http_upload_progress_so="ngx_http_uploadprogress_module.so"
|
||||||
|
|
||||||
|
_add_module "http-upstream-fair" "0.1.3" "https://github.com/itoffshore/nginx-upstream-fair"
|
||||||
|
|
||||||
|
_add_module "http-upstream-jdomain" "1.1.5" "https://github.com/nicholaschiasson/ngx_upstream_jdomain"
|
||||||
|
|
||||||
|
_add_module "http-vod" "1.28" "https://github.com/kaltura/nginx-vod-module"
|
||||||
|
|
||||||
|
_add_module "http-zip" "1.2.0" "https://github.com/evanmiller/mod_zip"
|
||||||
|
|
||||||
|
_add_module "rtmp" "v1.2.2" "https://github.com/arut/nginx-rtmp-module"
|
||||||
|
_rtmp_provides="nginx-rtmp" # for backward compatibility
|
||||||
|
|
||||||
|
build() {
|
||||||
|
export LUAJIT_LIB="$(pkg-config --variable=libdir luajit)"
|
||||||
|
export LUAJIT_INC="$(pkg-config --variable=includedir luajit)"
|
||||||
|
./configure \
|
||||||
|
--prefix=/var/lib/nginx \
|
||||||
|
--sbin-path=/usr/sbin/nginx \
|
||||||
|
--modules-path=/$_modules_dir \
|
||||||
|
--conf-path=/etc/nginx/nginx.conf \
|
||||||
|
--pid-path=/run/nginx/nginx.pid \
|
||||||
|
--lock-path=/run/nginx/nginx.lock \
|
||||||
|
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body \
|
||||||
|
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy \
|
||||||
|
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi \
|
||||||
|
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi \
|
||||||
|
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi \
|
||||||
|
--with-perl_modules_path=/usr/lib/perl5/vendor_perl \
|
||||||
|
\
|
||||||
|
--user=$pkgusers \
|
||||||
|
--group=$_grp_ngx \
|
||||||
|
--with-threads \
|
||||||
|
--with-file-aio \
|
||||||
|
\
|
||||||
|
--with-http_ssl_module \
|
||||||
|
--with-http_v2_module \
|
||||||
|
--with-http_realip_module \
|
||||||
|
--with-http_addition_module \
|
||||||
|
--with-http_xslt_module=dynamic \
|
||||||
|
--with-http_image_filter_module=dynamic \
|
||||||
|
--with-http_sub_module \
|
||||||
|
--with-http_flv_module \
|
||||||
|
--with-http_mp4_module \
|
||||||
|
--with-http_gunzip_module \
|
||||||
|
--with-http_gzip_static_module \
|
||||||
|
--with-http_auth_request_module \
|
||||||
|
--with-http_random_index_module \
|
||||||
|
--with-http_secure_link_module \
|
||||||
|
--with-http_degradation_module \
|
||||||
|
--with-http_slice_module \
|
||||||
|
--with-http_stub_status_module \
|
||||||
|
--with-http_perl_module=dynamic \
|
||||||
|
--with-mail=dynamic \
|
||||||
|
--with-mail_ssl_module \
|
||||||
|
--with-openssl-opt=enable-ktls \
|
||||||
|
--with-stream=dynamic \
|
||||||
|
--with-stream_ssl_module \
|
||||||
|
--with-stream_realip_module \
|
||||||
|
--with-stream_ssl_preread_module \
|
||||||
|
\
|
||||||
|
$_extra_flags
|
||||||
|
|
||||||
|
make
|
||||||
|
}
|
||||||
|
|
||||||
|
package() {
|
||||||
|
cd "$builddir"
|
||||||
|
|
||||||
|
make DESTDIR="$pkgdir" install
|
||||||
|
chown root:root "$pkgdir"/usr/sbin/nginx
|
||||||
|
|
||||||
|
install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
|
||||||
|
install -Dm644 README "$pkgdir"/usr/share/doc/$pkgname/README
|
||||||
|
|
||||||
|
install -Dm644 objs/nginx.8 "$pkgdir"/usr/share/man/man8/nginx.8
|
||||||
|
|
||||||
|
local name; for name in ngx_devel_kit nginx-rtmp-module; do
|
||||||
|
cp -r "$srcdir"/$name-*/doc* "$pkgdir"/usr/share/doc/$pkgname/$name
|
||||||
|
done
|
||||||
|
cd "$pkgdir"
|
||||||
|
|
||||||
|
install -Dm644 "$srcdir"/nginx.conf ./etc/nginx/nginx.conf
|
||||||
|
install -dm755 ./etc/$pkgname/http.d ./etc/nginx/modules
|
||||||
|
|
||||||
|
install -Dm755 "$srcdir"/nginx.initd ./etc/init.d/nginx
|
||||||
|
install -Dm644 "$srcdir"/nginx.confd ./etc/conf.d/nginx
|
||||||
|
install -Dm644 "$srcdir"/nginx.logrotate ./etc/logrotate.d/nginx
|
||||||
|
|
||||||
|
install -dm750 -o $pkgusers -g $_grp_ngx ./var/lib/nginx
|
||||||
|
install -dm700 -o $pkgusers -g $_grp_ngx ./var/lib/nginx/tmp
|
||||||
|
install -dm755 -g $_grp_www ./var/www/localhost/htdocs
|
||||||
|
|
||||||
|
install -Dm644 "$srcdir"/default.conf ./usr/share/nginx/http-default_server.conf
|
||||||
|
|
||||||
|
install -dm755 ./var/log
|
||||||
|
mv ./var/lib/nginx/logs ./var/log/nginx
|
||||||
|
chown $pkgusers:$_grp_ngx var/log/nginx
|
||||||
|
|
||||||
|
ln -sf /$_modules_dir ./var/lib/nginx/modules
|
||||||
|
ln -sf /var/log/nginx ./var/lib/nginx/logs
|
||||||
|
ln -sf /run/nginx ./var/lib/nginx/run
|
||||||
|
|
||||||
|
# Remove archaic charset maps.
|
||||||
|
rm ./etc/nginx/koi-* ./etc/nginx/win-utf
|
||||||
|
|
||||||
|
rm -rf ./run ./etc/nginx/*.default
|
||||||
|
}
|
||||||
|
|
||||||
|
vim() {
|
||||||
|
pkgdesc="$pkgdesc (vim syntax)"
|
||||||
|
install_if="vim $pkgname=$pkgver-r$pkgrel"
|
||||||
|
depends=
|
||||||
|
|
||||||
|
mkdir -p "$subpkgdir"/usr/share/vim
|
||||||
|
cp -r "$builddir"/contrib/vim "$subpkgdir"/usr/share/vim/vimfiles
|
||||||
|
}
|
||||||
|
|
||||||
|
_module() {
|
||||||
|
local name="${subpkgname#$pkgname-mod-}"; name="${name//-/_}"
|
||||||
|
local ver=$(getvar _${name}_ver)
|
||||||
|
|
||||||
|
pkgdesc="Nginx module ${name//_/-}"
|
||||||
|
[ "$ver" ] && pkgdesc="Nginx third-party module ${name//_/-} (version $ver)"
|
||||||
|
|
||||||
|
url=$(getvar "_${name}_url" "$url")
|
||||||
|
sonames=$(getvar "_${name}_so" "ngx_${name}_module.so")
|
||||||
|
depends="$pkgname $(getvar "_${name}_depends")"
|
||||||
|
provides=$(getvar "_${name}_provides")
