diff --git a/0001-unix-ngx_user-Apply-fix-for-really-old-bug-in-glibc-.patch b/0001-unix-ngx_user-Apply-fix-for-really-old-bug-in-glibc-.patch new file mode 100644 index 0000000000000000000000000000000000000000..4868b3d5d2474eb7ccbdb74b65f89652a054dbb7 --- /dev/null +++ b/0001-unix-ngx_user-Apply-fix-for-really-old-bug-in-glibc-.patch @@ -0,0 +1,30 @@ +From f446736d4f4c5f7ae81bb8bf84fda7ce3c9d49a0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= +Date: Wed, 24 Jan 2018 12:37:48 +0100 +Subject: [PATCH] unix/ngx_user: Apply fix for really old bug in glibc libcrypt + if needed + +--- + src/os/unix/ngx_user.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/os/unix/ngx_user.c b/src/os/unix/ngx_user.c +index 7ebe2b57..d0fe9238 100644 +--- a/src/os/unix/ngx_user.c ++++ b/src/os/unix/ngx_user.c +@@ -21,8 +21,10 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) + struct crypt_data cd; + + cd.initialized = 0; +-#ifdef __GLIBC__ +- /* work around the glibc bug */ ++#if (defined(__GLIBC__) && __GLIBC__ == 2) && \ ++ (defined(__GLIBC_MINOR__) && __GLIBC_MINOR__ >= 2 && __GLIBC_MINOR__ < 4) ++ /* work around glibc-2.2.5 bug, ++ * has been fixed at some time in glibc-2.3.X */ + cd.current_salt[0] = ~salt[0]; + #endif + +-- +2.16.1 + diff --git a/404.html b/404.html new file mode 100644 index 0000000000000000000000000000000000000000..71fa16cdb4c53827d2675a2e6ff6dcb18ea0e2a3 --- /dev/null +++ b/404.html @@ -0,0 +1,119 @@ + + + + + The page is not found + + + + + +

nginx error!

+ +
+ +

The page you are looking for is not found.

+ +
+

Website Administrator

+
+

Something has triggered missing webpage on your + website. This is the default 404 error page for + nginx that is distributed with + Fedora. It is located + /usr/share/nginx/html/404.html

+ +

You should customize this error page for your own + site or edit the error_page directive in + the nginx configuration file + /etc/nginx/nginx.conf.

+ +
+
+ +
+ [ Powered by nginx ] + + [ Powered by Fedora ] +
+
+ + diff --git a/50x.html b/50x.html new file mode 100644 index 0000000000000000000000000000000000000000..c296c61f79d024e65d8285252511988642874bf8 --- /dev/null +++ b/50x.html @@ -0,0 +1,119 @@ + + + + + The page is temporarily unavailable + + + + + +

nginx error!

+ +
+ +

The page you are looking for is temporarily unavailable. Please try again later.

+ +
+

Website Administrator

+
+

Something has triggered an error on your + website. This is the default error page for + nginx that is distributed with + Fedora. It is located + /usr/share/nginx/html/50x.html

+ +

You should customize this error page for your own + site or edit the error_page directive in + the nginx configuration file + /etc/nginx/nginx.conf.

+ +
+
+ +
+ [ Powered by nginx ] + + [ Powered by Fedora ] +
+
+ + diff --git a/README.dynamic b/README.dynamic new file mode 100644 index 0000000000000000000000000000000000000000..59f03f62643d44b1a87183c89791096705fbb7b9 --- /dev/null +++ b/README.dynamic @@ -0,0 +1,20 @@ +############### +Dynamic modules +############### + +Dynamic modules are loaded using the "load_modules" directive. The RPM package +for each module has a '.conf' file in the /usr/share/nginx/modules directory. +The '.conf' file contains a single "load_modules" directive. + +This means that whenever a new dynamic module is installed, it will +automatically be enabled and Nginx will be reloaded. + +-------------------------------------------------------- +Prevent dynamic modules from being enabled automatically +-------------------------------------------------------- + +You may want to avoid dynamic modules being enabled automatically. Simply +remove this line from the top of /etc/nginx/nginx.conf: + + include /usr/lib64/nginx/modules/*.conf; + diff --git a/UPGRADE-NOTES-1.6-to-1.10 b/UPGRADE-NOTES-1.6-to-1.10 new file mode 100644 index 0000000000000000000000000000000000000000..65760bfc0d0d9dd0ce7ad9b2bb64d625d619fe50 --- /dev/null +++ b/UPGRADE-NOTES-1.6-to-1.10 @@ -0,0 +1,88 @@ +############# +Upgrade notes +############# + +To resolve numerous security flaws, the nginx package was updated to 1.10.x. + +You should review your configuration files in /etc/nginx to determine if there +are any incompatibilities. Below is a summary of the main incompatible changes. +Some nginx directives have been changed or removed, so you may need to modify +your configuration. + +Please see upstream release notes for a complete list of new features, +bug fixes, and changes: http://nginx.org/en/CHANGES-1.10 +One notable feature is support for HTTP/2. + +Nginx gained support for dynamic modules. As part of this update, dynamic +modules have been split into subpackages. For the time being these are hard +dependencies to aid the upgrade path. When you install nginx, all of these +modules are installed and enabled by default: + - nginx-mod-http-geoip + - nginx-mod-http-image-filter + - nginx-mod-http-perl + - nginx-mod-http-xslt-filter + - nginx-mod-mail + - nginx-mod-stream + +Changes with nginx 1.10.x + + *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer + passed to the next server by default if a request has been sent to a + backend; the "non_idempotent" parameter of the "proxy_next_upstream" + directive explicitly allows retrying such requests. + + *) Change: now the "output_buffers" directive uses two buffers by + default. + + *) Change: now nginx limits subrequests recursion, not simultaneous + subrequests. + + *) Change: now nginx checks the whole cache key when returning a + response from cache. + Thanks to Gena Makhomed and Sergey Brester. + + *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer" + directives of the stream module are replaced with the + "proxy_buffer_size" directive. + + *) Change: duplicate "http", "mail", and "stream" blocks are now + disallowed. + + *) Change: now SSLv3 protocol is disabled by default. + + *) Change: some long deprecated directives are not supported anymore. + + *) Change: obsolete aio and rtsig event methods have been removed. + +Changes with nginx 1.8.x + + *) Change: the "sendfile" parameter of the "aio" directive is + deprecated; now nginx automatically uses AIO to pre-load data for + sendfile if both "aio" and "sendfile" directives are used. + + *) Change: now the "If-Modified-Since", "If-Range", etc. client request + header lines are passed to a backend while caching if nginx knows in + advance that the response will not be cached (e.g., when using + proxy_cache_min_uses). + + *) Change: now after proxy_cache_lock_timeout nginx sends a request to a + backend with caching disabled; the new directives + "proxy_cache_lock_age", "fastcgi_cache_lock_age", + "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time + after which the lock will be released and another attempt to cache a + response will be made. + + *) Change: the "log_format" directive can now be used only at http + level. + + *) Change: now nginx takes into account the "Vary" header line in a + backend response while caching. + + *) Change: the deprecated "limit_zone" directive is not supported + anymore. + + *) Change: now the "stub_status" directive does not require a parameter. + + *) Change: URI escaping now uses uppercase hexadecimal digits. + Thanks to Piotr Sikora. + diff --git a/index.html b/index.html new file mode 100644 index 0000000000000000000000000000000000000000..dea2265fcb8231f9dcb32b29595b14c796ca5d7f --- /dev/null +++ b/index.html @@ -0,0 +1,116 @@ + + + + + Test Page for the Nginx HTTP Server on Fedora + + + + + +

Welcome to nginx on Fedora!

+ +
+

This page is used to test the proper operation of the + nginx HTTP server after it has been + installed. If you can read this page, it means that the + web server installed at this site is working + properly.

+ +
+

Website Administrator

+
+

This is the default index.html page that + is distributed with nginx on + Fedora. It is located in + /usr/share/nginx/html.

+ +

You should now put your content in a location of + your choice and edit the root configuration + directive in the nginx + configuration file + /etc/nginx/nginx.conf.

+ +
+
+ +
+ [ Powered by nginx ] + + [ Powered by Fedora ] +
+
+ + diff --git a/nginx-1.12.1-logs-perm.patch b/nginx-1.12.1-logs-perm.patch new file mode 100644 index 0000000000000000000000000000000000000000..4884a847d033492f5423fc95e1f03b10524f7242 --- /dev/null +++ b/nginx-1.12.1-logs-perm.patch @@ -0,0 +1,13 @@ +diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c +index aee7a58..bcceecb 100644 +--- a/src/core/ngx_cycle.c ++++ b/src/core/ngx_cycle.c +@@ -1108,7 +1108,7 @@ ngx_reopen_files(ngx_cycle_t *cycle, ngx_uid_t user) + } + + fd = ngx_open_file(file[i].name.data, NGX_FILE_APPEND, +- NGX_FILE_CREATE_OR_OPEN, NGX_FILE_DEFAULT_ACCESS); ++ NGX_FILE_CREATE_OR_OPEN, NGX_FILE_DEFAULT_ACCESS | 0220); + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, cycle->log, 0, + "reopen file \"%s\", old:%d new:%d", diff --git a/nginx-1.12.1.tar.gz b/nginx-1.12.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..fc90539cb625a2e00a483870a0a88b66a7de22a2 Binary files /dev/null and b/nginx-1.12.1.tar.gz differ diff --git a/nginx-auto-cc-gcc.patch b/nginx-auto-cc-gcc.patch new file mode 100644 index 0000000000000000000000000000000000000000..c30346d042395233db4e9bfa16c72b0a0a2e89ab --- /dev/null +++ b/nginx-auto-cc-gcc.patch @@ -0,0 +1,13 @@ +--- a/auto/cc/gcc.orig 2007-03-22 08:34:53.000000000 -0600 ++++ b/auto/cc/gcc 2007-03-22 08:58:47.000000000 -0600 +@@ -172,7 +172,9 @@ + + + # stop on warning +-CFLAGS="$CFLAGS -Werror" ++# This combined with Fedora's FORTIFY_SOURCE=2 option causes it nginx ++# to not compile. ++#CFLAGS="$CFLAGS -Werror" + + # debug + CFLAGS="$CFLAGS -g" diff --git a/nginx-logo.png b/nginx-logo.png new file mode 100644 index 0000000000000000000000000000000000000000..638b4995def7c1b20d134b658b7329df6769085e Binary files /dev/null and b/nginx-logo.png differ diff --git a/nginx-upgrade b/nginx-upgrade new file mode 100644 index 0000000000000000000000000000000000000000..f84d91a9889bc86296e50a4adbeaa9c8df9daf65 --- /dev/null +++ b/nginx-upgrade @@ -0,0 +1,19 @@ +#!/bin/sh +[ ! -f /run/nginx.pid ] && exit 1 +echo "Start new nginx master..." +/bin/systemctl kill --signal=SIGUSR2 nginx.service +sleep 5 +[ ! -f /run/nginx.pid.oldbin ] && sleep 10 +if [ ! -f /run/nginx.pid.oldbin ]; then + echo "Failed to start new nginx master." + exit 1 +fi +echo "Stop old nginx master gracefully..." +oldpid=`/usr/bin/cat /run/nginx.pid.oldbin 2>/dev/null` +/bin/kill -s QUIT $oldpid 2>/dev/null +sleep 5 +[ -f /run/nginx.pid.oldbin ] && sleep 10 +if [ -f /run/nginx.pid.oldbin ]; then + echo "Failed to stop old nginx master." + exit 1 +fi diff --git a/nginx-upgrade.8 b/nginx-upgrade.8 new file mode 100644 index 0000000000000000000000000000000000000000..2a435abbf9503b127875495dc52ff535ed5a1cc7 --- /dev/null +++ b/nginx-upgrade.8 @@ -0,0 +1,151 @@ +.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is turned on, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.ie \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. nr % 0 +. rr F +.\} +.el \{\ +. de IX +.. +.\} +.\" +.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). +.\" Fear. Run. Save yourself. No user-serviceable parts. +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ======================================================================== +.