diff --git a/Dockerfile b/Dockerfile index 3ad934d..cee7004 100644 --- a/Dockerfile +++ b/Dockerfile @@ -49,6 +49,6 @@ RUN set -eux; \ : RUN dpkg-divert --divert /bin/systemctl.real --rename --add /bin/systemctl; ln -snf /usr/bin/fake-systemctl /bin/systemctl RUN cd /opt/ && wget https://nginx.org/download/nginx-${NGINX}.tar.gz && tar xf nginx-${NGINX}.tar.gz && rm -Rf nginx-${NGINX}.tar.gz; cd /opt/nginx-${NGINX}; curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > /opt/nginx-${NGINX}/hpack_push.patch; cd /opt/nginx-${NGINX}; patch -p1 < /opt/nginx-${NGINX}/hpack_push.patch; cd /opt/nginx-${NGINX}; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/builder > builder; bash builder; cd /opt/nginx-${NGINX} && make -j`nproc`; cd /opt/nginx-${NGINX} && make install; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.service.Focal > /lib/systemd/system/nginx.service; rm -Rf /nginx/*.default; useradd nginx && usermod -s /bin/false nginx -RUN mkdir -p /nginx/modules; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so; mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf; curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf; mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default; mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html; mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js +RUN mkdir -p /nginx/modules; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so; mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf; curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf; mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default; mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html; mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js RUN curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/docker/supervisord.conf > /etc/supervisor/supervisord.conf CMD ["/usr/bin/supervisord","-c", "/etc/supervisor/supervisord.conf"] diff --git a/install b/install index f3d67be..f4b16e8 100644 --- a/install +++ b/install @@ -1,5 +1,5 @@ #!/bin/bash -export NGINX="1.21.6" +export NGINX="1.23.1" case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in focal) if [ "$(whoami)" != "root" ] @@ -83,8 +83,8 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so - cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so + #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so + #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so # Fixes mkdir -p /nginx/modsec diff --git a/static/builder b/static/builder index 1af71f0..877dfd2 100644 --- a/static/builder +++ b/static/builder @@ -7,6 +7,8 @@ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit- --lock-path=/var/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ +--with-pcre \ +--without-pcre2 \ --with-threads \ --with-file-aio \ --with-http_ssl_module \ diff --git a/static/mod/mod_builder.sh b/static/mod/mod_builder.sh new file mode 100644 index 0000000..3b76699 --- /dev/null +++ b/static/mod/mod_builder.sh @@ -0,0 +1,74 @@ +#!/bin/bash +export NGINX="1.23.1" +sudo apt-get install libpcre2-dev mercurial -y +cd /opt/mod/; git clone https://github.com/vision5/ngx_devel_kit.git ngx_devel_kit +cd /opt/mod/; git clone https://github.com/apache/incubator-pagespeed-ngx.git pagespeed +cd /opt/mod/; git clone https://github.com/leev/ngx_http_geoip2_module.git geoip2 +cd /opt/mod/; git clone https://github.com/nbs-system/naxsi.git naxsi; cd /opt/mod/naxsi; git reset --hard 304e66d; wget https://patch-diff.githubusercontent.com/raw/nbs-system/naxsi/pull/598.patch; patch -p1 < 598.patch +cd /opt/mod/; git clone https://github.com/SpiderLabs/ModSecurity-nginx.git ModSecurity-nginx +cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli +cd /opt/mod/; git clone https://github.com/winshining/nginx-http-flv-module.git flv_mod +cd /opt/mod/; git clone https://github.com/openresty/headers-more-nginx-module.git headers_more +cd /opt/mod/; hg clone http://hg.nginx.org/njs njs +cd /opt/mod/; git clone https://github.com/openresty/lua-nginx-module.git lua +cd /opt/mod/; git clone https://github.com/openresty/set-misc-nginx-module.git misc +cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie + +cd /opt/mod/ngx_brotli && git submodule update --init +cd /opt/mod/pagespeed; wget https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz; tar -xzvf 1.13.35.2-x64.tar.gz; rm -Rf 1.13.35.2-x64.tar.gz + +rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz +cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch +cd /opt/nginx-${NGINX}/ +LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-pcre \ +--without-pcre2 \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib" \ +--add-dynamic-module=/opt/mod/ngx_devel_kit \ +--add-dynamic-module=/opt/mod/misc \ +--add-dynamic-module=/opt/mod/naxsi/naxsi_src \ +--add-dynamic-module=/opt/mod/ngx_brotli \ +--add-dynamic-module=/opt/mod/pagespeed \ +--add-dynamic-module=/opt/mod/geoip2 \ +--add-dynamic-module=/opt/mod/ModSecurity-nginx \ +--add-dynamic-module=/opt/mod/flv_mod \ +--add-dynamic-module=/opt/mod/headers_more \ +--add-dynamic-module=/opt/mod/njs/nginx \ +--add-dynamic-module=/opt/mod/lua \ +--add-dynamic-module=/opt/mod/testcookie +make modules diff --git a/static/mod/ndk_http_module.so b/static/mod/ndk_http_module.so index f22179c..3332694 100755 Binary files a/static/mod/ndk_http_module.so and b/static/mod/ndk_http_module.so differ diff --git a/static/mod/ngx_http_brotli_filter_module.so b/static/mod/ngx_http_brotli_filter_module.so index a1cf1f8..fd1a370 100755 Binary files a/static/mod/ngx_http_brotli_filter_module.so and b/static/mod/ngx_http_brotli_filter_module.so differ diff --git a/static/mod/ngx_http_brotli_static_module.so b/static/mod/ngx_http_brotli_static_module.so index 2661687..38ad802 100755 Binary files a/static/mod/ngx_http_brotli_static_module.so and b/static/mod/ngx_http_brotli_static_module.so differ diff --git a/static/mod/ngx_http_flv_live_module.so b/static/mod/ngx_http_flv_live_module.so index ac607e6..cbf5fca 100755 Binary files a/static/mod/ngx_http_flv_live_module.so and b/static/mod/ngx_http_flv_live_module.so differ diff --git a/static/mod/ngx_http_geoip2_module.so b/static/mod/ngx_http_geoip2_module.so index 2ce6bcf..f9eb9b8 100755 Binary files a/static/mod/ngx_http_geoip2_module.so and b/static/mod/ngx_http_geoip2_module.so differ diff --git a/static/mod/ngx_http_headers_more_filter_module.so b/static/mod/ngx_http_headers_more_filter_module.so index 76bbfd2..1921a2e 100755 Binary files a/static/mod/ngx_http_headers_more_filter_module.so and b/static/mod/ngx_http_headers_more_filter_module.so differ diff --git a/static/mod/ngx_http_js_module.so b/static/mod/ngx_http_js_module.so index 41f7d13..c475e0c 100755 Binary files a/static/mod/ngx_http_js_module.so and b/static/mod/ngx_http_js_module.so differ diff --git a/static/mod/ngx_http_lua_module.so b/static/mod/ngx_http_lua_module.so index 8b928fc..577cbee 100755 Binary files a/static/mod/ngx_http_lua_module.so and b/static/mod/ngx_http_lua_module.so differ diff --git a/static/mod/ngx_http_modsecurity_module.so b/static/mod/ngx_http_modsecurity_module.so index 997ead4..a056c33 100755 Binary files a/static/mod/ngx_http_modsecurity_module.so and b/static/mod/ngx_http_modsecurity_module.so differ diff --git a/static/mod/ngx_http_naxsi_module.so b/static/mod/ngx_http_naxsi_module.so index ea9c966..b9a8fc0 100755 Binary files a/static/mod/ngx_http_naxsi_module.so and b/static/mod/ngx_http_naxsi_module.so differ diff --git a/static/mod/ngx_http_set_misc_module.so b/static/mod/ngx_http_set_misc_module.so index fb6c859..e362a35 100755 Binary files a/static/mod/ngx_http_set_misc_module.so and b/static/mod/ngx_http_set_misc_module.so differ diff --git a/static/mod/ngx_http_testcookie_access_module.so b/static/mod/ngx_http_testcookie_access_module.so index 124ee68..579812b 100755 Binary files a/static/mod/ngx_http_testcookie_access_module.so and b/static/mod/ngx_http_testcookie_access_module.so differ diff --git a/static/mod/ngx_pagespeed.so b/static/mod/ngx_pagespeed.so index a9e2544..54a6f40 100755 Binary files a/static/mod/ngx_pagespeed.so and b/static/mod/ngx_pagespeed.so differ diff --git a/static/mod/ngx_php8-0.so b/static/mod/ngx_php8-0.so deleted file mode 100644 index 8fc9757..0000000 Binary files a/static/mod/ngx_php8-0.so and /dev/null differ diff --git a/static/mod/ngx_php8-1.so b/static/mod/ngx_php8-1.so deleted file mode 100644 index 02cd6d3..0000000 Binary files a/static/mod/ngx_php8-1.so and /dev/null differ diff --git a/static/mod/ngx_stream_geoip2_module.so b/static/mod/ngx_stream_geoip2_module.so index ebf1547..4e94923 100755 Binary files a/static/mod/ngx_stream_geoip2_module.so and b/static/mod/ngx_stream_geoip2_module.so differ diff --git a/static/mod/ngx_stream_js_module.so b/static/mod/ngx_stream_js_module.so index 7a420d4..e539476 100755 Binary files a/static/mod/ngx_stream_js_module.so and b/static/mod/ngx_stream_js_module.so differ