==================================================================================== === Сборка Nginx с модулями fancyindex и geoip2, лежащими в каталоге уровнем выше: ==================================================================================== apt-get install libpcre++-dev libssl-dev gcc make zlib1g-dev libxslt-dev apache2-utils wget http://nginx.org/download/nginx-1.25.2.tar.gz tar zxvf nginx-1.25.2.tar.gz cd nginx-1.25.2 ============ == Модули == ============ apt-get install software-properties-common add-apt-repository ppa:maxmind/ppa apt-get update apt-get install libmaxminddb0 libmaxminddb-dev mmdb-bin wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/3.4.tar.gz tar -xvzf 3.4.tar.gz # Maxmind GeoIP базы в открытом доступе: # https://github.com/P3TERX/GeoLite.mmdb git clone https://github.com/aperezdc/ngx-fancyindex.git ngx-fancyindex adduser --system --no-create-home --group nginx ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin --modules-path=/etc/nginx/modules --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --user=nginx --group=nginx --without-http_uwsgi_module --without-http_scgi_module --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_xslt_module --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' --with-debug --add-module=../modules/ngx-fancyindex/ --add-module=../modules/ngx_http_geoip2_module make make install mkdir /var/cache/nginx chown -R nginx:nginx /var/cache/nginx ======================== == Для авторизации == ======================== htpasswd -c /etc/nginx/.htpasswd user1 htpasswd /etc/nginx/.htpasswd user2 ==================================================================================== === Пример init.d скрипта: ==================================================================================== # vi /etc/init.d/nginx #!/bin/sh ### BEGIN INIT INFO # Provides: nginx # Required-Start: $network $remote_fs $local_fs # Required-Stop: $network $remote_fs $local_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Stop/start nginx ### END INIT INFO # Author: Sergey Budnevitch PATH=/sbin:/usr/sbin:/bin:/usr/bin if [ -L $0 ]; then SCRIPTNAME=`/bin/readlink -f $0` else SCRIPTNAME=$0 fi sysconfig=`/usr/bin/basename $SCRIPTNAME` [ -r /etc/default/$sysconfig ] && . /etc/default/$sysconfig DESC=${DESC:-nginx} NAME=${NAME:-nginx} CONFFILE=${CONFFILE:-/etc/nginx/nginx.conf} DAEMON=${DAEMON:-/usr/sbin/nginx} PIDFILE=${PIDFILE:-/var/run/nginx.pid} SLEEPSEC=${SLEEPSEC:-1} UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS:-5} CHECKSLEEP=${CHECKSLEEP:-3} [ -x $DAEMON ] || exit 0 DAEMON_ARGS="-c $CONFFILE $DAEMON_ARGS" . /lib/init/vars.sh . /lib/lsb/init-functions do_start() { start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ $DAEMON_ARGS RETVAL="$?" return "$RETVAL" } do_stop() { # Return # 0 if daemon has been stopped # 1 if daemon was already stopped # 2 if daemon could not be stopped # other if a failure occurred start-stop-daemon --stop --quiet --oknodo --retry=TERM/30/KILL/5 --pidfile $PIDFILE RETVAL="$?" rm -f $PIDFILE return "$RETVAL" } do_reload() { # start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE RETVAL="$?" return "$RETVAL" } do_configtest() { if [ "$#" -ne 0 ]; then case "$1" in -q) FLAG=$1 ;; *) ;; esac shift fi $DAEMON -t $FLAG -c $CONFFILE RETVAL="$?" return $RETVAL } do_upgrade() { OLDBINPIDFILE=$PIDFILE.oldbin do_configtest -q || return 6 start-stop-daemon --stop --signal USR2 --quiet --pidfile $PIDFILE RETVAL="$?" for i in `/usr/bin/seq $UPGRADEWAITLOOPS`; do sleep $SLEEPSEC if [ -f $OLDBINPIDFILE -a -f $PIDFILE ]; then start-stop-daemon --stop --signal QUIT --quiet --pidfile $OLDBINPIDFILE RETVAL="$?" return fi done echo $"Upgrade failed!" RETVAL=1 return $RETVAL } do_checkreload() { templog=`/bin/mktemp --tmpdir nginx-check-reload-XXXXXX.log` trap '/bin/rm -f $templog' 0 /usr/bin/tail --pid=$$ -n 0 --follow=name /var/log/nginx/error.log > $templog & /bin/sleep 1 start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE /bin/sleep $CHECKSLEEP /bin/grep -E "\[emerg\]|\[alert\]" $templog } case "$1" in start) [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC " "$NAME" do_start case "$?" in 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; esac ;; stop) [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" do_stop case "$?" in 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; esac ;; status) status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $? ;; configtest) do_configtest ;; upgrade) do_upgrade ;; reload|force-reload) log_daemon_msg "Reloading $DESC" "$NAME" do_reload log_end_msg $? ;; restart|force-reload) log_daemon_msg "Restarting $DESC" "$NAME" do_configtest -q || exit $RETVAL do_stop case "$?" in 0|1) do_start case "$?" in 0) log_end_msg 0 ;; 1) log_end_msg 1 ;; # Old process is still running *) log_end_msg 1 ;; # Failed to start esac ;; *) # Failed to stop log_end_msg 1 ;; esac ;; check-reload) do_checkreload RETVAL=0 ;; *) echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload|upgrade|configtest|check-reload}" >&2 exit 3 ;; esac exit $RETVAL