init of modernized setup

2024-02-19 21:13:12 -05:00 · 2024-02-19 21:13:12 -05:00 · 8efad4949e
commit 8efad4949e
9 changed files with 140 additions and 0 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -0,0 +1,15 @@
+[submodule "sources/nginx"]
+	path = sources/nginx
+	url = https://github.com/nginx/nginx
+[submodule "sources/cf-zlib"]
+	path = sources/cf-zlib
+	url = https://github.com/cloudflare/zlib
+[submodule "sources/modules/nginx-dav-ext-module"]
+	path = sources/modules/nginx-dav-ext-module
+	url = https://github.com/arut/nginx-dav-ext-module
+[submodule "sources/modules/nginx-module-vts"]
+	path = sources/modules/nginx-module-vts
+	url = https://github.com/vozlt/nginx-module-vts
+[submodule "sources/modules/ngx-fancyindex"]
+	path = sources/modules/ngx-fancyindex
+	url = https://github.com/aperezdc/ngx-fancyindex
--- a/README.md
+++ b/README.md
@ -0,0 +1,3 @@
+# `nginx-cn`
+
+Our build of NGINX we use.
--- a/96
+++ b/96
@ -0,0 +1,96 @@
+#!/bin/bash
+
+PREFIX="/opt/nginx"
+
+TOP="$(pwd)"
+
+pushd sources/nginx/
+echo "cleaning nginx sources"
+git clean -dxf
+popd
+
+BASE_CONFIGURE_FLAGS=(
+  # Build everything with Clang + ThinLTO
+  --with-cc="clang"
+  --with-cc-opt="-pipe -march=native -mtune=native -flto=thin"
+  --with-ld-opt="-march=native -mtune=native -flto=thin"
+
+  # Use CloudFlare zlib
+  --with-zlib="$TOP/sources/cf-zlib"
+  --with-zlib-opt="-O3 -march=native -mtune=native -pipe -flto=thin"
+
+  --with-compat
+  --with-debug
+  --with-file-aio
+  --with-http_addition_module
+  --with-http_auth_request_module
+  --with-http_dav_module
+  --with-http_degradation_module
+  --with-http_flv_module
+  --with-http_geoip_module
+  --with-http_gunzip_module
+  --with-http_gzip_static_module
+  --with-http_mp4_module
+  --with-http_random_index_module
+  --with-http_realip_module
+  --with-http_secure_link_module
+  --with-http_slice_module
+  --with-http_ssl_module
+  --with-http_stub_status_module
+  --with-http_sub_module
+  --with-http_v2_module
+# we don't need this functionality, so
+# we strip it from our builds
+#
+#  --with-mail
+#  --with-mail_ssl_module
+
+  --with-pcre-jit
+  --with-stream
+  --with-stream_geoip_module
+  --with-stream_realip_module
+  --with-stream_ssl_module
+  --with-stream_ssl_preread_module
+  --with-threads
+
+  # Add modules into the build we use
+  --add-module=$TOP/sources/modules/nginx-module-vts
+  --add-module=$TOP/sources/modules/ngx-fancyindex
+#  --add-module=$TOP/sources/modules/nginx-rtmp-module
+#  --add-module=$TOP/modules/nginx-dav-ext-module
+)
+
+# Do a dummy config of cloudflare zlib so nginx build can actually distclean and do what it wants..
+pushd $TOP/sources/cf-zlib
+CFLAGS="-O3 -march=native -mtune=native -pipe -flto=thin -pipe" CC="clang" \
+        ./configure 
+popd
+
+pushd $TOP/sources/nginx
+
+./auto/configure \
+    --prefix=$PREFIX/etc/nginx \
+    --conf-path=$PREFIX/etc/nginx/nginx.conf \
+    --sbin-path=$PREFIX/usr/bin/nginx \
+    --pid-path=/run/nginx.pid \
+    --lock-path=/run/lock/nginx.lock \
+    --user=http \
+    --group=http \
+    --http-log-path=/var/log/nginx/access.log \
+    --error-log-path=stderr \
+    --http-client-body-temp-path=/var/lib/nginx/client-body \
+    --http-proxy-temp-path=/var/lib/nginx/proxy \
+    --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
+    --http-scgi-temp-path=/var/lib/nginx/scgi \
+    --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
+        "${BASE_CONFIGURE_FLAGS[@]}" 
+
+make -j $(($(nproc)+1))
+#sudo systemctl stop nginx-cn
+	# strip binary of unneeded fluff (saving the original)
+#	cp objs/nginx objs/nginx.unstripped
+#	strip objs/nginx
+#	sudo cp objs/nginx /opt/nginx/usr/bin
+#sudo systemctl start nginx-cn
+#sudo make install
+popd
--- a/sources/cf-zlib
+++ b/sources/cf-zlib
@ -0,0 +1 @@
+Subproject commit 7aa510344e06fecd6fe09195ac22e9a424ceb660
--- a/sources/modules/nginx-dav-ext-module
+++ b/sources/modules/nginx-dav-ext-module
@ -0,0 +1 @@
+Subproject commit f5e30888a256136d9c550bf1ada77d6ea78a48af
--- a/sources/modules/nginx-module-vts
+++ b/sources/modules/nginx-module-vts
@ -0,0 +1 @@
+Subproject commit 724b34d7f1eff083860e3ac613a2c1d66a238dfd
--- a/sources/modules/ngx-fancyindex
+++ b/sources/modules/ngx-fancyindex
@ -0,0 +1 @@
+Subproject commit cbc0d3fca4f06414612de441399393d4b3bbb315
--- a/sources/nginx
+++ b/sources/nginx
@ -0,0 +1 @@
+Subproject commit ef96f5835468ff8d40df29b0ddbc04ec1e5e1582
--- a/sources/nginx-cn.service
+++ b/sources/nginx-cn.service
@ -0,0 +1,21 @@
+[Unit]
+Description=A high performance web server and a reverse proxy server
+After=network-online.target remote-fs.target nss-lookup.target
+Wants=network-online.target
+
+[Service]
+Type=forking
+PIDFile=/run/nginx.pid
+PrivateDevices=yes
+PrivateTmp=true
+SyslogLevel=err
+
+ExecStart=/opt/nginx/usr/bin/nginx
+ExecReload=/opt/nginx/usr/bin/nginx -s reload
+Restart=on-failure
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5
+
+[Install]
+WantedBy=multi-user.target
				`@ -0,0 +1 @@`
				`Subproject commit 7aa510344e06fecd6fe09195ac22e9a424ceb660`
				`@ -0,0 +1 @@`
				`Subproject commit f5e30888a256136d9c550bf1ada77d6ea78a48af`
				`@ -0,0 +1 @@`
				`Subproject commit 724b34d7f1eff083860e3ac613a2c1d66a238dfd`
				`@ -0,0 +1 @@`
				`Subproject commit cbc0d3fca4f06414612de441399393d4b3bbb315`
				`@ -0,0 +1 @@`
				`Subproject commit ef96f5835468ff8d40df29b0ddbc04ec1e5e1582`