2 # - /etc/sysconfig/nginx file
3 # - missing perl build/install requires
4 # - add njs: https://nginx.org/en/docs/njs/
6 # Conditional build for nginx:
8 %bcond_with debug # enable debug logging: http://nginx.org/en/docs/debugging_log.html
9 %bcond_without file_aio # file AIO support
10 %bcond_without threads # thread pool support
12 %bcond_without addition # http addition module
13 %bcond_without auth_request # auth_request module
14 %bcond_without dav # WebDAV
15 %bcond_without flv # http FLV module
16 %bcond_without gd # without http image filter module
17 %bcond_without geoip # without http geoip module and stream geoip module
18 %bcond_without http2 # HTTP/2 module
19 %bcond_without mail # don't build imap/mail proxy
20 %bcond_without perl # don't build with perl module
21 %bcond_without poll # poll module
22 %bcond_without realip # real ip (behind proxy)
23 %bcond_without select # select module
24 %bcond_without ssl # ssl support and http ssl module
25 %bcond_without stream # TCP/UDP proxy module
26 %bcond_without stub_status # http stub status module
27 %bcond_without sub # ngx_http_sub_module
28 %bcond_without xslt # without http xslt module
29 %bcond_with http_browser # http browser module (header "User-agent" parser)
30 %bcond_with modsecurity # modsecurity module
31 %bcond_with rtmp # rtmp support
32 %bcond_without vts # virtual host traffic status module
33 %bcond_without headers_more # headers more module
39 %define ssl_version 1.0.2
40 %define rtmp_version 1.2.2
41 %define vts_version 0.2.1
42 %define headers_more_version 0.34
43 %define modsecurity_version 3.0.8
44 %define http_cache_purge_version 2.5.3
46 Summary: High perfomance HTTP and reverse proxy server
47 Summary(pl.UTF-8): Serwer HTTP i odwrotne proxy o wysokiej wydajności
49 # - stable: production quality with stable API
50 # - mainline: production quality but API can change
51 # http://nginx.org/en/download.html
56 Group: Networking/Daemons/HTTP
57 Source0: https://nginx.org/download/%{name}-%{version}.tar.gz
58 # Source0-md5: f95835b55b3cbf05a4368e7bccbb8a46
59 Source1: https://nginx.org/favicon.ico
60 # Source1-md5: 72e228c3809db53da8a884b6676ed36a
62 Source3: %{name}.logrotate
64 Source6: %{name}.monitrc
66 Source14: %{name}.conf
67 Source17: %{name}-mime.types.sh
68 Source18: %{name}.service
69 Source33: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{modsecurity_version}/modsecurity-v%{modsecurity_version}.tar.gz
70 # Source33-md5: ef62527cbed82c0993a1781414163b01
71 Source101: https://github.com/arut/nginx-rtmp-module/archive/v%{rtmp_version}/%{name}-rtmp-module-%{rtmp_version}.tar.gz
72 # Source101-md5: 9bb7a06aede38d9e36ad13dc1354d8f9
73 Source102: https://github.com/vozlt/nginx-module-vts/archive/v%{vts_version}.tar.gz
74 # Source102-md5: 730163ed1eeecf39179f95fd973ac64b
75 Source103: https://github.com/openresty/headers-more-nginx-module/archive/v%{headers_more_version}.tar.gz
76 # Source103-md5: a1c5af547af31b058c3e75c40b6f58b1
77 # https://github.com/nginx-modules/ngx_cache_purge
78 Source104: https://github.com/nginx-modules/ngx_cache_purge/archive/refs/tags/%{http_cache_purge_version}.tar.gz
79 # Source104-md5: bf92baae08e4c850825a8543c7d4aaa8
80 Patch0: %{name}-no-Werror.patch
81 Patch1: %{name}-modsecurity-xheaders.patch
82 URL: https://nginx.org/
83 BuildRequires: mailcap