|
||||||
|
|
||||||
|
# Numeric prefix for the module config to ensure that modules with
|
||||||
|
# dependencies on other modules will be loaded after their dependencies.
|
||||||
|
# For simplicity, we don't actually resolve dependency tree. Instead,
|
||||||
|
# we just prefix the module name with a number that reflects number of
|
||||||
|
# the module's dependencies times ten (e.g. 10, 20, 30, ...).
|
||||||
|
local conf_prefix="$(echo "$depends" | wc -w)0_"
|
||||||
|
|
||||||
|
mkdir -p "$subpkgdir"/$_modules_dir
|
||||||
|
mkdir -p "$subpkgdir"/etc/nginx/modules
|
||||||
|
|
||||||
|
cd "$subpkgdir"
|
||||||
|
|
||||||
|
local soname; for soname in $sonames; do
|
||||||
|
mv "$pkgdir"/$_modules_dir/$soname ./$_modules_dir/$soname
|
||||||
|
echo "load_module \"modules/$soname\";" >> ./etc/nginx/modules/${conf_prefix}$name.conf
|
||||||
|
done
|
||||||
|
|
||||||
|
case "$name" in
|
||||||
|
http_perl)
|
||||||
|
mv "$pkgdir"/usr/lib/perl5 "$subpkgdir"/usr/lib/
|
||||||
|
;;
|
||||||
|
http_naxsi)
|
||||||
|
install -m644 -D "$srcdir"/naxsi-*/naxsi_config/naxsi_core.rules \
|
||||||
|
./etc/nginx/naxsi_core.rules
|
||||||
|
;;
|
||||||
|
stream)
|
||||||
|
mkdir -p ./etc/nginx/stream.d
|
||||||
|
install -m644 "$srcdir"/stream.conf ./etc/nginx/stream.conf
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
# Print value of the specified variable, or the default if empty or not defined.
|
||||||
|
getvar() {
|
||||||
|
eval "printf '%s\n' \"\${$1:-$2}\""
|
||||||
|
}
|
||||||
|
|
||||||
|
sha512sums="
|
||||||
|
10b0cdd13b26687104bf11e6b850fd851e9d8881bdf67f72c062d956e661da4d70482e6ec3123405b324ad7ed821a8bcc67b742dce9f59e972407fa437ddcad4 nginx-1.21.6.tar.gz
|
||||||
|
9c5ee975dffa15b76688ef798371635f38f1e6773b143c738add26297878dddfc20ebf276e3871a60f28b197e8a70496ca17d4816c2136171978c157bb8e591f nginx.conf
|
||||||
|
0907f69dc2d3dc1bad3a04fb6673f741f1a8be964e22b306ef9ae2f8e736e1f5733a8884bfe54f3553fff5132a0e5336716250f54272c3fec2177d6ba16986f3 default.conf
|
||||||
|
f3321a45736697009817db335ad36d3f1d05f60d98ac90a943220cdd4c00c52632f018db6a6076d5431a483525aacc5725b87b765b590e2f63b3ef98c5b16bd8 stream.conf
|
||||||
|
09b110693e3f4377349ccea3c43cb8199c8579ee351eae34283299be99fdf764b0c1bddd552e13e4d671b194501618b29c822e1ad53b34101a73a63954363dbb nginx.logrotate
|
||||||
|
ee10a5687740dde0c3d18d8b3555f49fcdc6abfc0a3bc2de1de3be0e99951a346fe8027d916aab73071ecd4e2c50871e7c867aca3a7a0fd16e3374c5caed1c57 nginx.initd
|
||||||
|
0b9b9ed01ac077e334c034faa2679f6e26740fb3362eebf8cef82d22b2af2a3faaa53bae3c9e14af51cbf64720a7c66431905ca5cc43f978366456cc4e3b7f4a nginx.confd
|
||||||
|
de1e3349d8dd08e5982279b2219dc8a8006739f0409b8e0f5c50d93434beff1fbafba43e9c5ac85a5fab90afc5c0a7244a340610339c36f82f2cba7233e72de9 ngx_devel_kit-0.3.1.tar.gz
|
||||||
|
0df34c3765e18dc5cc5a053d3a17dbee17a686a1f6e76ad057c262741c4e4465c66bcef86e627a19258f836cad5f14745bf046fd396b00960ad79ed20c2a07bb traffic-accounting-nginx-module-2.0.tar.gz
|
||||||
|
7c9fa9b76bc7cd2473ceae6d5ffb8de26993be9293ea967908d6c4550e086affa7016df4c936fb0b79f1142dc0aa1a5f2058d417e6433b5a3497a45d7e866e84 array-var-nginx-module-0.05.tar.gz
|
||||||
|
05a880d5e48ac83be84498ed41fb4750211b827a9d7541acfd6ef494e5205a6e853d5594bfec3ab4ae668ea3f803e4f4b0ba550c76811971c8e266e42663c56d ngx_brotli-1.0.0rc.tar.gz
|
||||||
|
3ad37b4a251fb85a9a384f87fea5ca640166e3d7173c6ed9a857b191ae5f2e93819483b5d423fcafe8a10239b571677b342cc2d2d5d62315816f1316d7d5bb76 ngx_cache_purge-2.5.1.tar.gz
|
||||||
|
352cc3d033cc67ee34209f958dac13ada2147de429f4dd3da301c865d52970d80c8aa3c193f7fb28cf4854b88baff07b6efc3bae1fb813fe53d5956a87dfc81a nginx_cookie_flag_module-1.1.0.tar.gz
|
||||||
|
240896b1c559a71ca6ca87136d8535edd25b1d65ebb80d46080ad41c09ed1cec9737828f9efe260782294d660cea66cf402f4e75bba3fed26f3a94de0ae2f89b echo-nginx-module-0.62.tar.gz
|
||||||
|
80651951edd69d202e991a66f531bbe0398b4f062e822bb7748411f5f597eb1d5827102ba477bb6cd2793274adf6f6d60dd89fde7645174b091143251197af69 encrypted-session-nginx-module-0.08.tar.gz
|
||||||
|
5c9252713286056cb493b734c8aabef51538c4c3c3204404eecc6c09dffcd06f733ed4f134af8f5d38558db75ac0a6161a1fa29ae98284b68b30309d9a5e6b31 ngx-fancyindex-0.5.1.tar.gz
|
||||||
|
13165b1b8d4be281b8bd2404fa48d456013d560bace094c81da08a35dc6a4f025a809a3ae3a42be6bbf67abbcbe41e0730aba06f905220f3baeb01e1192a7d37 headers-more-nginx-module-0.33.tar.gz
|
||||||
|
015a358d987476bb61302fbbe1cb105f5314edc1a8b7ee6310aae697f755c79fcb1834ff561fced054c8cd5624f5387fcc1de729731ccd70662f2eb72bcdc174 nginx-log-zmq-1.0.0.tar.gz
|
||||||
|
bea5ce8669f43f752a42f5988125ac1beb7c7904e780605f7706bbb03e9ab4f30a2bcbcddac5bc1c67cff4d92f798023ec320e8d9a2db47953f9f7b08b5ad882 nchan-1.2.8.tar.gz
|
||||||
|
d6ca250db8de93edbd7875afca35e73cecdaf82132d1a7ee933cf94c6b8afa8e629e9e647a9321f2bc1fbb92137ec0d32dcd89b82ac5fae31e342537fb7e0431 redis2-nginx-module-0.15.tar.gz
|
||||||
|
5590526f60c99630f99a49bfa9e3455baee6d58cd2a1419eab1367a838dafb87a50f5e2607aa8ac557b90dbf633dcf61069c997b3526cddc8f2fc45820a7bc3b set-misc-nginx-module-0.32.tar.gz
|
||||||
|
1730845ea2e52be8c2f6cfceb2894304c5a07959a96940bb1617ee0e7cf81d22283304f411d9a219ddb71e4d9a66012bba0f6f5574d101aeb3c406f26c5d6a4e nginx-http-shibboleth-2.0.1.tar.gz
|
||||||
|
5b0800ffb98ae69d3505d9046bc7f660defa14d21b74a4e425a4b07db917e39fd9a324851be8c424f5b4b4ef83997e09d9053eb8aa9e9f1889513dd742b5abba ngx_http_untar_module-1.0.tar.gz
|
||||||
|
c31c46344d49704389722325a041b9cd170fa290acefe92cfc572c07f711cd3039de78f28df48ca7dcb79b2e4bbe442580aaaf4d92883fd3a14bf41d66dd9d8c nginx-upload-progress-module-0.9.2.tar.gz
|
||||||
|
8adb7453c27748f4e685e3352e9b318b408da818754dc5b6244e908423941a8ba337561104f6e481f2553cbc0e334dcea73b57f8e810a9d6e974bb69ff8859e5 nginx-upstream-fair-0.1.3.tar.gz
|
||||||
|
