Vendredi 23 novembre 2018

Compilation nginx arm/686 Debian Jessie

Compilation de la version nginx mainline et des modules complémentaires lua ,etc…
Vérifier la version nginx “mainline”
Si différente de nginx-1.11.3 , il faut modifier les lignes du fichier bash nginx-compil en conséquence

Les modules ajoutés à la compilation

  • [Headers More : Set and clear input and output headers… more than “add”!](https://github.com/openresty/headers-more-nginx-module openresty/headers-more-nginx-module)
  • [PAM Authentication : HTTP Basic Authentication using PAM](https://github.com/stogh/ngx_http_auth_pam_module stogh/ngx_http_auth_pam_module)
  • [Cache Purge : Adds ability to purge content from FastCGI, proxy, and uWSGI caches ](https://github.com/FRiCKLE/ngx_cache_purge FRiCKLE/ngx_cache_purge)
  • [Development Kit : An extension to the core functionality of NGINX ](https://github.com/simpl/ngx_devel_kit simpl/ngx_devel_kit)
  • [HTTP Echo : Provides familiar shell-style commands to NGINX HTTP servers](https://github.com/openresty/echo-nginx-module openresty/echo-nginx-module)
  • [Fancy Index : Like the built-in autoindex module, but fancier](https://github.com/aperezdc/ngx-fancyindex aperezdc/ngx-fancyindex)
  • [HTTP Push Stream : Turns NGINX into an adept stream HTTP Push server](https://github.com/wandenberg/nginx-push-stream-module wandenberg/nginx-push-stream-module)
  • [HTTP Lua : Embed the power of Lua into NGINX HTTP servers.](https://github.com/openresty/lua-nginx-module.git openresty/lua-nginx-module)
  • [NGINX Upload Progress Module : Tracks and reports upload progress](https://github.com/masterzen/nginx-upload-progress-module masterzen/nginx-upload-progress-module)
  • [Upstream Fair Balancer : Distributes incoming requests to least-busy servers](https://github.com/gnosek/nginx-upstream-fair gnosek/nginx-upstream-fair)
  • [Substitutions : Performs regular expression and string substitutions on response bodies](https://github.com/yaoweibin/ngx_http_substitutions_filter_module yaoweibin/ngx_http_substitutions_filter_module)
  • [Encrypted Session : Encrypt NGINX variables for light-weight session-based authentication](https://github.com/openresty/encrypted-session-nginx-module.git openresty/encrypted-session-nginx-module)
  • [HTTP Set Misc : Various set_xxx directives added to NGINX’s rewrite module](https://github.com/openresty/set-misc-nginx-module openresty/set-misc-nginx-module)

Passage en mode super utilisateur
sudo -s
REMARQUE : Dans le cas Raspberry PI et raspbian lite Jessie apt install apt-transport-https

Bash de compilation

Fichier bash pouvant être exécuté , création :

  touch nginx-compil
  chmod +x nginx-compil
  nano nginx-compil

Copier le contenu ci-dessous :

#!/bin/bash
#A20-olinuxini-micro Debian 8 jessie ,compilation Nginx+Lua   
#répertoire de compilation
mkdir /usr/src/nginx-custom && cd /usr/src/nginx-custom
#logiciels pour compilation
apt -yy install dpkg-dev build-essential zlib1g-dev libpcre3 libpcre3-dev unzip curl libcurl4-openssl-dev libossp-uuid-dev libssl-dev libxslt-dev libgd-dev libgeoip-dev libperl-dev git libpam0g-dev
# installation luajit ,dépendances Lua5.1 et lua-cjson
apt -yy install luajit lua5.1 liblua5.1-0 liblua5.1-0-dev lua-cjson
#
cd /usr/src/nginx-custom
wget http://nginx.org/download/nginx-1.11.3.tar.gz?_ga=1.52322729.1622108673.1451984988 -O nginx-1.11.3.tar.gz
tar xvf nginx-1.11.3.tar.gz
mv nginx-1.11.3 nginx-mainline
rm nginx-1.11.3.tar.gz
#Création dossier modules 
mkdir /usr/src/nginx-custom/nginx-mainline/modules
#Modules externes : https://www.nginx.com/resources/wiki/modules/
cd /usr/src/nginx-custom/nginx-mainline/modules/
#Clonage des modules externes avant compilation
# headers-more-nginx-module
git clone https://github.com/openresty/headers-more-nginx-module
# ngx_http_auth_pam_module
git clone https://github.com/stogh/ngx_http_auth_pam_module
#ngx_cache_purge
git clone https://github.com/FRiCKLE/ngx_cache_purge
#ngx_devel_kit
git clone https://github.com/simpl/ngx_devel_kit
#echo-nginx-module
git clone https://github.com/openresty/echo-nginx-module
#ngx-fancyindex
git clone https://github.com/aperezdc/ngx-fancyindex
# modification fancyindex pour avoir la ligne complète
#nginx-push-stream-module
git clone https://github.com/wandenberg/nginx-push-stream-module
#lua-nginx-module
git clone https://github.com/openresty/lua-nginx-module.git
#nginx-upload-progress-module
git clone https://github.com/masterzen/nginx-upload-progress-module
#nginx-upstream-fair
git clone https://github.com/gnosek/nginx-upstream-fair
#ngx_http_substitutions_filter_module
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module
#Chiffrement déchiffrement pour les variables nginx
git clone https://github.com/openresty/encrypted-session-nginx-module.git
#Capacité d'échappement,“déséchappement”,encodage et décodage hexa,MD5,SHA1,Bsae32,Base64 ,etc… 
git clone https://github.com/openresty/set-misc-nginx-module
#
cd /usr/src/nginx-custom/nginx-mainline
#Configuration , compilation et installation nginx
./configure \
 --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' \
 --with-ld-opt=-Wl,-z,relro \
 --prefix=/usr/share/nginx \
 --conf-path=/etc/nginx/nginx.conf \
 --http-log-path=/var/log/nginx/access.log \
 --error-log-path=/var/log/nginx/error.log \
 --lock-path=/var/lock/nginx.lock \
 --pid-path=/run/nginx.pid \
 --http-client-body-temp-path=/var/lib/nginx/body \
 --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
 --http-proxy-temp-path=/var/lib/nginx/proxy \
 --http-scgi-temp-path=/var/lib/nginx/scgi \
 --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
 --with-debug \
 --with-pcre-jit \
 --with-ipv6 \
 --with-http_ssl_module \
 --with-http_stub_status_module \
 --with-http_realip_module \
 --with-http_auth_request_module \
 --with-http_addition_module \
 --with-http_dav_module \
 --with-http_flv_module \
 --with-http_geoip_module \
 --with-http_gzip_static_module \
 --with-http_image_filter_module \
 --with-http_mp4_module \
 --with-http_perl_module \
 --with-http_random_index_module \
 --with-http_secure_link_module \
 --with-http_sub_module \
 --with-http_xslt_module \
 --with-mail \
 --with-mail_ssl_module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/headers-more-nginx-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/ngx_http_auth_pam_module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/ngx_cache_purge \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/ngx_devel_kit \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/echo-nginx-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/ngx-fancyindex \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/nginx-push-stream-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/lua-nginx-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/nginx-upload-progress-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/nginx-upstream-fair \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/ngx_http_substitutions_filter_module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/encrypted-session-nginx-module \
 --add-module=/usr/src/nginx-custom/nginx-mainline/modules/set-misc-nginx-module
#
#compilation
make
#installation
make install
#Copier le binaire pour le PATH
cp /usr/share/nginx/sbin/nginx /usr/sbin/
#Effacement compilation
make clean
#Dossier temporaire
mkdir /var/lib/nginx
#Dossier config
mkdir /etc/nginx/conf.d/
#dossier vhost
mkdir /var/www

Exécution
./nginx-compil
Vérification
nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Créer le script d’initialisation (service)

fichier /etc/init.d/nginx

  touch /etc/init.d/nginx
  chmod u+x /etc/init.d/nginx

Le fichier d’intialisation
nano /etc/init.d/nginx

#!/bin/sh

### BEGIN INIT INFO
# Provides:	  nginx
# Required-Start:    $local_fs $remote_fs $network $syslog $named
# Required-Stop:     $local_fs $remote_fs $network $syslog $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts the nginx web server
# Description:       starts nginx using start-stop-daemon
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/nginx
NAME=nginx
DESC=nginx

# Include nginx defaults if available
if [ -r /etc/default/nginx ]; then
	. /etc/default/nginx
fi

STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"

test -x $DAEMON || exit 0

. /lib/init/vars.sh
. /lib/lsb/init-functions

# Try to extract nginx pidfile
PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
if [ -z "$PID" ]
then
	PID=/run/nginx.pid
fi

# Check if the ULIMIT is set in /etc/default/nginx
if [ -n "$ULIMIT" ]; then
	# Set the ulimits
	ulimit $ULIMIT
fi

#
# Function that starts the daemon/service
#
do_start()
{
	# Return
	#   0 if daemon has been started
	#   1 if daemon was already running
	#   2 if daemon could not be started
	start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
		|| return 1
	start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
		$DAEMON_OPTS 2>/dev/null \
		|| return 2
}

test_nginx_config() {
	$DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
}

#
# Function that stops the daemon/service
#
do_stop()
{
	# Return
	#   0 if daemon has been stopped
	#   1 if daemon was already stopped
	#   2 if daemon could not be stopped
	#   other if a failure occurred
	start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
	RETVAL="$?"

