Nginx – Lets compile Nginx 1.17.4 on Centos 8!

centos photo

Centos 8 just got released. There’s no packages that I can find for Nginx 1.17.4, although I didn’t look very hard, its a great excuse to compile something!

Photo by appleboy46

1. Lets start off by yum installing dev tools:

yum groupinstall -y ‘Development Tools’

2. Now lets get some source code for Nginx and some deps:

wget && tar -xvzf nginx-1.17.4.tar.gz

wget && tar xzvf pcre-8.40.tar.gz

wget && tar xzvf zlib-1.2.11.tar.gz

wget && tar xzvf openssl-1.1.0f.tar.gz

3. Now lets cd into the Nginx source code and get configuring!

cd nginx-1.17.4

./configure --prefix=/usr/share/nginx \
            --sbin-path=/usr/sbin/nginx \
            --modules-path=/usr/lib/nginx/modules \
            --conf-path=/etc/nginx/nginx.conf \
            --error-log-path=/var/log/nginx/error.log \
            --http-log-path=/var/log/nginx/access.log \
            --pid-path=/run/ \
            --lock-path=/var/lock/nginx.lock \
            --user=www-data \
            --group=www-data \
            --build=Ubuntu \
            --http-client-body-temp-path=/var/lib/nginx/body \
            --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
            --http-proxy-temp-path=/var/lib/nginx/proxy \
            --http-scgi-temp-path=/var/lib/nginx/scgi \
            --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
            --with-openssl=../openssl-1.1.0f \
            --with-openssl-opt=enable-ec_nistp_64_gcc_128 \
            --with-openssl-opt=no-nextprotoneg \
            --with-openssl-opt=no-weak-ssl-ciphers \
            --with-openssl-opt=no-ssl3 \
            --with-pcre=../pcre-8.40 \
            --with-pcre-jit \
            --with-zlib=../zlib-1.2.11 \
            --with-compat \
            --with-file-aio \
            --with-threads \
            --with-http_addition_module \
            --with-http_auth_request_module \
            --with-http_dav_module \
            --with-http_flv_module \
            --with-http_gunzip_module \
            --with-http_gzip_static_module \
            --with-http_mp4_module \
            --with-http_random_index_module \
            --with-http_realip_module \
            --with-http_slice_module \
            --with-http_ssl_module \
            --with-http_sub_module \
            --with-http_stub_status_module \
            --with-http_v2_module \
            --with-http_secure_link_module \
            --with-mail \
            --with-mail_ssl_module \
            --with-stream \
            --with-stream_realip_module \
            --with-stream_ssl_module \
            --with-stream_ssl_preread_module \
            --with-debug \
            --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' \
            --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now'

4. Lets compile!

make -j4 # change 4 to the number of threads your server has

5. Lets install the compiled Nginx!

make install

6. Installed, ez pz right? Now just some small maintenance:

6.1. Create required directory:

mkdir -p /var/lib/nginx

6.2. Lets create a systemd service now:

nano /etc/systemd/system/nginx.service

Put the following contents here:

Description=A high performance web server and a reverse proxy server

ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/


6.3. Lets add our user to run Nginx as:

useradd www-data

6.4. Lets get our systemd daemon going!

systemctl daemon-reload && systemctl enable nginx.service –now

Finished! Nginx 1.17.4 should now be started and ready for getting some sites configured with some server blocks. Who needs packages aye.

Leave a Reply

Your email address will not be published. Required fields are marked *