-
Notifications
You must be signed in to change notification settings - Fork 1
/
naxsi.sh
65 lines (51 loc) · 1.99 KB
/
naxsi.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#! /bin/bash
# Install dependancies
apt-get update
apt-get install -y gcc make libpcre3-dev zlib1g-dev libpcap-dev openssl libssl-dev build-essential libpcre3-dev zlib1g-dev
# Download archives
wget http://nginx.org/download/nginx-1.16.1.tar.gz -O /opt/nginx.tar.gz
wget https://github.com/nbs-system/naxsi/archive/0.56.tar.gz -O /opt/naxsi.tar.gz
# Extract archives
tar -xzf /opt/nginx.tar.gz -C /opt
tar -xzf /opt/naxsi.tar.gz -C /opt
# Configure compilation options
cd /opt/nginx-1.16.1
./configure \
--conf-path=/etc/nginx/nginx.conf \
--add-module=../naxsi-0.56/naxsi_src \
--error-log-path=/var/log/nginx/error.log \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-log-path=/var/log/nginx/access.log \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid \
--user=www-data \
--group=www-data \
--with-http_ssl_module \
--without-mail_pop3_module \
--without-mail_smtp_module \
--without-mail_imap_module \
--without-http_uwsgi_module \
--without-http_scgi_module \
--prefix=/usr
# Patch temporary gcc problem in Makefile
sed -i 's/Werror/Wno-error/g' objs/Makefile
# Compile nginx with naxsi options
make -j 2
# Install binaries
make install
# Configure naxsi
cp /opt/naxsi-0.56/naxsi_config/naxsi_core.rules /etc/nginx/
cp config/naxsi.conf /etc/nginx/naxsi.rules
cp config/error.html /usr/html
sed -i '/mime\.type/a include\ \/etc\/nginx\/sites-enabled\/\*\;' /etc/nginx/nginx.conf
sed -i '/mime\.type/a include\ \/etc\/nginx\/conf\.d\/\*\.conf\;' /etc/nginx/nginx.conf
sed -i '/mime\.type/a include\ \/etc\/nginx\/naxsi_core\.rules\;' /etc/nginx/nginx.conf
sed -i '/^ location\ \//a include\ \/etc\/nginx\/naxsi\.rules\;' /etc/nginx/nginx.conf
# Create startup script
cp config/nginx_naxsi.service /lib/systemd/system/nginx.service
# Create tmp folder
mkdir -p /var/lib/nginx/body
# Start nginx
systemctl start nginx