Server Setup

Ubuntu: the better nginx instructions

by , , revisited on

We have by far the largest RPM repository with NGINX module packages and VMODs for Varnish. If you want to install NGINX, Varnish, and lots of useful performance/security software with smooth yum upgrades for production use, this is the repository for you.
Active subscription is required.

If you have noticed, this blog mostly contains material about CentOS/RHEL. Rarely I encounter clients who have Ubuntu and don’t want to move onto Citrus Stack for this or that reason. Just as a dirty hack and reminder on how things are done in Ubuntu, I present to you the guide on repackaging nginx-extras package in Ubuntu with newer / better modules


  • Setup nginx in Ubuntu xenial with additional rtmp and ts nginx modules
  • Have a more recent nginx version (latest stable as of this writing is 1.14.0)
  • Keep things clean
sudo apt-get update
apt-get install devscripts
sudo apt-get build-dep nginx-extras 
mkdir /tmp/nginx && cd /tmp/nginx
sudo apt-get source nginx-extras
tar zxvf nginx-1.14.0.tar.gz
cp -aRp nginx-1.10.3/debian nginx-1.14.0/
cd /tmp/nginx/nginx-1.14.0/debian/modules
# newer echo module (otherwise fails compilation)
rm -rf nginx-echo
tar zxvf v0.61.tar.gz
mv echo-nginx-module-* nginx-echo
# newer lua module (otherwise fails compilation)
rm -rf nginx-lua
tar zxvf v0.10.13.tar.gz
mv lua-nginx-module-* nginx-lua
git clone /tmp/nginx/nginx-1.14.0/ngx_ts
git clone /tmp/nginx/nginx-1.14.0/ngx_rtmp

Edit /tmp/nginx/nginx-1.14.0/debian/rules

Remove (does not build with 1.14.0, very ancient module) from all configure targets (full and extras):

--add-module=$(MODULESDIR)/nginx-upstream-fair \

and “within” extras_configure_flags, add:

--add-module=/tmp/nginx/nginx-1.14.0/ngx_ts \

(make sure to add \ on the previous line)

cd /tmp/nginx/nginx-1.14.0
debchange --newversion 1.14.0-0ubuntu0.16.04.2
sed -i "s@1\.10\.3@1.14.0@g" ./debian/patches/ubuntu-branding.patch
dpkg-buildpackage -b -uc -us
sudo dpkg -i nginx-common_1.14.0-0ubuntu0.16.04.2_all.deb
sudo dpkg -i nginx-extras_1.14.0-0ubuntu0.16.04.2_amd64.deb


nginx version: nginx/1.13.6
built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.5)
built with OpenSSL 1.0.2g  1 Mar 2016
TLS SNI support enabled
configure arguments: --sbin-path=/usr/local/nginx/nginx --conf-path=/usr/local/nginx/nginx.conf --pid-path=/run/ --add-module=../nginx-rtmp-module --add-module=../nginx-ts-module --with-http_ssl_module --with-pcre=../pcre-8.41 --with-zlib=../zlib-1.2.11 --with-http_sub_module


nginx version: nginx/1.14.0
built with OpenSSL 1.0.2g  1 Mar 2016
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/ --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-threads --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/headers-more-nginx-module --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-auth-pam --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-cache-purge --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-dav-ext-module --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-development-kit --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-echo --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/ngx-fancyindex --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-http-push --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-lua --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/nginx-upload-progress --add-module=/tmp/nginx/nginx-1.14.0/debian/modules/ngx_http_substitutions_filter_module --add-module=/tmp/nginx/nginx-1.14.0/ngx_ts --add-module=/tmp/nginx/nginx-1.14.0/ngx_rtmp

Removed custom startup file, copied config to standard location and restarted:

rm /etc/systemd/system/nginx.service
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.pkg
cp -aRp /usr/local/nginx/nginx.conf /etc/nginx/nginx.conf
systemctl restart nginx

Make sure system updates do not overwrite custom nginx package (highly unlikely anyway for them to release newer nginx build):

sudo apt-mark hold nginx-extras

Resulting reference build can be found here.

For Ubuntu Bionic, you can follow these instructions for building nginx with brotli module. It uses nginx own .deb upstream package.

Reference build which includes (headers more, brotli and cookie) modules is here.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: