Nginx – Lets compile Nginx 1.17.4 on Centos 8!

centos photo

Centos 8 just got released. There’s no packages that I can find for Nginx 1.17.4, although I didn’t look very hard, its a great excuse to compile something!

Photo by appleboy46

1. Lets start off by yum installing dev tools:

yum groupinstall -y ‘Development Tools’

2. Now lets get some source code for Nginx and some deps:

wget && tar -xvzf nginx-1.17.4.tar.gz

wget && tar xzvf pcre-8.40.tar.gz

wget && tar xzvf zlib-1.2.11.tar.gz

wget && tar xzvf openssl-1.1.0f.tar.gz

3. Now lets cd into the Nginx source code and get configuring!

cd nginx-1.17.4

./configure --prefix=/usr/share/nginx \
            --sbin-path=/usr/sbin/nginx \
            --modules-path=/usr/lib/nginx/modules \
            --conf-path=/etc/nginx/nginx.conf \
            --error-log-path=/var/log/nginx/error.log \
            --http-log-path=/var/log/nginx/access.log \
            --pid-path=/run/ \
            --lock-path=/var/lock/nginx.lock \
            --user=www-data \
            --group=www-data \
            --build=Ubuntu \
            --http-client-body-temp-path=/var/lib/nginx/body \
            --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
            --http-proxy-temp-path=/var/lib/nginx/proxy \
            --http-scgi-temp-path=/var/lib/nginx/scgi \
            --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
            --with-openssl=../openssl-1.1.0f \
            --with-openssl-opt=enable-ec_nistp_64_gcc_128 \
            --with-openssl-opt=no-nextprotoneg \
            --with-openssl-opt=no-weak-ssl-ciphers \
            --with-openssl-opt=no-ssl3 \
            --with-pcre=../pcre-8.40 \
            --with-pcre-jit \
            --with-zlib=../zlib-1.2.11 \
            --with-compat \
            --with-file-aio \
            --with-threads \
            --with-http_addition_module \
            --with-http_auth_request_module \
            --with-http_dav_module \
            --with-http_flv_module \
            --with-http_gunzip_module \
            --with-http_gzip_static_module \
            --with-http_mp4_module \
            --with-http_random_index_module \
            --with-http_realip_module \
            --with-http_slice_module \
            --with-http_ssl_module \
            --with-http_sub_module \
            --with-http_stub_status_module \
            --with-http_v2_module \
            --with-http_secure_link_module \
            --with-mail \
            --with-mail_ssl_module \
            --with-stream \
            --with-stream_realip_module \
            --with-stream_ssl_module \
            --with-stream_ssl_preread_module \
            --with-debug \
            --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' \
            --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now'

4. Lets compile!

make -j4 # change 4 to the number of threads your server has

5. Lets install the compiled Nginx!

make install

6. Installed, ez pz right? Now just some small maintenance:

6.1. Create required directory:

mkdir -p /var/lib/nginx

6.2. Lets create a systemd service now:

nano /etc/systemd/system/nginx.service

Put the following contents here:

Description=A high performance web server and a reverse proxy server

ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/


6.3. Lets add our user to run Nginx as:

useradd www-data

6.4. Lets get our systemd daemon going!

systemctl daemon-reload && systemctl enable nginx.service –now

Finished! Nginx 1.17.4 should now be started and ready for getting some sites configured with some server blocks. Who needs packages aye.

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *