Optimized nginx compilation flags for modern CPUs, faster math, and LTO. This should be much faster than vanilla nginx builds. Still testing.

compile-nginx.sh

# Install dependencies
# 
# * checkinstall: package the .deb
# * libpcre3, libpcre3-dev: required for HTTP rewrite module
# * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module
apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \

mkdir -p ~/sources/ && \

# Compile against OpenSSL to enable NPN. I updated this block to get the latest 1.0.2h release. It's critical that OpenSSL be up to date.
cd ~/sources && \
wget https://www.openssl.org/source/openssl-1.0.2h.tar.gz && \
tar -xzvf openssl-1.0.2h.tar.gz && \

# Download the Cache Purge module
cd ~/sources/ && \
git clone https://github.com/FRiCKLE/ngx_cache_purge.git && \
cd ~/sources && \

# Download PageSpeed – Ignore this section for now. Pagespeed might not be worth the hassle. Still testing.
# cd ~/sources && \
# wget https://github.com/pagespeed/ngx_pagespeed/archive/v1.11.33.2-beta.tar.gz && \
# tar -xzvf v1.11.33.2-beta.tar.gz && \
# cd ngx_pagespeed-1.7.30.4-beta && \
# wget https://dl.google.com/dl/page-speed/psol/1.7.30.4.tar.gz && \
# tar -xzvf 1.7.30.4.tar.gz && \

# Get the Nginx source. Updated this block to get latest 1.11.3 release.

cd ~/sources/ && \
wget http://nginx.org/download/nginx-1.11.3.tar.gz && \
tar zxf nginx-1.11.3.tar.gz && \
cd nginx-1.11.3 && \

# Configure nginx.
#
# This is based on the default package in Debian. Additional flags have
# been added:
#
# * --with-debug: adds helpful logs for debugging
# * --with-openssl=$HOME/sources/openssl-1.0.1e: compile against newer version
#   of openssl
# * --with-http_spdy_module: include the SPDY module
./configure --prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=www-data \
--group=www-data \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-mail \
--with-mail_ssl_module \
--with-file-aio \
--with-cc-opt='-g -O2 -march=westmere -flto -funsafe-math-optimizations -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2' \
--with-ld-opt='-Wl,-z,relro -Wl,--as-needed' \
--with-ipv6 \
--with-debug \
--with-openssl=$HOME/sources/openssl-1.0.2h \
# --add-module=$HOME/sources/ngx_pagespeed-1.7.30.4-beta \
--add-module=$HOME/sources/ngx_cache_purge && \

# Make the package.
make && \

# Create a .deb package.
#
# Instead of running `make install`, create a .deb and install from there. This
# allows you to easily uninstall the package if there are issues.
checkinstall --install=no -y && \

# Install the package.
dpkg -i nginx_1.11.3-1_amd64.deb