NGINX from scratch

Requirements

netbsd

pkg_add pcre
pkg_add zlib
pkg_add wget mozilla-rootcerts
#mozilla-rootcerts-openssl
mozilla-rootcerts install
pkg_add gnupg

debian/ubuntu

#PCRE, zlib and openssl libs
apt install build-essential libpcre3-dev zlib1g-dev libssl-dev

slackware

slackpkg install pcre zlib

OPTIONAL as it otherwise runs as nobody:nobody

grep www /etc/group
grep www /etc/passwd

groupadd -g 65001 www
useradd -u 65001 -g 65001 --system -M -d /var/www -s /sbin/nologin www

Building

fetch latest NGINX source

v=1.19.6
wget https://nginx.org/download/nginx-$v.tar.gz
wget https://nginx.org/download/nginx-$v.tar.gz.asc
gpg --recv-key A1C052F8
gpg --verify nginx-$v.tar.gz.asc

you should get good signature with fingerprint

Primary key fingerprint: B0F4 2533 73F8 F6F5 10D4  2178 520A 9993 A1C0 52F8

extract and build

tar xzf nginx-$v.tar.gz
cd nginx-$v/

we want NGINX to be available in our known PATH and MANPATH. We absolutely need that /etc/nginx/ folder as many files get deployed within

./configure --help | less

make clean #erases Makefile?

#linux
lock=/var/lock/nginx.lock

#netbsd
mkdir /var/db/nginx/
lock=/var/db/nginx/nginx.lock

#sometimes, freshly installed systems don't have it
mkdir -p /usr/local/

./configure --prefix=/usr/local \
    --modules-path=/etc/nginx/modules \
    --conf-path=/etc/nginx/nginx.conf \
    --pid-path=/var/run/nginx.pid --lock-path=$lock \
    --user=www --group=www \
    --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log \
    --with-http_ssl_module --with-http_v2_module \
    --with-http_addition_module --with-http_sub_module \
    --with-http_stub_status_module --with-http_gzip_static_module

Note http_ssi_module is enabled by default already.

make -j8 > ../nginx.log && echo BUILT
make install

which nginx
nginx -V

ls -alF /etc/nginx/
ls -alF /var/log/nginx/

mkdir /var/www/
mv /usr/local/html/ /var/www/

Ready to go

Tune your log rotation accordingly.

Trash

for ngx_http_xslt_module

#slackpkg install libxml2 libxslt

git clone https://github.com/aperezdc/ngx-fancyindex.git

    #--with-http_addition_module --add-module=../ngx-fancyindex \
    #--with-http_xslt_module \
    #--with-mail --with-mail_ssl_module --with-mail_smtp_module --with-mail_imap_module

this would have been for defining a static module (main context), but there is no need

#ls -lF /usr/local/nginx/modules/ngx_http_fancyindex_module.so
#vi /usr/local/nginx/nginx.conf
#load_module modules/ngx_http_fancyindex_module.so;

Resources

HOWTO build nginx with HTTP 2 support https://fak3r.com/2015/09/29/howto-build-nginx-with-http-2-support/

The HTTP/2 Module in NGINX https://www.nginx.com/blog/http2-module-nginx/

Fancy Index https://www.nginx.com/resources/wiki/modules/fancy_index/

Module ngx_http_addition_module https://nginx.org/en/docs/http/ngx_http_addition_module.html

Compiling Third-Party Dynamic Modules for NGINX and NGINX Plus https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/

Converting Static Modules to Dynamic Modules https://www.nginx.com/resources/wiki/extending/converting/

https://dwradcliffe.com/2013/10/04/custom-openssl-with-nginx.html

http://stackoverflow.com/questions/36554405/how-to-enable-dynamic-module-with-an-existing-nginx-installation

https://easyengine.io/tutorials/nginx/forwarding-visitors-real-ip/

https://serverfault.com/questions/656616/set-remote-addr-to-real-client-ip

pkgsrc/www/nginx/Makefile http://cdn.netbsd.org/pub/NetBSD/NetBSD-current/pkgsrc/www/nginx/Makefile.common