\" +.IX Title "NGINX-UPGRADE 8" +.TH NGINX-UPGRADE 8 "2012-10-28" " " " " +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH "NAME" +nginx\-upgrade \- tool to upgrade nginx without any downtime +.SH "SYNOPSIS" +.IX Header "SYNOPSIS" +\&\fInginx-upgrade\fR +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" +This downstream shell script updates nginx without any downtime. After +upgrading nginx via the package manager, running this script will create +a new nginx master. This master takes over all new requests. The old +masters and workers are then gracefully shutdown without breaking any +existing connections. +.PP +For further information, see: +.SH "BUGS" +.IX Header "BUGS" +If you find any bugs, please send an email to the author. +.SH "AUTHOR" +.IX Header "AUTHOR" +Jamie Nguyen diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000000000000000000000000000000000000..3c5c787a780d4f3a6aca7058e6c057b6105369d4 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,90 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 80 default_server; + listen [::]:80 default_server; + server_name _; + root /usr/share/nginx/html; + + # Load configuration files for the default server block. + include /etc/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } + } + +# Settings for a TLS enabled server. +# +# server { +# listen 443 ssl http2 default_server; +# listen [::]:443 ssl http2 default_server; +# server_name _; +# root /usr/share/nginx/html; +# +# ssl_certificate "/etc/pki/nginx/server.crt"; +# ssl_certificate_key "/etc/pki/nginx/private/server.key"; +# ssl_session_cache shared:SSL:1m; +# ssl_session_timeout 10m; +# ssl_ciphers PROFILE=SYSTEM; +# ssl_prefer_server_ciphers on; +# +# # Load configuration files for the default server block. +# include /etc/nginx/default.d/*.conf; +# +# location / { +# } +# +# error_page 404 /404.html; +# location = /40x.html { +# } +# +# error_page 500 502 503 504 /50x.html; +# location = /50x.html { +# } +# } + +} + diff --git a/nginx.logrotate b/nginx.logrotate new file mode 100644 index 0000000000000000000000000000000000000000..353da6e80ccf7a6eba0ef98e8a3aee603e3ba43f --- /dev/null +++ b/nginx.logrotate @@ -0,0 +1,13 @@ +/var/log/nginx/*log { + create 0664 nginx root + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true + endscript +} + diff --git a/nginx.service b/nginx.service new file mode 100644 index 0000000000000000000000000000000000000000..8597eb4a826d050e341aa7b133d9ea624bffad16 --- /dev/null +++ b/nginx.service @@ -0,0 +1,21 @@ +[Unit] +Description=The nginx HTTP and reverse proxy server +After=network.target remote-fs.target nss-lookup.target + +[Service] +Type=forking +PIDFile=/run/nginx.pid +# Nginx will fail to start if /run/nginx.pid already exists but has the wrong +# SELinux context. This might happen when running `nginx -t` from the cmdline. +# https://bugzilla.redhat.com/show_bug.cgi?id=1268621 +ExecStartPre=/usr/bin/rm -f /run/nginx.pid +ExecStartPre=/usr/sbin/nginx -t +ExecStart=/usr/sbin/nginx +ExecReload=/bin/kill -s HUP $MAINPID +KillSignal=SIGQUIT +TimeoutStopSec=5 +KillMode=mixed +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/nginx.spec b/nginx.spec new file mode 100644 index 0000000000000000000000000000000000000000..49819839059980be99f4734290b136c31419d287 --- /dev/null +++ b/nginx.spec @@ -0,0 +1,352 @@ +%global _hardened_build 1 +%global nginx_user nginx + +%undefine _strict_symbol_defs_build + +%bcond_with geoip + +%global with_gperftools 1 + +%global with_aio 1 + +Name: nginx +Epoch: 1 +Version: 1.12.1 +Release: 15 +Summary: A HTTP server, reverse proxy and mail proxy server +License: BSD +URL: http://nginx.org/ + +Source0: https://nginx.org/download/nginx-%{version}.tar.gz +Source10: nginx.service +Source11: nginx.logrotate +Source12: nginx.conf +Source13: nginx-upgrade +Source14: nginx-upgrade.8 +Source100: index.html +Source101: poweredby.png +Source102: nginx-logo.png +Source103: 404.html +Source104: 50x.html +Source200: README.dynamic +Source210: UPGRADE-NOTES-1.6-to-1.10 + +Patch0: nginx-auto-cc-gcc.patch +Patch1: 0001-unix-ngx_user-Apply-fix-for-really-old-bug-in-glibc-.patch +Patch2: nginx-1.12.1-logs-perm.patch + +BuildRequires: gcc openssl-devel pcre-devel zlib-devel systemd gperftools-devel +Requires: nginx-filesystem = %{epoch}:%{version}-%{release} openssl pcre +Requires: nginx-all-modules = %{epoch}:%{version}-%{release} +%if 0%{?with_mailcap_mimetypes} +Requires: nginx-mimetypes +%endif +Requires(pre): nginx-filesystem +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd +Provides: webserver + +%description +NGINX is a free, open-source, high-performance HTTP server and reverse proxy, +as well as an IMAP/POP3 proxy server. + +%package all-modules +Summary: Nginx modules +BuildArch: noarch + +%if %{with geoip} +Requires: nginx-mod-http-geoip = %{epoch}:%{version}-%{release} +%endif +Requires: nginx-mod-http-image-filter = %{epoch}:%{version}-%{release} +Requires: nginx-mod-http-perl = %{epoch}:%{version}-%{release} +Requires: nginx-mod-http-xslt-filter = %{epoch}:%{version}-%{release} +Requires: nginx-mod-mail = %{epoch}:%{version}-%{release} +Requires: nginx-mod-stream = %{epoch}:%{version}-%{release} + +%description all-modules +NGINX is a free, open-source, high-performance HTTP server and reverse proxy, +as well as an IMAP/POP3 proxy server. +This package is a meta package that installs all available Nginx modules. + +%package filesystem +Summary: Filesystem for the Nginx server +BuildArch: noarch +Requires(pre): shadow-utils + +%description filesystem +NGINX is a free, open-source, high-performance HTTP server and reverse proxy, +as well as an IMAP/POP3 proxy server. +The package contains the basic directory layout for the Nginx server. + +%if %{with geoip} +%package mod-http-geoip +Summary: HTTP geoip module for nginx +BuildRequires: GeoIP-devel +Requires: nginx GeoIP + +%description mod-http-geoip +The package is the Nginx HTTP geoip module. +%endif + +%package mod-http-image-filter +Summary: HTTP image filter module for nginx +BuildRequires: gd-devel +Requires: nginx gd + +%description mod-http-image-filter +Nginx HTTP image filter module. + +%package mod-http-perl +Summary: HTTP perl module for nginx +BuildRequires: perl-devel perl(ExtUtils::Embed) +Requires: nginx perl(constant) +Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) + +%description mod-http-perl +Nginx HTTP perl module. + +%package mod-http-xslt-filter +Summary: XSLT module for nginx +BuildRequires: libxslt-devel +Requires: nginx + +%description mod-http-xslt-filter +Nginx XSLT module. + +%package mod-mail +Summary: mail modules for nginx +Requires: nginx + +%description mod-mail +Nginx mail modules + +%package mod-stream +Summary: stream modules for nginx +Requires: nginx + +%description mod-stream +Nginx stream modules. + +%package_help + +%prep +%autosetup -n %{name}-%{version} -p1 +cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} . + +%build +export DESTDIR=%{buildroot} +nginx_ldopts="$RPM_LD_FLAGS -Wl,-E" +if ! ./configure \ + --prefix=%{_datadir}/nginx --sbin-path=%{_sbindir}/nginx --modules-path=%{_libdir}/nginx/modules \ + --conf-path=%{_sysconfdir}/nginx/nginx.conf --error-log-path=%{_localstatedir}/log/nginx/error.log \ + --http-log-path=%{_localstatedir}/log/nginx/access.log \ + --http-client-body-temp-path=%{_localstatedir}/lib/nginx/tmp/client_body \ + --http-fastcgi-temp-path=%{_localstatedir}/lib/nginx/tmp/fastcgi \ + --http-proxy-temp-path=%{_localstatedir}/lib/nginx/tmp/proxy \ + --http-scgi-temp-path=%{_localstatedir}/lib/nginx/tmp/scgi \ + --http-uwsgi-temp-path=%{_localstatedir}/lib/nginx/tmp/uwsgi \ + --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx \ + --user=%{nginx_user} --group=%{nginx_user} \ +%if 0%{?with_aio} + --with-file-aio \ +%endif + --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module \ + --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic \ +%if %{with geoip} + --with-http_geoip_module=dynamic \ +%endif + --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module \ + --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module \ + --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module \ + --with-http_stub_status_module --with-http_perl_module=dynamic --with-http_auth_request_module \ + --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic \ + --with-stream_ssl_module --with-google_perftools_module --with-debug \ + --with-cc-opt="%{optflags} $(pcre-config --cflags)" --with-ld-opt="$nginx_ldopts"; then + : configure failed + cat objs/autoconf.err + exit 1 +fi + +%make_build + + +%install +%make_install INSTALLDIRS=vendor + +find %{buildroot} -type f -empty -exec rm -f '{}' \; +find %{buildroot} -type f -name .packlist -exec rm -f '{}' \; +find %{buildroot} -type f -name perllocal.pod -exec rm -f '{}' \; +find %{buildroot} -type f -iname '*.so' -exec chmod 0755 '{}' \; + +pushd %{buildroot} +install -p -D -m 0644 %{_builddir}/nginx-%{version}/nginx.service .%{_unitdir}/nginx.service +install -p -D -m 0644 %{SOURCE11} .%{_sysconfdir}/logrotate.d/nginx +install -p -d -m 0755 .%{_sysconfdir}/systemd/system/nginx.service.d +install -p -d -m 0755 .%{_unitdir}/nginx.service.d +install -p -d -m 0755 .%{_sysconfdir}/nginx/conf.d +install -p -d -m 0755 .%{_sysconfdir}/nginx/default.d +install -p -d -m 0700 .%{_localstatedir}/lib/nginx +install -p -d -m 0700 .%{_localstatedir}/lib/nginx/tmp +install -p -d -m 0700 .%{_localstatedir}/log/nginx +install -p -d -m 0755 .%{_datadir}/nginx/html +install -p -d -m 0755 .%{_datadir}/nginx/modules +install -p -d -m 0755 .%{_libdir}/nginx/modules +install -p -m 0644 %{_builddir}/nginx-%{version}/nginx.conf .%{_sysconfdir}/nginx +install -p -m 0644 %{SOURCE100} .%{_datadir}/nginx/html +install -p -m 0644 %{SOURCE101} %{SOURCE102} .%{_datadir}/nginx/html +install -p -m 0644 %{SOURCE103} %{SOURCE104} .%{_datadir}/nginx/html + +%if 0%{?with_mailcap_mimetypes} +rm -f .%{_sysconfdir}/nginx/mime.types +%endif + +install -p -D -m 0644 %{_builddir}/nginx-%{version}/man/nginx.8 .%{_mandir}/man8/nginx.8 +install -p -D -m 0755 %{SOURCE13} .%{_bindir}/nginx-upgrade +install -p -D -m 0644 %{SOURCE14} .%{_mandir}/man8/nginx-upgrade.8 +popd + +for i in ftdetect indent syntax; do + install -p -D -m644 contrib/vim/${i}/nginx.vim %{buildroot}%{_datadir}/vim/vimfiles/${i}/nginx.vim +done + +%if %{with geoip} +echo 'load_module "%{_libdir}/nginx/modules/ngx_http_geoip_module.so";' \ + > %{buildroot}%{_datadir}/nginx/modules/mod-http-geoip.conf +%endif + +pushd %{buildroot} +echo 'load_module "%{_libdir}/nginx/modules/ngx_http_image_filter_module.so";' \ + > .%{_datadir}/nginx/modules/mod-http-image-filter.conf +echo 'load_module "%{_libdir}/nginx/modules/ngx_http_perl_module.so";' \ + > .%{_datadir}/nginx/modules/mod-http-perl.conf +echo 'load_module "%{_libdir}/nginx/modules/ngx_http_xslt_filter_module.so";' \ + > .%{_datadir}/nginx/modules/mod-http-xslt-filter.conf +echo 'load_module "%{_libdir}/nginx/modules/ngx_mail_module.so";' \ + > .%{_datadir}/nginx/modules/mod-mail.conf +echo 'load_module "%{_libdir}/nginx/modules/ngx_stream_module.so";' \ + > .%{_datadir}/nginx/modules/mod-stream.conf +popd + +%pre filesystem +getent group %{nginx_user} > /dev/null || groupadd -r %{nginx_user} +getent passwd %{nginx_user} > /dev/null || useradd -r -d %{_localstatedir}/lib/nginx -g %{nginx_user} \ + -s /sbin/nologin -c "Nginx web server" %{nginx_user} +exit 0 + +%post +%systemd_post nginx.service + +%if %{with geoip} +%post mod-http-geoip +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi +%endif + +%post mod-http-image-filter +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi + +%post mod-http-perl +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi + +%post mod-http-xslt-filter +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi + +%post mod-mail +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi + +%post mod-stream +if [ $1 -eq 1 ]; then + systemctl reload nginx.service >/dev/null 2>&1 || : +fi + +%preun +%systemd_preun nginx.service + +%postun +%systemd_postun nginx.service +if [ $1 -ge 1 ]; then + /usr/bin/nginx-upgrade >/dev/null 2>&1 || : +fi + +%files +%defattr(-,root,root) +%license LICENSE +%config(noreplace) %{_sysconfdir}/nginx/* +%config(noreplace) %{_sysconfdir}/logrotate.d/nginx +%exclude %{_sysconfdir}/nginx/conf.d +%exclude %{_sysconfdir}/nginx/default.d +%if 0%{?with_mailcap_mimetypes} +%exclude %{_sysconfdir}/nginx/mime.types +%endif +%{_bindir}/nginx-upgrade +%{_sbindir}/nginx +%dir %{_libdir}/nginx/modules +%attr(770,%{nginx_user},root) %dir %{_localstatedir}/lib/nginx +%attr(770,%{nginx_user},root) %dir %{_localstatedir}/lib/nginx/tmp +%{_unitdir}/nginx.service +%{_datadir}/nginx/html/* +%{_datadir}/vim/vimfiles/ftdetect/nginx.vim +%{_datadir}/vim/vimfiles/syntax/nginx.vim +%{_datadir}/vim/vimfiles/indent/nginx.vim +%attr(770,%{nginx_user},root) %dir %{_localstatedir}/log/nginx + +%files all-modules + +%files filesystem +%dir %{_sysconfdir}/nginx +%dir %{_sysconfdir}/nginx/{conf.d,default.d} +%dir %{_sysconfdir}/systemd/system/nginx.service.d +%dir %{_unitdir}/nginx.service.d +%dir %{_datadir}/nginx +%dir %{_datadir}/nginx/html + +%if %{with geoip} +%files mod-http-geoip +%{_libdir}/nginx/modules/ngx_http_geoip_module.so +%{_datadir}/nginx/modules/mod-http-geoip.conf +%endif + +%files mod-http-image-filter +%{_libdir}/nginx/modules/ngx_http_image_filter_module.so +%{_datadir}/nginx/modules/mod-http-image-filter.conf + +%files mod-http-perl +%{_libdir}/nginx/modules/ngx_http_perl_module.so +%{_datadir}/nginx/modules/mod-http-perl.conf +%dir %{perl_vendorarch}/auto/nginx +%{perl_vendorarch}/nginx.pm +%{perl_vendorarch}/auto/nginx/nginx.so + +%files mod-http-xslt-filter +%{_libdir}/nginx/modules/ngx_http_xslt_filter_module.so +%{_datadir}/nginx/modules/mod-http-xslt-filter.conf + +%files mod-mail +%{_libdir}/nginx/modules/ngx_mail_module.so +%{_datadir}/nginx/modules/mod-mail.conf + +%files mod-stream +%{_libdir}/nginx/modules/ngx_stream_module.so +%{_datadir}/nginx/modules/mod-stream.conf + +%files help +%defattr(-,root,root) +%doc CHANGES README README.dynamic +%{_mandir}/man3/nginx.3pm* +%{_mandir}/man8/nginx.8* +%{_mandir}/man8/nginx-upgrade.8* + +%changelog +* Wed Dec 4 2019 openEuler Buildteam - 1:1.12.1-15 +- Package init + diff --git a/poweredby.png b/poweredby.png new file mode 100644 index 0000000000000000000000000000000000000000..b4aea88b9f33b00727d91327089a33d620ac3c32 Binary files /dev/null and b/poweredby.png differ