Merge pull request #27 from theraw/theraw-broken-lua

fix-broken-lua-ubuntu20
2022-12-28 04:51:20 +01:00
parent 80edae0d2b ea13c8cd73
commit 5b0670be85
19 changed files with 279 additions and 41 deletions
@@ -1,6 +1,5 @@
 #!/bin/bash
-export NGINX="1.23.1"
-export NGINX_FOCAL="1.22.1"
+curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/theraw-broken-lua/version > /tmp/version; source /tmp/version
 case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
      focal)
             if [ "$(whoami)" != "root" ]
@@ -41,56 +40,55 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             apt-get install libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev liblua5.2-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev -y

             mkdir -p /opt/mod/
-             #Luajit 2.1
-             cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20220310.tar.gz
-             cd /opt/mod && tar xf v2.1-20220310.tar.gz; rm -Rf v2.1-20220310.tar.gz
-             cd /opt/mod/luajit2-2.1-20220310/ && make install PREFIX=/usr/local/LuaJIT && ldconfig
-             rm -Rf /opt/mod/luajit2-2.1-20220310/
+             cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v${FOCAL_VERSION_LUA}.tar.gz
+             cd /opt/mod && tar xf v${FOCAL_VERSION_LUA}.tar.gz && rm -Rf v${FOCAL_VERSION_LUA}.tar.gz
+             cd /opt/mod/luajit2-${FOCAL_VERSION_LUA}/ && make install PREFIX=/usr/local/LuaJIT && ldconfig
+             rm -Rf /opt/mod/luajit2-${FOCAL_VERSION_LUA}/

-             # ModSecurity
-             cd /opt/mod && git clone https://github.com/SpiderLabs/ModSecurity
-             cd /opt/mod/ModSecurity/ && git checkout -b v3/master origin/v3/master
-             cd /opt/mod/ModSecurity && sh build.sh
-             cd /opt/mod/ModSecurity && git submodule init && git submodule update
-             cd /opt/mod/ModSecurity && ./configure && make -j`nproc` && make install
+             cd /opt/mod && wget https://github.com/SpiderLabs/ModSecurity/releases/download/v${FOCAL_VERSION_NGX_MODSECURITY}/modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz
+             cd /opt/mod && tar xf modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz; rm -Rf modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz
+             cd /opt/mod/modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY} && ./configure && make -j`nproc` && make install
+             
+             cd /opt/mod && wget https://github.com/openresty/lua-resty-core/archive/refs/tags/v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz
+             cd /opt/mod && tar xf v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz && rm -Rf v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz
+             cd /opt/mod/lua-resty-core-${FOCAL_VERSION_NGX_RESTY_CORE} && make install PREFIX=${LUA_SCRIPTS}
+             
+             cd /opt/mod && wget https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz
+             cd /opt/mod && tar xf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz && rm -Rf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz
+             cd /opt/mod/lua-resty-lrucache-${FOCAL_VERSION_NGX_RESTY_LRUCACHE} && make install PREFIX=${LUA_SCRIPTS}

             # Nginx
-             cd /opt/ && wget https://nginx.org/download/nginx-${NGINX_FOCAL}.tar.gz && tar xf nginx-${NGINX_FOCAL}.tar.gz && rm -Rf nginx-${NGINX_FOCAL}.tar.gz
-             cd /opt/nginx-${NGINX_FOCAL} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
-             cd /opt/nginx-${NGINX_FOCAL} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/builder > builder; bash builder
-             cd /opt/nginx-${NGINX_FOCAL} && make -j`nproc`
-             cd /opt/nginx-${NGINX_FOCAL} && make install
-             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.service.Focal > /lib/systemd/system/nginx.service
+             cd /opt/ && wget https://nginx.org/download/nginx-${FOCAL_VERSION_NGINX}.tar.gz && tar xf nginx-${FOCAL_VERSION_NGINX}.tar.gz && rm -Rf nginx-${FOCAL_VERSION_NGINX}.tar.gz
+             cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
+             cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/Builder.sh > builder; bash builder
+             cd /opt/nginx-${FOCAL_VERSION_NGINX} && make -j`nproc`
+             cd /opt/nginx-${FOCAL_VERSION_NGINX} && make install
+             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/nginx.service > /lib/systemd/system/nginx.service
             rm -Rf /nginx/*.default

             # Download Dynamic Modules
             mkdir -p /nginx/modules
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so
-             #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so
-             #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ndk_http_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_brotli_filter_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_brotli_static_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_flv_live_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_geoip2_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_headers_more_filter_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_lua_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_modsecurity_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_pagespeed.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_stream_geoip2_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_naxsi_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_set_misc_module.so
+             cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_testcookie_access_module.so

