Build Nginx Based #120
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Nginx Based | |
on: | |
workflow_dispatch: | |
inputs: | |
nginx_version: | |
description: "Specify the nginx version" | |
required: true | |
default: "1.27.2" | |
prefix: | |
description: "Specify the installation prefix" | |
required: true | |
default: "/usr/local/nginx" | |
jobs: | |
build-nginx: | |
runs-on: ubuntu-latest | |
env: | |
NGINX_SRC_DIR: "/opt/nginx" | |
PREFIX: ${{ github.event.inputs.prefix }} | |
NGINX_VERSION: ${{ github.event.inputs.nginx_version }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Pull Docker image for chosen system and Start Docker container | |
run: | | |
sudo apt -q update | |
sudo apt -q -y install docker-ce | |
sudo docker pull -q --disable-content-trust rockylinux:9 | |
sudo docker run -d --name build-nginx-container -v ${{ github.workspace }}:${{ env.NGINX_SRC_DIR }} almalinux:9 tail -f /dev/null | |
- name: Update system and install base dependencies and Clean DNF cache | |
run: | | |
docker exec build-nginx-container bash -c " | |
dnf clean all && | |
dnf --setopt=fastestmirror=True --setopt=deltarpm=True --setopt=max_parallel_downloads=10 --setopt=keepcache=True makecache && | |
dnf -y --setopt=fastestmirror=True --setopt=deltarpm=True --setopt=max_parallel_downloads=10 --setopt=keepcache=True update && | |
dnf -y --setopt=fastestmirror=True --setopt=deltarpm=True --setopt=max_parallel_downloads=10 --setopt=keepcache=True in epel-release && | |
dnf -y --setopt=fastestmirror=True --setopt=deltarpm=True --setopt=max_parallel_downloads=10 --setopt=keepcache=True groupinstall 'Development Tools' && | |
dnf -y --setopt=fastestmirror=True --setopt=deltarpm=True --setopt=max_parallel_downloads=10 --setopt=keepcache=True \ | |
in nano wget psmisc cmake go automake gcc gcc-c++ kernel-devel git make tar autoconf \ | |
zlib zlib-devel openssl openssl-devel bzip2 bzip2-devel pcre pcre-devel perl-IPC-Cmd libaio libaio-devel \ | |
brotli-devel glibc-headers glibc-devel libbsd-devel perl-core libxcrypt-compat libtool binutils binutils-gold | |
" | |
- name: Clone OpenSSL repository | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && git clone --depth 1 --recurse-submodules https://github.com/quictls/openssl.git openssl | |
" | |
- name: Clone and build libmaxminddb | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
git clone --depth 1 --recurse-submodules https://github.com/maxmind/libmaxminddb.git libmaxminddb && | |
cd libmaxminddb && ./bootstrap && ./configure && | |
make -j$(nproc) && make install | |
" | |
- name: Clone and build jemalloc | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
git clone --depth 1 --recurse-submodules https://github.com/jemalloc/jemalloc.git jemalloc && | |
cd jemalloc && ./autogen.sh && ./configure && | |
make -j$(nproc) && make install && | |
ln -s /usr/local/lib/libjemalloc.so.2 /usr/lib/libjemalloc.so.2 && | |
ln -s /usr/local/lib/libjemalloc.so.2 /usr/lib64/libjemalloc.so.2 | |
" | |
- name: Clone ngx_brotli module | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && git clone --depth 1 --recurse-submodules https://github.com/google/ngx_brotli.git ngx_brotli && | |
cd ngx_brotli && git submodule update --init | |
" | |
- name: Clone and build zstd | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
git clone --depth 1 --recurse-submodules https://github.com/facebook/zstd.git zstd && | |
cd zstd && make -j$(nproc) && make install | |
" | |
- name: Clone ngx_zstd module | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && git clone --depth 1 --recurse-submodules https://github.com/HanadaLee/ngx_http_zstd_module.git ngx_zstd | |
" | |
- name: Clone and build PCRE2 | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
git clone --depth 1 --recurse-submodules https://github.com/PCRE2Project/pcre2.git pcre2 && | |
cd pcre2 && | |
./autogen.sh && ./configure && | |
make -j$(nproc) && make install | |
" | |
- name: Clone ngx_http_geoip2_module | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
git clone --depth 1 --recurse-submodules https://github.com/leev/ngx_http_geoip2_module.git ngx_http_geoip2_module | |
" | |
# - name: Clone and build luajit2 | |
# run: | | |
# docker exec build-nginx-container bash -c " | |
# cd ${{ env.NGINX_SRC_DIR }} && | |
# git clone --depth 1 --recurse-submodules https://github.com/openresty/luajit2.git luajit2 | |
# cd luajit2 | |
# make -j$(nproc) && make install && | |
# echo 'export LUAJIT_LIB=/usr/local/lib' >> ~/.bashrc && | |
# echo 'export LUAJIT_INC=/usr/local/include/luajit-2.1' >> ~/.bashrc && | |
# luajit -v | |
# " | |
# - name: Clone ngx_devel_kit | |
# run: | | |
# docker exec build-nginx-container bash -c " | |
# cd ${{ env.NGINX_SRC_DIR }} && | |
# git clone --depth 1 --recurse-submodules https://github.com/vision5/ngx_devel_kit.git ngx_devel_kit | |
# " | |
# - name: Clone lua_nginx_module | |
# run: | | |
# docker exec build-nginx-container bash -c " | |
# cd ${{ env.NGINX_SRC_DIR }} && | |
# git clone --depth 1 --recurse-submodules https://github.com/openresty/lua-nginx-module.git lua-nginx-module | |
# " | |
- name: Download and extract Nginx source | |
run: | | |
docker exec build-nginx-container bash -c " | |
cd ${{ env.NGINX_SRC_DIR }} && | |
wget https://nginx.org/download/nginx-${{ env.NGINX_VERSION }}.tar.gz && | |
tar -zxvf nginx-${{ env.NGINX_VERSION }}.tar.gz | |
" | |
- name: Configure Nginx | |
run: | | |
docker exec build-nginx-container bash -c " | |
source ~/.bashrc && ldconfig && | |
cd ${{ env.NGINX_SRC_DIR }}/nginx-${{ env.NGINX_VERSION }} && | |
./configure --prefix=${{ env.PREFIX }} \ | |
--with-compat \ | |
--with-threads \ | |
--with-file-aio \ | |
--with-poll_module \ | |
--with-http_v2_module \ | |
--with-http_v3_module \ | |
--with-http_ssl_module \ | |
--with-http_sub_module \ | |
--with-http_slice_module \ | |
--with-http_realip_module \ | |
--with-http_degradation_module \ | |
--with-http_stub_status_module \ | |
--with-pcre-jit \ | |
--with-pcre=../pcre2 \ | |
--with-stream \ | |
--with-stream_ssl_module \ | |
--with-stream_ssl_preread_module \ | |
--with-openssl=../openssl \ | |
--add-module=../ngx_zstd \ | |
--add-module=../ngx_brotli \ | |
--add-dynamic-module=../ngx_http_geoip2_module \ | |
--with-ld-opt="-ljemalloc -lcrypt -Wl,-z,relro,-z,now -flto -fuse-ld=gold" \ | |
--with-openssl-opt='no-weak-ssl-ciphers enable-ec_nistp_64_gcc_128 enable-asm enable-tls1_3 enable-quic' \ | |
--with-cc-opt='-O3 -march=haswell -mtune=haswell -mavx2 -funroll-loops -fprefetch-loop-arrays \ | |
-fstack-protector-strong -D_FORTIFY_SOURCE=2 -ffast-math -fomit-frame-pointer -finline-functions \ | |
-fno-strict-aliasing -ffunction-sections -fdata-sections -Wl,--gc-sections -fPIC -pipe -flto -fuse-ld=gold' | |
" | |
- name: Build Nginx | |
run: | | |
docker exec build-nginx-container bash -c " | |
source ~/.bashrc && ldconfig && | |
cd ${{ env.NGINX_SRC_DIR }}/nginx-${{ env.NGINX_VERSION }} && | |
make -j$(nproc) && | |
objs/nginx -V &> ${{ env.NGINX_SRC_DIR }}/nginx_build_info.txt && | |
mv objs/nginx ${{ env.NGINX_SRC_DIR }}/ && | |
mv objs/ngx_http_geoip2_module.so ${{ env.NGINX_SRC_DIR }}/ | |
" | |
- name: Upload Nginx binary and build information to repository | |
uses: actions/upload-artifact@v4 | |
with: | |
name: nginx-linux64-${{ env.NGINX_VERSION }} | |
path: | | |
${{ github.workspace }}/nginx | |
${{ github.workspace }}/nginx_build_info.txt | |
${{ github.workspace }}/ngx_http_geoip2_module.so | |
retention-days: 2 | |
compression-level: 9 | |
if-no-files-found: error |