54a0aae25a80f285e76344e6d0759e9a1b707be4bc0755abf4b7e48918c8e37092b7b259d052215d875be447d79717c0626797ea449677c492aa1e473cc448fd ngx_upstream_jdomain-1.1.5.tar.gz
|
||||||
|
389137124a3d046b99faabb977b5dbcf7c84541e039da27dfcca6b863d6d7f99e4b42916be1d7202bad017a88973c2f931985c2c58243f5134b7d9d199cdff0c nginx-vod-module-1.28.tar.gz
|
||||||
|
92e1e5aa570b68a19bb718817f864c4347f6dc89f90d828071ab3d06c784cc2786674d9d64fffef8c23749d0a653f2eb996b412ab10015eea1ed895d81268ce1 mod_zip-1.2.0.tar.gz
|
||||||
|
3f8c803221854c4b1a06aadc6313fbfec74bd7179c0ee51d4365b26ffa8875881a6e1e48f777a9c9efbb9170ab7478a82920d5448a2c2df485503d37bb03ab81 nginx-rtmp-module-1.2.2.tar.gz
|
||||||
|
"
|
17
nginx-current/default.conf
Normal file
17
nginx-current/default.conf
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# This is a default site configuration which will simply return 404, preventing
|
||||||
|
# chance access to any other virtualhost.
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
|
||||||
|
# Everything is a 404
|
||||||
|
location / {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
|
||||||
|
# You may need this to prevent return 404 recursion.
|
||||||
|
location = /404.html {
|
||||||
|
internal;
|
||||||
|
}
|
||||||
|
}
|
11
nginx-current/nginx-current.post-install
Normal file
11
nginx-current/nginx-current.post-install
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# This is needed for containers that don't start nginx using init script.
|
||||||
|
install -d -m 755 -o nginx -g nginx /run/nginx || true
|
||||||
|
|
||||||
|
# Install config with the default http server to the new location (since 1.18.0-r13).
|
||||||
|
if ! [ -e /etc/nginx/http.d/default.conf ]; then
|
||||||
|
install -m644 /usr/share/nginx/http-default_server.conf /etc/nginx/http.d/default.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
70
nginx-current/nginx-current.post-upgrade
Normal file
70
nginx-current/nginx-current.post-upgrade
Normal file
|
@ -0,0 +1,70 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
ver_new="$1"
|
||||||
|
ver_old="$2"
|
||||||
|
|
||||||
|
if [ "$(apk version -t "$ver_old" "1.10.1-r3")" = "<" ]; then
|
||||||
|
cat 1>&2 <<-EOF
|
||||||
|
*
|
||||||
|
* The nginx package has been modified to use dynamic modules. Now there's
|
||||||
|
* just single package providing nginx executable and bunch of nginx-mod-*
|
||||||
|
* subpackages.
|
||||||
|
*
|
||||||
|
* Lua support is now provided by package nginx-mod-http-lua, RTMP support
|
||||||
|
* is provided by nginx-mod-rtmp.
|
||||||
|
*
|
||||||
|
* Modules mail and stream are dynamic modules too and so not included
|
||||||
|
* by default anymore. If you use them, install nginx-mod-mail and
|
||||||
|
* nginx-mod-stream.
|
||||||
|
*
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Handle transition from /etc/nginx/conf.d to /etc/nginx/http.d.
