From bb7e8ce936e70452b4b2a6e0661f9a64baf4de9e Mon Sep 17 00:00:00 2001 From: Kiyoshi Aman Date: Fri, 29 Mar 2019 01:50:11 -0500 Subject: user/nginx: new package --- user/nginx/APKBUILD | 88 ++++++++++++++++++++++++++++++++++++++++++++ user/nginx/nginx.conf | 41 +++++++++++++++++++++ user/nginx/nginx.initd | 71 +++++++++++++++++++++++++++++++++++ user/nginx/nginx.pre-install | 8 ++++ 4 files changed, 208 insertions(+) create mode 100644 user/nginx/APKBUILD create mode 100644 user/nginx/nginx.conf create mode 100644 user/nginx/nginx.initd create mode 100644 user/nginx/nginx.pre-install diff --git a/user/nginx/APKBUILD b/user/nginx/APKBUILD new file mode 100644 index 000000000..88d5a7556 --- /dev/null +++ b/user/nginx/APKBUILD @@ -0,0 +1,88 @@ +# Contributor: Kiyoshi Aman +# Maintainer: Kiyoshi Aman +pkgname=nginx +pkgver=1.14.2 +pkgrel=0 +pkgdesc="High-performance HTTP server" +url="https://nginx.org" +arch="all" +options="!check" # No test suite +license="BSD-2-Clause" +depends="" +depends_dev="" +makedepends="geoip-dev libgd-dev libxml2-dev libxslt-dev openssl-dev pcre-dev" +install="nginx.pre-install" +pkgusers="nginx" +pkggroups="nginx" +subpackages="$pkgname-openrc" +source="http://nginx.org/download/nginx-$pkgver.tar.gz + nginx.initd + nginx.conf" + +build() { + cd "$builddir" + ./configure \ + --build=$CBUILD \ + --prefix=/usr \ + --modules-path=/usr/libexec/nginx \ + --conf-path=/etc/nginx/ \ + --pid-path=/run/nginx \ + --lock-path=/run/nginx \ + --user=nginx \ + --group=nginx \ + --with-poll_module \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_xslt_module=dynamic \ + --with-http_image_filter_module=dynamic \ + --with-http_geoip_module=dynamic \ + --with-http_dav_module \ + --with-http_gunzip_module \ + --with-http_auth_request_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-stream=dynamic \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module=dynamic \ + --with-stream_ssl_preread_module \ + --without-http_ssi_module + make +} + +package() { + cd "$builddir" + mkdir -p "$pkgdir"/usr/sbin + install -Dm755 objs/nginx "$pkgdir"/usr/sbin/nginx + + mkdir -p "$pkgdir"/etc/init.d + install -Dm755 "$srcdir"/nginx.initd "$pkgdir"/etc/init.d/nginx + + mkdir -p "$pkgdir"/etc/nginx + for i in koi-win koi-utf win-utf mime.types; do + install -Dm644 conf/$i "$pkgdir"/etc/nginx + done + install -Dm644 "$srcdir"/nginx.conf "$pkgdir"/etc/nginx + + mkdir -p "$pkgdir"/etc/nginx/conf.d + for i in fastcgi scgi uwsgi; do + install -Dm644 conf/${i}_params "$pkgdir"/etc/nginx/conf.d/"$i".conf + done + + mkdir -p "$pkgdir"/usr/libexec/nginx + for i in objs/ngx_*_module.so; do + install -Dm755 "$i" "$pkgdir"/usr/libexec/nginx + done + + mkdir -p "$pkgdir"/var/www/nginx/localhost + for i in html/*.html; do + install -Dm644 "$i" "$pkgdir"/var/www/nginx/localhost + done +} + +sha512sums="d8362dbd86435657d6b13156bd6ad1b251d2ab10bc11cdda959b142dd6120b087e4b314f0025d9bbcc88529cb4b9407fb4df1cfae5d081b7ea1db51ccfc2dbe7 nginx-1.14.2.tar.gz +eb183860cd511361346e4079c1fcf470985e1c3b2a034a57f8b2a92ba851fed99256261f9b779770a5f57e3750e9e71bd1550a9d19ad9bf3a4d288864f0374a2 nginx.initd +efedf75dbea497148e21515d8c8fda73d6af886418c2b777b5d38b3b21a929052009813b6cab122be5dc60af9b5ba948bb4e81a03f15322dd42418d7a3b64f69 nginx.conf" diff --git a/user/nginx/nginx.conf b/user/nginx/nginx.conf new file mode 100644 index 000000000..93060f64a --- /dev/null +++ b/user/nginx/nginx.conf @@ -0,0 +1,41 @@ +# This is an example configuration for nginx, with many secure defaults +# already specified. + +# The system user under which nginx should run. +user nginx; + +# The number of worker processes nginx should have; typically this +# should be the number of available cores. 