From 6a048e68fc0712404e652379271c19375d488dd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= Date: Fri, 30 Jun 2023 15:04:20 -0400 Subject: [PATCH] Update how the deps are managed --- src/deps/clone.sh | 73 ++++++-------- src/deps/deps.json | 233 ++++++++++++++++++++++++++++++++++++++++++++ src/deps/install.sh | 35 +++++-- 3 files changed, 290 insertions(+), 51 deletions(-) create mode 100644 src/deps/deps.json diff --git a/src/deps/clone.sh b/src/deps/clone.sh index 823643784..6b57a609b 100755 --- a/src/deps/clone.sh +++ b/src/deps/clone.sh @@ -63,23 +63,14 @@ function git_secure_clone() { repo="$1" commit="$2" folder="$(echo "$repo" | sed -E "s@https://github.com/.*/(.*)\.git@\1@")" - if [ ! -d "deps/src/${folder}" ] ; then - output="$(git clone --recursive "$repo" "deps/src/${folder}")" + if [ ! -d "src/deps/src/${folder}" ] ; then + output="$(git subtree add --prefix "src/deps/src/${folder}" "$repo" "${commit}^{commit}" --squash)" if [ $? -ne 0 ] ; then echo "❌ Error cloning $1" echo "$output" exit 1 fi - old_dir="$(pwd)" - cd "deps/src/${folder}" - output="$(git checkout "${commit}^{commit}" 2>&1)" - if [ $? -ne 0 ] ; then - echo "❌ Commit hash $commit is absent from repository $repo" - echo "$output" - exit 1 - fi - cd "$old_dir" - output="$(rm -rf "deps/src/${folder}/.git")" + output="$(rm -rf "src/deps/src/${folder}/.git")" if [ $? -ne 0 ] ; then echo "❌ Can't delete .git from repository $repo" echo "$output" @@ -96,14 +87,14 @@ function secure_download() { file="$2" hash="$3" dir="$(echo $file | sed 's/.tar.gz//g')" - if [ ! -d "deps/src/${dir}" ] ; then - output="$(wget -q -O "deps/src/${file}" "$link" 2>&1)" + if [ ! -d "src/deps/src/${dir}" ] ; then + output="$(wget -q -O "src/deps/src/${file}" "$link" 2>&1)" if [ $? -ne 0 ] ; then echo "❌ Error downloading $link" echo "$output" exit 1 fi - check="$(sha512sum "deps/src/${file}" | cut -d ' ' -f 1)" + check="$(sha512sum "src/deps/src/${file}" | cut -d ' ' -f 1)" if [ "$check" != "$hash" ] ; then echo "❌️ Wrong hash from file $link (expected $hash got $check)" exit 1 @@ -132,20 +123,20 @@ function do_and_check_cmd() { echo "ℹ️ Downloading nginx" NGINX_VERSION="1.24.0" secure_download "https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" "nginx-${NGINX_VERSION}.tar.gz" "1114e37de5664a8109c99cfb2faa1f42ff8ac63c932bcf3780d645e5ed32c0b2ac446f80305b4465994c8f9430604968e176ae464fd80f632d1cb2c8f6007ff3" -if [ -f "deps/src/nginx-${NGINX_VERSION}.tar.gz" ] ; then - do_and_check_cmd tar -xvzf deps/src/nginx-${NGINX_VERSION}.tar.gz -C deps/src - do_and_check_cmd rm -f deps/src/nginx-${NGINX_VERSION}.tar.gz +if [ -f "src/deps/src/nginx-${NGINX_VERSION}.tar.gz" ] ; then + do_and_check_cmd tar -xvzf src/deps/src/nginx-${NGINX_VERSION}.tar.gz -C src/deps/src + do_and_check_cmd rm -f src/deps/src/nginx-${NGINX_VERSION}.tar.gz fi # Lua 5.1.5 echo "ℹ️ Downloading Lua" LUA_VERSION="5.1.5" secure_download "https://www.lua.org/ftp/lua-${LUA_VERSION}.tar.gz" "lua-${LUA_VERSION}.tar.gz" "0142fefcbd13afcd9b201403592aa60620011cc8e8559d4d2db2f92739d18186860989f48caa45830ff4f99bfc7483287fd3ff3a16d4dec928e2767ce4d542a9" -if [ -f "deps/src/lua-${LUA_VERSION}.tar.gz" ] ; then - do_and_check_cmd tar -xvzf deps/src/lua-${LUA_VERSION}.tar.gz -C deps/src - do_and_check_cmd rm -f deps/src/lua-${LUA_VERSION}.tar.gz - do_and_check_cmd patch deps/src/lua-${LUA_VERSION}/Makefile deps/misc/lua.patch1 - do_and_check_cmd patch deps/src/lua-${LUA_VERSION}/src/Makefile deps/misc/lua.patch2 +if [ -f "src/deps/src/lua-${LUA_VERSION}.tar.gz" ] ; then + do_and_check_cmd tar -xvzf src/deps/src/lua-${LUA_VERSION}.tar.gz -C src/deps/src + do_and_check_cmd rm -f src/deps/src/lua-${LUA_VERSION}.tar.gz + do_and_check_cmd patch src/deps/src/lua-${LUA_VERSION}/Makefile src/deps/misc/lua.patch1 + do_and_check_cmd patch src/deps/src/lua-${LUA_VERSION}/src/Makefile src/deps/misc/lua.patch2 fi # LuaJIT v2.1-20230410 @@ -207,12 +198,12 @@ git_secure_clone "https://github.com/brunoos/luasec.git" "fddde111f7fe9ad5417d75 # lua-resty-ipmatcher v0.6.1 (3 commits after just in case) echo "ℹ️ Downloading lua-resty-ipmatcher" dopatch="no" -if [ ! -d "deps/src/lua-resty-ipmatcher" ] ; then +if [ ! -d "src/deps/src/lua-resty-ipmatcher" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/api7/lua-resty-ipmatcher.git" "7fbb618f7221b1af1451027d3c64e51f3182761c" if [ "$dopatch" = "yes" ] ; then - do_and_check_cmd patch deps/src/lua-resty-ipmatcher/resty/ipmatcher.lua deps/misc/ipmatcher.patch + do_and_check_cmd patch src/deps/src/lua-resty-ipmatcher/resty/ipmatcher.lua src/deps/misc/ipmatcher.patch fi # lua-resty-redis v0.30 @@ -226,12 +217,12 @@ git_secure_clone "https://github.com/openresty/lua-resty-upload.git" "03704aee42 # luajit-geoip v2.1.0 echo "ℹ️ Downloading luajit-geoip" dopatch="no" -if [ ! -d "deps/src/luajit-geoip" ] ; then +if [ ! -d "src/deps/src/luajit-geoip" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/leafo/luajit-geoip.git" "12a9388207f40c37ad5cf6de2f8e0cc72bf13477" if [ "$dopatch" = "yes" ] ; then - do_and_check_cmd patch deps/src/luajit-geoip/geoip/mmdb.lua deps/misc/mmdb.patch + do_and_check_cmd patch src/deps/src/luajit-geoip/geoip/mmdb.lua src/deps/misc/mmdb.patch fi # lbase64 v1.5.3 @@ -257,23 +248,23 @@ git_secure_clone "https://github.com/openresty/lua-resty-lock.git" "9dc550e56b6f # lua-resty-openssl v0.8.23 echo "ℹ️ Downloading lua-resty-openssl" dopatch="no" -if [ ! -d "deps/src/lua-resty-openssl" ] ; then +if [ ! -d "src/deps/src/lua-resty-openssl" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/fffonion/lua-resty-openssl.git" "b23c072a405b749ac60d21e3946cbf57a959b780" if [ "$dopatch" == "yes" ] ; then - do_and_check_cmd rm -r deps/src/lua-resty-openssl/t + do_and_check_cmd rm -r src/deps/src/lua-resty-openssl/t fi # lua-ffi-zlib v0.5.0 echo "ℹ️ Downloading lua-ffi-zlib" dopatch="no" -if [ ! -d "deps/src/lua-ffi-zlib" ] ; then +if [ ! -d "src/deps/src/lua-ffi-zlib" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/hamishforbes/lua-ffi-zlib.git" "1fb69ca505444097c82d2b72e87904f3ed923ae9" if [ "$dopatch" = "yes" ] ; then - do_and_check_cmd patch deps/src/lua-ffi-zlib/lib/ffi-zlib.lua deps/misc/lua-ffi-zlib.patch + do_and_check_cmd patch src/deps/src/lua-ffi-zlib/lib/ffi-zlib.lua src/deps/misc/lua-ffi-zlib.patch fi # lua-resty-signal v0.03 @@ -283,34 +274,34 @@ git_secure_clone "https://github.com/openresty/lua-resty-signal.git" "d07163e8cf # ModSecurity v3.0.9 