diff --git a/Dockerfile b/Dockerfile index 828e3e1..26aba7a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,6 +8,9 @@ ARG JAMMY_VERSION_NGX_LUA="0.10.22" ARG JAMMY_VERSION_NGX_RESTY_CORE="0.1.24" ARG JAMMY_VERSION_NGX_RESTY_LRUCACHE="0.13" ARG JAMMY_VERSION_NGX_MODSECURITY="3.0.8" +ARG JAMMY_PCRE="10.42" +ARG JAMMY_OPENSSL="3.0.2" +ARG JAMMY_ZLIB="1.2.13" ARG LUA_SCRIPTS="/usr/twiylua/" ARG NGX_DEVEL_KIT="0.3.2" ARG NGX_PAGESPEED="1.13.35.2" @@ -19,7 +22,48 @@ ARG NGX_HEADERS_MORE="0.34" ARG NGX_LUA="0.10.22" ARG NGX_SET_MISC="0.33" -RUN cd /opt/ && wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz && tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz && rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz; cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch; cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/Builder.sh > builder; bash builder; cd /opt/nginx-${JAMMY_VERSION_NGINX} && make -j`nproc`; cd /opt/nginx-${JAMMY_VERSION_NGINX} && make install; rm -Rf /nginx/*.default; useradd nginx && usermod -s /bin/false nginx -RUN mkdir -p /nginx/modules && mkdir -p /tmp && cd /tmp && wget https://github.com/theraw/The-World-Is-Yours/archive/refs/tags/0.0.1.tar.gz; tar xf 0.0.1.tar.gz; rm -Rf 0.0.1.tar.gz; cp -a /tmp/The-World-Is-Yours-0.0.1/static/Jammy/mod/*.so /nginx/modules/; rm -Rf /tmp/The-World-Is-Yours-0.0.1; mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf; curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.conf > /nginx/nginx.conf; mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default; mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html; mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js -RUN apt-get update; apt-get install supervisor -y; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/docker/supervisord.conf > /etc/supervisor/supervisord.conf +RUN apt-get update; apt-get install supervisor make cmake automake autoconf unzip -y; cd /opt/mod && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${JAMMY_PCRE}.tar.gz; cd /opt/mod && tar xf pcre2-${JAMMY_PCRE}.tar.gz; rm -Rf pcre2-${JAMMY_PCRE}.tar.gz; cd /opt/mod/pcre2-pcre2-${JAMMY_PCRE} && ./autogen.sh; cd /opt/mod && wget https://github.com/openssl/openssl/archive/refs/tags/openssl-${JAMMY_OPENSSL}.tar.gz; cd /opt/mod && tar xf openssl-${JAMMY_OPENSSL}.tar.gz; rm -Rf openssl-${JAMMY_OPENSSL}.tar.gz; cd /opt/mod && wget http://zlib.net/zlib-${JAMMY_ZLIB}.tar.gz; cd /opt/mod && tar xf zlib-${JAMMY_ZLIB}.tar.gz; rm -Rf zlib-${JAMMY_ZLIB}.tar.gz; cd /opt/ && wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz && tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz && rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz && cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch +RUN cd /opt/nginx-${JAMMY_VERSION_NGINX} && ./configure --with-compat \ + --user=nginx \ + --group=nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/nginx/nginx.conf \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --with-openssl=/opt/mod/openssl-openssl-${JAMMY_OPENSSL} \ + --with-pcre \ + --with-pcre=/opt/mod/pcre2-pcre2-${JAMMY_PCRE} \ + --with-zlib=/opt/mod/zlib-${JAMMY_ZLIB} \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_xslt_module \ + --with-http_image_filter_module \ + --with-http_geoip_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_auth_request_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_stub_status_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module \ + --with-http_v2_hpack_enc \ + --with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ + --with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" +RUN cd /opt/nginx-${JAMMY_VERSION_NGINX} && make -j`nproc` && make install; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.service > /lib/systemd/system/nginx.service; rm -Rf /nginx/*.default; useradd nginx && usermod -s /bin/false nginx; mkdir -p /nginx/modules && mkdir -p /tmp && cd /tmp && wget https://github.com/theraw/The-World-Is-Yours/archive/refs/heads/master.zip; unzip master.zip; rm -Rf master.zip; cp -a /tmp/The-World-Is-Yours-master/static/Jammy/mod/*.so /nginx/modules/; rm -Rf /tmp/The-World-Is-Yours-master; mkdir -p /nginx/modsec; curl -s https://raw.githubusercontent.com/nbs-system/naxsi/master/naxsi_config/naxsi_core.rules > /nginx/modsec/naxi.core; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/l7.conf > /nginx/modsec/l7.conf; curl -s https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended > /nginx/modsec/modsecurity.