diff --git a/install b/install index fcd1f1f..49400a3 100644 --- a/install +++ b/install @@ -1,6 +1,5 @@ #!/bin/bash -export NGINX="1.23.1" -export NGINX_FOCAL="1.22.1" +curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/theraw-broken-lua/version > /tmp/version; source /tmp/version case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in focal) if [ "$(whoami)" != "root" ] @@ -41,56 +40,55 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in apt-get install libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev liblua5.2-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev -y mkdir -p /opt/mod/ - #Luajit 2.1 - cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20220310.tar.gz - cd /opt/mod && tar xf v2.1-20220310.tar.gz; rm -Rf v2.1-20220310.tar.gz - cd /opt/mod/luajit2-2.1-20220310/ && make install PREFIX=/usr/local/LuaJIT && ldconfig - rm -Rf /opt/mod/luajit2-2.1-20220310/ + cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v${FOCAL_VERSION_LUA}.tar.gz + cd /opt/mod && tar xf v${FOCAL_VERSION_LUA}.tar.gz && rm -Rf v${FOCAL_VERSION_LUA}.tar.gz + cd /opt/mod/luajit2-${FOCAL_VERSION_LUA}/ && make install PREFIX=/usr/local/LuaJIT && ldconfig + rm -Rf /opt/mod/luajit2-${FOCAL_VERSION_LUA}/ - # ModSecurity - cd /opt/mod && git clone https://github.com/SpiderLabs/ModSecurity - cd /opt/mod/ModSecurity/ && git checkout -b v3/master origin/v3/master - cd /opt/mod/ModSecurity && sh build.sh - cd /opt/mod/ModSecurity && git submodule init && git submodule update - cd /opt/mod/ModSecurity && ./configure && make -j`nproc` && make install + cd /opt/mod && wget https://github.com/SpiderLabs/ModSecurity/releases/download/v${FOCAL_VERSION_NGX_MODSECURITY}/modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz + cd /opt/mod && tar xf modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz; rm -Rf modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY}.tar.gz + cd /opt/mod/modsecurity-v${FOCAL_VERSION_NGX_MODSECURITY} && ./configure && make -j`nproc` && make install + + cd /opt/mod && wget https://github.com/openresty/lua-resty-core/archive/refs/tags/v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz + cd /opt/mod && tar xf v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz && rm -Rf v${FOCAL_VERSION_NGX_RESTY_CORE}.tar.gz + cd /opt/mod/lua-resty-core-${FOCAL_VERSION_NGX_RESTY_CORE} && make install PREFIX=${LUA_SCRIPTS} + + cd /opt/mod && wget https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz + cd /opt/mod && tar xf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz && rm -Rf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz + cd /opt/mod/lua-resty-lrucache-${FOCAL_VERSION_NGX_RESTY_LRUCACHE} && make install PREFIX=${LUA_SCRIPTS} # Nginx - cd /opt/ && wget https://nginx.org/download/nginx-${NGINX_FOCAL}.tar.gz && tar xf nginx-${NGINX_FOCAL}.tar.gz && rm -Rf nginx-${NGINX_FOCAL}.tar.gz - cd /opt/nginx-${NGINX_FOCAL} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch - cd /opt/nginx-${NGINX_FOCAL} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/builder > builder; bash builder - cd /opt/nginx-${NGINX_FOCAL} && make -j`nproc` - cd /opt/nginx-${NGINX_FOCAL} && make install - curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.service.Focal > /lib/systemd/system/nginx.service + cd /opt/ && wget https://nginx.org/download/nginx-${FOCAL_VERSION_NGINX}.tar.gz && tar xf nginx-${FOCAL_VERSION_NGINX}.tar.gz && rm -Rf nginx-${FOCAL_VERSION_NGINX}.tar.gz + cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch + cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/Builder.sh > builder; bash builder + cd /opt/nginx-${FOCAL_VERSION_NGINX} && make -j`nproc` + cd /opt/nginx-${FOCAL_VERSION_NGINX} && make install + curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/nginx.service > /lib/systemd/system/nginx.service rm -Rf /nginx/*.default # Download Dynamic Modules mkdir -p /nginx/modules - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so - #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so - #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ndk_http_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_brotli_filter_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_brotli_static_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_flv_live_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_geoip2_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_headers_more_filter_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_lua_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_modsecurity_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_pagespeed.