echo "ℹ️ Downloading ModSecurity" dopatch="no" -if [ ! -d "deps/src/ModSecurity" ] ; then +if [ ! -d "src/deps/src/ModSecurity" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/SpiderLabs/ModSecurity.git" "205dac0e8c675182f96b5c2fb06be7d1cf7af2b2" if [ "$dopatch" = "yes" ] ; then - do_and_check_cmd patch deps/src/ModSecurity/configure.ac deps/misc/modsecurity.patch - do_and_check_cmd rm -rf deps/src/ModSecurity/others/libinjection + do_and_check_cmd patch src/deps/src/ModSecurity/configure.ac src/deps/misc/modsecurity.patch + do_and_check_cmd rm -rf src/deps/src/ModSecurity/others/libinjection fi # libinjection v3.10.0+ # TODO: check if the latest commit is fine echo "ℹ️ Downloading libinjection" git_secure_clone "https://github.com/libinjection/libinjection.git" "49904c42a6e68dc8f16c022c693e897e4010a06c" -do_and_check_cmd cp -r deps/src/libinjection deps/src/ModSecurity/others +do_and_check_cmd cp -r src/deps/src/libinjection src/deps/src/ModSecurity/others # ModSecurity-nginx v1.0.3 echo "ℹ️ Downloading ModSecurity-nginx" dopatch="no" -if [ ! -d "deps/src/ModSecurity-nginx" ] ; then +if [ ! -d "src/deps/src/ModSecurity-nginx" ] ; then dopatch="yes" fi git_secure_clone "https://github.com/SpiderLabs/ModSecurity-nginx.git" "d59e4ad121df702751940fd66bcc0b3ecb51a079" if [ "$dopatch" = "yes" ] ; then - do_and_check_cmd patch deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_log.c deps/misc/modsecurity-nginx.patch - do_and_check_cmd patch deps/src/ModSecurity-nginx/config deps/misc/config.patch - do_and_check_cmd patch deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_common.h deps/misc/ngx_http_modsecurity_common.h.patch - do_and_check_cmd patch deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_module.c deps/misc/ngx_http_modsecurity_module.c.patch - do_and_check_cmd cp deps/misc/ngx_http_modsecurity_access.c deps/src/ModSecurity-nginx/src + do_and_check_cmd patch src/deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_log.c src/deps/misc/modsecurity-nginx.patch + do_and_check_cmd patch src/deps/src/ModSecurity-nginx/config src/deps/misc/config.patch + do_and_check_cmd patch src/deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_common.h src/deps/misc/ngx_http_modsecurity_common.h.patch + do_and_check_cmd patch src/deps/src/ModSecurity-nginx/src/ngx_http_modsecurity_module.c src/deps/misc/ngx_http_modsecurity_module.c.patch + do_and_check_cmd cp src/deps/misc/ngx_http_modsecurity_access.c src/deps/src/ModSecurity-nginx/src fi # libmaxminddb v1.7.1 diff --git a/src/deps/deps.json b/src/deps/deps.json new file mode 100644 index 000000000..21ad94c3b --- /dev/null +++ b/src/deps/deps.json @@ -0,0 +1,233 @@ +{ + "download": [ + { + "name": "Lua", + "url": "https://www.lua.org/ftp/lua-5.1.5.tar.gz", + "sha512": "0142fefcbd13afcd9b201403592aa60620011cc8e8559d4d2db2f92739d18186860989f48caa45830ff4f99bfc7483287fd3ff3a16d4dec928e2767ce4d542a9" + } + ], + "git_repository": [ + { + "id": "luajit", + "name": "LuaJIT", + "url": "https://github.com/openresty/luajit2.git", + "commit": "v2.1-20230410" + }, + { + "id": "modsecurity", + "name": "ModSecurity", + "url": "https://github.com/SpiderLabs/ModSecurity.git", + "commit": "v3.0.9" + }, + { + "id": "modsecurity-nginx", + "name": "ModSecurity-nginx", + "url": "https://github.com/SpiderLabs/ModSecurity-nginx.git", + "commit": "v1.0.3" + }, + { + "id": "nginx", + "name": "Nginx", + "url": "https://github.com/nginx/nginx.git", + "commit": "release-1.24.0" + }, + { + "id": "ngx_brotli", + "name": "Nginx Brotli v1.0.9", + "url": "https://github.com/google/ngx_brotli.git", + "commit": "6e975bcb015f62e1f303054897783355e2a877dc" + }, + { + "id": "nginx_cookie_flag_module", + "name": "Nginx cookie flag module", + "url": "https://github.com/AirisX/nginx_cookie_flag_module.git", + "commit": "v1.1.0" + }, + { + "id": "ngx_devel_kit", + "name": "Nginx devel kit", + "url": "https://github.com/vision5/ngx_devel_kit.git", + "commit": "v0.3.2" + }, + { + "id": "headers-more-nginx-module", + "name": "headers-more-nginx-module", + "url": "https://github.com/openresty/headers-more-nginx-module.git", + "commit": "v0.34" + }, + { + "id": "lbase64", + "name": "lbase64", + "url": "https://github.com/iskolbin/lbase64.git", + "commit": "v1.5.3" + }, + { + "id": "libmaxminddb", + "name": "libmaxminddb", + "url": "https://github.com/maxmind/libmaxminddb.git", + "commit": "1.7.1" + }, + { + "id": "lua-cjson", + "name": "lua-cjson", + "url": "https://github.com/openresty/lua-cjson.git", + "commit": "2.1.0.12" + }, + { + "id": "lua-ffi-zlib", + "name": "lua-ffi-zlib", + "url": "https://github.com/hamishforbes/lua-ffi-zlib.git", + "commit": "v0.5" + }, + { + "id": "lua-ffi-zlib", + "name": "lua-ffi-zlib", + "url": "https://github.com/hamishforbes/lua-ffi-zlib.git", + "commit": "v0.5" + }, + { + "id": "lua-gd", + "name": "lua-gd v2.0.33r3+", + "url": "https://github.com/ittner/lua-gd.git", + "commit": "2ce8e478a8591afd71e607506bc8c64b161bbd30" + }, + { + "id": "lua-nginx-module", + "name": "lua-nginx-module", + "url": "https://github.com/openresty/lua-nginx-module.git", + "commit": "v0.10.25" + }, + { + "id": "lua-resty-core", + "name": "lua-resty-core", + "url": "https://github.com/openresty/lua-resty-core.git", + "commit": "v0.1.27" + }, + { + "id": "lua-resty-dns", + "name": "lua-resty-dns", + "url": "https://github.com/openresty/lua-resty-dns.git", + "commit": "v0.22" + }, + { + "id": "lua-resty-env", + "name": "lua-resty-env", + "url": "https://github.com/3scale/lua-resty-env.git", + "commit": "v0.4.0" + }, + { + "id": "lua-resty-http", + "name": "lua-resty-http", + "url": "https://github.com/ledgetech/lua-resty-http.git", + "commit": "v0.17.1" + }, + { + "id": "lua-resty-ipmatcher", + "name": "lua-resty-ipmatcher v0.6.1 (3 commits after just in case)", + "url": "https://github.com/api7/lua-resty-ipmatcher.git", + "commit": "7fbb618f7221b1af1451027d3c64e51f3182761c" + }, + { + "id": "lua-resty-lock", + "name": "lua-resty-lock", + "url": "https://github.com/openresty/lua-resty-lock.git", + "commit": "v0.09" + }, + { + "id": "lua-resty-lrucache", + "name": "lua-resty-lrucache", + "url": "https://github.com/openresty/lua-resty-lrucache.git", + "commit": "v0.13" + }, + { + "id": "lua-resty-mlcache", + "name": "lua-resty-mlcache", + "url": "https://github.com/thibaultcha/lua-resty-mlcache.git", + "commit": "2.6.0" + }, + { + "id": "lua-resty-openssl", + "name": "lua-resty-openssl", + "url": "https://github.com/fffonion/lua-resty-openssl.git", + "commit": "0.8.23" + }, + { + "id": "lua-resty-random", + "name": "lua-resty-random (latest commit)", + "url": "https://github.com/bungle/lua-resty-random.git", + "commit": "17b604f7f7dd217557ca548fc1a9a0d373386480" + }, + { + "id": "lua-resty-redis", + "name": "lua-resty-redis", + "url": "https://github.com/openresty/lua-resty-redis.git", + "commit": "v0.30" + }, + { + "id": "lua-resty-session", + "name": "lua-resty-session", + "url": "https://github.com/bungle/lua-resty-session.git", + "commit": "v4.0.4" + }, + { + "id": "lua-resty-signal", + "name": "lua-resty-signal", + "url": "https://github.com/openresty/lua-resty-signal.git", + "commit": "v0.03" + }, + { + "id": "lua-resty-string", + "name": "lua-resty-string", + "url": "https://github.com/openresty/lua-resty-string.git", + "commit": "v0.15" + }, + { + "id": "lua-resty-template", + "name": "lua-resty-template", + "url": "https://github.com/bungle/lua-resty-template.git", + "commit": "v2.0" + }, + { + "id": "lua-resty-upload", + "name": "lua-resty-upload", + "url": "https://github.com/openresty/lua-resty-upload.git", + "commit": "v0.11" + }, + { + "id": "luajit-geoip", + "name": "luajit-geoip", + "url": "https://github.com/leafo/luajit-geoip.git", + "commit": "v2.1.0" + }, + { + "id": "lualogging", + "name": "lualogging", + "url": "https://github.com/lunarmodules/lualogging.git", + "commit": "v1.8.2" + }, + { + "id": "luasec", + "name": "luasec", + "url": "https://github.com/brunoos/luasec.git", + "commit": "v1.3.1" + }, + { + "id": "luasocket", + "name": "luasocket", + "url": "https://github.com/diegonehab/luasocket.git", + "commit": "v3.1.0" + }, + { + "id": "stream-lua-nginx-module", + "name": "stream-lua-nginx-module", + "url": "https://github.com/openresty/stream-lua-nginx-module.git", + "commit": "v0.0.13" + }, + { + "id": "zlib", + "name": "zlib", + "url": "https://github.com/madler/zlib.git", + "commit": "v1.2.13" + } + ] +} diff --git a/src/deps/install.sh b/src/deps/install.sh index 987289205..3ce8f46e0 100755 --- a/src/deps/install.sh +++ b/src/deps/install.sh @@ -41,16 +41,19 @@ CHANGE_DIR="/tmp/bunkerweb/deps/src/zlib" do_and_check_cmd make install echo "ℹ️ Compiling and installing ModSecurity" # temp fix : Debian run it twice # TODO : patch it in clone.sh -cd /tmp/bunkerweb/deps/src/ModSecurity && ./build.sh > /dev/null 2>&1 -CHANGE_DIR="/tmp/bunkerweb/deps/src/ModSecurity" do_and_check_cmd sh build.sh -CHANGE_DIR="/tmp/bunkerweb/deps/src/ModSecurity" do_and_check_cmd ./configure --disable-dependency-tracking --disable-static --disable-examples --disable-doxygen-doc --disable-doxygen-html --disable-valgrind-memcheck --disable-valgrind-helgrind --prefix=/usr/share/bunkerweb/deps --with-maxmind=/usr/share/bunkerweb/deps -CHANGE_DIR="/tmp/bunkerweb/deps/src/ModSecurity" do_and_check_cmd make -j $NTASK -CHANGE_DIR="/tmp/bunkerweb/deps/src/ModSecurity" do_and_check_cmd make install-strip +do_and_check_cmd patch /tmp/bunkerweb/deps/src/modsecurity/configure.ac /tmp/bunkerweb/deps/misc/modsecurity.patch +CHANGE_DIR="/tmp/bunkerweb/deps/src/modsecurity" do_and_check_cmd rm -rf others/libinjection +do_and_check_cmd cp -r /tmp/bunkerweb/deps/src/libinjection /tmp/bunkerweb/deps/src/modsecurity/others/libinjection +cd /tmp/bunkerweb/deps/src/modsecurity && ./build.sh > /dev/null 2>&1 +CHANGE_DIR="/tmp/bunkerweb/deps/src/modsecurity" do_and_check_cmd sh build.sh +CHANGE_DIR="/tmp/bunkerweb/deps/src/modsecurity" do_and_check_cmd ./configure --disable-dependency-tracking --disable-static --disable-examples --disable-doxygen-doc --disable-doxygen-html --disable-valgrind-memcheck --disable-valgrind-helgrind --prefix=/usr/share/bunkerweb/deps --with-maxmind=/usr/share/bunkerweb/deps +CHANGE_DIR="/tmp/bunkerweb/deps/src/modsecurity" do_and_check_cmd make -j $NTASK +CHANGE_DIR="/tmp/bunkerweb/deps/src/modsecurity" do_and_check_cmd make install-strip -# Compiling and installing luajit2 -echo "ℹ️ Compiling and installing luajit2" -CHANGE_DIR="/tmp/bunkerweb/deps/src/luajit2" do_and_check_cmd make -j $NTASK -CHANGE_DIR="/tmp/bunkerweb/deps/src/luajit2" do_and_check_cmd make PREFIX=/usr/share/bunkerweb/deps install +# Compiling and installing luajit +echo "ℹ️ Compiling and installing luajit" +CHANGE_DIR="/tmp/bunkerweb/deps/src/luajit" do_and_check_cmd make -j $NTASK +CHANGE_DIR="/tmp/bunkerweb/deps/src/luajit" do_and_check_cmd make PREFIX=/usr/share/bunkerweb/deps install # Installing lua-resty-core echo "ℹ️ Installing openresty/lua-resty-core" @@ -107,6 +110,7 @@ CHANGE_DIR="/tmp/bunkerweb/deps/src/luasec" do_and_check_cmd make LUACPATH=/usr/ # Installing lua-resty-ipmatcher echo "ℹ️ Installing lua-resty-ipmatcher" +do_and_check_cmd patch /tmp/bunkerweb/deps/src/lua-resty-ipmatcher/resty/ipmatcher.lua /tmp/bunkerweb/deps/misc/ipmatcher.patch CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-ipmatcher" do_and_check_cmd make INST_PREFIX=/usr/share/bunkerweb/deps INST_LIBDIR=/usr/share/bunkerweb/deps/lib/lua INST_LUADIR=/usr/share/bunkerweb/deps/lib/lua install # Installing lua-resty-redis @@ -119,6 +123,7 @@ CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-upload" do_and_check_cmd make PREF # Installing lujit-geoip echo "ℹ️ Installing luajit-geoip" +do_and_check_cmd patch /tmp/bunkerweb/deps/src/luajit-geoip/geoip/mmdb.lua /tmp/bunkerweb/deps/misc/mmdb.patch do_and_check_cmd cp -r /tmp/bunkerweb/deps/src/luajit-geoip/geoip /usr/share/bunkerweb/deps/lib/lua # Installing lbase64 @@ -143,11 +148,13 @@ CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-lock" do_and_check_cmd make PREFIX # Installing lua-resty-openssl echo "ℹ️ Installing lua-resty-openssl" +do_and_check_cmd rm -r /tmp/bunkerweb/deps/src/lua-resty-openssl/t CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-openssl" do_and_check_cmd make LUA_LIB_DIR=/usr/share/bunkerweb/deps/lib/lua install do_and_check_cmd cp /tmp/bunkerweb/deps/src/lua-resty-openssl/lib/resty/openssl.lua /usr/share/bunkerweb/deps/lib/lua/resty # Installing lua-ffi-zlib echo "ℹ️ Installing lua-ffi-zlib" +do_and_check_cmd patch /tmp/bunkerweb/deps/src/lua-ffi-zlib/lib/ffi-zlib.lua /tmp/bunkerweb/deps/misc/lua-ffi-zlib.patch do_and_check_cmd cp /tmp/bunkerweb/deps/src/lua-ffi-zlib/lib/ffi-zlib.lua /usr/share/bunkerweb/deps/lib/lua # Installing lua-resty-signal @@ -155,6 +162,12 @@ echo "ℹ️ Installing