84 BuildRequires: pcre2-8-devel
85 BuildRequires: rpmbuild(macros) >= 1.644
86 BuildRequires: zlib-devel
88 BuildRequires: GeoIP-devel
91 BuildRequires: gd-devel
93 %if %{with modsecurity}
94 BuildRequires: lua-devel
97 BuildRequires: perl-CGI
98 BuildRequires: perl-devel
100 BuildRequires: rpm-perlprov
103 BuildRequires: openssl-devel >= %{ssl_version}
104 Requires: openssl >= %{ssl_version}
107 BuildRequires: libxslt-devel
109 Provides: group(http)
110 Provides: group(nginx)
111 Provides: user(nginx)
113 Provides: webserver(access)
114 Provides: webserver(alias)
115 Provides: webserver(auth)
116 Provides: webserver(expires)
117 Provides: webserver(headers)
118 Provides: webserver(indexfile)
119 Provides: webserver(log)
120 Provides: webserver(mime)
121 Provides: webserver(reqtimeout)
122 Provides: webserver(rewrite)
123 Provides: webserver(setenv)
124 Conflicts: logrotate < 3.8.0
125 Requires(post,preun): /sbin/chkconfig
126 Requires(post,preun,postun): systemd-units >= 38
127 Requires(postun): /usr/sbin/groupdel
128 Requires(postun): /usr/sbin/userdel
129 Requires(pre): /bin/id
130 Requires(pre): /usr/bin/getgid
131 Requires(pre): /usr/sbin/groupadd
132 Requires(pre): /usr/sbin/useradd
133 Requires: rc-scripts >= 0.2.0
134 Requires: systemd-units >= 38
135 Suggests: vim-syntax-nginx
136 Obsoletes: nginx-common < 1.13.3
137 Obsoletes: nginx-light < 1.13.3
138 Obsoletes: nginx-standard < 1.13.3
139 Conflicts: rpm < 4.4.2-0.2
140 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
142 %define _sysconfdir /etc/%{name}
143 %define _nginxdir /home/services/%{name}
145 # minimizing restarts logics. we restart webserver:
147 # 1. at the end of transaction. (posttrans, feature from rpm 4.4.2)
148 # 2. first install of module (post: $1 = 1)
149 # 2. uninstall of module (postun: $1 == 0)
151 # the strict internal deps between modules and
152 # main package are very important for all this to work.
154 # restart webserver at the end of transaction
156 %define restart_webserver \
157 %systemd_post %{name}.service \
158 %service %{name} force-reload \
161 # macro called at module post scriptlet
162 %define module_post \
163 if [ "$1" = "1" ]; then \
167 # macro called at module postun scriptlet
168 %define module_postun \
169 if [ "$1" = "0" ]; then \
173 # it's sooo annoying to write them
174 %define module_scripts() \
182 nginx ("engine x") is a high-performance HTTP server and reverse
183 proxy, as well as an IMAP/POP3 proxy server. nginx was written by Igor
184 Sysoev for Rambler.ru, Russia's second-most visited website, where it
185 has been running in production for over two and a half years. Igor has
186 released the source code under a BSD-like license. Although still in
187 beta, nginx is known for its stability, rich feature set, simple
188 configuration, and low resource consumption.
190 %description -l pl.UTF-8
191 nginx ("engine x") jest wysokowydajnym serwerem HTTP, odwrotnym proxy
192 a także IMAP/POP3 proxy. nginx został napisany przez Igora Sysoeva na
193 potrzeby serwisu Rambler.ru. Jest to drugi pod względem ilości
194 odwiedzin serwis w Rosji i działa od ponad dwóch i pół roku. Igor
195 opublikował źródła na licencji BSD. Mimo, że projekt jest ciągle w
196 fazie beta, już zasłynął dzięki stabilności, bogactwu dodatków,
197 prostej konfiguracji oraz małej "zasobożerności".
199 %package mod_headers_more
200 Summary: Nginx HTTP headers more module
202 Requires: %{name} = %{version}-%{release}
204 %description mod_headers_more
205 Set and clear input and output headers...more than "add".
207 %package mod_http_geoip
208 Summary: Nginx HTTP geoip module
210 Requires: %{name} = %{version}-%{release}
213 %description mod_http_geoip
214 Nginx HTTP geoip module.
216 %package mod_stream_geoip
217 Summary: Nginx stream geoip module
219 Requires: %{name} = %{version}-%{release}
220 Requires: %{name}-mod_stream = %{version}-%{release}
223 %description mod_stream_geoip
224 Nginx stream geoip module.
226 %package mod_http_image_filter
227 Summary: Nginx HTTP image filter module
229 Requires: %{name} = %{version}-%{release}
231 %description mod_http_image_filter
232 Nginx HTTP image filter module.
234 %package mod_http_perl
235 Summary: Nginx HTTP Perl module
236 Group: Networking/Daemons/HTTP
237 Requires: %{name} = %{version}-%{release}
239 %description mod_http_perl
240 Nginx HTTP Perl module.
242 %package mod_http_xslt_filter
243 Summary: Nginx XSLT module
245 Requires: %{name} = %{version}-%{release}
247 %description mod_http_xslt_filter
251 Summary: Nginx mail module
252 Group: Networking/Daemons/HTTP
253 Requires: %{name} = %{version}-%{release}
255 %description mod_mail
259 Summary: Nginx virtual host traffic status module
260 Group: Networking/Daemons/HTTP
261 Requires: %{name} = %{version}-%{release}
264 Nginx virtual host traffic status module.
267 Summary: Nginx stream modules
269 Requires: %{name} = %{version}-%{release}
271 %description mod_stream
272 Nginx stream modules.
274 %package mod_http_cache_purge
275 Summary: Nginx cache purge module
277 Requires: %{name} = %{version}-%{release}
279 %description mod_http_cache_purge
280 `ngx_cache_purge` is `nginx` module which adds ability to purge
281 content from `FastCGI`, `proxy`, `SCGI` and `uWSGI` caches.
284 %package -n monit-rc-nginx
285 Summary: nginx support for monit
286 Summary(pl.UTF-8): Wsparcie nginx dla monit
287 Group: Applications/System
288 Requires: %{name} = %{version}-%{release}
291 %description -n monit-rc-nginx
292 monitrc file for monitoring nginx webserver.
294 %description -n monit-rc-nginx -l pl.UTF-8
295 Plik monitrc do monitorowania serwera WWW nginx.
298 %setup -q %{?with_rtmp:-a101} %{?with_modsecurity:-a22} %{?with_vts:-a102} %{?with_headers_more:-a103} -a104
300 %{?with_modsecurity:%patch1 -p0}
303 mv nginx-rtmp-module-%{rtmp_version} nginx-rtmp-module
307 mv nginx-module-vts-%{vts_version} nginx-vts-module
310 %if %{with headers_more}
311 mv headers-more-nginx-module-%{headers_more_version} nginx-headers-more-module
314 mv ngx_cache_purge-* ngx_cache_purge
316 # build mime.types.conf
317 #sh %{SOURCE17} /etc/mime.types
320 # NB: not autoconf generated configure
321 cp -f configure auto/
324 --prefix=%{_prefix} \
325 --modules-path=%{_libdir}/%{name}/modules \
326 --sbin-path=%{_sbindir}/%{name} \
327 --conf-path=%{_sysconfdir}/%{name}.conf \
328 --error-log-path=%{_localstatedir}/log/%{name}/error.log \
329 --http-log-path=%{_localstatedir}/log/%{name}/access.log \
330 --pid-path=%{_localstatedir}/run/%{name}.pid \
331 --lock-path=%{_localstatedir}/lock/subsys/%{name} \
332 --http-client-body-temp-path=%{_localstatedir}/cache/%{name}/client_body_temp \
333 --http-fastcgi-temp-path=%{_localstatedir}/cache/%{name}/fastcgi_temp \
334 --http-proxy-temp-path=%{_localstatedir}/cache/%{name}/proxy_temp \
335 --http-uwsgi-temp-path=%{_localstatedir}/cache/%{name}/uwsgi_temp \
336 --http-scgi-temp-path=%{_localstatedir}/cache/%{name}/scgi_temp \
339 %{?with_select:--with-select_module} \
340 %{?with_poll:--with-poll_module} \
341 %{?with_rtsig:--with-rtsig_module} \
342 %{?with_perl:--with-http_perl_module=dynamic} \
343 %{?with_gd:--with-http_image_filter_module=dynamic} \
344 %{?with_xslt:--with-http_xslt_module=dynamic} \
345 %{?with_geoip:--with-http_geoip_module=dynamic} \
346 %{?with_geoip:--with-stream_geoip_module=dynamic} \
348 --with-mail=dynamic \
349 --with-mail_ssl_module \
352 --with-stream=dynamic \
