summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--user/nginx/APKBUILD88
-rw-r--r--user/nginx/nginx.conf41
-rw-r--r--user/nginx/nginx.initd71
-rw-r--r--user/nginx/nginx.pre-install8
4 files changed, 208 insertions, 0 deletions
diff --git a/user/nginx/APKBUILD b/user/nginx/APKBUILD
new file mode 100644
index 000000000..88d5a7556
--- /dev/null
+++ b/user/nginx/APKBUILD
@@ -0,0 +1,88 @@
+# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
+# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
+pkgname=nginx
+pkgver=1.14.2
+pkgrel=0
+pkgdesc="High-performance HTTP server"
+url="https://nginx.org"
+arch="all"
+options="!check" # No test suite
+license="BSD-2-Clause"
+depends=""
+depends_dev=""
+makedepends="geoip-dev libgd-dev libxml2-dev libxslt-dev openssl-dev pcre-dev"
+install="nginx.pre-install"
+pkgusers="nginx"
+pkggroups="nginx"
+subpackages="$pkgname-openrc"
+source="http://nginx.org/download/nginx-$pkgver.tar.gz
+ nginx.initd
+ nginx.conf"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --prefix=/usr \
+ --modules-path=/usr/libexec/nginx \
+ --conf-path=/etc/nginx/ \
+ --pid-path=/run/nginx \
+ --lock-path=/run/nginx \
+ --user=nginx \
+ --group=nginx \
+ --with-poll_module \
+ --with-threads \
+ --with-file-aio \
+ --with-http_ssl_module \
+ --with-http_v2_module \
+ --with-http_realip_module \
+ --with-http_xslt_module=dynamic \
+ --with-http_image_filter_module=dynamic \
+ --with-http_geoip_module=dynamic \
+ --with-http_dav_module \
+ --with-http_gunzip_module \
+ --with-http_auth_request_module \
+ --with-http_secure_link_module \
+ --with-http_slice_module \
+ --with-stream=dynamic \
+ --with-stream_ssl_module \
+ --with-stream_realip_module \
+ --with-stream_geoip_module=dynamic \
+ --with-stream_ssl_preread_module \
+ --without-http_ssi_module
+ make
+}
+
+package() {
+ cd "$builddir"
+ mkdir -p "$pkgdir"/usr/sbin
+ install -Dm755 objs/nginx "$pkgdir"/usr/sbin/nginx
+
+ mkdir -p "$pkgdir"/etc/init.d
+ install -Dm755 "$srcdir"/nginx.initd "$pkgdir"/etc/init.d/nginx
+
+ mkdir -p "$pkgdir"/etc/nginx
+ for i in koi-win koi-utf win-utf mime.types; do
+ install -Dm644 conf/$i "$pkgdir"/etc/nginx
+ done
+ install -Dm644 "$srcdir"/nginx.conf "$pkgdir"/etc/nginx
+
+ mkdir -p "$pkgdir"/etc/nginx/conf.d
+ for i in fastcgi scgi uwsgi; do
+ install -Dm644 conf/${i}_params "$pkgdir"/etc/nginx/conf.d/"$i".conf
+ done
+
+ mkdir -p "$pkgdir"/usr/libexec/nginx
+ for i in objs/ngx_*_module.so; do
+ install -Dm755 "$i" "$pkgdir"/usr/libexec/nginx
+ done
+
+ mkdir -p "$pkgdir"/var/www/nginx/localhost
+ for i in html/*.html; do
+ install -Dm644 "$i" "$pkgdir"/var/www/nginx/localhost
+ done
+}
+
+sha512sums="d8362dbd86435657d6b13156bd6ad1b251d2ab10bc11cdda959b142dd6120b087e4b314f0025d9bbcc88529cb4b9407fb4df1cfae5d081b7ea1db51ccfc2dbe7 nginx-1.14.2.tar.gz
+eb183860cd511361346e4079c1fcf470985e1c3b2a034a57f8b2a92ba851fed99256261f9b779770a5f57e3750e9e71bd1550a9d19ad9bf3a4d288864f0374a2 nginx.initd
+efedf75dbea497148e21515d8c8fda73d6af886418c2b777b5d38b3b21a929052009813b6cab122be5dc60af9b5ba948bb4e81a03f15322dd42418d7a3b64f69 nginx.conf"
diff --git a/user/nginx/nginx.conf b/user/nginx/nginx.conf
new file mode 100644
index 000000000..93060f64a
--- /dev/null
+++ b/user/nginx/nginx.conf
@@ -0,0 +1,41 @@
+# This is an example configuration for nginx, with many secure defaults
+# already specified.
+
+# The system user under which nginx should run.
+user nginx;
+
+# The number of worker processes nginx should have; typically this
+# should be the number of available cores. 'auto' allows nginx to
+# auto-detect a reasonable value.
+worker_processes auto;
+
+# The following is specific to the servicing of HTTP connections.
+http {
+ # Default mapping of MIME types to file extensions.
+ include mime.types;
+ # The MIME type to use for unknown extensions.
+ default_type application/octet-stream;
+
+ # Tuning options
+ sendfile on;
+ tcp_nopush on;
+ aio on;
+ # The threshold after which direct I/O should be used; insufficient
+ # documentation exists to provide sensible values, so this will, of
+ # necessity, require extensive testing with expected workloads to
+ # get an optimal threshold.
+ directio 4m;
+ # The length of time to keep connections open. As with directio,
+ # this setting will require testing to come at an optimal value.
+ keepalive_timeout 5s;
+ # This setting compresses most transmissions when enabled, reducing
+ # bandwidth usage.
+ gzip on;
+
+ # Further global configurations
+ include conf.d/*.conf;
+
+ # Site-specific configurations
+ include sites.d/*.conf;
+}
+
diff --git a/user/nginx/nginx.initd b/user/nginx/nginx.initd
new file mode 100644
index 000000000..603f91e63
--- /dev/null
+++ b/user/nginx/nginx.initd
@@ -0,0 +1,71 @@
+#!/sbin/openrc-run
+
+description="Nginx http and reverse proxy server"
+extra_commands="checkconfig"
+extra_started_commands="reload reopen upgrade"
+
+cfgfile=${cfgfile:-/etc/nginx/nginx.conf}
+pidfile=/run/nginx/nginx.pid
+command=/usr/sbin/nginx
+command_args="-c $cfgfile"
+required_files="$cfgfile"
+
+depend() {
+ need net
+ use dns logger netmount
+}
+
+start_pre() {
+ checkpath --directory --owner nginx:nginx ${pidfile%/*}
+ $command $command_args -t -q
+}
+
+checkconfig() {
+ ebegin "Checking $RC_SVCNAME configuration"
+ start_pre
+ eend $?
+}
+
+reload() {
+ ebegin "Reloading $RC_SVCNAME configuration"
+ start_pre && start-stop-daemon --signal HUP --pidfile $pidfile
+ eend $?
+}
+
+reopen() {
+ ebegin "Reopening $RC_SVCNAME log files"
+ start-stop-daemon --signal USR1 --pidfile $pidfile
+ eend $?
+}
+
+upgrade() {
+ start_pre || return 1
+
+ ebegin "Upgrading $RC_SVCNAME binary"
+
+ einfo "Sending USR2 to old binary"
+ start-stop-daemon --signal USR2 --pidfile $pidfile
+
+ einfo "Sleeping 3 seconds before pid-files checking"
+ sleep 3
+
+ if [ ! -f $pidfile.oldbin ]; then
+ eerror "File with old pid ($pidfile.oldbin) not found"
+ return 1
+ fi
+
+ if [ ! -f $pidfile ]; then
+ eerror "New binary failed to start"
+ return 1
+ fi
+
+ einfo "Sleeping 3 seconds before WINCH"
+ sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin
+
+ einfo "Sending QUIT to old binary"
+ start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin
+
+ einfo "Upgrade completed"
+
+ eend $? "Upgrade failed"
+}
diff --git a/user/nginx/nginx.pre-install b/user/nginx/nginx.pre-install
new file mode 100644
index 000000000..ae5b6857a
--- /dev/null
+++ b/user/nginx/nginx.pre-install
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+addgroup -Sg 82 www-data 2>/dev/null
+addgroup -S nginx 2>/dev/null
+adduser -S -D -H -h /var/lib/nginx -s /sbin/nologin -G nginx -g nginx nginx 2>/dev/null
+addgroup nginx www-data 2>/dev/null
+
+exit 0