|
||||||
|
if [ "$(apk version -t "$ver_old" '1.18.0-r13')" = '<' ]; then
|
||||||
|
default_conf='/usr/share/nginx/http-default_server.conf'
|
||||||
|
|
||||||
|
if [ -z "$(ls -A /etc/nginx/conf.d 2>/dev/null)" ]; then
|
||||||
|
# conf.d dir doesn't exist or is empty, so the user doesn't use it.
|
||||||
|
# Thus we can install default.conf to the new directory.
|
||||||
|
install -m644 "$default_conf" /etc/nginx/http.d/default.conf
|
||||||
|
|
||||||
|
else
|
||||||
|
if ! [ -e /etc/nginx/conf.d/default.conf ]; then
|
||||||
|
# conf.d dir exists and is not empty, but there's no default.conf
|
||||||
|
# file, so the user probably did not modify it and apk has removed
|
||||||
|
# it during this upgrade. Prior this version, the default.conf
|
||||||
|
# would be installed, so install it now for backward compatibility.
|
||||||
|
install -m644 "$default_conf" /etc/nginx/conf.d/default.conf
|
||||||
|
fi
|
||||||
|
if ! [ -e /etc/nginx/nginx.conf.apk-new ]; then
|
||||||
|
# There's no updated nginx.conf, so the user didn't modify this
|
||||||
|
# config and apk replaced it during this upgrade. However, the
|
||||||
|
# user has some vhost configs in the old directory, so we have
|
||||||
|
# to revert the include back to the legacy path.
|
||||||
|
sed -i 's|include /etc/nginx/http\.d|# WARNING: Do not use this directory for virtual hosts anymore, use directory http.d!\n\tinclude /etc/nginx/conf.d|' \
|
||||||
|
/etc/nginx/nginx.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat >&2 <<-EOF
|
||||||
|
*
|
||||||
|
* The default and preferred location for nginx vhost configs has been changed
|
||||||
|
* from /etc/nginx/conf.d to /etc/nginx/http.d. Although we did our best to not
|
||||||
|
* break existing setups by this upgrade, we strongly recommend to verify it.
|
||||||
|
*
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Handle trasition from /var/tmp/nginx to /var/lib/nginx/tmp
|
||||||
|
# https://gitlab.alpinelinux.org/alpine/aports/-/issues/11204
|
||||||
|
if [ -d /var/lib/nginx/tmp ]; then
|
||||||
|
for i in /var/tmp/nginx/*; do
|
||||||
|
if [ -e "$i" ]; then
|
||||||
|
mv $i /var/lib/nginx/tmp/
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
rmdir /var/tmp/nginx 2>/dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
8
nginx-current/nginx-current.pre-install
Normal file
8
nginx-current/nginx-current.pre-install
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
addgroup -Sg 82 www-data 2>/dev/null
|
||||||
|
addgroup -S nginx 2>/dev/null
|
||||||
|
adduser -S -D -H -h /var/lib/nginx -s /sbin/nologin -G nginx -g nginx nginx 2>/dev/null
|
||||||
|
addgroup nginx www-data 2>/dev/null
|
||||||
|
|
||||||
|
exit 0
|
9
nginx-current/nginx-current.pre-upgrade
Normal file
9
nginx-current/nginx-current.pre-upgrade
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# symlink to directory confuses apk. remove it before the upgrade
|
||||||
|
# https://gitlab.alpinelinux.org/alpine/aports/-/issues/11204
|
||||||
|
|
||||||
|
if [ "$(readlink /var/lib/nginx/tmp)" = "/var/tmp/nginx" ]; then
|
||||||
|
rm /var/lib/nginx/tmp
|
||||||
|
fi
|
||||||
|
|
107
nginx-current/nginx.conf
Normal file
107
nginx-current/nginx.conf
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
# /etc/nginx/nginx.conf
|
||||||
|
|
||||||
|
user nginx;
|
||||||
|
|
||||||
|
# Set number of worker processes automatically based on number of CPU cores.
|
||||||
|
worker_processes auto;
|
||||||
|
|
||||||
|
# Enables the use of JIT for regular expressions to speed-up their processing.
|
||||||
|
pcre_jit on;
|
||||||
|
|
||||||
|
# Configures default error logger.
|
||||||
|
error_log /var/log/nginx/error.log warn;
|
||||||
|
|
||||||
|
# Includes files with directives to load dynamic modules.
|
||||||
|
include /etc/nginx/modules/*.conf;
|
||||||
|
|
||||||
|
# Uncomment to include files with config snippets into the root context.
|
||||||
|
# NOTE: This will be enabled by default in Alpine 3.15.
|
||||||
|
#include /etc/nginx/conf.d/*.conf;