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_stream_geoip2_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_naxsi_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_set_misc_module.so + cd /nginx/modules && https://github.com/theraw/The-World-Is-Yours/raw/master/static/Focal/mod/ngx_http_testcookie_access_module.so # Fixes - mkdir -p /nginx/modsec - curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core + mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping - curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf + curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/nginx.conf > /nginx/nginx.conf mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js @@ -99,7 +97,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in # Start unset NGINX killall nginx - useradd nginx + adduser nginx --shell=/bin/false --no-create-home systemctl enable nginx systemctl daemon-reload systemctl enable nginx @@ -207,7 +205,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in # Start unset NGINX killall nginx - useradd nginx + adduser nginx --shell=/bin/false --no-create-home systemctl enable nginx systemctl daemon-reload systemctl enable nginx diff --git a/static/Focal/Builder.sh b/static/Focal/Builder.sh new file mode 100644 index 0000000..32fa660 --- /dev/null +++ b/static/Focal/Builder.sh @@ -0,0 +1,38 @@ +./configure --with-compat \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ +--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ +--with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" diff --git a/static/Focal/mod/Builder.sh b/static/Focal/mod/Builder.sh new file mode 100644 index 0000000..5e5cf3e --- /dev/null +++ b/static/Focal/mod/Builder.sh @@ -0,0 +1,89 @@ +#!/bin/bash +curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/theraw-broken-lua/version > /tmp/version; source /tmp/version + +sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod; mkdir -p /opt/nginx + +cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz +cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz + +cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz +cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz +cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz + +cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz +cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz + +cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz +cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz + +cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz +cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz + +cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz +cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz + +cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz +cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz + +cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz +cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz + +cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie +cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init +cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi + + + +rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz +cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch +cd /opt/nginx-${NGINX}/ +LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ +--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \ +--add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \ +--add-dynamic-module=/opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} \ +--add-dynamic-module=/opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} \ +--add-dynamic-module=/opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable \ +--add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} \ +--add-dynamic-module=/opt/mod/naxsi/naxsi_src \ +--add-dynamic-module=/opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} \ +--add-dynamic-module=/opt/mod/ngx_brotli \ +--add-dynamic-module=/opt/mod/ngx_http_geoip2_module-${NGX_GEOIP2} \ +--add-dynamic-module=/opt/mod/set-misc-nginx-module-${NGX_SET_MISC} \ +--add-dynamic-module=/opt/mod/testcookie +make -j`nproc` modules diff --git a/static/Focal/mod/ndk_http_module.so b/static/Focal/mod/ndk_http_module.so new file mode 100755 index 0000000..328c9f1 Binary files /dev/null and b/static/Focal/mod/ndk_http_module.so differ diff --git a/static/Focal/mod/ngx_http_brotli_filter_module.so b/static/Focal/mod/ngx_http_brotli_filter_module.so new file mode 100755 index 0000000..5a6b9ad Binary files /dev/null and b/static/Focal/mod/ngx_http_brotli_filter_module.so differ diff --git a/static/Focal/mod/ngx_http_brotli_static_module.so b/static/Focal/mod/ngx_http_brotli_static_module.so new file mode 100755 index 0000000..45a11c4 Binary files /dev/null and b/static/Focal/mod/ngx_http_brotli_static_module.so differ diff --git a/static/Focal/mod/ngx_http_flv_live_module.so b/static/Focal/mod/ngx_http_flv_live_module.so new file mode 100755 index 0000000..b4659ea Binary files /dev/null and b/static/Focal/mod/ngx_http_flv_live_module.so differ diff --git a/static/Focal/mod/ngx_http_geoip2_module.so b/static/Focal/mod/ngx_http_geoip2_module.so new file mode 100755 index 0000000..3ff70c0 Binary files /dev/null and b/static/Focal/mod/ngx_http_geoip2_module.so differ diff --git a/static/Focal/mod/ngx_http_headers_more_filter_module.so b/static/Focal/mod/ngx_http_headers_more_filter_module.so new file mode 100755 index 0000000..fd4c082 Binary files /dev/null and b/static/Focal/mod/ngx_http_headers_more_filter_module.so differ diff --git a/static/Focal/mod/ngx_http_lua_module.so b/static/Focal/mod/ngx_http_lua_module.so new file mode 100755 index 0000000..bb2f035 Binary files /dev/null and b/static/Focal/mod/ngx_http_lua_module.so differ diff --git a/static/Focal/mod/ngx_http_modsecurity_module.so b/static/Focal/mod/ngx_http_modsecurity_module.so new file mode 100755 index 0000000..029121f Binary files /dev/null and b/static/Focal/mod/ngx_http_modsecurity_module.so