commit 8efad4949e317ed876d3e795cb7a50616c35d134 Author: modeco80 Date: Mon Feb 19 21:13:12 2024 -0500 init of modernized setup diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..a281178 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,15 @@ +[submodule "sources/nginx"] + path = sources/nginx + url = https://github.com/nginx/nginx +[submodule "sources/cf-zlib"] + path = sources/cf-zlib + url = https://github.com/cloudflare/zlib +[submodule "sources/modules/nginx-dav-ext-module"] + path = sources/modules/nginx-dav-ext-module + url = https://github.com/arut/nginx-dav-ext-module +[submodule "sources/modules/nginx-module-vts"] + path = sources/modules/nginx-module-vts + url = https://github.com/vozlt/nginx-module-vts +[submodule "sources/modules/ngx-fancyindex"] + path = sources/modules/ngx-fancyindex + url = https://github.com/aperezdc/ngx-fancyindex diff --git a/README.md b/README.md new file mode 100644 index 0000000..991b447 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# `nginx-cn` + +Our build of NGINX we use. diff --git a/build b/build new file mode 100755 index 0000000..8f09967 --- /dev/null +++ b/build @@ -0,0 +1,96 @@ +#!/bin/bash + +PREFIX="/opt/nginx" + +TOP="$(pwd)" + +pushd sources/nginx/ +echo "cleaning nginx sources" +git clean -dxf +popd + +BASE_CONFIGURE_FLAGS=( + # Build everything with Clang + ThinLTO + --with-cc="clang" + --with-cc-opt="-pipe -march=native -mtune=native -flto=thin" + --with-ld-opt="-march=native -mtune=native -flto=thin" + + # Use CloudFlare zlib + --with-zlib="$TOP/sources/cf-zlib" + --with-zlib-opt="-O3 -march=native -mtune=native -pipe -flto=thin" + + --with-compat + --with-debug + --with-file-aio + --with-http_addition_module + --with-http_auth_request_module + --with-http_dav_module + --with-http_degradation_module + --with-http_flv_module + --with-http_geoip_module + --with-http_gunzip_module + --with-http_gzip_static_module + --with-http_mp4_module + --with-http_random_index_module + --with-http_realip_module + --with-http_secure_link_module + --with-http_slice_module + --with-http_ssl_module + --with-http_stub_status_module + --with-http_sub_module + --with-http_v2_module +# we don't need this functionality, so +# we strip it from our builds +# +# --with-mail +# --with-mail_ssl_module + + --with-pcre-jit + --with-stream + --with-stream_geoip_module + --with-stream_realip_module + --with-stream_ssl_module + --with-stream_ssl_preread_module + --with-threads + + # Add modules into the build we use + --add-module=$TOP/sources/modules/nginx-module-vts + --add-module=$TOP/sources/modules/ngx-fancyindex +# --add-module=$TOP/sources/modules/nginx-rtmp-module +# --add-module=$TOP/modules/nginx-dav-ext-module +) + +# Do a dummy config of cloudflare zlib so nginx build can actually distclean and do what it wants.. +pushd $TOP/sources/cf-zlib +CFLAGS="-O3 -march=native -mtune=native -pipe -flto=thin -pipe" CC="clang" \ + ./configure +popd + +pushd $TOP/sources/nginx + +./auto/configure \ + --prefix=$PREFIX/etc/nginx \ + --conf-path=$PREFIX/etc/nginx/nginx.conf \ + --sbin-path=$PREFIX/usr/bin/nginx \ + --pid-path=/run/nginx.pid \ + --lock-path=/run/lock/nginx.lock \ + --user=http \ + --group=http \ + --http-log-path=/var/log/nginx/access.log \ + --error-log-path=stderr \ + --http-client-body-temp-path=/var/lib/nginx/client-body \ + --http-proxy-temp-path=/var/lib/nginx/proxy \ + --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ + --http-scgi-temp-path=/var/lib/nginx/scgi \ + --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ + "${BASE_CONFIGURE_FLAGS[@]}" + +make -j $(($(nproc)+1)) +#sudo systemctl stop nginx-cn + # strip binary of unneeded fluff (saving the original) +# cp objs/nginx objs/nginx.unstripped +# strip objs/nginx +# sudo cp objs/nginx /opt/nginx/usr/bin +#sudo systemctl start nginx-cn +#sudo make install +popd diff --git a/sources/cf-zlib b/sources/cf-zlib new file mode 160000 index 0000000..7aa5103 --- /dev/null +++ b/sources/cf-zlib @@ -0,0 +1 @@ +Subproject commit 7aa510344e06fecd6fe09195ac22e9a424ceb660 diff --git a/sources/modules/nginx-dav-ext-module b/sources/modules/nginx-dav-ext-module new file mode 160000 index 0000000..f5e3088 --- /dev/null +++ b/sources/modules/nginx-dav-ext-module @@ -0,0 +1 @@ +Subproject commit f5e30888a256136d9c550bf1ada77d6ea78a48af diff --git a/sources/modules/nginx-module-vts b/sources/modules/nginx-module-vts new file mode 160000 index 0000000..724b34d --- /dev/null +++ b/sources/modules/nginx-module-vts @@ -0,0 +1 @@ +Subproject commit 724b34d7f1eff083860e3ac613a2c1d66a238dfd diff --git a/sources/modules/ngx-fancyindex b/sources/modules/ngx-fancyindex new file mode 160000 index 0000000..cbc0d3f --- /dev/null +++ b/sources/modules/ngx-fancyindex @@ -0,0 +1 @@ +Subproject commit cbc0d3fca4f06414612de441399393d4b3bbb315 diff --git a/sources/nginx b/sources/nginx new file mode 160000 index 0000000..ef96f58 --- /dev/null +++ b/sources/nginx @@ -0,0 +1 @@ +Subproject commit ef96f5835468ff8d40df29b0ddbc04ec1e5e1582 diff --git a/sources/nginx-cn.service b/sources/nginx-cn.service new file mode 100644 index 0000000..a0b8b08 --- /dev/null +++ b/sources/nginx-cn.service @@ -0,0 +1,21 @@ +[Unit] +Description=A high performance web server and a reverse proxy server +After=network-online.target remote-fs.target nss-lookup.target +Wants=network-online.target + +[Service] +Type=forking +PIDFile=/run/nginx.pid +PrivateDevices=yes +PrivateTmp=true +SyslogLevel=err + +ExecStart=/opt/nginx/usr/bin/nginx +ExecReload=/opt/nginx/usr/bin/nginx -s reload +Restart=on-failure +KillMode=mixed +KillSignal=SIGQUIT +TimeoutStopSec=5 + +[Install] +WantedBy=multi-user.target