             # Fixes
-             mkdir -p /nginx/modsec
-             curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core
+             mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core
             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf
             curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf
             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf
             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping
-             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf
+             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/nginx.conf > /nginx/nginx.conf
             mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default
             mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html
             mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js
@@ -99,7 +97,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             # Start
             unset NGINX
             killall nginx
-             useradd nginx
+             adduser nginx --shell=/bin/false --no-create-home
             systemctl enable nginx
             systemctl daemon-reload
             systemctl enable nginx
@@ -207,7 +205,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             # Start
             unset NGINX
             killall nginx
-             useradd nginx
+             adduser nginx --shell=/bin/false --no-create-home
             systemctl enable nginx
             systemctl daemon-reload
             systemctl enable nginx
@@ -0,0 +1,38 @@
+./configure --with-compat \
+--user=nginx                                      \
+--group=nginx                                     \
+--sbin-path=/usr/sbin/nginx                       \
+--conf-path=/nginx/nginx.conf                     \
+--pid-path=/var/run/nginx.pid                     \
+--lock-path=/var/run/nginx.lock                   \
+--error-log-path=/var/log/nginx/error.log         \
+--http-log-path=/var/log/nginx/access.log         \
+--with-threads                                    \
+--with-file-aio                                   \
+--with-http_ssl_module                            \
+--with-http_v2_module                             \
+--with-http_realip_module                         \
+--with-http_addition_module                       \
+--with-http_xslt_module                           \
+--with-http_image_filter_module                   \
+--with-http_geoip_module                          \
+--with-http_sub_module                            \
+--with-http_dav_module                            \
+--with-http_flv_module                            \
+--with-http_mp4_module                            \
+--with-http_gunzip_module                         \
+--with-http_gzip_static_module                    \
+--with-http_auth_request_module                   \
+--with-http_random_index_module                   \
+--with-http_secure_link_module                    \
+--with-http_slice_module                          \
+--with-http_stub_status_module                    \
+--with-mail                                       \
+--with-mail_ssl_module                            \
+--with-stream                                     \
+--with-stream_ssl_module                          \
+--with-stream_realip_module                       \
+--with-stream_geoip_module                        \
+--with-http_v2_hpack_enc                          \
+--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \
+--with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre"
@@ -0,0 +1,89 @@
+#!/bin/bash
+curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/theraw-broken-lua/version > /tmp/version; source /tmp/version
+
+sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod; mkdir -p /opt/nginx
+
+cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz
+cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz
+
+cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz
+cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz
+cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz
+
+cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz
+cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz
+
+cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz
+cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz
+
+cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz
+cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz
+cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz
+cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz
+cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz
+
+cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie
+cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init
+cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi
+
+
+
+rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz
+cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
+cd /opt/nginx-${NGINX}/
+LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \
+--user=nginx                                      \
+--group=nginx                                     \
+--sbin-path=/usr/sbin/nginx                       \
+--conf-path=/nginx/nginx.conf                     \
+--pid-path=/var/run/nginx.pid                     \
+--lock-path=/var/run/nginx.lock                   \
+--error-log-path=/var/log/nginx/error.log         \
+--http-log-path=/var/log/nginx/access.log         \
+--with-threads                                    \
+--with-file-aio                                   \
+--with-http_ssl_module                            \
+--with-http_v2_module                             \
+--with-http_realip_module                         \
+--with-http_addition_module                       \
+--with-http_xslt_module                           \
+--with-http_image_filter_module                   \
+--with-http_geoip_module                          \
+--with-http_sub_module                            \