lua-resty-signal" CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-signal" do_and_check_cmd make PREFIX=/usr/share/bunkerweb/deps -j $NTASK CHANGE_DIR="/tmp/bunkerweb/deps/src/lua-resty-signal" do_and_check_cmd make PREFIX=/usr/share/bunkerweb/deps LUA_LIB_DIR=/usr/share/bunkerweb/deps/lib/lua install +do_and_check_cmd patch /tmp/bunkerweb/deps/src/modsecurity-nginx/src/ngx_http_modsecurity_log.c /tmp/bunkerweb/deps/misc/modsecurity-nginx.patch +do_and_check_cmd patch /tmp/bunkerweb/deps/src/modsecurity-nginx/config /tmp/bunkerweb/deps/misc/config.patch +do_and_check_cmd patch /tmp/bunkerweb/deps/src/modsecurity-nginx/src/ngx_http_modsecurity_common.h /tmp/bunkerweb/deps/misc/ngx_http_modsecurity_common.h.patch +do_and_check_cmd patch /tmp/bunkerweb/deps/src/modsecurity-nginx/src/ngx_http_modsecurity_module.c /tmp/bunkerweb/deps/misc/ngx_http_modsecurity_module.c.patch +do_and_check_cmd cp /tmp/bunkerweb/deps/misc/ngx_http_modsecurity_access.c /tmp/bunkerweb/deps/src/modsecurity-nginx/src + # Compile dynamic modules echo "ℹ️ Compiling and installing dynamic modules" CONFARGS="$(nginx -V 2>&1 | sed -n -e 's/^.*arguments: //p')" @@ -164,8 +177,10 @@ CONFARGS="$(echo -n "$CONFARGS" | sed "s/--with-ld-opt='-Wl/--with-ld-opt='-lpcr if [ "$OS" = "fedora" ] ; then CONFARGS="$(echo -n "$CONFARGS" | sed "s/--with-ld-opt='.*'/--with-ld-opt=-lpcre/" | sed "s/--with-cc-opt='.*'//")" fi + +CHANGE_DIR="/tmp/bunkerweb/deps/src/nginx" do_and_check_cmd mv auto/configure ./ echo '#!/bin/bash' > "/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}/configure-fix.sh" -echo "./configure $CONFARGS --add-dynamic-module=/tmp/bunkerweb/deps/src/headers-more-nginx-module --add-dynamic-module=/tmp/bunkerweb/deps/src/nginx_cookie_flag_module --add-dynamic-module=/tmp/bunkerweb/deps/src/lua-nginx-module --add-dynamic-module=/tmp/bunkerweb/deps/src/ngx_brotli --add-dynamic-module=/tmp/bunkerweb/deps/src/ngx_devel_kit --add-dynamic-module=/tmp/bunkerweb/deps/src/stream-lua-nginx-module" --add-dynamic-module=/tmp/bunkerweb/deps/src/ModSecurity-nginx >> "/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}/configure-fix.sh" +echo "./configure $CONFARGS --add-dynamic-module=/tmp/bunkerweb/deps/src/headers-more-nginx-module --add-dynamic-module=/tmp/bunkerweb/deps/src/nginx_cookie_flag_module --add-dynamic-module=/tmp/bunkerweb/deps/src/lua-nginx-module --add-dynamic-module=/tmp/bunkerweb/deps/src/ngx_brotli --add-dynamic-module=/tmp/bunkerweb/deps/src/ngx_devel_kit --add-dynamic-module=/tmp/bunkerweb/deps/src/stream-lua-nginx-module" --add-dynamic-module=/tmp/bunkerweb/deps/src/modsecurity-nginx >> "/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}/configure-fix.sh" do_and_check_cmd chmod +x "/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}/configure-fix.sh" CHANGE_DIR="/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}" LUAJIT_LIB="/usr/share/bunkerweb/deps/lib -Wl,-rpath,/usr/share/bunkerweb/deps/lib" LUAJIT_INC="/usr/share/bunkerweb/deps/include/luajit-2.1" MODSECURITY_LIB="/usr/share/bunkerweb/deps/lib" MODSECURITY_INC="/usr/share/bunkerweb/deps/include" do_and_check_cmd ./configure-fix.sh CHANGE_DIR="/tmp/bunkerweb/deps/src/nginx-${NGINX_VERSION}" do_and_check_cmd make -j $NTASK modules