This script builds a set of Nginx packages against the Ubuntu Nginx Mainline Branch, currently at version 1.7.8
, with an emphasis on producing a streamlined final binary that includes/excluded configuration flags and adds a short list of modules used internally by Scribe Inc.—for both our own websites and those we administer.
Very generally, this script simply pulls the latest Nginx mainline source and adds any additional files, applies any relivant patches, clones any relivant modules and external dependencies. It can then run a handlful of build operations against the resulting source.
At this time, the build script does a simply check that you are running a supported Ubuntu version: Trusty 14.04
or Utopic 14.10
. With that said, it should be trivial to to support later releases of Ubuntu—the version check simply means I haven't tested it on that enviornment yet, not that it is incompatable.
Before runing the bootstrap.sh
script, it is important to familiarize (and generally customize) the configuration options available. Neglecting to do so will not provide optimal results.
The following are key configuration items:
-
BUILD_SIGNING_KEY_ID
Your PGP siging key, used to sign your source and package files. By default this script runs with
--force-sign
enabled, and will not exit successfully if you don't change the signing key. For more information, see the Ubuntu Help Docs. -
BUILD_MODE
This script can run in a number of build modes that dictate its behaviour after the intial boostrap. The
BUILD_MODE
is defined by assigning it one of the following numeric options:-
[
1
] Generate source and binary packages locally in your current (non-sanatized) enviornment. This will result in packages that should be capable of installation on any target system of the same release. -
[
2
] Generate source packages only (generally for a PPA upload) -
[
3
] Generate source packages only (and perform the PPA upload automatically) -
[
4
] Perform a test build using SimpleSbuild, a sanitized enviornment similar to the automated builders used by Launchpad.
-
-
BUILD_LAUNCHPAD_URL
In order to take advantage of build option
3
and have your source files automatically uploaded to Launchpad upon successful source generation, this must be configured to your Laucnhpad PPA path. -
SBUILD_DIST
In order to take advantage of build option
4
and run your build using SimpleSbuild locally (to mimic a similar enviornment to Launchpad's automated builders), this option must be set to an installed distribution name. Assumes SimpleSBuild has been setup per the Ubuntu Wiki on SimpleSbuild. -
OPT_DPKG_BUILDPACKAGE
If you only plan on using option one for testing purposes and do not need your files signed, you must remove the
--force-sign -k${BUILD_SIGNING_KEY_ID}
line from theOPT_DPKG_BUILDPACKAGE
variable. Otherwise, if you haven't setup a GPG key and updated the changelog to reflect your name and e-mail address, the build will fail.
The following configuration flags—generallty not compiled by default—are explicitly enabled in this build:
-
IPv6
, --with-ipv6Enable IPv6 support within Nginx.
-
debug
, --with-debugAllow verbose debug-level logging output. (While this should not be enabled on a production enviornment, allowing for debug output to be turned on enables viewing advanced, low-level information about a request cycle.)
-
PCRE
, --with-pcreCompile and link against non-system PCRE. Instead, grab the latest release and explicitly enable JIT support. (JIT support is broken in libpcre package provided by Ubuntu Trusty repository)
-
PCRE JIT
, --with-pcre-jitEnable PCRE Just-In-Time (JIT) regular expression compilation. (Substantial performance gains on regex-heavy server configurations, requires statically linking PCRE to during compilation.)
-
AIO
, --with-file-aioEnable kernel asynchronous I/O support. (Allows the process that requests an IO operation to not be blocked if the data is unavailable; execution continues and the process can later check the status of the submitted IO request.)
The following config flags—generally compiled by default—are explicitly disabled in this build:
-
Poll and Select
, --without-poll_module and --without-select_moduleWe don't need these as we can use the
epoll
event model which is preferable on a Linux kernel >2.6 enviornment. See http://wiki.nginx.org/Optimizations -
UWSGI
, --without-http_uwsgi_moduleWe don't use uWSGI for any of our services. See https://uwsgi-docs.readthedocs.org/en/latest/
The following modules are compiled into Nginx with this release:
-
Provides the necessary support for HTTPS.
-
Provides access to basic status information.
-
Creates variables with values depending on the client IP address, using the precompiled MaxMind databases.
-
Provides experimental support for SPDY. Currently implements draft 3.1.
-
Enables HTTP Basic Authentication agains PAM.
-
Module that adds additional generic tools that module developers can use in their own modules (required for some of the following modules).
-
An implementation of an upload progress system, that monitors RFC1867 POST upload as they are transmitted to upstream servers.
-
ngx_pagespeed speeds up your site and reduces page load time by automatically applying web performance best practices to pages and associated assets (CSS, JavaScript, images) without requiring you to modify your existing content or workflow.
git clone https://github.com/scribenet/nginx-scribe.git && cd nginx-scribe
[nano/vim] bootstrap.sh
./bootstrap.sh