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/tester.conf > /nginx/modsec/tester.conf; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/unicode.mapping > /nginx/modsec/unicode.mapping; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.conf > /nginx/nginx.conf; mkdir -p /nginx/live/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/default > /nginx/live/default; mkdir -p /hostdata/default/public_html/ && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/index.html > /hostdata/default/public_html/index.html; mkdir -p /hostdata/default/public_html/cdn/modsec && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/modsec/aes.min.js > /hostdata/default/public_html/cdn/modsec/aes.min.js; curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/docker/supervisord.conf > /etc/supervisor/supervisord.conf CMD /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf diff --git a/README.md b/README.md index dce7a00..5d7b693 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Now easier then before, you will have to compile only Nginx, Rest of modules com - [x] Cookie Based Challenge. - [x] [MOD LIST X Ubuntu 20.04](https://github.com/theraw/The-World-Is-Yours/tree/master/static/Focal/mod) - [x] [MOD LIST X Ubuntu 22.04](https://github.com/theraw/The-World-Is-Yours/tree/master/static/Jammy/mod) - - [x] [View nginx compile options](https://github.com/theraw/The-World-Is-Yours/blob/master/static/Jammy/Builder.sh) + - [x] [Versions](https://github.com/theraw/The-World-Is-Yours/blob/master/version) How do these 3 modules work together? L7 will block all or most of bots, ModSecurity and Naxsi take priority over cookie challenge! So if its a offensive request that Modsecurity or Naxsi detect it as such then these 2 will deal with that request otherwise cookie challenge will appear. diff --git a/install b/install index cea9bf8..248fa95 100644 --- a/install +++ b/install @@ -36,7 +36,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in apt-get update -y; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get -y install tzdata - apt-get install libtool pkg-config -y + apt-get install libtool pkg-config make cmake automake autoconf -y apt-get install libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev liblua5.2-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev -y mkdir -p /opt/mod/ @@ -56,11 +56,65 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in cd /opt/mod && wget https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz cd /opt/mod && tar xf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz && rm -Rf v${FOCAL_VERSION_NGX_RESTY_LRUCACHE}.tar.gz cd /opt/mod/lua-resty-lrucache-${FOCAL_VERSION_NGX_RESTY_LRUCACHE} && make install PREFIX=${LUA_SCRIPTS} + + cd /opt/mod && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${FOCAL_PCRE}.tar.gz + cd /opt/mod && tar xf pcre2-${FOCAL_PCRE}.tar.gz; rm -Rf pcre2-${FOCAL_PCRE}.tar.gz + cd /opt/mod/pcre2-pcre2-${FOCAL_PCRE} && ./autogen.sh + #cd /opt/mod/pcre2-pcre2-${FOCAL_PCRE} && ./configure --prefix=/usr/local/pcre2_${FOCAL_PCRE} && make -j`nproc` && make install + + cd /opt/mod && wget https://github.com/openssl/openssl/archive/refs/tags/OpenSSL_${FOCAL_OPENSSL}.tar.gz + cd /opt/mod && tar xf OpenSSL_${FOCAL_OPENSSL}.tar.gz; rm -Rf OpenSSL_${FOCAL_OPENSSL}.tar.gz + #cd /opt/mod/openssl-OpenSSL_${FOCAL_OPENSSL} && ./config --prefix=/usr/local/openssl_${FOCAL_OPENSSL} && make -j`nproc` && make install + + cd /opt/mod && wget http://zlib.net/zlib-${FOCAL_ZLIB}.tar.gz + cd /opt/mod && tar xf zlib-${FOCAL_ZLIB}.tar.gz; rm -Rf zlib-${FOCAL_ZLIB}.tar.gz + #cd /opt/mod/zlib-${FOCAL_ZLIB} && ./configure --prefix=/usr/local/zlib-${FOCAL_ZLIB} && make -j`nproc` && make install # Nginx cd /opt/ && wget https://nginx.org/download/nginx-${FOCAL_VERSION_NGINX}.tar.gz && tar xf nginx-${FOCAL_VERSION_NGINX}.tar.gz && rm -Rf nginx-${FOCAL_VERSION_NGINX}.tar.gz cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch - cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/Builder.sh > builder; bash builder + cd /opt/nginx-${FOCAL_VERSION_NGINX} && ./configure --with-compat \ + --user=nginx \ + --group=nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/nginx/nginx.conf \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --with-openssl=/opt/mod/openssl-OpenSSL_${FOCAL_OPENSSL} \ + --with-pcre \ + --with-pcre=/opt/mod/pcre2-pcre2-${FOCAL_PCRE} \ + --with-zlib=/opt/mod/zlib-${FOCAL_ZLIB} \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_xslt_module \ + --with-http_image_filter_module \ + --with-http_geoip_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_auth_request_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_stub_status_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module \ + --with-http_v2_hpack_enc \ + --with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ + --with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" cd /opt/nginx-${FOCAL_VERSION_NGINX} && make -j`nproc` cd /opt/nginx-${FOCAL_VERSION_NGINX} && make install curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Focal/nginx.service > /lib/systemd/system/nginx.service @@ -132,7 +186,7 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in apt-get update -y; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get -y install tzdata - apt-get install libtool pkg-config -y + apt-get install libtool pkg-config make cmake automake autoconf -y apt-get install libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev liblua5.2-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev -y mkdir -p /opt/mod/ @@ -153,10 +207,64 @@ case "`grep DISTRIB_CODENAME /etc/*-release | awk -F '=' '{print $2}'`" in cd /opt/mod && tar xf v${JAMMY_VERSION_NGX_RESTY_LRUCACHE}.tar.gz && rm -Rf v${JAMMY_VERSION_NGX_RESTY_LRUCACHE}.tar.gz cd /opt/mod/lua-resty-lrucache-${JAMMY_VERSION_NGX_RESTY_LRUCACHE} && make install PREFIX=${LUA_SCRIPTS} + cd /opt/mod && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${JAMMY_PCRE}.tar.gz + cd /opt/mod && tar xf pcre2-${JAMMY_PCRE}.tar.gz; rm -Rf pcre2-${JAMMY_PCRE}.tar.gz + cd /opt/mod/pcre2-pcre2-${JAMMY_PCRE} && ./autogen.sh + #cd /opt/mod/pcre2-pcre2-${JAMMY_PCRE} && ./configure --prefix=/usr/local/pcre2_${JAMMY_PCRE} && make -j`nproc` && make install + + cd /opt/mod && wget https://github.com/openssl/openssl/archive/refs/tags/openssl-${JAMMY_OPENSSL}.tar.gz + cd /opt/mod && tar xf openssl-${JAMMY_OPENSSL}.tar.gz; rm -Rf openssl-${JAMMY_OPENSSL}.tar.gz + #cd /opt/mod/openssl-OpenSSL_${JAMMY_OPENSSL} && ./config --prefix=/usr/local/openssl_${JAMMY_OPENSSL} && make -j`nproc` && make install + + cd /opt/mod && wget http://zlib.net/zlib-${JAMMY_ZLIB}.tar.gz + cd /opt/mod && tar xf zlib-${JAMMY_ZLIB}.tar.gz; rm -Rf zlib-${JAMMY_ZLIB}.tar.gz + #cd /opt/mod/zlib-${JAMMY_ZLIB} && ./configure --prefix=/usr/local/zlib-${JAMMY_ZLIB} && make -j`nproc` && make install + # Nginx cd /opt/ && wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz && tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz && rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch - cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/Builder.sh > builder; bash builder + cd /opt/nginx-${JAMMY_VERSION_NGINX} && ./configure --with-compat \ + --user=nginx \ + --group=nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/nginx/nginx.conf \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --with-openssl=/opt/mod/openssl-openssl-${JAMMY_OPENSSL} \ + --with-pcre \ + --with-pcre=/opt/mod/pcre2-pcre2-${JAMMY_PCRE} \ + --with-zlib=/opt/mod/zlib-${JAMMY_ZLIB} \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_xslt_module \ + --with-http_image_filter_module \ + --with-http_geoip_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_auth_request_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_stub_status_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module \ + --with-http_v2_hpack_enc \ + --with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ + --with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" cd /opt/nginx-${JAMMY_VERSION_NGINX} && make -j`nproc` cd /opt/nginx-${JAMMY_VERSION_NGINX} && make install curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/static/Jammy/nginx.service > /lib/systemd/system/nginx.service diff --git a/static/Focal/Builder.sh b/static/Focal/Builder.sh deleted file mode 100644 index 32fa660..0000000 --- a/static/Focal/Builder.sh +++ /dev/null @@ -1,38 +0,0 @@ -./configure --with-compat \ ---user=nginx \ ---group=nginx \ ---sbin-path=/usr/sbin/nginx \ ---conf-path=/nginx/nginx.conf \ ---pid-path=/var/run/nginx.pid \ ---lock-path=/var/run/nginx.lock \ ---error-log-path=/var/log/nginx/error.log \ ---http-log-path=/var/log/nginx/access.log \ ---with-threads \ ---with-file-aio \ ---with-http_ssl_module \ ---with-http_v2_module \ ---with-http_realip_module \ ---with-http_addition_module \ ---with-http_xslt_module \ ---with-http_image_filter_module \ ---with-http_geoip_module \ ---with-http_sub_module \ ---with-http_dav_module \ ---with-http_flv_module \ ---with-http_mp4_module \ ---with-http_gunzip_module \ ---with-http_gzip_static_module \ ---with-http_auth_request_module \ ---with-http_random_index_module \ ---with-http_secure_link_module \ ---with-http_slice_module \ ---with-http_stub_status_module \ ---with-mail \ ---with-mail_ssl_module \ ---with-stream \ ---with-stream_ssl_module \ ---with-stream_realip_module \ ---with-stream_geoip_module \ ---with-http_v2_hpack_enc \ ---with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ ---with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" diff --git a/static/Focal/mod/Builder.sh b/static/Focal/mod/Builder.sh index d2542cd..041b63d 100644 --- a/static/Focal/mod/Builder.sh +++ b/static/Focal/mod/Builder.sh @@ -3,83 +3,124 @@ curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/versi sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod -cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz -cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz +if [ ! -d /opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} ]; then + cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz + cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz +fi -cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz -cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz -cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz +if [ ! -d /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable ]; then + cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz + cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz + cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz +fi -cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz -cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz +if [ ! -d /opt/mod/ngx_http_geoip2_module-${NGX_GEOIP2} ]; then + cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz + cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz +fi -cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz -cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz +if [ ! -d /opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} ]; then + cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz + cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz +fi -cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz -cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz +if [ ! -d /opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} ]; then + cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz + cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz -cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz +if [ ! -d /opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} ]; then + cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz + cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz -cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz +if [ ! -d /opt/mod/lua-nginx-module-${NGX_LUA} ]; then + cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz + cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz -cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz +if [ ! -d /opt/mod/set-misc-nginx-module-${NGX_SET_MISC} ]; then + cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz + cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz +fi -cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie -cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init -cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi +if [ ! -d /opt/mod/testcookie ]; then + cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie +fi +if [ ! -d /opt/mod/ngx_brotli ]; then + cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init +fi +if [ ! -d /opt/mod/naxsi ]; then + cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi +fi -rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz -cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch -cd /opt/nginx-${NGINX}/ +if [ ! -d /opt/mod/pcre2-pcre2-${FOCAL_PCRE} ]; then + cd /opt/mod && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${FOCAL_PCRE}.tar.gz + cd /opt/mod && tar xf pcre2-${FOCAL_PCRE}.tar.gz; rm -Rf pcre2-${FOCAL_PCRE}.tar.gz + cd /opt/mod/pcre2-pcre2-${FOCAL_PCRE} && ./autogen.sh +fi + +if [ ! -d /opt/mod/openssl-OpenSSL_${FOCAL_OPENSSL} ]; then + cd /opt/mod && wget https://github.com/openssl/openssl/archive/refs/tags/OpenSSL_${FOCAL_OPENSSL}.tar.gz + cd /opt/mod && tar xf OpenSSL_${FOCAL_OPENSSL}.tar.gz; rm -Rf OpenSSL_${FOCAL_OPENSSL}.tar.gz +fi + +if [ ! -d /opt/mod/zlib-${FOCAL_ZLIB} ]; then +cd /opt/mod && wget http://zlib.net/zlib-${FOCAL_ZLIB}.tar.gz +cd /opt/mod && tar xf zlib-${FOCAL_ZLIB}.tar.gz; rm -Rf zlib-${FOCAL_ZLIB}.tar.gz +fi + +rm -Rf /opt/nginx-${FOCAL_VERSION_NGINX}; cd /opt/; wget https://nginx.org/download/nginx-${FOCAL_VERSION_NGINX}.tar.gz; tar xf nginx-${FOCAL_VERSION_NGINX}.tar.gz; rm -Rf nginx-${FOCAL_VERSION_NGINX}.tar.gz +cd /opt/nginx-${FOCAL_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch +cd /opt/nginx-${FOCAL_VERSION_NGINX}/ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ ---user=nginx \ ---group=nginx \ ---sbin-path=/usr/sbin/nginx \ ---conf-path=/nginx/nginx.conf \ ---pid-path=/var/run/nginx.pid \ ---lock-path=/var/run/nginx.lock \ ---error-log-path=/var/log/nginx/error.log \ ---http-log-path=/var/log/nginx/access.log \ ---with-threads \ ---with-file-aio \ ---with-http_ssl_module \ ---with-http_v2_module \ ---with-http_realip_module \ ---with-http_addition_module \ ---with-http_xslt_module \ ---with-http_image_filter_module \ ---with-http_geoip_module \ ---with-http_sub_module \ ---with-http_dav_module \ ---with-http_flv_module \ ---with-http_mp4_module \ ---with-http_gunzip_module \ ---with-http_gzip_static_module \ ---with-http_auth_request_module \ ---with-http_random_index_module \ ---with-http_secure_link_module \ ---with-http_slice_module \ ---with-http_stub_status_module \ ---with-mail \ ---with-mail_ssl_module \ ---with-stream \ ---with-stream_ssl_module \ ---with-stream_realip_module \ ---with-stream_geoip_module \ ---with-http_v2_hpack_enc \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-openssl=/opt/mod/openssl-OpenSSL_${FOCAL_OPENSSL} \ +--with-pcre \ +--with-pcre=/opt/mod/pcre2-pcre2-${FOCAL_PCRE} \ +--with-zlib=/opt/mod/zlib-${FOCAL_ZLIB} \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ --with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ ---with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" \ --add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \ --add-dynamic-module=/opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} \ --add-dynamic-module=/opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} \ --add-dynamic-module=/opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable \ ---add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} \ --add-dynamic-module=/opt/mod/naxsi/naxsi_src \ --add-dynamic-module=/opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} \ --add-dynamic-module=/opt/mod/ngx_brotli \ @@ -87,3 +128,50 @@ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit- --add-dynamic-module=/opt/mod/set-misc-nginx-module-${NGX_SET_MISC} \ --add-dynamic-module=/opt/mod/testcookie make -j`nproc` modules +rm -Rf /nginx/modules/*.so; cp /opt/nginx-${FOCAL_VERSION_NGINX}/objs/*.so /nginx/modules/ + +cd /opt/nginx-${FOCAL_VERSION_NGINX}/ +LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-openssl=/opt/mod/openssl-OpenSSL_${FOCAL_OPENSSL} \ +--with-zlib=/opt/mod/zlib-${FOCAL_ZLIB} \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ +--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \ +--add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \ +--add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} +make -j`nproc` modules +cp /opt/nginx-${FOCAL_VERSION_NGINX}/objs/*.so /nginx/modules/ diff --git a/static/Focal/mod/ndk_http_module.so b/static/Focal/mod/ndk_http_module.so index 328c9f1..3f2de04 100755 Binary files a/static/Focal/mod/ndk_http_module.so and b/static/Focal/mod/ndk_http_module.so differ diff --git a/static/Focal/mod/ngx_http_brotli_filter_module.so b/static/Focal/mod/ngx_http_brotli_filter_module.so index 5a6b9ad..83d3f2a 100755 Binary files a/static/Focal/mod/ngx_http_brotli_filter_module.so and b/static/Focal/mod/ngx_http_brotli_filter_module.so differ diff --git a/static/Focal/mod/ngx_http_brotli_static_module.so b/static/Focal/mod/ngx_http_brotli_static_module.so index 45a11c4..16261eb 100755 Binary files a/static/Focal/mod/ngx_http_brotli_static_module.so and b/static/Focal/mod/ngx_http_brotli_static_module.so differ diff --git a/static/Focal/mod/ngx_http_flv_live_module.so b/static/Focal/mod/ngx_http_flv_live_module.so index b4659ea..6972801 100755 Binary files a/static/Focal/mod/ngx_http_flv_live_module.so and b/static/Focal/mod/ngx_http_flv_live_module.so differ diff --git a/static/Focal/mod/ngx_http_geoip2_module.so b/static/Focal/mod/ngx_http_geoip2_module.so index 3ff70c0..6a18b1f 100755 Binary files a/static/Focal/mod/ngx_http_geoip2_module.so and b/static/Focal/mod/ngx_http_geoip2_module.so differ diff --git a/static/Focal/mod/ngx_http_headers_more_filter_module.so b/static/Focal/mod/ngx_http_headers_more_filter_module.so index fd4c082..64cceba 100755 Binary files a/static/Focal/mod/ngx_http_headers_more_filter_module.so and b/static/Focal/mod/ngx_http_headers_more_filter_module.so differ diff --git a/static/Focal/mod/ngx_http_lua_module.so b/static/Focal/mod/ngx_http_lua_module.so index bb2f035..1af70fa 100755 Binary files a/static/Focal/mod/ngx_http_lua_module.so and b/static/Focal/mod/ngx_http_lua_module.so differ diff --git a/static/Focal/mod/ngx_http_modsecurity_module.so b/static/Focal/mod/ngx_http_modsecurity_module.so index 029121f..b73b6c6 100755 Binary files a/static/Focal/mod/ngx_http_modsecurity_module.so and b/static/Focal/mod/ngx_http_modsecurity_module.so differ diff --git a/static/Focal/mod/ngx_http_naxsi_module.so b/static/Focal/mod/ngx_http_naxsi_module.so index b3ec2a8..54efcf3 100755 Binary files a/static/Focal/mod/ngx_http_naxsi_module.so and b/static/Focal/mod/ngx_http_naxsi_module.so differ diff --git a/static/Focal/mod/ngx_http_set_misc_module.so b/static/Focal/mod/ngx_http_set_misc_module.so index e5cdccb..07caf63 100755 Binary files a/static/Focal/mod/ngx_http_set_misc_module.so and b/static/Focal/mod/ngx_http_set_misc_module.so differ diff --git a/static/Focal/mod/ngx_http_testcookie_access_module.so b/static/Focal/mod/ngx_http_testcookie_access_module.so index 10e415a..05f5e9d 100755 Binary files a/static/Focal/mod/ngx_http_testcookie_access_module.so and b/static/Focal/mod/ngx_http_testcookie_access_module.so differ diff --git a/static/Focal/mod/ngx_pagespeed.so b/static/Focal/mod/ngx_pagespeed.so index 397af24..a1485dc 100755 Binary files a/static/Focal/mod/ngx_pagespeed.so and b/static/Focal/mod/ngx_pagespeed.so differ diff --git a/static/Focal/mod/ngx_stream_geoip2_module.so b/static/Focal/mod/ngx_stream_geoip2_module.so index 591f6e6..eeeaedc 100755 Binary files a/static/Focal/mod/ngx_stream_geoip2_module.so and b/static/Focal/mod/ngx_stream_geoip2_module.so differ diff --git a/static/Focal/nginx.service b/static/Focal/nginx.service index e87c074..4e90807 100644 --- a/static/Focal/nginx.service +++ b/static/Focal/nginx.service @@ -1,5 +1,5 @@ [Nginx] -Description=The World Is Yours HTTP Server +Description=A high performance web server and a reverse proxy server After=syslog.target network-online.target remote-fs.target nss-lookup.target Wants=network-online.target diff --git a/static/Jammy/Builder.sh b/static/Jammy/Builder.sh deleted file mode 100644 index 32fa660..0000000 --- a/static/Jammy/Builder.sh +++ /dev/null @@ -1,38 +0,0 @@ -./configure --with-compat \ ---user=nginx \ ---group=nginx \ ---sbin-path=/usr/sbin/nginx \ ---conf-path=/nginx/nginx.conf \ ---pid-path=/var/run/nginx.pid \ ---lock-path=/var/run/nginx.lock \ ---error-log-path=/var/log/nginx/error.log \ ---http-log-path=/var/log/nginx/access.log \ ---with-threads \ ---with-file-aio \ ---with-http_ssl_module \ ---with-http_v2_module \ ---with-http_realip_module \ ---with-http_addition_module \ ---with-http_xslt_module \ ---with-http_image_filter_module \ ---with-http_geoip_module \ ---with-http_sub_module \ ---with-http_dav_module \ ---with-http_flv_module \ ---with-http_mp4_module \ ---with-http_gunzip_module \ ---with-http_gzip_static_module \ ---with-http_auth_request_module \ ---with-http_random_index_module \ ---with-http_secure_link_module \ ---with-http_slice_module \ ---with-http_stub_status_module \ ---with-mail \ ---with-mail_ssl_module \ ---with-stream \ ---with-stream_ssl_module \ ---with-stream_realip_module \ ---with-stream_geoip_module \ ---with-http_v2_hpack_enc \ ---with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ ---with-ld-opt="-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" diff --git a/static/Jammy/mod/Builder.sh b/static/Jammy/mod/Builder.sh index d2542cd..1f8d6e6 100644 --- a/static/Jammy/mod/Builder.sh +++ b/static/Jammy/mod/Builder.sh @@ -3,83 +3,124 @@ curl -s https://raw.githubusercontent.com/theraw/The-World-Is-Yours/master/versi sudo apt-get install libpcre2-dev mercurial -y; mkdir -p /opt/mod -cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz -cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz +if [ ! -d /opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} ]; then + cd /opt/mod/; wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v${NGX_DEVEL_KIT}.tar.gz + cd /opt/mod/; tar xf v${NGX_DEVEL_KIT}.tar.gz; rm -Rf v${NGX_DEVEL_KIT}.tar.gz +fi -cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz -cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz -cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz +if [ ! -d /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable ]; then + cd /opt/mod/; wget https://github.com/apache/incubator-pagespeed-ngx/archive/refs/tags/v${NGX_PAGESPEED}-stable.tar.gz + cd /opt/mod/; tar xf v${NGX_PAGESPEED}-stable.tar.gz; rm -Rf v${NGX_PAGESPEED}-stable.tar.gz + cd /opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable; wget https://dl.google.com/dl/page-speed/psol/${NGX_PAGESPEED_PSOL}.tar.gz; tar xf ${NGX_PAGESPEED_PSOL}.tar.gz; rm -Rf tar xf ${NGX_PAGESPEED_PSOL}.tar.gz +fi -cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz -cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz +if [ ! -d /opt/mod/ngx_http_geoip2_module-${NGX_GEOIP2} ]; then + cd /opt/mod/; wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_GEOIP2}.tar.gz + cd /opt/mod/; tar xf ${NGX_GEOIP2}.tar.gz; rm -Rf ${NGX_GEOIP2}.tar.gz +fi -cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz -cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz +if [ ! -d /opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} ]; then + cd /opt/mod/; wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MODSECURITY}.tar.gz + cd /opt/mod/; tar xf v${NGX_MODSECURITY}.tar.gz; rm -Rf v${NGX_MODSECURITY}.tar.gz +fi -cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz -cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz +if [ ! -d /opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} ]; then + cd /opt/mod/; wget https://github.com/winshining/nginx-http-flv-module/archive/refs/tags/v${NGX_HTTP_FLV}.tar.gz + cd /opt/mod/; tar xf v${NGX_HTTP_FLV}.tar.gz; rm -Rf v${NGX_HTTP_FLV}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz -cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz +if [ ! -d /opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} ]; then + cd /opt/mod/; wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_HEADERS_MORE}.tar.gz + cd /opt/mod/; tar xf v${NGX_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_HEADERS_MORE}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz -cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz +if [ ! -d /opt/mod/lua-nginx-module-${NGX_LUA} ]; then + cd /opt/mod/; wget https://github.com/openresty/lua-nginx-module/archive/refs/tags/v${NGX_LUA}.tar.gz + cd /opt/mod/; tar xf v${NGX_LUA}.tar.gz; rm -Rf v${NGX_LUA}.tar.gz +fi -cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz -cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz +if [ ! -d /opt/mod/set-misc-nginx-module-${NGX_SET_MISC} ]; then + cd /opt/mod/; wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/v${NGX_SET_MISC}.tar.gz + cd /opt/mod/; tar xf v${NGX_SET_MISC}.tar.gz; rm -Rf v${NGX_SET_MISC}.tar.gz +fi -cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie -cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init -cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi +if [ ! -d /opt/mod/testcookie ]; then + cd /opt/mod/; git clone https://github.com/kyprizel/testcookie-nginx-module.git testcookie +fi +if [ ! -d /opt/mod/ngx_brotli ]; then + cd /opt/mod/; git clone https://github.com/google/ngx_brotli.git ngx_brotli; cd /opt/mod/ngx_brotli && git submodule update --init +fi +if [ ! -d /opt/mod/naxsi ]; then + cd /opt/mod/; git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi +fi -rm -Rf /opt/nginx-${NGINX}.tar.gz; cd /opt/; wget https://nginx.org/download/nginx-${NGINX}.tar.gz; tar xf nginx-${NGINX}.tar.gz; rm -Rf nginx-${NGINX}.tar.gz -cd /opt/nginx-${NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch -cd /opt/nginx-${NGINX}/ +if [ ! -d /opt/mod/pcre2-pcre2-${JAMMY_PCRE} ]; then + cd /opt/mod && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${JAMMY_PCRE}.tar.gz + cd /opt/mod && tar xf pcre2-${JAMMY_PCRE}.tar.gz; rm -Rf pcre2-${JAMMY_PCRE}.tar.gz + cd /opt/mod/pcre2-pcre2-${JAMMY_PCRE} && ./autogen.sh +fi + +if [ ! -d /opt/mod/openssl-openssl-${JAMMY_OPENSSL} ]; then + cd /opt/mod && wget https://github.com/openssl/openssl/archive/refs/tags/openssl-${JAMMY_OPENSSL}.tar.gz + cd /opt/mod && tar xf openssl-${JAMMY_OPENSSL}.tar.gz; rm -Rf openssl-${JAMMY_OPENSSL}.tar.gz +fi + +if [ ! -d /opt/mod/zlib-${JAMMY_ZLIB} ]; then +cd /opt/mod && wget http://zlib.net/zlib-${JAMMY_ZLIB}.tar.gz +cd /opt/mod && tar xf zlib-${JAMMY_ZLIB}.tar.gz; rm -Rf zlib-${JAMMY_ZLIB}.tar.gz +fi + +rm -Rf /opt/nginx-${JAMMY_VERSION_NGINX}; cd /opt/; wget https://nginx.org/download/nginx-${JAMMY_VERSION_NGINX}.tar.gz; tar xf nginx-${JAMMY_VERSION_NGINX}.tar.gz; rm -Rf nginx-${JAMMY_VERSION_NGINX}.tar.gz +cd /opt/nginx-${JAMMY_VERSION_NGINX} && curl -s https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_hpack_push_1.15.3.patch > hpack_push.patch && patch -p1 < hpack_push.patch +cd /opt/nginx-${JAMMY_VERSION_NGINX}/ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ ---user=nginx \ ---group=nginx \ ---sbin-path=/usr/sbin/nginx \ ---conf-path=/nginx/nginx.conf \ ---pid-path=/var/run/nginx.pid \ ---lock-path=/var/run/nginx.lock \ ---error-log-path=/var/log/nginx/error.log \ ---http-log-path=/var/log/nginx/access.log \ ---with-threads \ ---with-file-aio \ ---with-http_ssl_module \ ---with-http_v2_module \ ---with-http_realip_module \ ---with-http_addition_module \ ---with-http_xslt_module \ ---with-http_image_filter_module \ ---with-http_geoip_module \ ---with-http_sub_module \ ---with-http_dav_module \ ---with-http_flv_module \ ---with-http_mp4_module \ ---with-http_gunzip_module \ ---with-http_gzip_static_module \ ---with-http_auth_request_module \ ---with-http_random_index_module \ ---with-http_secure_link_module \ ---with-http_slice_module \ ---with-http_stub_status_module \ ---with-mail \ ---with-mail_ssl_module \ ---with-stream \ ---with-stream_ssl_module \ ---with-stream_realip_module \ ---with-stream_geoip_module \ ---with-http_v2_hpack_enc \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-openssl=/opt/mod/openssl-openssl-${JAMMY_OPENSSL} \ +--with-pcre \ +--with-pcre=/opt/mod/pcre2-pcre2-${JAMMY_PCRE} \ +--with-zlib=/opt/mod/zlib-${JAMMY_ZLIB} \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ --with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ ---with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie" \ --add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \ --add-dynamic-module=/opt/mod/ModSecurity-nginx-${NGX_MODSECURITY} \ --add-dynamic-module=/opt/mod/headers-more-nginx-module-${NGX_HEADERS_MORE} \ --add-dynamic-module=/opt/mod/incubator-pagespeed-ngx-${NGX_PAGESPEED}-stable \ ---add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} \ --add-dynamic-module=/opt/mod/naxsi/naxsi_src \ --add-dynamic-module=/opt/mod/nginx-http-flv-module-${NGX_HTTP_FLV} \ --add-dynamic-module=/opt/mod/ngx_brotli \ @@ -87,3 +128,50 @@ LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit- --add-dynamic-module=/opt/mod/set-misc-nginx-module-${NGX_SET_MISC} \ --add-dynamic-module=/opt/mod/testcookie make -j`nproc` modules +rm -Rf /nginx/modules/*.so; cp /opt/nginx-${JAMMY_VERSION_NGINX}/objs/*.so /nginx/modules/ + +cd /opt/nginx-${JAMMY_VERSION_NGINX}/ +LUAJIT_LIB="/usr/local/LuaJIT/lib" LUAJIT_INC="/usr/local/LuaJIT/include/luajit-2.1/" ./configure --with-compat \ +--user=nginx \ +--group=nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/nginx/nginx.conf \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--with-openssl=/opt/mod/openssl-openssl-${JAMMY_OPENSSL} \ +--with-zlib=/opt/mod/zlib-${JAMMY_ZLIB} \ +--with-threads \ +--with-file-aio \ +--with-http_ssl_module \ +--with-http_v2_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_xslt_module \ +--with-http_image_filter_module \ +--with-http_geoip_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_auth_request_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_slice_module \ +--with-http_stub_status_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_realip_module \ +--with-stream_geoip_module \ +--with-http_v2_hpack_enc \ +--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \ +--with-ld-opt="-Wl,-rpath,/usr/local/LuaJIT/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpcre" \ +--add-dynamic-module=/opt/mod/ngx_devel_kit-${NGX_DEVEL_KIT} \ +--add-dynamic-module=/opt/mod/lua-nginx-module-${NGX_LUA} +make -j`nproc` modules +cp /opt/nginx-${JAMMY_VERSION_NGINX}/objs/*.so /nginx/modules/ diff --git a/static/Jammy/mod/ndk_http_module.so b/static/Jammy/mod/ndk_http_module.so index b6a853c..a0bea25 100755 Binary files a/static/Jammy/mod/ndk_http_module.so and b/static/Jammy/mod/ndk_http_module.so differ diff --git a/static/Jammy/mod/ngx_http_brotli_filter_module.so b/static/Jammy/mod/ngx_http_brotli_filter_module.so index d15ca9d..9af606d 100755 Binary files a/static/Jammy/mod/ngx_http_brotli_filter_module.so and b/static/Jammy/mod/ngx_http_brotli_filter_module.so differ diff --git a/static/Jammy/mod/ngx_http_brotli_static_module.so b/static/Jammy/mod/ngx_http_brotli_static_module.so index 6f12d98..273cdbf 100755 Binary files a/static/Jammy/mod/ngx_http_brotli_static_module.so and b/static/Jammy/mod/ngx_http_brotli_static_module.so differ diff --git a/static/Jammy/mod/ngx_http_flv_live_module.so b/static/Jammy/mod/ngx_http_flv_live_module.so index 6553df0..d59032d 100755 Binary files a/static/Jammy/mod/ngx_http_flv_live_module.so and b/static/Jammy/mod/ngx_http_flv_live_module.so differ diff --git a/static/Jammy/mod/ngx_http_geoip2_module.so b/static/Jammy/mod/ngx_http_geoip2_module.so index 70e8000..cf6a6b8 100755 Binary files a/static/Jammy/mod/ngx_http_geoip2_module.so and b/static/Jammy/mod/ngx_http_geoip2_module.so differ diff --git a/static/Jammy/mod/ngx_http_headers_more_filter_module.so b/static/Jammy/mod/ngx_http_headers_more_filter_module.so index 10059d9..d69fd30 100755 Binary files a/static/Jammy/mod/ngx_http_headers_more_filter_module.so and b/static/Jammy/mod/ngx_http_headers_more_filter_module.so differ diff --git a/static/Jammy/mod/ngx_http_lua_module.so b/static/Jammy/mod/ngx_http_lua_module.so index 20eebff..b54adb0 100755 Binary files a/static/Jammy/mod/ngx_http_lua_module.so and b/static/Jammy/mod/ngx_http_lua_module.so differ diff --git a/static/Jammy/mod/ngx_http_modsecurity_module.so b/static/Jammy/mod/ngx_http_modsecurity_module.so index 7ae37a2..1716629 100755 Binary files a/static/Jammy/mod/ngx_http_modsecurity_module.so and b/static/Jammy/mod/ngx_http_modsecurity_module.so differ diff --git a/static/Jammy/mod/ngx_http_naxsi_module.so b/static/Jammy/mod/ngx_http_naxsi_module.so index 333ce16..576b499 100755 Binary files a/static/Jammy/mod/ngx_http_naxsi_module.so and b/static/Jammy/mod/ngx_http_naxsi_module.so differ diff --git a/static/Jammy/mod/ngx_http_set_misc_module.so b/static/Jammy/mod/ngx_http_set_misc_module.so index 6574a0d..fb846b6 100755 Binary files a/static/Jammy/mod/ngx_http_set_misc_module.so and b/static/Jammy/mod/ngx_http_set_misc_module.so differ diff --git a/static/Jammy/mod/ngx_http_testcookie_access_module.so b/static/Jammy/mod/ngx_http_testcookie_access_module.so index 6965023..1c6a128 100755 Binary files a/static/Jammy/mod/ngx_http_testcookie_access_module.so and b/static/Jammy/mod/ngx_http_testcookie_access_module.so differ diff --git a/static/Jammy/mod/ngx_pagespeed.so b/static/Jammy/mod/ngx_pagespeed.so index f621360..03d7183 100755 Binary files a/static/Jammy/mod/ngx_pagespeed.so and b/static/Jammy/mod/ngx_pagespeed.so differ diff --git a/static/Jammy/mod/ngx_stream_geoip2_module.so b/static/Jammy/mod/ngx_stream_geoip2_module.so index 65e0b61..b054340 100755 Binary files a/static/Jammy/mod/ngx_stream_geoip2_module.so and b/static/Jammy/mod/ngx_stream_geoip2_module.so differ diff --git a/static/Jammy/nginx.service b/static/Jammy/nginx.service index e87c074..4e90807 100644 --- a/static/Jammy/nginx.service +++ b/static/Jammy/nginx.service @@ -1,5 +1,5 @@ [Nginx] -Description=The World Is Yours HTTP Server +Description=A high performance web server and a reverse proxy server After=syslog.target network-online.target remote-fs.target nss-lookup.target Wants=network-online.target