Feeling encouraged by my friend Jeremy Felt’s blog post on the subject, I thought I may finally be able to achieve the panacea of WordPress Multi-Network SSL configurations:
(more…)-
Install nginx from source
At the time of this writing, the latest stable version of nginx is 1.16.0, and none of the package managers have updated themselves to include it.
Before you get started, you’ll want to be logged in to an open terminal session with a user that has
sudoaccess. The reason for this, is because nginx itself requiresrootaccess when it starts up, to bind itself to lower number ports (usually80and443.)You’ll also notice that I use
nanofor editing files. Use what you prefer.First, stop any version of nginx that might already be running:
sudo service nginx stopNext, you’re going download the latest version of nginx directly from the official website:
cd ~/ wget http://nginx.org/download/nginx-1.16.0.tar.gzNext, decompress it, and change into the new directory it made:
tar xvf nginx-1.16.0.tar.gz nginx-1.16.0/ cd nginx-1.16.0/Next, you’ll probably want to install some related dependencies. Below is a pretty general list, but if you know better for yourself, replace these as needed:
sudo apt-get install -y curl build-essential make gcc libpcre3 libpcre3-dev libpcre++-dev zlib1g-dev libbz2-dev libxslt1-dev libxml2-dev libgd2-xpm-dev libgeoip-dev libgoogle-perftools-dev libperl-dev libssl-dev libcurl4-openssl-dev libatomic-ops-devNext, you’ll want to configure nginx.
There are about a million different ways to do this depending on your needs. For our purposes (and for most people reading this) the below approach should be sufficient:
sudo ./configure \ --user=nginx \ --group=nginx \ --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --with-select_module \ --with-poll_module \ --with-threads \ --with-file-aio \ --with-http_ssl_module \ --with-http_v2_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_xslt_module \ --with-http_xslt_module=dynamic \ --with-http_image_filter_module \ --with-http_image_filter_module=dynamic \ --with-http_geoip_module \ --with-http_geoip_module=dynamic \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_auth_request_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_degradation_module \ --with-http_slice_module \ --with-http_stub_status_module \ --with-http_perl_module \ --with-http_perl_module=dynamic \ --with-mail \ --with-mail=dynamic \ --with-mail_ssl_module \ --with-stream \ --with-stream=dynamic \ --with-stream_ssl_module \ --with-stream_realip_module \ --with-stream_geoip_module \ --with-stream_geoip_module=dynamic \ --with-stream_ssl_preread_module \ --with-google_perftools_module \ --with-cpp_test_module \ --with-compat \ --with-pcre \ --with-pcre-jit \ --with-zlib-asm=CPU \ --with-libatomic \ --with-debug \ --with-ld-opt="-Wl,-E"Many of the above flags are important, but I think the most important one for our purposes is
--with-debugbecause without that flag, you cannot log any of nginx’s important debug information, in the event something isn’t working correctly.Next, you need to build the executable from the configured source. You’ll make it and install it like this:
sudo make && sudo make installNext, you’ll want nginx to autostart on boot, so:
sudo nano /lib/systemd/system/nginx.serviceAnd put this in there:
[Unit] Description=The NGINX HTTP and reverse proxy server After=syslog.target network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/var/run/nginx.pid ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s QUIT $MAINPID PrivateTmp=true [Install] WantedBy=multi-user.targetThen run these two commands and nginx should fire right up:
sudo systemctl daemon-reload sudo service nginx startAll done!