Merge pull request #28 from theraw/ubuntu22-lua-fix

Ubuntu22 lua fix
2022-12-29 03:37:53 +01:00
parent 83031c5cf3 af0624c015
commit d0afbccb09
38 changed files with 226 additions and 295 deletions
@@ -1,54 +1,25 @@
-FROM ubuntu:20.04
-ARG NGINX="1.21.6"
-RUN apt-get update; apt-get update -y; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y
-RUN set -eux; \
-    export DEBIAN_FRONTEND=noninteractive; \
-    apt-get install -y \
-        libtool \
-        pkg-config \
-        sudo \
-        tzdata \
-        wget \
-        curl \
-        zip \
-        unzip \
-        git \
-        build-essential \
-        patch \
-        libssl-dev \
-        bash \
-        supervisor \
-        libyajl-dev \
-        ssdeep \
-        zlib1g-dev \
-        libxslt1-dev \
-        libgd-dev \
-        libgeoip-dev \
-        liblmdb-dev \
-        libfuzzy-dev \
-        libmaxminddb-dev \
-        liblua5.2-dev \
-        libcurl4-openssl-dev \
-        libxml2  \
-        libxml2-dev \
-        libpcre3-dev \
-        python \
-        rsyslog \
-        systemd \
-        systemd-sysv \
-        ; \
-    rm -rf /var/lib/apt/lists/*; \
-    :
-RUN mkdir -p /opt/mod/ && cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20220310.tar.gz && cd /opt/mod && tar xf v2.1-20220310.tar.gz; rm -Rf v2.1-20220310.tar.gz && cd /opt/mod/luajit2-2.1-20220310/ && make install PREFIX=/usr/local/LuaJIT && ldconfig && rm -Rf /opt/mod/luajit2-2.1-20220310/; cd /opt/mod && git clone https://github.com/SpiderLabs/ModSecurity && cd /opt/mod/ModSecurity && sh build.sh && cd /opt/mod/ModSecurity && git submodule init && git submodule update && cd /opt/mod/ModSecurity && ./configure && make -j`nproc` && make install && rm -Rf /opt/mod/ModSecurity; curl -s https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/v1.5.4260/files/docker/systemctl.py > /usr/bin/fake-systemctl
-RUN set -eux; \
-    sed -i \
-        -e '/^\s*logg.error("the ..include. syntax is deprecated. Use x.service.d. drop-in files!")$/d' \
-        -e '/Loaded:/ s/({filename}, {enabled})/({filename}; {enabled})/' \
-        /usr/bin/fake-systemctl; \
-    chmod 755 /usr/bin/fake-systemctl; \
-    :
-RUN dpkg-divert --divert /bin/systemctl.real --rename --add /bin/systemctl; ln -snf /usr/bin/fake-systemctl /bin/systemctl
-RUN cd /opt/ && wget https://nginx.org/download/nginx-${NGINX}.tar.gz && tar xf nginx-${NGINX}.tar.gz && rm -Rf nginx-${NGINX}.tar.gz; cd /opt/nginx-${NGINX}; curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > /opt/nginx-${NGINX}/hpack_push.patch; cd /opt/nginx-${NGINX}; patch -p1 < /opt/nginx-${NGINX}/hpack_push.patch; cd /opt/nginx-${NGINX}; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/builder > builder; bash builder; cd /opt/nginx-${NGINX} && make -j`nproc`; cd /opt/nginx-${NGINX} && make install; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.service.Focal > /lib/systemd/system/nginx.service; rm -Rf /nginx/*.default; useradd nginx && usermod -s /bin/false nginx
-RUN mkdir -p /nginx/modules; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so; cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so; mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf; curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf; mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default; mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html; mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js
+# Ubuntu 22.04 image with lua/modsecurity lib, required deps and resty core scripts.
+FROM theraw/the-world-is-yours:ubuntu2204-base
+
+ARG NGINX="1.22.1"
+ARG JAMMY_VERSION_NGINX="1.22.1"
+ARG JAMMY_VERSION_LUA="2.1-20220915"
+ARG JAMMY_VERSION_NGX_LUA="0.10.22"
+ARG JAMMY_VERSION_NGX_RESTY_CORE="0.1.24"
+ARG JAMMY_VERSION_NGX_RESTY_LRUCACHE="0.13"
+ARG JAMMY_VERSION_NGX_MODSECURITY="3.0.8"
+ARG LUA_SCRIPTS="/usr/twiylua/"
+ARG NGX_DEVEL_KIT="0.3.2"
+ARG NGX_PAGESPEED="1.13.35.2"
+ARG NGX_PAGESPEED_PSOL="1.13.35.2-x64"
+ARG NGX_GEOIP2="3.4"
+ARG NGX_MODSECURITY="1.0.3"
+ARG NGX_HTTP_FLV="1.2.10"
+ARG NGX_HEADERS_MORE="0.34"
+ARG NGX_LUA="0.10.22"
+ARG NGX_SET_MISC="0.33"
+
+RUN cd /opt/ && wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz && tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz && rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz; cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch; cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/Builder.sh > builder; bash builder; cd /opt/nginx-${JAMMY_VERSION_NGINX} && make -j`nproc`; cd /opt/nginx-${JAMMY_VERSION_NGINX} && make install; rm -Rf /nginx/*.default; useradd nginx && usermod -s /bin/false nginx
+RUN mkdir -p /nginx/modules
 RUN curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/docker/supervisord.conf > /etc/supervisor/supervisord.conf
 CMD ["/usr/bin/supervisord","-c", "/etc/supervisor/supervisord.conf"]
@@ -10,15 +10,16 @@ Now easier then before, you will have to compile only Nginx, Rest of modules com
 - [x] Naxsi Support.
 - [x] Lua Support.
 - [x] Cookie Based Challenge.
- - [x] [ALL MOD LIST](https://github.com/theraw/The-World-Is-Yours/tree/master/static/mod)
- - [x] [View nginx compile options](https://github.com/theraw/The-World-Is-Yours/blob/master/static/builder)
+ - [x] [MOD LIST X Ubuntu 20.04](https://github.com/theraw/The-World-Is-Yours/tree/master/static/Focal/mod)
+ - [x] [MOD LIST X Ubuntu 22.04](https://github.com/theraw/The-World-Is-Yours/tree/master/static/Jammy/mod)
+ - [x] [View nginx compile options](https://github.com/theraw/The-World-Is-Yours/blob/master/static/Jammy/Builder.sh)
 
-How do these 3 modules work together? Well L7 will block all or most of bots, however modSecurity and Naxsi take priority over cookie challenge!
-So if its a offensive request that modsecurity or naxsi detect it as such then these 2 will deal with that request otherwise cookie challenge will appear.
+How do these 3 modules work together? L7 will block all or most of bots, ModSecurity and Naxsi take priority over cookie challenge!
+So if its a offensive request that Modsecurity or Naxsi detect it as such then these 2 will deal with that request otherwise cookie challenge will appear.

 ## INSTALLATION

-1. **`apt-get install build-essential libssl-dev curl nano wget zip unzip sudo git psmisc -y`**
+1. **`apt-get update; apt-get -y install build-essential libssl-dev curl nano wget zip unzip sudo git psmisc tar`**

 2. **`curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/install > install; bash install`**

@@ -33,6 +34,8 @@ So if its a offensive request that modsecurity or naxsi detect it as such then t
 => --sbin-path      = /usr/sbin/nginx
 => --error-log-path = /var/log/nginx/error.log

+LUA RESTY CORE SCRIPTS = /usr/twiylua/
+
 // YOUR NGINX IS LOCATED AT /nginx NOT /etc/nginx
 ```

@@ -40,7 +43,7 @@ So if its a offensive request that modsecurity or naxsi detect it as such then t
 ## KEEP IN MIND!
 1. You're trading perfomance for security.
 2. If your server provider does not have anti-ddos your IPTABLES will fail to keep the bans, and your server may be offline in cases of big attacks.
-3. This is not a free script that will do everything for you. Read Modules Documentations about how to get the best out of them.
+3. This is not a script that with one command your ddos problem is fixed, there's no such thing for L7 attacks as they change and new methods come out very often and no one has any ideas where your server is lacking security so this script is a basic thing more advanced protection require knowledge, monitoring logs, and applying filters in order to automatically ban attackers, this project is suggested to run with fail2ban + iptables.

 ## Contributors

@@ -1,5 +1,5 @@
 #!/bin/bash
-curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/theraw-broken-lua/version > /tmp/version; source /tmp/version
+curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/version > /tmp/version; source /tmp/version
 case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
      focal)
             if [ "$(whoami)" != "root" ]
@@ -97,7 +97,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             # Start
             unset NGINX
             killall nginx
-             adduser nginx --shell=/bin/false --no-create-home
+             useradd nginx && usermod -s /bin/false nginx
             systemctl enable nginx
             systemctl daemon-reload
             systemctl enable nginx
@@ -147,47 +147,47 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             apt-get install libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev liblua5.2-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev -y

             mkdir -p /opt/mod/
-             #Luajit 2.1
-             cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20220310.tar.gz
-             cd /opt/mod && tar xf v2.1-20220310.tar.gz; rm -Rf v2.1-20220310.tar.gz
-             cd /opt/mod/luajit2-2.1-20220310/ && make install PREFIX=/usr/local/LuaJIT && ldconfig
-             rm -Rf /opt/mod/luajit2-2.1-20220310/
+             cd /opt/mod && wget https://github.com/openresty/luajit2/archive/refs/tags/v${JAMMY_VERSION_LUA}.tar.gz
+             cd /opt/mod && tar xf v${JAMMY_VERSION_LUA}.tar.gz && rm -Rf v${JAMMY_VERSION_LUA}.tar.gz
+             cd /opt/mod/luajit2-${JAMMY_VERSION_LUA}/ && make install PREFIX=/usr/local/LuaJIT && ldconfig
+             rm -Rf /opt/mod/luajit2-${JAMMY_VERSION_LUA}/

-             # ModSecurity
-             cd /opt/mod && git clone https://github.com/SpiderLabs/ModSecurity
-             cd /opt/mod/ModSecurity/ && git checkout -b v3/master origin/v3/master
-             cd /opt/mod/ModSecurity && sh build.sh
-             cd /opt/mod/ModSecurity && git submodule init && git submodule update
-             cd /opt/mod/ModSecurity && ./configure && make -j`nproc` && make install
+             cd /opt/mod && wget https://github.com/SpiderLabs/ModSecurity/releases/download/v${JAMMY_VERSION_NGX_MODSECURITY}/modsecurity-v${JAMMY_VERSION_NGX_MODSECURITY}.tar.gz
+             cd /opt/mod && tar xf modsecurity-v${JAMMY_VERSION_NGX_MODSECURITY}.tar.gz; rm -Rf modsecurity-v${JAMMY_VERSION_NGX_MODSECURITY}.tar.gz
+             cd /opt/mod/modsecurity-v${JAMMY_VERSION_NGX_MODSECURITY} && ./configure && make -j`nproc` && make install
+             
+             cd /opt/mod && wget https://github.com/openresty/lua-resty-core/archive/refs/tags/v${JAMMY_VERSION_NGX_RESTY_CORE}.tar.gz
+             cd /opt/mod && tar xf v${JAMMY_VERSION_NGX_RESTY_CORE}.tar.gz && rm -Rf v${JAMMY_VERSION_NGX_RESTY_CORE}.tar.gz
+             cd /opt/mod/lua-resty-core-${JAMMY_VERSION_NGX_RESTY_CORE} && make install PREFIX=${LUA_SCRIPTS}
+             
+             cd /opt/mod && wget https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v${JAMMY_VERSION_NGX_RESTY_LRUCACHE}.tar.gz
+             cd /opt/mod && tar xf v${JAMMY_VERSION_NGX_RESTY_LRUCACHE}.tar.gz && rm -Rf v${JAMMY_VERSION_NGX_RESTY_LRUCACHE}.tar.gz
+             cd /opt/mod/lua-resty-lrucache-${JAMMY_VERSION_NGX_RESTY_LRUCACHE} && make install PREFIX=${LUA_SCRIPTS}

             # Nginx
-             cd /opt/ && wget https://nginx.org/download/nginx-${NGINX}.tar.gz && tar xf nginx-${NGINX}.tar.gz && rm -Rf nginx-${NGINX}.tar.gz
-             cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
-             cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/builder > builder; bash builder
-             cd /opt/nginx-${NGINX} && make -j`nproc`
-             cd /opt/nginx-${NGINX} && make install
-             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.service.Focal > /lib/systemd/system/nginx.service
+             cd /opt/ && wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz && tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz && rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz
+             cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
+             cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/Builder.sh > builder; bash builder
+             cd /opt/nginx-${JAMMY_VERSION_NGINX} && make -j`nproc`
+             cd /opt/nginx-${JAMMY_VERSION_NGINX} && make install
+             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.service > /lib/systemd/system/nginx.service
             rm -Rf /nginx/*.default

             # Download Dynamic Modules
             mkdir -p /nginx/modules
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ndk_http_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_filter_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_brotli_static_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_flv_live_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_geoip2_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_headers_more_filter_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_js_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_lua_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_modsecurity_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_naxsi_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_set_misc_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_http_testcookie_access_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_pagespeed.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_geoip2_module.so
-             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_stream_js_module.so
-             #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-0.so
-             #cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/mod/ngx_php8-1.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ndk_http_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_brotli_filter_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_brotli_static_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_flv_live_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_geoip2_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_headers_more_filter_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_lua_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_modsecurity_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_naxsi_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_set_misc_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_http_testcookie_access_module.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_pagespeed.so
+             cd /nginx/modules && wget https://github.com/theraw/The-World-Is-Yours/raw/master/static/Jammy/mod/ngx_stream_geoip2_module.so

             # Fixes
             mkdir -p /nginx/modsec
@@ -196,7 +196,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf
             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf
             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping
-             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/nginx.conf > /nginx/nginx.conf
+             curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.conf > /nginx/nginx.conf
             mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default
             mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html
             mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js
@@ -205,7 +205,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in
             # Start
             unset NGINX
             killall nginx
-             adduser nginx --shell=/bin/false --no-create-home
+             useradd nginx && usermod -s /bin/false nginx
             systemctl enable nginx
             systemctl daemon-reload
             systemctl enable nginx
@@ -1,7 +1,7 @@
 #!/bin/bash
 curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/version > /tmp/version; source /tmp/version

-sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod; mkdir -p /opt/nginx
+sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod

 cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz
 cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz
@@ -5,8 +5,10 @@ pid /var/run/nginx.pid;
 worker_processes auto;
 worker_rlimit_nofile 65535;

-load_module /nginx/modules/ngx_http_modsecurity_module.so;
+load_module /nginx/modules/ndk_http_module.so;
+load_module /nginx/modules/ngx_http_lua_module.so;
 load_module /nginx/modules/ngx_http_naxsi_module.so;
+load_module /nginx/modules/ngx_http_modsecurity_module.so;
 load_module /nginx/modules/ngx_http_testcookie_access_module.so;

 events {
@@ -16,13 +18,16 @@ events {
 }

 http {
-    # uncomment lua_package_path if you plan to use ngx-lua module.
-    # scripts path of resty-core and lrucache is /usr/twiylua
-    #lua_package_path "/usr/twiylua/lib/lua/?.lua;;";
    # ////////////////////////////////////////////////////// #
-    # =================== START L7 ========================= #
+    # =================== LOAD LUA ========================= #
+    lua_package_path "/usr/twiylua/lib/lua/?.lua;;";
+    # =================== END LUA ========================== #
+    # ////////////////////////////////////////////////////// #
+    
+    # ////////////////////////////////////////////////////// #
+    # =================== LOAD L7 ========================== #
    include modsec/l7.conf;
-    # ===================== END L7 ========================= #
+    # =================== END L7 =========================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
@@ -30,20 +35,6 @@ http {
    log_format main '$remote_addr  |==| $status |==| $request |==| $time_local';
    # =================== END LOGS ========================= #
    # ////////////////////////////////////////////////////// #
-    
-    # ////////////////////////////////////////////////////// #
-    # ==================== BACKENDS ======================== #
-    map $http_upgrade $connection_upgrade {
-    default upgrade;
-    '' close;
-    }
-    # Example Of Backend
-    #upstream varnish {
-    #    zone tcp_servers 64k;
-    #    server 10.10.10.39:80;
-    #}
-    # =================== END BACKENDS ===================== #
-    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ==================== GENERAL ========================= #
@@ -66,7 +57,21 @@ http {
    include                        /nginx/mime.types;
    # =================== END GENERAL ====================== #
    # ////////////////////////////////////////////////////// #
-
+    
+    # ////////////////////////////////////////////////////// #
+    # ==================== BACKENDS ======================== #
+    map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+    }
+    # Example Of Backend
+    #upstream varnish {
+    #    zone tcp_servers 64k;
+    #    server 10.10.10.39:80;
+    #}
+    # =================== END BACKENDS ===================== #
+    # ////////////////////////////////////////////////////// #
+    
    # ////////////////////////////////////////////////////// #
    # ================ LOAD VHOST +CONFIGS ================= #
    include live/*;
@@ -1,4 +1,4 @@
-LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \
+./configure --with-compat \
 --user=nginx                                      \
 --group=nginx                                     \
 --sbin-path=/usr/sbin/nginx                       \
@@ -7,8 +7,6 @@ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-
 --lock-path=/var/run/nginx.lock                   \
 --error-log-path=/var/log/nginx/error.log         \
 --http-log-path=/var/log/nginx/access.log         \
--with-pcre                                       \
--without-pcre2                                   \
 --with-threads                                    \
 --with-file-aio                                   \
 --with-http_ssl_module                            \
@@ -36,4 +34,5 @@ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-
 --with-stream_realip_module                       \
 --with-stream_geoip_module                        \
 --with-http_v2_hpack_enc                          \
--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib"
+--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \
+--with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre"
@@ -0,0 +1,89 @@
+#!/bin/bash
+curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/version > /tmp/version; source /tmp/version
+
+sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod
+
+cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz
+cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz
+
+cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz
+cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz
+cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz
+
+cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz
+cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz
+
+cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz
+cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz
+
+cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz
+cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz
+cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz
+cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz
+
+cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz
+cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz
+
+cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie
+cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init
+cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi
+
+
+
+rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz
+cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
+cd /opt/nginx-${NGINX}/
+LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \
+--user=nginx                                      \
+--group=nginx                                     \
+--sbin-path=/usr/sbin/nginx                       \
+--conf-path=/nginx/nginx.conf                     \
+--pid-path=/var/run/nginx.pid                     \
+--lock-path=/var/run/nginx.lock                   \
+--error-log-path=/var/log/nginx/error.log         \
+--http-log-path=/var/log/nginx/access.log         \
+--with-threads                                    \
+--with-file-aio                                   \
+--with-http_ssl_module                            \
+--with-http_v2_module                             \
+--with-http_realip_module                         \
+--with-http_addition_module                       \
+--with-http_xslt_module                           \
+--with-http_image_filter_module                   \
+--with-http_geoip_module                          \
+--with-http_sub_module                            \
+--with-http_dav_module                            \
+--with-http_flv_module                            \
+--with-http_mp4_module                            \
+--with-http_gunzip_module                         \
+--with-http_gzip_static_module                    \
+--with-http_auth_request_module                   \
+--with-http_random_index_module                   \
+--with-http_secure_link_module                    \
+--with-http_slice_module                          \
+--with-http_stub_status_module                    \
+--with-mail                                       \
+--with-mail_ssl_module                            \
+--with-stream                                     \
+--with-stream_ssl_module                          \
+--with-stream_realip_module                       \
+--with-stream_geoip_module                        \
+--with-http_v2_hpack_enc                          \
+--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \
+--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \
+--add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \
+--add-dynamic-module=/opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} \
+--add-dynamic-module=/opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} \
+--add-dynamic-module=/opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable \
+--add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} \
+--add-dynamic-module=/opt/mod/naxsi/naxsi_src \
+--add-dynamic-module=/opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} \
+--add-dynamic-module=/opt/mod/ngx_brotli \
+--add-dynamic-module=/opt/mod/ngx_http_geoip2_module-${NGX_GEOIP2} \
+--add-dynamic-module=/opt/mod/set-misc-nginx-module-${NGX_SET_MISC} \
+--add-dynamic-module=/opt/mod/testcookie
+make -j`nproc` modules
@@ -1,13 +1,14 @@
 # Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues
 # Problems?    => https://github.com/theraw/The-World-Is-Yours/issues
-# Errors?      => https://github.com/theraw/The-World-Is-Yours/issues
 user nginx;
 pid /var/run/nginx.pid;
 worker_processes auto;
 worker_rlimit_nofile 65535;

-load_module /nginx/modules/ngx_http_modsecurity_module.so;
+load_module /nginx/modules/ndk_http_module.so;
+load_module /nginx/modules/ngx_http_lua_module.so;
 load_module /nginx/modules/ngx_http_naxsi_module.so;
+load_module /nginx/modules/ngx_http_modsecurity_module.so;
 load_module /nginx/modules/ngx_http_testcookie_access_module.so;

 events {
@@ -18,37 +19,27 @@ events {

 http {
    # ////////////////////////////////////////////////////// #
-    # =================== START L7 ========================= #
-    # turn this 'on' if you want to use L7 For every domain hosted in your server
+    # =================== LOAD LUA ========================= #
+    lua_package_path "/usr/twiylua/lib/lua/?.lua;;";
+    # =================== END LUA ========================== #
+    # ////////////////////////////////////////////////////// #
+    
+    # ////////////////////////////////////////////////////// #
+    # =================== LOAD L7 ========================== #
    include modsec/l7.conf;
-    # ===================== END L7 ========================= #
+    # =================== END L7 =========================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ===================== LOGS =========================== #
    log_format main '$remote_addr  |==| $status |==| $request |==| $time_local';
-    # -------------------------------------------------------#
    # =================== END LOGS ========================= #
    # ////////////////////////////////////////////////////// #
-    
-    # ////////////////////////////////////////////////////// #
-    # ==================== BACKENDS ======================== #
-    map $http_upgrade $connection_upgrade {
-    default upgrade;
-    '' close;
-    }
-    # Example Of Backend
-    #upstream varnish {
-    #    zone tcp_servers 64k;
-    #    server 10.10.10.39:80;
-    #}
-    # =================== END BACKENDS ===================== #
-    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ==================== GENERAL ========================= #
-    client_body_buffer_size        1M;
-    client_header_buffer_size      1M;
+    client_body_buffer_size        2M;
+    client_header_buffer_size      2M;
    client_body_timeout            90s;
    client_header_timeout          90s;
    client_max_body_size           2M;
@@ -66,9 +57,23 @@ http {
    include                        /nginx/mime.types;
    # =================== END GENERAL ====================== #
    # ////////////////////////////////////////////////////// #
-
+    
    # ////////////////////////////////////////////////////// #
-    # =================== LOAD CONFIGS ===================== #
+    # ==================== BACKENDS ======================== #
+    map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+    }
+    # Example Of Backend
+    #upstream varnish {
+    #    zone tcp_servers 64k;
+    #    server 10.10.10.39:80;
+    #}
+    # =================== END BACKENDS ===================== #
+    # ////////////////////////////////////////////////////// #
+    
+    # ////////////////////////////////////////////////////// #
+    # ================ LOAD VHOST +CONFIGS ================= #
    include live/*;
    include modsec/naxi.core;
    # =================== END CONFIGS ====================== #
@@ -1,5 +1,5 @@
 [Nginx]
-Description=The NGINX HTTP and reverse proxy server
+Description=The World Is Yours HTTP Server
 After=syslog.target network-online.target remote-fs.target nss-lookup.target
 Wants=network-online.target
        
@@ -1,74 +0,0 @@
-#!/bin/bash
-export NGINX="1.22.1"
-sudo apt-get install libpcre2-dev mercurial -y
-cd /opt/mod/; git clone https://github.com/vision5/ngx_devel_kit.git ngx_devel_kit
-cd /opt/mod/; git clone https://github.com/apache/incubator-pagespeed-ngx.git pagespeed
-cd /opt/mod/; git clone https://github.com/leev/ngx_http_geoip2_module.git geoip2
-cd /opt/mod/; git clone https://github.com/nbs-system/naxsi.git naxsi; cd /opt/mod/naxsi; git reset --hard 304e66d; wget https://patch-diff.githubusercontent.com/raw/nbs-system/naxsi/pull/598.patch; patch -p1 < 598.patch
-cd /opt/mod/; git clone https://github.com/SpiderLabs/ModSecurity-nginx.git ModSecurity-nginx
-cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli
-cd /opt/mod/; git clone https://github.com/winshining/nginx-http-flv-module.git flv_mod
-cd /opt/mod/; git clone https://github.com/openresty/headers-more-nginx-module.git headers_more
-cd /opt/mod/; git clone https://github.com/openresty/lua-nginx-module.git lua
-cd /opt/mod/; git clone https://github.com/openresty/set-misc-nginx-module.git misc
-cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie
-cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi
-
-cd /opt/mod/ngx_brotli && git submodule update --init
-cd /opt/mod/pagespeed; wget https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz; tar -xzvf 1.13.35.2-x64.tar.gz; rm -Rf 1.13.35.2-x64.tar.gz
-
-rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz
-cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
-cd /opt/nginx-${NGINX}/
-LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \
--user=nginx                                      \
--group=nginx                                     \
--sbin-path=/usr/sbin/nginx                       \
--conf-path=/nginx/nginx.conf                     \
--pid-path=/var/run/nginx.pid                     \
--lock-path=/var/run/nginx.lock                   \
--error-log-path=/var/log/nginx/error.log         \
--http-log-path=/var/log/nginx/access.log         \
--with-pcre                                       \
--without-pcre2                                   \
--with-threads                                    \
--with-file-aio                                   \
--with-http_ssl_module                            \
--with-http_v2_module                             \
--with-http_realip_module                         \
--with-http_addition_module                       \
--with-http_xslt_module                           \
--with-http_image_filter_module                   \
--with-http_geoip_module                          \
--with-http_sub_module                            \
--with-http_dav_module                            \
--with-http_flv_module                            \
--with-http_mp4_module                            \
--with-http_gunzip_module                         \
--with-http_gzip_static_module                    \
--with-http_auth_request_module                   \
--with-http_random_index_module                   \
--with-http_secure_link_module                    \
--with-http_slice_module                          \
--with-http_stub_status_module                    \
--with-mail                                       \
--with-mail_ssl_module                            \
--with-stream                                     \
--with-stream_ssl_module                          \
--with-stream_realip_module                       \
--with-stream_geoip_module                        \
--with-http_v2_hpack_enc                          \
--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib"  \
--add-dynamic-module=/opt/mod/ngx_devel_kit       \
--add-dynamic-module=/opt/mod/misc                \
--add-dynamic-module=/opt/mod/naxsi/naxsi_src    \
--add-dynamic-module=/opt/mod/ngx_brotli          \
--add-dynamic-module=/opt/mod/pagespeed           \
--add-dynamic-module=/opt/mod/geoip2              \
--add-dynamic-module=/opt/mod/ModSecurity-nginx   \
--add-dynamic-module=/opt/mod/flv_mod             \
--add-dynamic-module=/opt/mod/headers_more        \
--add-dynamic-module=/opt/mod/njs/nginx           \
--add-dynamic-module=/opt/mod/lua                 \
--add-dynamic-module=/opt/mod/testcookie
-make -j`nproc` modules
@@ -1,74 +0,0 @@
-#!/bin/bash
-export NGINX="1.23.1"
-sudo apt-get install libpcre2-dev mercurial -y
-cd /opt/mod/; git clone https://github.com/vision5/ngx_devel_kit.git ngx_devel_kit
-cd /opt/mod/; git clone https://github.com/apache/incubator-pagespeed-ngx.git pagespeed
-cd /opt/mod/; git clone https://github.com/leev/ngx_http_geoip2_module.git geoip2
-cd /opt/mod/; git clone https://github.com/nbs-system/naxsi.git naxsi; cd /opt/mod/naxsi; git reset --hard 304e66d; wget https://patch-diff.githubusercontent.com/raw/nbs-system/naxsi/pull/598.patch; patch -p1 < 598.patch
-cd /opt/mod/; git clone https://github.com/SpiderLabs/ModSecurity-nginx.git ModSecurity-nginx
-cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli
-cd /opt/mod/; git clone https://github.com/winshining/nginx-http-flv-module.git flv_mod
-cd /opt/mod/; git clone https://github.com/openresty/headers-more-nginx-module.git headers_more
-cd /opt/mod/; hg clone http://hg.nginx.org/njs njs
-cd /opt/mod/; git clone https://github.com/openresty/lua-nginx-module.git lua
-cd /opt/mod/; git clone https://github.com/openresty/set-misc-nginx-module.git misc
-cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie
-
-cd /opt/mod/ngx_brotli && git submodule update --init
-cd /opt/mod/pagespeed; wget https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz; tar -xzvf 1.13.35.2-x64.tar.gz; rm -Rf 1.13.35.2-x64.tar.gz
-
-rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz
-cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch
-cd /opt/nginx-${NGINX}/
-LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \
--user=nginx                                      \
--group=nginx                                     \
--sbin-path=/usr/sbin/nginx                       \
--conf-path=/nginx/nginx.conf                     \
--pid-path=/var/run/nginx.pid                     \
--lock-path=/var/run/nginx.lock                   \
--error-log-path=/var/log/nginx/error.log         \
--http-log-path=/var/log/nginx/access.log         \
--with-pcre                                       \
--without-pcre2                                   \
--with-threads                                    \
--with-file-aio                                   \
--with-http_ssl_module                            \
--with-http_v2_module                             \
--with-http_realip_module                         \
--with-http_addition_module                       \
--with-http_xslt_module                           \
--with-http_image_filter_module                   \
--with-http_geoip_module                          \
--with-http_sub_module                            \
--with-http_dav_module                            \
--with-http_flv_module                            \
--with-http_mp4_module                            \
--with-http_gunzip_module                         \
--with-http_gzip_static_module                    \
--with-http_auth_request_module                   \
--with-http_random_index_module                   \
--with-http_secure_link_module                    \
--with-http_slice_module                          \
--with-http_stub_status_module                    \
--with-mail                                       \
--with-mail_ssl_module                            \
--with-stream                                     \
--with-stream_ssl_module                          \
--with-stream_realip_module                       \
--with-stream_geoip_module                        \
--with-http_v2_hpack_enc                          \
--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib"  \
--add-dynamic-module=/opt/mod/ngx_devel_kit       \
--add-dynamic-module=/opt/mod/misc                \
--add-dynamic-module=/opt/mod/naxsi/naxsi_src    \
--add-dynamic-module=/opt/mod/ngx_brotli          \
--add-dynamic-module=/opt/mod/pagespeed           \
--add-dynamic-module=/opt/mod/geoip2              \
--add-dynamic-module=/opt/mod/ModSecurity-nginx   \
--add-dynamic-module=/opt/mod/flv_mod             \
--add-dynamic-module=/opt/mod/headers_more        \
--add-dynamic-module=/opt/mod/njs/nginx           \
--add-dynamic-module=/opt/mod/lua                 \
--add-dynamic-module=/opt/mod/testcookie
-make modules
@@ -10,6 +10,13 @@ export FOCAL_VERSION_NGX_RESTY_CORE="0.1.24"
 export FOCAL_VERSION_NGX_RESTY_LRUCACHE="0.13"
 export FOCAL_VERSION_NGX_MODSECURITY="3.0.8"

+export JAMMY_VERSION_NGINX="1.22.1"
+export JAMMY_VERSION_LUA="2.1-20220915"
+export JAMMY_VERSION_NGX_LUA="0.10.22"
+export JAMMY_VERSION_NGX_RESTY_CORE="0.1.24"
+export JAMMY_VERSION_NGX_RESTY_LRUCACHE="0.13"
+export JAMMY_VERSION_NGX_MODSECURITY="3.0.8"
+
 export NGX_DEVEL_KIT="0.3.2"
 export NGX_PAGESPEED="1.13.35.2"
 export NGX_PAGESPEED_PSOL="1.13.35.2-x64"