Created
April 8, 2023 05:57
-
-
Save dptole/294110b182f935c885d3e75d2e0b4f62 to your computer and use it in GitHub Desktop.
[Centos] Install nginx from source + brotli + geoip2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| yum -y update | |
| yum -y install libmaxminddb-devel geoip-devel | |
| mkdir -p /app/nginx | |
| cd /app/nginx | |
| wget https://nginx.org/download/nginx-1.22.1.tar.gz | |
| tar xzf nginx-1.22.1.tar.gz | |
| cd nginx-1.22.1 | |
| sed -r -i 's/(static u_char ngx_http_server_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c | |
| sed -r -i 's/(static u_char ngx_http_server_full_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c | |
| sed -r -i 's/(static u_char ngx_http_server_build_string\[\]).*/\1 = "";/' src/http/ngx_http_header_filter_module.c | |
| sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/' src/http/ngx_http_header_filter_module.c | |
| sed -r -i 's/(static const u_char nginx)\[5\].*/\1[1]="\\x80";/' src/http/v2/ngx_http_v2_filter_module.c | |
| sed -r -i 's/if \(r->headers_out.server == NULL\) \{/if (0) {/' src/http/v2/ngx_http_v2_filter_module.c | |
| sed -r -i 's/"<hr><center>nginx<\/center>"//' src/http/ngx_http_special_response.c | |
| sed -r -i 's/nginx//' html/index.html | |
| rm /var/mail/nginx | |
| rm -rf /home/nginx | |
| userdel nginx | |
| useradd nginx -M -l -s /sbin/nologin -U | |
| mkdir -p /app/nginx/etc/conf.d/shared | |
| mkdir -p /app/nginx/var/log | |
| mkdir -p /app/nginx/var/run | |
| mkdir -p /app/nginx/var/cache/client_temp | |
| mkdir -p /app/nginx/var/cache/proxy_temp | |
| mkdir -p /app/nginx/var/cache/fastcgi_temp | |
| mkdir -p /app/nginx/var/cache/uwsgi_temp | |
| mkdir -p /app/nginx/var/cache/scgi_temp | |
| mkdir -p /app/nginx/usr/lib/modules | |
| mkdir -p /app/nginx/usr/lib/git-modules/ngx_brotli | |
| mkdir -p /app/nginx/usr/lib/git-modules/ngx_geoip2 | |
| mkdir -p /app/nginx/usr/sbin | |
| git clone --recursive https://github.com/google/ngx_brotli.git /app/nginx/usr/lib/git-modules/ngx_brotli | |
| cd /app/nginx/usr/lib/git-modules/ngx_brotli | |
| git reset --hard e505dce68acc190cc5a1e780a3b0275e39f160ca | |
| git clone --recursive https://github.com/leev/ngx_http_geoip2_module.git /app/nginx/usr/lib/git-modules/ngx_geoip2 | |
| cd /app/nginx/usr/lib/git-modules/ngx_geoip2 | |
| git reset --hard 1cabd8a1f68ea3998f94e9f3504431970f848fbf | |
| chown -R nginx.nginx /app | |
| cd /app/nginx/nginx-1.22.1 | |
| CONFIG="--prefix=/app/nginx \ | |
| --conf-path=/app/nginx/etc/nginx.conf \ | |
| --pid-path=/app/nginx/var/run/nginx.pid \ | |
| --lock-path=/app/nginx/var/run/nginx.lock \ | |
| --http-client-body-temp-path=/app/nginx/var/cache/client_temp \ | |
| --http-proxy-temp-path=/app/nginx/var/cache/proxy_temp \ | |
| --http-fastcgi-temp-path=/app/nginx/var/cache/fastcgi_temp \ | |
| --http-uwsgi-temp-path=/app/nginx/var/cache/uwsgi_temp \ | |
| --http-scgi-temp-path=/app/nginx/var/cache/scgi_temp \ | |
| --modules-path=/app/nginx/usr/lib/modules \ | |
| --add-module=/app/nginx/usr/lib/git-modules/ngx_brotli \ | |
| --add-module=/app/nginx/usr/lib/git-modules/ngx_geoip2 \ | |
| --sbin-path=/app/nginx/usr/sbin/nginx \ | |
| --user=nginx \ | |
| --group=nginx \ | |
| --with-http_ssl_module \ | |
| --with-http_realip_module \ | |
| --with-http_addition_module \ | |
| --with-http_sub_module \ | |
| --with-http_dav_module \ | |
| --with-http_flv_module \ | |
| --with-http_mp4_module \ | |
| --with-http_gunzip_module \ | |
| --with-http_gzip_static_module \ | |
| --with-http_random_index_module \ | |
| --with-http_secure_link_module \ | |
| --with-http_stub_status_module \ | |
| --with-http_auth_request_module \ | |
| --with-http_xslt_module=dynamic \ | |
| --with-http_image_filter_module=dynamic \ | |
| --with-http_geoip_module=dynamic \ | |
| --with-http_perl_module=dynamic \ | |
| --with-threads \ | |
| --with-stream_geoip_module=dynamic \ | |
| --with-stream \ | |
| --with-stream_ssl_module \ | |
| --with-stream_ssl_preread_module \ | |
| --with-stream_realip_module \ | |
| --with-http_slice_module \ | |
| --with-mail \ | |
| --with-mail_ssl_module \ | |
| --with-compat \ | |
| --with-file-aio \ | |
| --with-http_v2_module" | |
| ./configure $CONFIG && make -j4 && make install | |
| chown -R nginx.nginx /app | |
| rm /usr/local/bin/nginx | |
| ln -s /app/nginx/usr/sbin/nginx /usr/local/bin/nginx | |
| cat <<'EOF' -> /lib/systemd/system/nginx.service | |
| [Unit] | |
| Description=Nginx | |
| After=network.target remote-fs.target nss-lookup.target | |
| [Service] | |
| Type=forking | |
| ExecStart=/app/nginx/usr/sbin/nginx -c /app/nginx/etc/nginx.conf | |
| ExecStop=/app/nginx/usr/sbin/nginx -s stop | |
| ExecReload=/app/nginx/usr/sbin/nginx -t && /app/nginx/usr/sbin/nginx -s reload | |
| PrivateTmp=true | |
| Restart=on-failure | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF | |
| systemctl daemon-reload | |
| systemctl enable nginx.service | |
| nginx -t && service nginx restart && chown -R nginx.nginx /app | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment