diff --git a/.gitea/workflows/build-publish.yml b/.gitea/workflows/build-publish.yml index 7069633..3b705e2 100644 --- a/.gitea/workflows/build-publish.yml +++ b/.gitea/workflows/build-publish.yml @@ -59,12 +59,7 @@ jobs: "${PKG_DIR}/etc/systemd/system" "${PKG_DIR}/var/log/nginx" \ "${PKG_DIR}/usr/lib" \ "${PKG_DIR}/hostdata/default/public_html" \ - "${PKG_DIR}/usr/nginx_lua" \ - "${PKG_DIR}/usr/local/nginx/client_body_temp" \ - "${PKG_DIR}/usr/local/nginx/proxy_temp" \ - "${PKG_DIR}/usr/local/nginx/fastcgi_temp" \ - "${PKG_DIR}/usr/local/nginx/uwsgi_temp" \ - "${PKG_DIR}/usr/local/nginx/scgi_temp" + "${PKG_DIR}/usr/nginx_lua" cp /usr/sbin/nginx "${PKG_DIR}/usr/sbin/" cp -R /nginx/* "${PKG_DIR}/nginx/" || true @@ -99,16 +94,11 @@ jobs: cat > "${DEB_DIR}/postinst" <<'EOFPOSTINST' #!/bin/bash - useradd -r -d /usr/local/nginx -s /bin/false nginx 2>/dev/null || true - install -d -o nginx -g nginx -m 0755 \ - /usr/local/nginx \ - /usr/local/nginx/client_body_temp \ - /usr/local/nginx/proxy_temp \ - /usr/local/nginx/fastcgi_temp \ - /usr/local/nginx/uwsgi_temp \ - /usr/local/nginx/scgi_temp \ - /var/log/nginx - chown -R nginx:nginx /var/log/nginx /nginx /usr/local/nginx 2>/dev/null || true + useradd -r -s /bin/false nginx 2>/dev/null || true + install -d -o nginx -g nginx -m 0755 /var/log/nginx + # /run/nginx/temp/* is recreated on every systemd start (ExecStartPre) + # since /run is tmpfs and cleared on reboot. + chown -R nginx:nginx /var/log/nginx /nginx 2>/dev/null || true systemctl daemon-reload 2>/dev/null || true systemctl enable nginx.service 2>/dev/null || true systemctl restart nginx.service 2>/dev/null || true diff --git a/.gitignore b/.gitignore index 24145d1..9cc89fa 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ .creds .workers .local +.pi Dockerfile docker-compose.yaml docker-compose.yml diff --git a/build/raccoon.sh b/build/raccoon.sh index 20d5c47..8440004 100644 --- a/build/raccoon.sh +++ b/build/raccoon.sh @@ -263,9 +263,14 @@ test_nginx() { --conf-path=/nginx/nginx.conf \ --modules-path=/nginx/modules \ --pid-path=/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ + --lock-path=/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ + --http-client-body-temp-path=/run/nginx/temp/client_body \ + --http-proxy-temp-path=/run/nginx/temp/proxy \ + --http-fastcgi-temp-path=/run/nginx/temp/fastcgi \ + --http-uwsgi-temp-path=/run/nginx/temp/uwsgi \ + --http-scgi-temp-path=/run/nginx/temp/scgi \ --with-pcre \ --with-pcre-jit \ --with-pcre=/opt/mod/pcre2-${SYSTEM_PCRE} \ @@ -321,9 +326,14 @@ function build() { --conf-path=/nginx/nginx.conf \ --modules-path=/nginx/modules \ --pid-path=/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ + --lock-path=/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ + --http-client-body-temp-path=/run/nginx/temp/client_body \ + --http-proxy-temp-path=/run/nginx/temp/proxy \ + --http-fastcgi-temp-path=/run/nginx/temp/fastcgi \ + --http-uwsgi-temp-path=/run/nginx/temp/uwsgi \ + --http-scgi-temp-path=/run/nginx/temp/scgi \ --with-pcre \ --with-pcre-jit \ --with-pcre=/opt/mod/pcre2-${SYSTEM_PCRE} \ diff --git a/build/trixie.sh b/build/trixie.sh index 4cac7fa..3e4bec4 100644 --- a/build/trixie.sh +++ b/build/trixie.sh @@ -263,9 +263,14 @@ test_nginx() { --conf-path=/nginx/nginx.conf \ --modules-path=/nginx/modules \ --pid-path=/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ + --lock-path=/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ + --http-client-body-temp-path=/run/nginx/temp/client_body \ + --http-proxy-temp-path=/run/nginx/temp/proxy \ + --http-fastcgi-temp-path=/run/nginx/temp/fastcgi \ + --http-uwsgi-temp-path=/run/nginx/temp/uwsgi \ + --http-scgi-temp-path=/run/nginx/temp/scgi \ --with-pcre \ --with-pcre-jit \ --with-pcre=/opt/mod/pcre2-${SYSTEM_PCRE} \ @@ -321,9 +326,14 @@ function build() { --conf-path=/nginx/nginx.conf \ --modules-path=/nginx/modules \ --pid-path=/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ + --lock-path=/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ + --http-client-body-temp-path=/run/nginx/temp/client_body \ + --http-proxy-temp-path=/run/nginx/temp/proxy \ + --http-fastcgi-temp-path=/run/nginx/temp/fastcgi \ + --http-uwsgi-temp-path=/run/nginx/temp/uwsgi \ + --http-scgi-temp-path=/run/nginx/temp/scgi \ --with-pcre \ --with-pcre-jit \ --with-pcre=/opt/mod/pcre2-${SYSTEM_PCRE} \ diff --git a/static/Raccoon/nginx.service b/static/Raccoon/nginx.service index 3546977..7fc2ad6 100644 --- a/static/Raccoon/nginx.service +++ b/static/Raccoon/nginx.service @@ -4,14 +4,15 @@ After=syslog.target network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] -Type=notify -NotifyAccess=main +Type=forking PIDFile=/run/nginx.pid Environment=LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2 -ExecStartPre=/usr/bin/install -d -o nginx -g nginx -m 0755 /usr/local/nginx /usr/local/nginx/client_body_temp /usr/local/nginx/proxy_temp /usr/local/nginx/fastcgi_temp /usr/local/nginx/uwsgi_temp /usr/local/nginx/scgi_temp /var/log/nginx +ExecStartPre=/usr/bin/install -d -o nginx -g nginx -m 0755 /run/nginx/temp /run/nginx/temp/client_body /run/nginx/temp/proxy /run/nginx/temp/fastcgi /run/nginx/temp/uwsgi /run/nginx/temp/scgi /var/log/nginx ExecStartPre=/usr/sbin/nginx -t -ExecStart=/usr/sbin/nginx -ExecReload=/usr/sbin/nginx -s reload +ExecStart=/usr/sbin/nginx -c /nginx/nginx.conf +ExecReload=/bin/sh -c "/bin/kill -s HUP $(/bin/cat /run/nginx.pid)" +ExecStop=/bin/sh -c "/bin/kill -s QUIT $(/bin/cat /run/nginx.pid)" +TimeoutStartSec=10 LimitNOFILE=65535 [Install] diff --git a/static/Trixie/nginx.service b/static/Trixie/nginx.service index 3546977..7fc2ad6 100644 --- a/static/Trixie/nginx.service +++ b/static/Trixie/nginx.service @@ -4,14 +4,15 @@ After=syslog.target network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] -Type=notify -NotifyAccess=main +Type=forking PIDFile=/run/nginx.pid Environment=LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2 -ExecStartPre=/usr/bin/install -d -o nginx -g nginx -m 0755 /usr/local/nginx /usr/local/nginx/client_body_temp /usr/local/nginx/proxy_temp /usr/local/nginx/fastcgi_temp /usr/local/nginx/uwsgi_temp /usr/local/nginx/scgi_temp /var/log/nginx +ExecStartPre=/usr/bin/install -d -o nginx -g nginx -m 0755 /run/nginx/temp /run/nginx/temp/client_body /run/nginx/temp/proxy /run/nginx/temp/fastcgi /run/nginx/temp/uwsgi /run/nginx/temp/scgi /var/log/nginx ExecStartPre=/usr/sbin/nginx -t -ExecStart=/usr/sbin/nginx -ExecReload=/usr/sbin/nginx -s reload +ExecStart=/usr/sbin/nginx -c /nginx/nginx.conf +ExecReload=/bin/sh -c "/bin/kill -s HUP $(/bin/cat /run/nginx.pid)" +ExecStop=/bin/sh -c "/bin/kill -s QUIT $(/bin/cat /run/nginx.pid)" +TimeoutStartSec=10 LimitNOFILE=65535 [Install]