	sleep 1
	return "$RETVAL"
}

#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
	start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
	return 0
}

#
# Rotate log files
#
do_rotate() {
	start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
	return 0
}

#
# Online upgrade nginx executable
#
# "Upgrading Executable on the Fly"
# http://nginx.org/en/docs/control.html
#
do_upgrade() {
	# Return
	#   0 if nginx has been successfully upgraded
	#   1 if nginx is not running
	#   2 if the pid files were not created on time
	#   3 if the old master could not be killed
	if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
		# Wait for both old and new master to write their pid file
		while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
			cnt=`expr $cnt + 1`
			if [ $cnt -gt 10 ]; then
				return 2
			fi
			sleep 1
		done
		# Everything is ready, gracefully stop the old master
		if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
			return 0
		else
			return 3
		fi
	else
		return 1
	fi
}

case "$1" in
	start)
		[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
		do_start
		case "$?" in
			0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
			2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
		esac
		;;
	stop)
		[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
		do_stop
		case "$?" in
			0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
			2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
		esac
		;;
	restart)
		log_daemon_msg "Restarting $DESC" "$NAME"

		# Check configuration before stopping nginx
		if ! test_nginx_config; then
			log_end_msg 1 # Configuration error
			exit 0
		fi

		do_stop
		case "$?" in
			0|1)
				do_start
				case "$?" in
					0) log_end_msg 0 ;;
					1) log_end_msg 1 ;; # Old process is still running
					*) log_end_msg 1 ;; # Failed to start
				esac
				;;
			*)
				# Failed to stop
				log_end_msg 1
				;;
		esac
		;;
	reload|force-reload)
		log_daemon_msg "Reloading $DESC configuration" "$NAME"

		# Check configuration before reload nginx
		#
		# This is not entirely correct since the on-disk nginx binary
		# may differ from the in-memory one, but that's not common.
		# We prefer to check the configuration and return an error
		# to the administrator.
		if ! test_nginx_config; then
			log_end_msg 1 # Configuration error
			exit 0
		fi

		do_reload
		log_end_msg $?
		;;
	configtest|testconfig)
		log_daemon_msg "Testing $DESC configuration"
		test_nginx_config
		log_end_msg $?
		;;
	status)
		status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
		;;
	upgrade)
		log_daemon_msg "Upgrading binary" "$NAME"
		do_upgrade
		log_end_msg 0
		;;
	rotate)
		log_daemon_msg "Re-opening $DESC log files" "$NAME"
		do_rotate
		log_end_msg $?
		;;
	*)
		echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
		exit 3
		;;
esac

:

Fichier de configuration nginx

Effacement puis création

  rm /etc/nginx/nginx.conf
  nano /etc/nginx/nginx.conf

le contenu du fichier /etc/nginx/nginx.conf

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
	worker_connections 768;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	

	include       mime.types;
	default_type  application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;


}

Vérification
nginx -t

Création systemd nginx.service

nginx est compilé et installé , binaire sur /usr/sbin/nginx

Création du fichier /etc/systemd/system/nginx.service
nano /etc/systemd/system/nginx.service

[Unit]
Description=A high performance web server and a reverse proxy server
After=network.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid
TimeoutStopSec=5
KillMode=mixed

[Install]
WantedBy=multi-user.target

Réinitialiser
systemctl daemon-reload
Lancer le service
systemctl start nginx
Vérifier le “status”
systemctl status nginx

● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/etc/systemd/system/nginx.service; disabled)
   Active: active (running) since mar. 2016-01-05 18:21:30 CET; 4min 18s ago
  Process: 6356 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
  Process: 6353 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
 Main PID: 6357 (nginx)
   CGroup: /system.slice/nginx.service
           ├─6357 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─6358 nginx: worker process

web default.conf et index.html

Configuration vhost
nano /etc/nginx/conf.d/default.conf
Contenu fichier /etc/nginx/conf.d/default.conf

server {
    listen 80;
    listen [::]:80;
    root /var/www/ ;
}

Création fichier html
nano /var/www/index.html
Contenu fichier /var/www/index.html

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx on Debian!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx on Debian!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working on Debian. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a></p>

<p>
      Please use the <tt>reportbug</tt> tool to report bugs in the
      nginx package with Debian. However, check <a
      href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?ordering=normal;archive=0;src=nginx;repeatmerged=0">existing
      bug reports</a> before reporting a new bug.
</p>

<p><em>Thank you for using debian and nginx.</em></p>


</body>
</html>

Relancer le serveur
systemctl restart nginx
Vous vérifier la page html sur le lien http://adresse_IP (ex: http://192.168.0.18) Après ces tests et vérifications ,valider nginx pour un démarrage auto
systemctl enable nginx