|
||||||
|
|
||||||
|
events {
|
||||||
|
# The maximum number of simultaneous connections that can be opened by
|
||||||
|
# a worker process.
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
# Includes mapping of file name extensions to MIME types of responses
|
||||||
|
# and defines the default type.
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
# Name servers used to resolve names of upstream servers into addresses.
|
||||||
|
# It's also needed when using tcpsocket and udpsocket in Lua modules.
|
||||||
|
#resolver 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001;
|
||||||
|
|
||||||
|
# Don't tell nginx version to the clients. Default is 'on'.
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
# Specifies the maximum accepted body size of a client request, as
|
||||||
|
# indicated by the request header Content-Length. If the stated content
|
||||||
|
# length is greater than this size, then the client receives the HTTP
|
||||||
|
# error code 413. Set to 0 to disable. Default is '1m'.
|
||||||
|
client_max_body_size 1m;
|
||||||
|
|
||||||
|
# Sendfile copies data between one FD and other from within the kernel,
|
||||||
|
# which is more efficient than read() + write(). Default is off.
|
||||||
|
sendfile on;
|
||||||
|
|
||||||
|
# Causes nginx to attempt to send its HTTP response head in one packet,
|
||||||
|
# instead of using partial frames. Default is 'off'.
|
||||||
|
tcp_nopush on;
|
||||||
|
|
||||||
|
|
||||||
|
# Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2.
|
||||||
|
# TIP: If you're not obligated to support ancient clients, remove TLSv1.1.
|
||||||
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
||||||
|
|
||||||
|
# Path of the file with Diffie-Hellman parameters for EDH ciphers.
|
||||||
|
# TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048`
|
||||||
|
#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
|
||||||
|
|
||||||
|
# Specifies that our cipher suits should be preferred over client ciphers.
|
||||||
|
# Default is 'off'.
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
|
# Enables a shared SSL cache with size that can hold around 8000 sessions.
|
||||||
|
# Default is 'none'.
|
||||||
|
ssl_session_cache shared:SSL:2m;
|
||||||
|
|
||||||
|
# Specifies a time during which a client may reuse the session parameters.
|
||||||
|
# Default is '5m'.
|
||||||
|
ssl_session_timeout 1h;
|
||||||
|
|
||||||
|
# Disable TLS session tickets (they are insecure). Default is 'on'.
|
||||||
|
ssl_session_tickets off;
|
||||||
|
|
||||||
|
|
||||||
|
# Enable gzipping of responses.
|
||||||
|
#gzip on;
|
||||||
|
|
||||||
|
# Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
|
||||||
|
gzip_vary on;
|
||||||
|
|
||||||
|
|
||||||
|
# Helper variable for proxying websockets.
|
||||||
|
map $http_upgrade $connection_upgrade {
|
||||||
|
default upgrade;
|
||||||
|
'' close;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Specifies the main log format.
|
||||||
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||||
|
|
||||||
|
# Sets the path, format, and configuration for a buffered log write.
|
||||||
|
access_log /var/log/nginx/access.log main;
|
||||||
|
|
||||||
|
|
||||||
|
# Includes virtual hosts configs.
|
||||||
|
include /etc/nginx/http.d/*.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
# TIP: Uncomment if you use stream module.
|
||||||
|
#include /etc/nginx/stream.conf;
