Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How to install wordpress on a subdirectory Question Question
having issues with nginx varnish and wordpress Question Question

Question

Best PPA for Nginx with Google Pagespeed

Posted February 18, 2017 20.4k views
NginxWordPressUbuntu 16.04

I’ve been trying to install PageSpeed on an existing Nginx server for the last 12 hrs with no luck, I keep running into different errors and having to read over and again to solve them. This is my first VPS

But I understand that some PPAs have this inbuilt. I don’t mind starting a new server to have this installed from the scratch and rebuild WP on it. I know that Easyengine had it but took Pagespeed out in Ver 3.6

Any other PPA suggestions will be welcome

Add a comment
ososoba
By:
ososoba

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How to install wordpress on a subdirectory Question Question
having issues with nginx varnish and wordpress Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
27 answers
jtittle1 February 18, 2017

@ososoba

You don’t specifically need a PPA as they have their own auto-installer that’s available. It’ll automate a source build of NGINX w/ ngx_pagespeed as a module. All you need to do is run:

bash <(curl -f -L -sS https://ngxpagespeed.com/install) --nginx-version latest

… and follow the on-screen prompts.

Keep in mind, this is a very barebones installation of NGINX. If you need specific modules compiled in, you’ll need to specify those when the script prompts you.

References

https://modpagespeed.com/doc/buildngxpagespeedfromsource

https://modpagespeed.com/doc/configuration

http://wiki.nginx.org/InitScripts

Reply Report
jtittle1 February 21, 2017

@ososoba

Before We Get Started

This is meant to be a copy and paste command, meaning you copy it from top to bottom and paste it to the CLI, then hit enter and let it run its course.

This installs NGINX w/Pagespeed, PHP 7.1, and MariaDB, but it will take a little bit of time to complete, so be patient; source compiles take time.

I’ve provided configuration samples for NGINX and your first Server Block below the command with a few details. This should get you started with a working build environment. You’ll still need to create your database(s), upload your PHP files, etc.

Finally … this is a long post. Take your time :-).

The One-Liner

apt-get update \
&& apt-get -y upgrade \
&& apt-get -y install autoconf automake bc bison build-essential ccache cmake curl dh-systemd flex gcc geoip-bin google-perftools g++ icu-devtools libacl1-dev libbz2-dev libcap-ng-dev libcap-ng-utils libcurl4-openssl-dev libdmalloc-dev libenchant-dev libevent-dev libexpat1-dev libfontconfig1-dev libfreetype6-dev libgd-dev libgeoip-dev libghc-iconv-dev libgmp-dev libgoogle-perftools-dev libice-dev libice6 libicu-dev libjbig-dev libjpeg-dev libjpeg-turbo8-dev libjpeg8-dev libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev liblzma-dev libmhash-dev libmhash2 libmm-dev libncurses5-dev libnspr4-dev libpam0g-dev libpcre3 libpcre3-dev libperl-dev libpng-dev libpng12-dev libpthread-stubs0-dev libreadline-dev libselinux1-dev libsm-dev libsm6 libssl-dev libtidy-dev libtiff5-dev libtiffxx5 libunbound-dev libvpx-dev libvpx3 libwebp-dev libx11-dev libxau-dev libxcb1-dev libxdmcp-dev libxml2-dev libxpm-dev libxslt1-dev libxt-dev libxt6 make nano perl pkg-config software-properties-common systemtap-sdt-dev unzip webp wget xtrans-dev zip zlib1g-dev zlibc \
&& add-apt-repository -y ppa:ondrej/php \
&& apt-get update \
&& apt-get -y install php7.1-cli php7.1-dev php7.1-fpm php7.1-bcmath php7.1-bz2 php7.1-common php7.1-curl php7.1-gd php7.1-gmp php7.1-imap php7.1-intl php7.1-json php7.1-mbstring php7.1-mysql php7.1-readline php7.1-recode php7.1-soap php7.1-sqlite3 php7.1-xml php7.1-xmlrpc php7.1-zip php7.1-opcache php7.1-xsl php-yaml \
&& mkdir -p /usr/local/src/packages/{modules,nginx,openssl,pcre,zlib} \
&& mkdir -p /etc/nginx/{cache/{client,fastcgi,proxy,uwsgi,scgi},config/php,lock,logs,modules,pid,sites,ssl} \
&& useradd -d /etc/nginx nginx \
&& cd /usr/local/src/packages/nginx \
&& wget https://nginx.org/download/nginx-1.11.10.tar.gz \
&& tar xvf nginx-1.11.10.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/openssl \
&& wget https://www.openssl.org/source/openssl-1.1.0e.tar.gz \
&& tar xvf openssl-1.1.0e.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/pcre \
&& wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz \
&& tar xvf pcre-8.40.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/zlib \
&& wget http://www.zlib.net/zlib-1.2.11.tar.gz \
&& tar xvf zlib-1.2.11.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/modules \
&& wget https://github.com/openresty/headers-more-nginx-module/archive/v0.32.tar.gz \
&& tar zxf v0.32.tar.gz \
&& wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz \
&& tar zxf v0.3.0.tar.gz \
&& wget https://github.com/FRiCKLE/ngx_cache_purge/archive/2.3.tar.gz \
&& tar zxf 2.3.tar.gz \
&& NPS_VERSION="1.12.34.2" \
&& cd /usr/local/src/packages/modules/ \
&& wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}-beta.zip \
&& unzip v${NPS_VERSION}-beta.zip \
&& cd /usr/local/src/packages/modules/ngx_pagespeed-${NPS_VERSION}-beta \
&& psol_url=https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}.tar.gz \
&& [ -e scripts/format_binary_url.sh ] && psol_url=$(scripts/format_binary_url.sh PSOL_BINARY_URL) \
&& wget ${psol_url} \
&& tar -xzvf $(basename ${psol_url}) \
&& cd /usr/local/src/packages/nginx \
&& ./configure --prefix=/etc/nginx \
               --sbin-path=/usr/sbin/nginx \
               --conf-path=/etc/nginx/config/nginx.conf \
               --lock-path=/etc/nginx/lock/nginx.lock \
               --pid-path=/etc/nginx/pid/nginx.pid \
               --error-log-path=/etc/nginx/logs/error.log \
               --http-log-path=/etc/nginx/logs/access.log \
               --http-client-body-temp-path=/etc/nginx/cache/client \
               --http-proxy-temp-path=/etc/nginx/cache/proxy \
               --http-fastcgi-temp-path=/etc/nginx/cache/fastcgi \
               --http-uwsgi-temp-path=/etc/nginx/cache/uwsgi \
               --http-scgi-temp-path=/etc/nginx/cache/scgi \
               --user=nginx \
               --group=nginx \
               --with-poll_module \
               --with-threads \
               --with-file-aio \
               --with-http_ssl_module \
               --with-http_v2_module \
               --with-http_realip_module \
               --with-http_addition_module \
               --with-http_xslt_module \
               --with-http_image_filter_module \
               --with-http_sub_module \
               --with-http_dav_module \
               --with-http_flv_module \
               --with-http_mp4_module \
               --with-http_gunzip_module \
               --with-http_gzip_static_module \
               --with-http_auth_request_module \
               --with-http_random_index_module \
               --with-http_secure_link_module \
               --with-http_degradation_module \
               --with-http_slice_module \
               --with-http_stub_status_module \
               --with-stream \
               --with-stream_ssl_module \
               --with-stream_realip_module \
               --with-stream_geoip_module \
               --with-stream_ssl_preread_module \
               --with-google_perftools_module \
               --with-pcre=/usr/local/src/packages/pcre \
               --with-pcre-jit \
               --with-zlib=/usr/local/src/packages/zlib \
               --with-openssl=/usr/local/src/packages/openssl \
               --add-module=/usr/local/src/packages/modules/ngx_devel_kit-0.3.0 \
               --add-module=/usr/local/src/packages/modules/headers-more-nginx-module-0.32 \
               --add-module=/usr/local/src/packages/modules/ngx_cache_purge-2.3 \
               --add-module=/usr/local/src/packages/modules/ngx_pagespeed-1.12.34.2-beta \
&& make \
&& make install

Once the above completes, we need to run the following, which will delete our existing NGINX config and files we don’t need.

rm -rf /etc/nginx/config/nginx.conf \
&& rm -rf /etc/nginx/config/*.default

Now, we’ll implement our actual NGINX configuration by creating a new NGINX configuration file.