differ diff --git a/static/Focal/mod/ngx_http_naxsi_module.so b/static/Focal/mod/ngx_http_naxsi_module.so new file mode 100755 index 0000000..b3ec2a8 Binary files /dev/null and b/static/Focal/mod/ngx_http_naxsi_module.so differ diff --git a/static/Focal/mod/ngx_http_set_misc_module.so b/static/Focal/mod/ngx_http_set_misc_module.so new file mode 100755 index 0000000..e5cdccb Binary files /dev/null and b/static/Focal/mod/ngx_http_set_misc_module.so differ diff --git a/static/Focal/mod/ngx_http_testcookie_access_module.so b/static/Focal/mod/ngx_http_testcookie_access_module.so new file mode 100755 index 0000000..10e415a Binary files /dev/null and b/static/Focal/mod/ngx_http_testcookie_access_module.so differ diff --git a/static/Focal/mod/ngx_pagespeed.so b/static/Focal/mod/ngx_pagespeed.so new file mode 100755 index 0000000..397af24 Binary files /dev/null and b/static/Focal/mod/ngx_pagespeed.so differ diff --git a/static/Focal/mod/ngx_stream_geoip2_module.so b/static/Focal/mod/ngx_stream_geoip2_module.so new file mode 100755 index 0000000..591f6e6 Binary files /dev/null and b/static/Focal/mod/ngx_stream_geoip2_module.so differ diff --git a/static/Focal/nginx.conf b/static/Focal/nginx.conf new file mode 100644 index 0000000..2663913 --- /dev/null +++ b/static/Focal/nginx.conf @@ -0,0 +1,76 @@ +# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues +# Problems? => https://github.com/theraw/The-World-Is-Yours/issues +user nginx; +pid /var/run/nginx.pid; +worker_processes auto; +worker_rlimit_nofile 65535; + +load_module /nginx/modules/ngx_http_modsecurity_module.so; +load_module /nginx/modules/ngx_http_naxsi_module.so; +load_module /nginx/modules/ngx_http_testcookie_access_module.so; + +events { + multi_accept on; + use epoll; + worker_connections 65535; +} + +http { + # uncomment lua_package_path if you plan to use ngx-lua module. + # scripts path of resty-core and lrucache is /usr/twiylua + #lua_package_path "/usr/twiylua/lib/lua/?.lua;;"; + # ////////////////////////////////////////////////////// # + # =================== START L7 ========================= # + include modsec/l7.conf; + # ===================== END L7 ========================= # + # ////////////////////////////////////////////////////// # + + # ////////////////////////////////////////////////////// # + # ===================== LOGS =========================== # + log_format main '$remote_addr |==| $status |==| $request |==| $time_local'; + # =================== END LOGS ========================= # + # ////////////////////////////////////////////////////// # + + # ////////////////////////////////////////////////////// # + # ==================== BACKENDS ======================== # + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + # Example Of Backend + #upstream varnish { + # zone tcp_servers 64k; + # server 10.10.10.39:80; + #} + # =================== END BACKENDS ===================== # + # ////////////////////////////////////////////////////// # + + # ////////////////////////////////////////////////////// # + # ==================== GENERAL ========================= # + client_body_buffer_size 2M; + client_header_buffer_size 2M; + client_body_timeout 90s; + client_header_timeout 90s; + client_max_body_size 2M; + keepalive_timeout 15s; + port_in_redirect off; + sendfile on; + server_names_hash_bucket_size 6969; + server_name_in_redirect off; + server_tokens off; + tcp_nodelay on; + tcp_nopush on; + types_hash_max_size 2048; + resolver 8.8.8.8 8.8.4.4; + default_type application/octet-stream; + include /nginx/mime.types; + # =================== END GENERAL ====================== # + # ////////////////////////////////////////////////////// # + + # ////////////////////////////////////////////////////// # + # ================ LOAD VHOST +CONFIGS ================= # + include live/*; + include modsec/naxi.core; + # =================== END CONFIGS ====================== # + # ////////////////////////////////////////////////////// # +} diff --git a/static/Focal/nginx.service b/static/Focal/nginx.service new file mode 100644 index 0000000..e87c074 --- /dev/null +++ b/static/Focal/nginx.service @@ -0,0 +1,16 @@ +[Nginx] +Description=The World Is Yours HTTP Server +After=syslog.target network-online.target remote-fs.target nss-lookup.target +Wants=network-online.target + +[Service] +Type=forking +PIDFile=/var/run/nginx.pid +ExecStartPre=/usr/sbin/nginx -t +ExecStart=/usr/sbin/nginx +ExecReload=/usr/sbin/nginx -s reload +ExecStop=/bin/kill -s QUIT $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/version b/version new file mode 100644 index 0000000..ad661a3 --- /dev/null +++ b/version @@ -0,0 +1,21 @@ +#!/bin/bash +#unless custom use default +export NGINX="1.22.1" + +export LUA_SCRIPTS="/usr/twiylua/" +export FOCAL_VERSION_NGINX="1.22.1" +export FOCAL_VERSION_LUA="2.1-20220915" +export FOCAL_VERSION_NGX_LUA="0.10.22" +export FOCAL_VERSION_NGX_RESTY_CORE="0.1.24" +export FOCAL_VERSION_NGX_RESTY_LRUCACHE="0.13" +export FOCAL_VERSION_NGX_MODSECURITY="3.0.8" + +export NGX_DEVEL_KIT="0.3.2" +export NGX_PAGESPEED="1.13.35.2" +export NGX_PAGESPEED_PSOL="1.13.35.2-x64" +export NGX_GEOIP2="3.4" +export NGX_MODSECURITY="1.0.3" +export NGX_HTTP_FLV="1.2.10" +export NGX_HEADERS_MORE="0.34" +export NGX_LUA="0.10.22" +export NGX_SET_MISC="0.33"