+--with-http_dav_module                            \
+--with-http_flv_module                            \
+--with-http_mp4_module                            \
+--with-http_gunzip_module                         \
+--with-http_gzip_static_module                    \
+--with-http_auth_request_module                   \
+--with-http_random_index_module                   \
+--with-http_secure_link_module                    \
+--with-http_slice_module                          \
+--with-http_stub_status_module                    \
+--with-mail                                       \
+--with-mail_ssl_module                            \
+--with-stream                                     \
+--with-stream_ssl_module                          \
+--with-stream_realip_module                       \
+--with-stream_geoip_module                        \
+--with-http_v2_hpack_enc                          \
+--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \
+--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \
+--add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \
+--add-dynamic-module=/opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} \
+--add-dynamic-module=/opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} \
+--add-dynamic-module=/opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable \
+--add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} \
+--add-dynamic-module=/opt/mod/naxsi/naxsi_src \
+--add-dynamic-module=/opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} \
+--add-dynamic-module=/opt/mod/ngx_brotli \
+--add-dynamic-module=/opt/mod/ngx_http_geoip2_module-${NGX_GEOIP2} \
+--add-dynamic-module=/opt/mod/set-misc-nginx-module-${NGX_SET_MISC} \
+--add-dynamic-module=/opt/mod/testcookie
+make -j`nproc` modules
@@ -0,0 +1,76 @@
+# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues
+# Problems?    => https://github.com/theraw/The-World-Is-Yours/issues
+user nginx;
+pid /var/run/nginx.pid;
+worker_processes auto;
+worker_rlimit_nofile 65535;
+
+load_module /nginx/modules/ngx_http_modsecurity_module.so;
+load_module /nginx/modules/ngx_http_naxsi_module.so;
+load_module /nginx/modules/ngx_http_testcookie_access_module.so;
+
+events {
+    multi_accept on;
+    use epoll;
+    worker_connections 65535;
+}
+
+http {
+    # uncomment lua_package_path if you plan to use ngx-lua module.
+    # scripts path of resty-core and lrucache is /usr/twiylua
+    #lua_package_path "/usr/twiylua/lib/lua/?.lua;;";
+    # ////////////////////////////////////////////////////// #
+    # =================== START L7 ========================= #
+    include modsec/l7.conf;
+    # ===================== END L7 ========================= #
+    # ////////////////////////////////////////////////////// #
+
+    # ////////////////////////////////////////////////////// #
+    # ===================== LOGS =========================== #
+    log_format main '$remote_addr  |==| $status |==| $request |==| $time_local';
+    # =================== END LOGS ========================= #
+    # ////////////////////////////////////////////////////// #
+    
+    # ////////////////////////////////////////////////////// #
+    # ==================== BACKENDS ======================== #
+    map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+    }
+    # Example Of Backend
+    #upstream varnish {
+    #    zone tcp_servers 64k;
+    #    server 10.10.10.39:80;
+    #}
+    # =================== END BACKENDS ===================== #
+    # ////////////////////////////////////////////////////// #
+
+    # ////////////////////////////////////////////////////// #
+    # ==================== GENERAL ========================= #
+    client_body_buffer_size        2M;
+    client_header_buffer_size      2M;
+    client_body_timeout            90s;
+    client_header_timeout          90s;
+    client_max_body_size           2M;
+    keepalive_timeout              15s;
+    port_in_redirect               off;
+    sendfile                       on;
+    server_names_hash_bucket_size  6969;
+    server_name_in_redirect        off;
+    server_tokens                  off;
+    tcp_nodelay                    on;
+    tcp_nopush                     on;
+    types_hash_max_size            2048;
+    resolver                       8.8.8.8 8.8.4.4;
+    default_type                   application/octet-stream;
+    include                        /nginx/mime.types;
+    # =================== END GENERAL ====================== #
+    # ////////////////////////////////////////////////////// #
+
+    # ////////////////////////////////////////////////////// #
+    # ================ LOAD VHOST +CONFIGS ================= #
+    include live/*;
+    include modsec/naxi.core;
+    # =================== END CONFIGS ====================== #
+    # ////////////////////////////////////////////////////// #
+}
@@ -0,0 +1,16 @@
+[Nginx]
+Description=The World Is Yours HTTP Server
+After=syslog.target network-online.target remote-fs.target nss-lookup.target
+Wants=network-online.target
+        
+[Service]
+Type=forking
+PIDFile=/var/run/nginx.pid
+ExecStartPre=/usr/sbin/nginx -t
+ExecStart=/usr/sbin/nginx
+ExecReload=/usr/sbin/nginx -s reload
+ExecStop=/bin/kill -s QUIT $MAINPID
+PrivateTmp=true
+        
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,21 @@
+#!/bin/bash
+#unless custom use default
+export NGINX="1.22.1"
+
+export LUA_SCRIPTS="/usr/twiylua/"
+export FOCAL_VERSION_NGINX="1.22.1"
+export FOCAL_VERSION_LUA="2.1-20220915"
+export FOCAL_VERSION_NGX_LUA="0.10.22"
+export FOCAL_VERSION_NGX_RESTY_CORE="0.1.24"
+export FOCAL_VERSION_NGX_RESTY_LRUCACHE="0.13"
+export FOCAL_VERSION_NGX_MODSECURITY="3.0.8"
+
+export NGX_DEVEL_KIT="0.3.2"
+export NGX_PAGESPEED="1.13.35.2"
+export NGX_PAGESPEED_PSOL="1.13.35.2-x64"
+export NGX_GEOIP2="3.4"
+export NGX_MODSECURITY="1.0.3"
+export NGX_HTTP_FLV="1.2.10"
+export NGX_HEADERS_MORE="0.34"
+export NGX_LUA="0.10.22"
+export NGX_SET_MISC="0.33"