nano /etc/nginx/config/nginx.conf

and paste in:

user                                                    nginx nginx;
worker_processes                                        1;
worker_priority                                         -10;

worker_rlimit_nofile                                    260000;
timer_resolution                                        100ms;

pcre_jit                                                on;

events {
    worker_connections                                  10000;
    accept_mutex                                        off;
    accept_mutex_delay                                  200ms;
    use                                                 epoll;
}


http {
    map_hash_bucket_size                                128;
    map_hash_max_size                                   4096;
    server_names_hash_bucket_size                       128;
    server_names_hash_max_size                          2048;
    variables_hash_max_size                             2048;

    index                                               index.php index.html index.htm;
    include                                             mime.types;
    default_type                                        application/octet-stream;
    charset                                             utf-8;

    sendfile                                            on;
    sendfile_max_chunk                                  512k;
    tcp_nopush                                          on;
    tcp_nodelay                                         on;
    server_tokens                                       off;
    server_name_in_redirect                             off;

    keepalive_timeout                                   5;
    keepalive_requests                                  500;
    lingering_time                                      20s;
    lingering_timeout                                   5s;
    keepalive_disable                                   msie6;

    gzip                                                on;
    gzip_vary                                           on;
    gzip_disable                                        "MSIE [1-6]\.";
    gzip_static                                         on;
    gzip_min_length                                     1400;
    gzip_buffers                                        32 8k;
    gzip_http_version                                   1.0;
    gzip_comp_level                                     5;
    gzip_proxied                                        any;
    gzip_types                                          text/plain
                                                        text/css
                                                        text/xml
                                                        application/javascript
                                                        application/x-javascript
                                                        application/xml
                                                        application/xml+rss
                                                        application/ecmascript
                                                        application/json
                                                        image/svg+xml;

    client_body_buffer_size                             256k;
    client_body_in_file_only                            off;
    client_body_timeout                                 10s;
    client_header_buffer_size                           64k;
    client_header_timeout                               5s;
    client_max_body_size                                50m;
    connection_pool_size                                512;
    directio                                            4m;
    ignore_invalid_headers                              on;
    large_client_header_buffers                         8 64k;
    output_buffers                                      8 256k;
    postpone_output                                     1460;
    proxy_temp_path                                     /etc/nginx/cache/proxy;
    request_pool_size                                   32k;
    reset_timedout_connection                           on;
    send_timeout                                        10s;
    types_hash_max_size                                 2048;

    open_file_cache                                     max=50000 inactive=60s;
    open_file_cache_valid                               120s;
    open_file_cache_min_uses                            2;
    open_file_cache_errors                              off;
    open_log_file_cache                                 max=10000 inactive=30s min_uses=2;

    include                                             /etc/nginx/sites/*.conf;
}

Now we’ll create our PHP FastCGI Params file, much like we did the above.

nano /etc/nginx/config/php/fastcgi_params.conf

and paste in:

    fastcgi_param  SCRIPT_FILENAME    $request_filename;

    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 1m;
    fastcgi_temp_file_write_size 4m;
    fastcgi_max_temp_file_size 4m;
    fastcgi_intercept_errors off;

    fastcgi_param  PATH_INFO          $fastcgi_path_info;
    fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;
    fastcgi_param  REQUEST_SCHEME     $scheme;
    fastcgi_param  HTTPS              $https if_not_empty;
    fastcgi_param  HTTP_PROXY         "";

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    fastcgi_param  REDIRECT_STATUS    200;

Ok, now we need to create a server block for your domain, so we’ll create that now. Simply replace yourdomain.com with your actual domain.

nano /etc/nginx/sites/yourdomain.com.conf

and paste in:

server
{
    listen                          80 default_server;
    listen                          [::]:80;
    server_name                     yourdomain.com www.yourdomain.com;

    root                            /home/username/htdocs/public;

    location /
    {
        try_files $uri $uri/ =404;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   /run/php/php7.1-fpm.sock;
        fastcgi_index  index.php;

        include /etc/nginx/config/php/fastcgi_params.conf;
    }
}

Change /home/username/htdocs/public to the actual directory where you’re installing WordPress (i.e. where the WordPress index.php file resides).

Finally, we need to make sure PHP-FPM can read/write on your files, so whichever directory you set as the root above, i.e. /home/username/htdocs/public, we need to change ownership of everything to www-data.

chown -R www-data:www-data /home/username/htdocs/public

That’ll make all files and directories owned by www-data, as they should be. Now we just need to start NGINX and restart PHP-FPM for good measure.

Type in nginx and hit enter, then:

system php7.1-fpm restart
Reply Report
  • jtittle1 February 21, 2017

    The last restart should be service php7.1-fpm restart (system => service).