|
6
nginx-current/nginx.confd
Normal file
6
nginx-current/nginx.confd
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
# Configuration for /etc/init.d/nginx
|
||||||
|
|
||||||
|
# The nginx binary to run. If you want to use debugging log, install package
|
||||||
|
# "nginx-debug" and set this variable to "/usr/sbin/nginx-debug".
|
||||||
|
# See http://nginx.org/en/docs/debugging_log.html for more information.
|
||||||
|
#command="/usr/sbin/nginx"
|
71
nginx-current/nginx.initd
Normal file
71
nginx-current/nginx.initd
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
|
||||||
|
description="Nginx http and reverse proxy server"
|
||||||
|
extra_commands="checkconfig"
|
||||||
|
extra_started_commands="reload reopen upgrade"
|
||||||
|
|
||||||
|
cfgfile=${cfgfile:-/etc/nginx/nginx.conf}
|
||||||
|
pidfile=/run/nginx/nginx.pid
|
||||||
|
command=${command:-/usr/sbin/nginx}
|
||||||
|
command_args="-c $cfgfile"
|
||||||
|
required_files="$cfgfile"
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
need net
|
||||||
|
use dns logger netmount
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath --directory --owner nginx:nginx ${pidfile%/*}
|
||||||
|
$command $command_args -t -q
|
||||||
|
}
|
||||||
|
|
||||||
|
checkconfig() {
|
||||||
|
ebegin "Checking $RC_SVCNAME configuration"
|
||||||
|
start_pre
|
||||||
|
eend $?
|
||||||
|
}
|
||||||
|
|
||||||
|
reload() {
|
||||||
|
ebegin "Reloading $RC_SVCNAME configuration"
|
||||||
|
start_pre && start-stop-daemon --signal HUP --pidfile $pidfile
|
||||||
|
eend $?
|
||||||
|
}
|
||||||
|
|
||||||
|
reopen() {
|
||||||
|
ebegin "Reopening $RC_SVCNAME log files"
|
||||||
|
start-stop-daemon --signal USR1 --pidfile $pidfile
|
||||||
|
eend $?
|
||||||
|
}
|
||||||
|
|
||||||
|
upgrade() {
|
||||||
|
start_pre || return 1
|
||||||
|
|
||||||
|
ebegin "Upgrading $RC_SVCNAME binary"
|
||||||
|
|
||||||
|
einfo "Sending USR2 to old binary"
|
||||||
|
start-stop-daemon --signal USR2 --pidfile $pidfile
|
||||||
|
|
||||||
|
einfo "Sleeping 3 seconds before pid-files checking"
|
||||||
|
sleep 3
|
||||||
|
|
||||||
|
if [ ! -f $pidfile.oldbin ]; then
|
||||||
|
eerror "File with old pid ($pidfile.oldbin) not found"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -f $pidfile ]; then
|
||||||
|
eerror "New binary failed to start"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
einfo "Sleeping 3 seconds before WINCH"
|
||||||
|
sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin
|
||||||
|
|
||||||
|
einfo "Sending QUIT to old binary"
|
||||||
|
start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin
|
||||||
|
|
||||||
|
einfo "Upgrade completed"
|
||||||
|
|
||||||
|
eend $? "Upgrade failed"
|
||||||
|
}
|
8
nginx-current/nginx.logrotate
Normal file
8
nginx-current/nginx.logrotate
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
/var/log/nginx/*.log {
|
||||||
|
missingok
|
||||||
|
sharedscripts
|
||||||
|
postrotate
|
||||||
|
/etc/init.d/nginx --quiet --ifstarted reopen
|
||||||
|
endscript
|
||||||
|
}
|
||||||
|
|
14
nginx-current/stream.conf
Normal file
14
nginx-current/stream.conf
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
# /etc/nginx/stream.conf
|
||||||
|
|
||||||
|
stream {
|
||||||
|
# Specifies the main log format.
|
||||||
|
log_format main '$remote_addr [$time_local] '
|
||||||
|
'$protocol $status $bytes_sent $bytes_received '
|
||||||
|
'$session_time "$upstream_addr" '
|
||||||
|
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/stream.log main;
|
||||||
|
|
||||||
|
# Includes servers configs.
|
||||||
|
include stream.d/*.conf;
|
||||||
|
}
|
Loading…
Reference in a new issue