353 --with-stream_ssl_module \
355 --with-cc="%{__cc}" \
356 --with-cc-opt="%{rpmcflags}" \
357 --with-ld-opt="%{rpmldflags}" \
358 %{?with_debug:--with-debug} \
359 %{?with_addition:--with-http_addition_module} \
360 %{?with_dav:--with-http_dav_module} \
361 %{?with_flv:--with-http_flv_module} \
362 %{?with_sub:--with-http_sub_module} \
363 %{?with_realip:--with-http_realip_module} \
364 %{?with_stub_status:--with-http_stub_status_module} \
365 %{?with_ssl:--with-http_ssl_module} \
366 %{!?with_http_browser:--without-http_browser_module} \
367 --add-dynamic-module=./ngx_cache_purge \
368 %{?with_headers_more:--add-dynamic-module=./nginx-headers-more-module} \
369 %{?with_rtmp:--add-module=./nginx-rtmp-module} \
370 %{?with_vts:--add-dynamic-module=./nginx-vts-module} \
371 %{?with_auth_request:--with-http_auth_request_module} \
372 %{?with_threads:--with-threads} \
373 %{?with_http2:--with-http_v2_module} \
374 %{?with_modsecurity:--add-module=modsecurity-%{modsecurity_version}/nginx/modsecurity} \
375 --with-http_secure_link_module \
376 %{?with_file_aio:--with-file-aio} \
381 %if %{with modsecurity}
382 cd modsecurity-%{modsecurity_version}
385 --enable-standalone-module \
394 rm -rf $RPM_BUILD_ROOT
395 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d \
396 $RPM_BUILD_ROOT%{_nginxdir}/{cgi-bin,html,errors} \
397 $RPM_BUILD_ROOT%{_localstatedir}/log/{%{name},archive/%{name}} \
398 $RPM_BUILD_ROOT%{_localstatedir}/cache/%{name} \
399 $RPM_BUILD_ROOT%{_localstatedir}/lock/subsys/%{name} \
400 $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/{conf,modules,vhosts,webapps}.d} \
401 $RPM_BUILD_ROOT%{_sysconfdir}/snippets \
402 $RPM_BUILD_ROOT/etc/{logrotate.d,monit} \
403 $RPM_BUILD_ROOT{%{systemdunitdir},/etc/systemd/system}
407 DESTDIR=$RPM_BUILD_ROOT
409 %{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/*.default
411 cp -p %{_sourcedir}/%{name}.conf $RPM_BUILD_ROOT%{_sysconfdir}
412 cp -p %{_sourcedir}/%{name}.service $RPM_BUILD_ROOT%{systemdunitdir}
413 cp -p %{_sourcedir}/%{name}.monitrc $RPM_BUILD_ROOT/etc/monit
414 install -p %{SOURCE7} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
416 cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/%{name}
417 cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/proxy.conf
418 cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/mime.types
419 rm -r $RPM_BUILD_ROOT%{_prefix}/html
420 cp -p html/index.html $RPM_BUILD_ROOT%{_nginxdir}/html
421 cp -p html/50x.html $RPM_BUILD_ROOT%{_nginxdir}/errors
422 cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_nginxdir}/html/favicon.ico
425 local module=ngx_${1}_module.so conffile=mod_$1.conf
426 printf 'load_module "%{_libdir}/%{name}/modules/%s";' "$module" \
427 > $RPM_BUILD_ROOT%{_sysconfdir}/modules.d/$conffile
431 %{__rm} $RPM_BUILD_ROOT%{perl_archlib}/perllocal.pod
432 %{__rm} $RPM_BUILD_ROOT%{perl_vendorarch}/auto/nginx/.packlist
433 load_module http_perl
437 load_module http_geoip
438 load_module stream_geoip
441 load_module http_image_filter
444 load_module http_xslt_filter
449 %{?with_vts:load_module http_vhost_traffic_status}
450 %{?with_headers_more:load_module http_headers_more_filter}
454 load_module http_cache_purge
457 rm -rf $RPM_BUILD_ROOT
460 %groupadd -r -g 213 %{name}
462 %useradd -r -u 213 -d /usr/share/empty -s /bin/false -c "Nginx HTTP User" -g %{name} %{name}
463 %addusertogroup %{name} http
466 for a in access.log error.log; do
467 if [ ! -f /var/log/%{name}/$a ]; then
469 touch /var/log/%{name}/$a
470 chown nginx:nginx /var/log/%{name}/$a
471 chmod 644 /var/log/%{name}/$a
474 /sbin/chkconfig --add %{name}
480 if [ "$1" = "0" ];then
481 %service %{name} stop
482 /sbin/chkconfig --del %{name}
484 %systemd_preun %{name}.service
487 if [ "$1" = "0" ]; then
493 %module_scripts mod_http_geoip
494 %module_scripts mod_http_image_filter
495 %module_scripts mod_http_perl
496 %module_scripts mod_http_xslt_filter
497 %module_scripts mod_mail
498 %module_scripts mod_vts
499 %module_scripts mod_headers_more
500 %module_scripts mod_stream
501 %module_scripts mod_stream_geoip
502 %module_scripts mod_http_cache_purge
505 %defattr(644,root,root,755)
506 %doc CHANGES LICENSE README html/index.html conf/nginx.conf
507 %doc %lang(ru) CHANGES.ru
508 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/%{name}
509 %attr(754,root,root) /etc/rc.d/init.d/%{name}
510 %dir %attr(750,root,nginx) %{_sysconfdir}
511 %dir %{_sysconfdir}/conf.d
512 %dir %{_sysconfdir}/modules.d
513 %dir %{_sysconfdir}/snippets
514 %dir %{_sysconfdir}/vhosts.d
515 %dir %{_sysconfdir}/webapps.d
516 %attr(640,root,root) %{_sysconfdir}/mime.types
517 %attr(640,root,root) %{_sysconfdir}/koi-utf
518 %attr(640,root,root) %{_sysconfdir}/koi-win
519 %attr(640,root,root) %{_sysconfdir}/win-utf
520 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/fastcgi.conf
521 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf
522 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/proxy.conf
523 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/fastcgi_params
524 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/scgi_params
525 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/uwsgi_params
526 %attr(755,root,root) %{_sbindir}/%{name}
527 %dir %{_libdir}/%{name}
528 %dir %{_libdir}/%{name}/modules
529 %{systemdunitdir}/%{name}.service
531 %attr(750,nginx,logs) %dir /var/log/archive/%{name}
532 %attr(750,nginx,logs) /var/log/%{name}
533 %attr(770,root,nginx) /var/cache/%{name}
536 %dir %{_nginxdir}/cgi-bin
537 %dir %{_nginxdir}/html
538 %dir %{_nginxdir}/errors
539 %config(noreplace,missingok) %verify(not md5 mtime size) %{_nginxdir}/html/*
540 %config(noreplace,missingok) %verify(not md5 mtime size) %{_nginxdir}/errors/*
543 %files mod_http_geoip
544 %defattr(644,root,root,755)
545 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_geoip.conf
546 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_geoip_module.so
548 %files mod_stream_geoip
549 %defattr(644,root,root,755)
550 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_stream_geoip.conf
551 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_stream_geoip_module.so
555 %files mod_http_image_filter
556 %defattr(644,root,root,755)
557 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_image_filter.conf
558 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_image_filter_module.so
563 %defattr(644,root,root,755)
564 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_perl.conf
565 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_perl_module.so
566 %dir %{perl_vendorarch}/auto/%{name}
567 %attr(755,root,root) %{perl_vendorarch}/auto/%{name}/%{name}.so
568 %{perl_vendorarch}/%{name}.pm
569 %{_mandir}/man3/nginx.3pm*
573 %files mod_http_xslt_filter
574 %defattr(644,root,root,755)
575 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_xslt_filter.conf
576 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_xslt_filter_module.so
581 %defattr(644,root,root,755)
582 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_mail.conf
583 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_mail_module.so
586 %if %{with headers_more}
587 %files mod_headers_more
588 %defattr(644,root,root,755)
589 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_headers_more_filter.conf
590 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_headers_more_filter_module.so
595 %defattr(644,root,root,755)
596 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_vhost_traffic_status.conf
597 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_vhost_traffic_status_module.so
602 %defattr(644,root,root,755)
603 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_stream.conf
604 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_stream_module.so
607 %files mod_http_cache_purge
608 %defattr(644,root,root,755)
609 %doc ngx_cache_purge/{CHANGES,README.md}
610 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/modules.d/mod_http_cache_purge.conf
611 %attr(755,root,root) %{_libdir}/%{name}/modules/ngx_http_cache_purge_module.so
613 %files -n monit-rc-nginx
614 %defattr(644,root,root,755)
615 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/monit/%{name}.monitrc