    Reply Report
    • zash April 28, 2017

      @jtittle

      got stucked at the step where i typed in nginx.
      Gotten this error. Any clue what could be the problem ?
      tried changing to /var/run/php/php7.1-fpm.sock still no luck.

      nginx: [emerg] invalid host in upstream "/run/php/php7.1-fpm.sock"  
in /etc/nginx/sites/mydomain.com.conf:17
      Reply Report
      • jtittle1 April 28, 2017

        @zash

        Change:

        fastcgi_pass   /run/php/php7.1-fpm.sock;

        To:

        fastcgi_pass   unix:/run/php/php7.1-fpm.sock;

        As a general note, the above guide is a little outdated (i.e. compiling NGINX) as there have been updates to NGINX, PCRE, and OpenSSL since.

        For the most up-to-date version of the compiler as of now, I’d recommend cloning the repo I setup and running the installer. It’s a far more in-depth compile and includes example configurations.

        cd /opt \
&& git clone https://github.com/serveradminsh/installers \
&& cd installers/nginx \
&& chmod +x installer.sh \
&& ./installer.sh

        The current release compiles Brotli, Pagespeed, and a few other modules as well as updated versions of PCRE, OpenSSL, and ZLIB.

        Reply Report
        • zash April 28, 2017

          @jtittle

          Thanks for the prompt reply ! Tried your installer and got this error at the end.

          checking for OS
 + Linux 4.8.0-45-generic x86_64
checking for C compiler ... not found

./auto/configure: error: C compiler cc is not found
          Reply Report
          • jtittle1 April 28, 2017

            @zash

            Was this on a Droplet with Ubuntu 16.04 or 16.10? If not, that’s what I would use as that’s what the installer is designed to be used on. It may work on Ubuntu 14.04, though I’ve not tested it there since 16.04 is the latest LTS release.

            As a general note, the installer should be ran on a clean droplet (nothing else installed, just freshly deployed).

            Reply Report
          • zash April 28, 2017

            @jtittle

            i ran it on a fresh Ubuntu 16.10 x64 droplet, only thing i added was a swap space . maybe i could try again on a fresh 16.04x64 droplet see if it works.

            This prompt came up and i chose the “ keep the local version currently installed” option.

            A new version of /boot/grub/menu.lst is available, but the version   
     installed currently has been locally modified.                    
     What would you like to do about menu.lst?                         
      install the package maintainer's version 
      keep the local version currently installed
      show the differences between the versions  
      show a side-by-side difference between the versions 
      show a 3-way difference between available versions 
      do a 3-way merge between available versions (experimental)      
      start a new shell to examine the situation
            Reply Report
ososoba February 20, 2017

@jtittle thanks for the response. Got around to trying it and stumbled on the second part of your response

“Keep in mind, this is a very barebones installation of NGINX. If you need specific modules compiled in, you’ll need to specify those when the script prompts you.”

I tried to run the additional modules with this command

./configure
–sbin-path=/usr/local/nginx/nginx
–conf-path=/usr/local/nginx/nginx.conf
–pid-path=/usr/local/nginx/nginx.pid
–with-httpsslmodule
–with-pcre=../pcre-8.40
–with-httprewritemodule
–with-httpgzipmodule
–with-zlib=../zlib-1.2.11

Based on information on this page - http://nginx.org/en/docs/configure.html

But I get the following error

> ./configure
About to configure nginx with:
    --sbin-path=/usr/local/nginx/nginx
    --conf-path=/usr/local/nginx/nginx.conf
    --pid-path=/usr/local/nginx/nginx.pid
    --with-http_ssl_module
    --with-pcre=../pcre-8.40
    --with-http_rewrite_module
    --with-http_gzip_module
    --with-zlib=../zlib-1.2.11   ./configure --add-module=/home/osaze/ngx_pagespeed-latest-stable ./configure
Does this look right? [Y/n] ./configure: error: invalid option "./configure"
Error: Failure running './configure --add-module=/home/osaze/ngx_pagespeed-latest-stable ./configure', exiting.
osaze@intelisight-beta:/root$     --conf-path=/usr/local/nginx/nginx.conf
bash: --conf-path=/usr/local/nginx/nginx.conf: Permission denied
osaze@intelisight-beta:/root$     --pid-path=/usr/local/nginx/nginx.pid
bash: --pid-path=/usr/local/nginx/nginx.pid: Permission denied
osaze@intelisight-beta:/root$     --with-http_ssl_module
--with-http_ssl_module: command not found
osaze@intelisight-beta:/root$     --with-pcre=../pcre-8.40
bash: --with-pcre=../pcre-8.40: Permission denied
osaze@intelisight-beta:/root$     --with-http_rewrite_module
--with-http_rewrite_module: command not found
osaze@intelisight-beta:/root$     --with-http_gzip_module
--with-http_gzip_module: command not found

I’m certain I’m doing something wrong, I’d appreciate any help on fixing this.