'auto' allows nginx to +# auto-detect a reasonable value. +worker_processes auto; + +# The following is specific to the servicing of HTTP connections. +http { + # Default mapping of MIME types to file extensions. + include mime.types; + # The MIME type to use for unknown extensions. + default_type application/octet-stream; + + # Tuning options + sendfile on; + tcp_nopush on; + aio on; + # The threshold after which direct I/O should be used; insufficient + # documentation exists to provide sensible values, so this will, of + # necessity, require extensive testing with expected workloads to + # get an optimal threshold. + directio 4m; + # The length of time to keep connections open. As with directio, + # this setting will require testing to come at an optimal value. + keepalive_timeout 5s; + # This setting compresses most transmissions when enabled, reducing + # bandwidth usage. + gzip on; + + # Further global configurations + include conf.d/*.conf; + + # Site-specific configurations + include sites.d/*.conf; +} + diff --git a/user/nginx/nginx.initd b/user/nginx/nginx.initd new file mode 100644 index 000000000..603f91e63 --- /dev/null +++ b/user/nginx/nginx.initd @@ -0,0 +1,71 @@ +#!/sbin/openrc-run + +description="Nginx http and reverse proxy server" +extra_commands="checkconfig" +extra_started_commands="reload reopen upgrade" + +cfgfile=${cfgfile:-/etc/nginx/nginx.conf} +pidfile=/run/nginx/nginx.pid +command=/usr/sbin/nginx +command_args="-c $cfgfile" +required_files="$cfgfile" + +depend() { + need net + use dns logger netmount +} + +start_pre() { + checkpath --directory --owner nginx:nginx ${pidfile%/*} + $command $command_args -t -q +} + +checkconfig() { + ebegin "Checking $RC_SVCNAME configuration" + start_pre + eend $? +} + +reload() { + ebegin "Reloading $RC_SVCNAME configuration" + start_pre && start-stop-daemon --signal HUP --pidfile $pidfile + eend $? +} + +reopen() { + ebegin "Reopening $RC_SVCNAME log files" + start-stop-daemon --signal USR1 --pidfile $pidfile + eend $? +} + +upgrade() { + start_pre || return 1 + + ebegin "Upgrading $RC_SVCNAME binary" + + einfo "Sending USR2 to old binary" + start-stop-daemon --signal USR2 --pidfile $pidfile + + einfo "Sleeping 3 seconds before pid-files checking" + sleep 3 + + if [ ! -f $pidfile.oldbin ]; then + eerror "File with old pid ($pidfile.oldbin) not found" + return 1 + fi + + if [ ! -f $pidfile ]; then + eerror "New binary failed to start" + return 1 + fi + + einfo "Sleeping 3 seconds before WINCH" + sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin + + einfo "Sending QUIT to old binary" + start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin + + einfo "Upgrade completed" + + eend $? "Upgrade failed" +} diff --git a/user/nginx/nginx.pre-install b/user/nginx/nginx.pre-install new file mode 100644 index 000000000..ae5b6857a --- /dev/null +++ b/user/nginx/nginx.pre-install @@ -0,0 +1,8 @@ +#!/bin/sh + +addgroup -Sg 82 www-data 2>/dev/null +addgroup -S nginx 2>/dev/null +adduser -S -D -H -h /var/lib/nginx -s /sbin/nologin -G nginx -g nginx nginx 2>/dev/null +addgroup nginx www-data 2>/dev/null + +exit 0 -- cgit v1.2.3-70-g09d2