Skip to content

Build Nginx Based

Build Nginx Based #2

Workflow file for this run

name: Build Nginx Based on LDD Version
on:
workflow_dispatch:
inputs:
ldd_version:
description: "Specify the ldd version (e.g., 2.12, 2.17, 2.28, 2.34)"
required: true
default: "2.28"
jobs:
build-nginx:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set system version based on ldd version
id: set-system
run: |
case "${{ github.event.inputs.ldd_version }}" in
"2.12")
echo "SYSTEM_VERSION=redhat/6" >> $GITHUB_ENV
;;
"2.17")
echo "SYSTEM_VERSION=redhat/7" >> $GITHUB_ENV
;;
"2.28")
echo "SYSTEM_VERSION=redhat/8" >> $GITHUB_ENV
;;
"2.34")
echo "SYSTEM_VERSION=redhat/9" >> $GITHUB_ENV
;;
*)
echo "Unsupported ldd version: ${{ github.event.inputs.ldd_version }}"
exit 1
;;
esac
- name: Pull Docker image for chosen system
run: |
docker pull almalinux:${{ env.SYSTEM_VERSION }}
- name: Run Docker container and build Nginx
run: |
docker run --rm -v ${{ github.workspace }}:/opt/nginx almalinux:${{ env.SYSTEM_VERSION }} /bin/bash -c "
dnf -y update &&
dnf -y groupinstall 'Development Tools' &&
dnf -y install nano wget mercurial psmisc cmake go automake gcc gcc-c++ kernel-devel git zlib zlib-devel openssl openssl-devel pcre pcre-devel perl-IPC-Cmd make tar autoconf brotli-devel &&
dnf clean all &&
cd /opt/nginx &&
git clone --depth 1 https://github.com/quictls/openssl.git openssl &&
git clone --depth 1 --recurse-submodules https://github.com/jemalloc/jemalloc.git jemalloc &&
cd jemalloc && ./autogen.sh && make -j$(nproc) && make install && make clean &&
ln -s /usr/local/lib/libjemalloc.so.2 /usr/lib/libjemalloc.so.2 &&
ln -s /usr/local/lib/libjemalloc.so.2 /usr/lib64/libjemalloc.so.2 &&
git clone --depth 1 --recurse-submodules https://github.com/google/ngx_brotli.git ngx_brotli &&
cd ngx_brotli && git submodule update --init &&
git clone --depth 1 --recurse-submodules https://github.com/facebook/zstd.git zstd &&
cd zstd && make -j$(nproc) && make install && make clean &&
git clone --depth 1 --recurse-submodules https://github.com/tokers/zstd-nginx-module.git ngx_zstd &&
git clone --depth 1 --recurse-submodules https://github.com/PCRE2Project/pcre2.git pcre2 &&
cd pcre2 && ./autogen.sh && ./configure && make -j$(nproc) && make install && make clean &&
wget https://nginx.org/download/nginx-1.27.1.tar.gz &&
tar -zxvf nginx-1.27.1.tar.gz &&
cd nginx-1.27.1 &&
./configure --prefix=/nginx --with-threads --with-file-aio --with-http_v2_module --with-http_v3_module --with-http_ssl_module \
--with-http_sub_module --with-http_slice_module --with-http_realip_module --with-http_degradation_module \
--with-http_stub_status_module --with-pcre-jit --with-pcre=../pcre2 --with-stream --with-stream_ssl_module \
--with-stream_ssl_preread_module --with-openssl=../openssl --add-module=../ngx_zstd --add-module=../ngx_brotli \
--with-ld-opt='-ljemalloc -Wl,-z,relro,-z,now -flto' \
--with-openssl-opt='no-weak-ssl-ciphers enable-ec_nistp_64_gcc_128 enable-tls1_3 enable-quic' \
--with-cc-opt='-O3 -march=haswell -mtune=haswell -mavx2 -funroll-loops -fprefetch-loop-arrays \
-fstack-protector-strong -D_FORTIFY_SOURCE=2 -fPIC -pipe -flto' &&
make -j$(nproc) && cp objs/nginx /opt/nginx/nginx-1.27.1/nginx
"
- name: Upload Nginx binary to repository
uses: actions/upload-artifact@v3
with:
name: nginx-1.27.1-${{ env.SYSTEM_VERSION }}
path: /opt/nginx/nginx-1.27.1/nginx