PS: This is for a WordPress site, so any additional modules you think I might need, won’t mind exploring them too.

Reply Report
jtittle1 February 21, 2017

@ososoba

For the purpose of the bash script I posted, you don’t need to use ./configure – you’d only use that when you’re compiling from source on your own. This bash script is already running with that, so the only thing you’d need to pass is the rest of the commands.

i.e.

When you see:

About to build nginx.  Do you have any additional ./configure
arguments you would like to set?  For example, if you would like
to build nginx with https support give --with-http_ssl_module
If you don't have any, just press enter.

You should only be passing:

--with-http_ssl_module \
... \
... \
... \

where ... is other modules and the trailing \ allows you to break it over multiple lines. Without that trailing slash, all arguments need to be on a single line separated by a space.

So the above is valid, as is:

--with-http_ssl_module --with=... --with=...

where --with=... is the actual arguments.

That said, unless you physically downloaded the PCRE, OpenSSL, or ZLIB taball and extracted them, you don’t need to use:

--with-pcre=../pcre-8.40

Additionally, you’ll need to specify direct paths. So instead of ../pcre-8.40, you’d use:

/direct/path/to/pcre-8.40

I’ll follow up with a second reply here shortly. It may be better to simply do a source compile without the script. I’ll share one of my working examples and you can use that as a testbed. Upfront, I don’t use the normal paths that a standard NGINX installation uses as I like to keep things a little more organized on my builds.

Reply Report
ososoba February 21, 2017

@jtittle

Thanks a lot for the detailed description of the install process.

I ran into two issues during the install but was able to fix them, putting it here incase someone else runs into this

a. E: Sub-process /usr/bin/dpkg exited unexpectedly
Had to reconfigure dpkg in this case with dpkg --configure -a

b. cc: internal compiler error: Killed (program cc1plus)
Seemed to be a memory issue, so I created a 1GB swapfile
Worked after that

Thanks again @jtittle, going to install WP with ServerPilot on this server and see how well I can get PageSpeed to work.

How To Add Swap Space on Ubuntu 16.04
by Justin Ellingwood
One of the easiest way of increasing the responsiveness of your server and guarding against out of memory errors in your applications is to add some swap space. In this guide, we will cover how to add a swap file to an Ubuntu 16.04 server. &lt;$&gt;[warning] [label...
Reply Report
ososoba February 21, 2017

@jtittle I’d like to ask something else.

In some other tutorials I see, users recommend pinning the current nginx build with pagespeed so as not to have it overwritten on a update. Is that necessary here? And how do I do that?

Thank you

Reply Report
  • jtittle1 February 21, 2017

    @ososoba

    If you use the PPA, or the “one-liner” that I posted, updates and upgrades shouldn’t overwrite any configuration or changes you’ve performed as they are source builds, thus unaffected by the apt-get commands that upgrade, update, purge, or remove packages.

    The only thing that will overwrite a source build is if you run another source build using the same commands – i.e. run the installer again, or use my build. Even if you did, the “one-liner” that I posted won’t overwrite your server blocks for your websites or any of your website data. You’d need to recreate the nginx.conf file since the last part of that command deletes the existing, but other than that, it won’t change anything else.

    That being said, I’ve never used ServerPilot, so you may or may not be able to use a custom build with them (whether it’s the PPA or my “one-liner”). I believe they perform their own install which sets up NGINX as a reverse proxy to Apache.

    Personally, NGINX works just fine on its own and unless you have an absolute need for Apache, then I’d simply run with NGINX as the only web server as it reduces troubleshooting.

    Reply Report
stephgiguere March 21, 2017

@jtittle
Would it be possible to add naxsi to that installation script?
If so where and how?

Thank you.

Reply Report
  • jtittle1 March 21, 2017

    @stephgiguere

    Absolutely! If you take a look at what I posted, towards the bottom, you’ll see this:

    --add-module=/usr/local/src/packages/modules/ngx_devel_kit-0.3.0 \
--add-module=/usr/local/src/packages/modules/headers-more-nginx-module-0.32 \
--add-module=/usr/local/src/packages/modules/ngx_cache_purge-2.3 \
--add-module=/usr/local/src/packages/modules/ngx_pagespeed-1.12.34.2-beta \

    With NGINX, modules are added using --add-module= which accepts a directory. So if we clone the repo from GitHub, we can simply pass the path to the module to the build and recompile.

    IIRC, naxsi needs to be the first module in the list, so you’d simply add it to the top of the list above.

    To start:

    cd /usr/local/src

    Then we’ll clone the repo:

    git clone https://github.com/nbs-system/naxsi.git

    Now we’ll end up with a path to naxsi that we can use and pass to --add-module=, which would be:

    /usr/local/src/naxsi

    So the line we’d add to the top would be:

    --add-module=/usr/local/src/naxsi

    That being said, I’m actually working on a much cleaner, updated version of the above. While the modules are not out of date, that’s not the latest version of NGINX, OpenSSL, PCRE, or ZLIB. It also does not provide much in the way of example configuration for server blocks.

    I’m working on wrapping up the initial release of the updated version on GitHub, and when I do, I’ll post it. You’d still need to modify the source and add naxsi, but it’s far cleaner than the one shot I provided above.

    Reply Report
stephgiguere March 21, 2017

@jtittle

So would the oneliner work like this:

apt-get update \
&& apt-get -y upgrade \
&& apt-get -y install autoconf automake bc bison build-essential ccache cmake curl dh-systemd flex gcc geoip-bin google-perftools g++ icu-devtools libacl1-dev libbz2-dev libcap-ng-dev libcap-ng-utils libcurl4-openssl-dev libdmalloc-dev libenchant-dev libevent-dev libexpat1-dev libfontconfig1-dev libfreetype6-dev libgd-dev libgeoip-dev libghc-iconv-dev libgmp-dev libgoogle-perftools-dev libice-dev libice6 libicu-dev libjbig-dev libjpeg-dev libjpeg-turbo8-dev libjpeg8-dev libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev liblzma-dev libmhash-dev libmhash2 libmm-dev libncurses5-dev libnspr4-dev libpam0g-dev libpcre3 libpcre3-dev libperl-dev libpng-dev libpng12-dev libpthread-stubs0-dev libreadline-dev libselinux1-dev libsm-dev libsm6 libssl-dev libtidy-dev libtiff5-dev libtiffxx5 libunbound-dev libvpx-dev libvpx3 libwebp-dev libx11-dev libxau-dev libxcb1-dev libxdmcp-dev libxml2-dev libxpm-dev libxslt1-dev libxt-dev libxt6 make nano perl pkg-config software-properties-common systemtap-sdt-dev unzip webp wget xtrans-dev zip zlib1g-dev zlibc \
&& add-apt-repository -y ppa:ondrej/php \
&& apt-get update \
&& apt-get -y install php7.1-cli php7.1-dev php7.1-fpm php7.1-bcmath php7.1-bz2 php7.1-common php7.1-curl php7.1-gd php7.1-gmp php7.1-imap php7.1-intl php7.1-json php7.1-mbstring php7.1-mysql php7.1-readline php7.1-recode php7.1-soap php7.1-sqlite3 php7.1-xml php7.1-xmlrpc php7.1-zip php7.1-opcache php7.1-xsl php-yaml \
&& mkdir -p /usr/local/src/packages/{modules,nginx,openssl,pcre,zlib} \
&& mkdir -p /etc/nginx/{cache/{client,fastcgi,proxy,uwsgi,scgi},config/php,lock,logs,modules,pid,sites,ssl} \
&& useradd -d /etc/nginx nginx \
&& cd /usr/local/src/packages/nginx \
&& wget https://nginx.org/download/nginx-1.11.10.tar.gz \
&& tar xvf nginx-1.11.10.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/openssl \
&& wget https://www.openssl.org/source/openssl-1.1.0e.tar.gz \
&& tar xvf openssl-1.1.0e.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/pcre \
&& wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz \
&& tar xvf pcre-8.40.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/zlib \
&& wget http://www.zlib.net/zlib-1.2.11.tar.gz \
&& tar xvf zlib-1.2.11.tar.gz --strip-components=1 \
&& cd /usr/local/src/packages/modules \
&& wget https://github.com/openresty/headers-more-nginx-module/archive/v0.32.tar.gz \
&& tar zxf v0.32.tar.gz \
&& wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz \
&& tar zxf v0.3.0.tar.gz \
&& wget https://github.com/FRiCKLE/ngx_cache_purge/archive/2.3.tar.gz \
&& tar zxf 2.3.tar.gz \
&& NPS_VERSION="1.12.34.2" \
&& cd /usr/local/src/packages/modules/ \
&& wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VERSION}-beta.zip \
&& unzip v${NPS_VERSION}-beta.zip \
&& cd /usr/local/src/packages/modules/ngx_pagespeed-${NPS_VERSION}-beta \
&& psol_url=https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}.tar.gz \
&& [ -e scripts/format_binary_url.sh ] && psol_url=$(scripts/format_binary_url.sh PSOL_BINARY_URL) \
&& wget ${psol_url} \
&& tar -xzvf $(basename ${psol_url}) \
&& cd /usr/local/src
&& git clone https://github.com/nbs-system/naxsi.git
&& cd /usr/local/src/packages/nginx \
&& ./configure --prefix=/etc/nginx \
               --sbin-path=/usr/sbin/nginx \
               --conf-path=/etc/nginx/config/nginx.conf \
               --lock-path=/etc/nginx/lock/nginx.lock \
               --pid-path=/etc/nginx/pid/nginx.pid \
               --error-log-path=/etc/nginx/logs/error.log \
               --http-log-path=/etc/nginx/logs/access.log \
               --http-client-body-temp-path=/etc/nginx/cache/client \
               --http-proxy-temp-path=/etc/nginx/cache/proxy \
               --http-fastcgi-temp-path=/etc/nginx/cache/fastcgi \
               --http-uwsgi-temp-path=/etc/nginx/cache/uwsgi \
               --http-scgi-temp-path=/etc/nginx/cache/scgi \
               --user=nginx \
               --group=nginx \
               --with-poll_module \
               --with-threads \
               --with-file-aio \
               --with-http_ssl_module \
               --with-http_v2_module \
               --with-http_realip_module \
               --with-http_addition_module \
               --with-http_xslt_module \
               --with-http_image_filter_module \
               --with-http_sub_module \
               --with-http_dav_module \
               --with-http_flv_module \
               --with-http_mp4_module \
               --with-http_gunzip_module \
               --with-http_gzip_static_module \
               --with-http_auth_request_module \
               --with-http_random_index_module \
               --with-http_secure_link_module \
               --with-http_degradation_module \
               --with-http_slice_module \
               --with-http_stub_status_module \
               --with-stream \
               --with-stream_ssl_module \
               --with-stream_realip_module \
               --with-stream_geoip_module \
               --with-stream_ssl_preread_module \
               --with-google_perftools_module \
               --with-pcre=/usr/local/src/packages/pcre \
               --with-pcre-jit \
               --with-zlib=/usr/local/src/packages/zlib \
               --with-openssl=/usr/local/src/packages/openssl \
           --add-module=/usr/local/src/naxsi
               --add-module=/usr/local/src/packages/modules/ngx_devel_kit-0.3.0 \
               --add-module=/usr/local/src/packages/modules/headers-more-nginx-module-0.32 \
               --add-module=/usr/local/src/packages/modules/ngx_cache_purge-2.3 \
               --add-module=/usr/local/src/packages/modules/ngx_pagespeed-1.12.34.2-beta \
&& make \
&& make install

Looking forward to a better solution.

Reply Report
  • jtittle1 March 21, 2017

    @ososoba

    You’ll need to add a \ to the end of this line:

    --add-module=/usr/local/src/naxsi

    So that it looks like:

    --add-module=/usr/local/src/naxsi \

    This is how we go about breaking the command over multiple lines. Without those \, everything would have to be on a single line :-). Without that one \, it won’t compile.

    I’m running tests on the updated version now, so if you want to wait a few minutes while the test completes, I should have it online shortly.

    Just waiting on the Droplet to go online and then uploading the script to let it run.

    Reply Report
stephgiguere March 21, 2017

Oh and thank you :)

Reply Report
stephgiguere March 21, 2017

I will defenatly wait got to feed the kids anyway lol

Thank you again

Reply Report
Previous 1 2 3 Next
Load More Answers

Related

Looking for something else?

Ask a new question Search for more help