Server Setup

Ubuntu: the better nginx instructions

by , , revisited on


We have by far the largest RPM repository with dynamic stable NGINX modules and VMODs for Varnish 4.1 and 6.0 LTS. If you want to install nginx, Varnish and lots of useful modules for them, this is your one stop repository to get all performance related software.
You have to maintain an active subscription in order to be able to use the repository!

If you have noticed, this blog mostly contains material about CentOS / RedHat. Rarely I encounter clients who have Ubuntu and don’t want to move onto Citrus Stack for this or that reason. Just as a dirty hack and reminder on how things are done in Ubuntu, I present to you the guide on repackaging nginx-extras package in Ubuntu with newer / better modules

Task:

  • Setup nginx in Ubuntu xenial with additional rtmp and ts nginx modules
  • Have a more recent nginx version (latest stable as of this writing is 1.14.0)
  • Keep things clean
sudo apt-get update
apt-get install devscripts
sudo apt-get build-dep nginx-extras 
mkdir /tmp/nginx && cd /tmp/nginx
sudo apt-get source nginx-extras
wget http://nginx.org/download/nginx-1.14.0.tar.gz
tar zxvf nginx-1.14.0.tar.gz
cp -aRp nginx-1.10.3/debian nginx-1.14.0/
cd /tmp/nginx/nginx-1.14.0/debian/modules
# newer echo module (otherwise fails compilation)
rm -rf nginx-echo
wget https://github.com/openresty/echo-nginx-module/archive/v0.61.tar.gz
tar zxvf v0.61.tar.gz
mv echo-nginx-module-* nginx-echo
# newer lua module (otherwise fails compilation)
rm -rf nginx-lua
wget https://github.com/openresty/lua-nginx-module/archive/v0.10.13.tar.gz
tar zxvf v0.10.13.tar.gz
mv lua-nginx-module-* nginx-lua
git clone https://github.com/arut/nginx-ts-module.git /tmp/nginx/nginx-1.14.0/ngx_ts
git clone https://github.com/arut/nginx-rtmp-module.git /tmp/nginx/nginx-1.14.0/ngx_rtmp

Edit /tmp/nginx/nginx-1.14.0/debian/rules

Remove (does not build with 1.14.0, very ancient module) from all configure targets (full and extras):

--add-module=$(MODULESDIR)/nginx-upstream-fair \

and “within” extras_configure_flags, add:

--add-module=/tmp/nginx/nginx-1.14.0/ngx_ts \
--add-module=/tmp/nginx/nginx-1.14.0/ngx_rtmp

(make sure to add \ on the previous line)

cd /tmp/nginx/nginx-1.14.0
debchange --newversion 1.14.0-0ubuntu0.16.04.2
sed -i "s@1\.10\.3@1.14.0@g" ./debian/patches/ubuntu-branding.patch
dpkg-buildpackage -b -uc -us
sudo dpkg -i nginx-common_1.14.0-0ubuntu0.16.04.2_all.deb
sudo dpkg -i nginx-extras_1.14.0-0ubuntu0.16.04.2_amd64.deb

before:

nginx version: nginx/1.13.6
built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.5)
built with OpenSSL 1.0.2g  1 Mar 2016
TLS SNI support enabled
configure arguments: --sbin-path=/usr/local/nginx/nginx --conf-path=/usr/local/nginx/nginx.conf --pid-path=/run/nginx.pid --add-module=../nginx-rtmp-module --add-module=../nginx-ts-module --with-http_ssl_module --with-pcre=../pcre-8.41 --with-zlib=../zlib-1.2.11 --with-http_sub_module

after:

nginx version: nginx/1.14.0
built with OpenSSL 1.0.2g  1 Mar 2016
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-threads --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/headers-more-nginx-module --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-auth-pam --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-cache-purge --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-dav-ext-module --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-development-kit --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-echo --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/ngx-fancyindex --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-http-push --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-lua --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-upload-progress --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/ngx_http_substitutions_filter_module --add-module=/tmp/nginx/nginx-1.14.0/ngx_ts --add-module=/tmp/nginx/nginx-1.14.0/ngx_rtmp

Removed custom startup file, copied config to standard location and restarted:

rm /etc/systemd/system/nginx.service
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.pkg
cp -aRp /usr/local/nginx/nginx.conf /etc/nginx/nginx.conf
systemctl restart nginx

Make sure system updates do not overwrite custom nginx package (highly unlikely anyway for them to release newer nginx build):

sudo apt-mark hold nginx-extras

Resulting reference build can be found here.

For Ubuntu Bionic, you can follow these instructions for building nginx with brotli module. It uses nginx own .deb upstream package.

Reference build which includes (headers more, brotli and cookie) modules is here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.