nginx_build_script : deprecating boringssl with libressl

This commit is contained in:
minoplhy 2024-02-25 22:18:16 +07:00
parent 7481b64d8f
commit 2cfad5cddf
Signed by: minoplhy
GPG Key ID: 41D406044E2434BF
3 changed files with 23 additions and 15 deletions

View File

@ -7,18 +7,26 @@ curl -sSL https://raw.githubusercontent.com/minoplhy/scriptbox/main/nginx_build_
mkdir $HOMEDIRECTORY && cd $HOMEDIRECTORY mkdir $HOMEDIRECTORY && cd $HOMEDIRECTORY
# Install Golang # Install Golang
GO_VERSION=1.20.5 ##GO_VERSION=1.20.5
unlink /usr/bin/go ##unlink /usr/bin/go
wget https://go.dev/dl/go$GO_VERSION.linux-amd64.tar.gz ##wget https://go.dev/dl/go$GO_VERSION.linux-amd64.tar.gz
sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go$GO_VERSION.linux-amd64.tar.gz ##sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go$GO_VERSION.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin ##export PATH=$PATH:/usr/local/go/bin
ln -s /usr/local/go/bin /usr/bin/go ##ln -s /usr/local/go/bin /usr/bin/go
hg clone -b default https://hg.nginx.org/nginx hg clone -b default https://hg.nginx.org/nginx
git clone --depth=1 https://github.com/google/boringssl $HOMEDIRECTORY/boringssl ##git clone --depth=1 https://github.com/google/boringssl $HOMEDIRECTORY/boringssl
cd $HOMEDIRECTORY/boringssl ##cd $HOMEDIRECTORY/boringssl
mkdir $HOMEDIRECTORY/boringssl/build && cd $HOMEDIRECTORY/boringssl/build && cmake .. && make ##mkdir $HOMEDIRECTORY/boringssl/build && cd $HOMEDIRECTORY/boringssl/build && cmake .. && make
# Libressl
git clone https://github.com/libressl/portable $HOMEDIRECTORY/libressl && cd $HOMEDIRECTORY/libressl
bash ./autogen.sh && ./configure
mkdir -p $HOMEDIRECTORY/libressl/build-ninja && cd $HOMEDIRECTORY/libressl/build-ninja
cmake -G"Ninja" ..
ninja
ninja test
# ModSecurity Part # ModSecurity Part
git clone --depth=1 https://github.com/SpiderLabs/ModSecurity $HOMEDIRECTORY/ModSecurity git clone --depth=1 https://github.com/SpiderLabs/ModSecurity $HOMEDIRECTORY/ModSecurity
@ -60,5 +68,5 @@ if [[ $Nginx_Install == "yes" ]]; then
curl -sSL https://raw.githubusercontent.com/minoplhy/scriptbox/main/nginx_build_script/modules.conf > modules.conf curl -sSL https://raw.githubusercontent.com/minoplhy/scriptbox/main/nginx_build_script/modules.conf > modules.conf
cp modules.conf /etc/nginx/modules-enabled cp modules.conf /etc/nginx/modules-enabled
else else
echo "Nginx_Install variable isn't set/vaild. Your Nginx assets location is : '$HOMEDIRECTORY'/nginx-quic/objs" echo "Nginx_Install variable isn't set/vaild. Your Nginx assets location is : '$HOMEDIRECTORY'/nginx/objs"
fi fi

View File

@ -1,7 +1,7 @@
./auto/configure \ ./auto/configure \
--with-cc-opt="-I../boringssl/include" \ --with-openssl="../libressl" \
--with-ld-opt="-L../boringssl/build/ssl \ --with-cc-opt="-I../libressl/include -I /usr/local/include -m64 -march=native -mtune=native -Ofast -flto -funroll-loops -ffunction-sections -fdata-sections" \
-L../boringssl/build/crypto" \ --with-ld-opt="-L../libressl -m64 -Wl,-s -Wl,-Bsymbolic" \
--prefix=/usr/share/nginx \ --prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \ --conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \ --http-log-path=/var/log/nginx/access.log \
@ -22,6 +22,7 @@
--with-http_realip_module \ --with-http_realip_module \
--with-http_auth_request_module \ --with-http_auth_request_module \
--with-http_v2_module \ --with-http_v2_module \
--with-http_v3_module \
--with-http_dav_module \ --with-http_dav_module \
--with-http_slice_module \ --with-http_slice_module \
--with-threads \ --with-threads \
@ -49,6 +50,5 @@
--add-dynamic-module=mosc/echo-nginx-module \ --add-dynamic-module=mosc/echo-nginx-module \
--add-dynamic-module=mosc/ModSecurity-nginx \ --add-dynamic-module=mosc/ModSecurity-nginx \
--add-dynamic-module=mosc/ngx_brotli \ --add-dynamic-module=mosc/ngx_brotli \
--with-http_v3_module \
--with-http_geoip_module \ --with-http_geoip_module \
--with-stream_geoip_module --with-stream_geoip_module

View File

@ -1,2 +1,2 @@
sudo apt-get install mercurial libunwind-dev libpcre3 libpcre3-dev zlib1g-dev cmake make libxslt1-dev libgd-dev libssl-dev libperl-dev libpam0g-dev libgeoip-dev git g++ -y sudo apt-get install mercurial libunwind-dev libpcre3 libpcre3-dev zlib1g-dev cmake make libxslt1-dev libgd-dev libssl-dev libperl-dev libpam0g-dev libgeoip-dev git g++ -y
sudo apt-get install apt-utils autoconf automake build-essential libcurl4-openssl-dev liblmdb-dev libpcre++-dev libtool libxml2-dev libyajl-dev pkgconf wget -y sudo apt-get install apt-utils autoconf automake build-essential libcurl4-openssl-dev liblmdb-dev libtool libxml2-dev libyajl-dev pkgconf wget ninja-build -y