From 69b8a7a72af666dacd90cf627d225a64e6580763 Mon Sep 17 00:00:00 2001 From: Marcin Deranek Date: Wed, 5 Jul 2023 00:08:34 +0200 Subject: Dropping www-servers/nginx as already upstream --- .../nginx/files/http_brotli-detect-brotli-r3.patch | 28 --- .../nginx/files/http_cache_purge-1.11.6+.patch | 22 -- .../nginx/files/http_sticky-nginx-1.23.0.patch | 25 --- .../files/http_uploadprogress-nginx-1.23.0.patch | 74 ------- .../files/http_upstream_check-nginx-1.11.5+.patch | 246 --------------------- .../files/nginx-1.23.2-mod_auth_ldap-fix.patch | 21 -- .../files/nginx-1.4.1-fix-perl-install-path.patch | 13 -- .../nginx/files/nginx-httpoxy-mitigation-r1.patch | 54 ----- www-servers/nginx/files/nginx.conf-r3 | 70 ------ www-servers/nginx/files/nginx.confd | 32 --- www-servers/nginx/files/nginx.initd-r4 | 92 -------- www-servers/nginx/files/nginx.logrotate-r1 | 11 - www-servers/nginx/files/nginx.service-r1 | 15 -- 13 files changed, 703 deletions(-) delete mode 100644 www-servers/nginx/files/http_brotli-detect-brotli-r3.patch delete mode 100644 www-servers/nginx/files/http_cache_purge-1.11.6+.patch delete mode 100644 www-servers/nginx/files/http_sticky-nginx-1.23.0.patch delete mode 100644 www-servers/nginx/files/http_uploadprogress-nginx-1.23.0.patch delete mode 100644 www-servers/nginx/files/http_upstream_check-nginx-1.11.5+.patch delete mode 100644 www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch delete mode 100644 www-servers/nginx/files/nginx-1.4.1-fix-perl-install-path.patch delete mode 100644 www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch delete mode 100644 www-servers/nginx/files/nginx.conf-r3 delete mode 100644 www-servers/nginx/files/nginx.confd delete mode 100644 www-servers/nginx/files/nginx.initd-r4 delete mode 100644 www-servers/nginx/files/nginx.logrotate-r1 delete mode 100644 www-servers/nginx/files/nginx.service-r1 (limited to 'www-servers/nginx/files') diff --git a/www-servers/nginx/files/http_brotli-detect-brotli-r3.patch b/www-servers/nginx/files/http_brotli-detect-brotli-r3.patch deleted file mode 100644 index 9ccb8c2..0000000 --- a/www-servers/nginx/files/http_brotli-detect-brotli-r3.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- a/filter/config -+++ b/filter/config -@@ -42,22 +42,13 @@ fi - ngx_module_type=HTTP_FILTER - ngx_module_name=ngx_http_brotli_filter_module - --brotli="$ngx_addon_dir/deps/brotli/c" --if [ ! -f "$brotli/include/brotli/encode.h" ]; then -- brotli="/usr/local" --fi --if [ ! -f "$brotli/include/brotli/encode.h" ]; then -- brotli="/usr" --fi -+brotli=$(pkg-config --variable=prefix libbrotlienc) -+ - if [ ! -f "$brotli/include/brotli/encode.h" ]; then - cat << END - - $0: error: \ --Brotli library is missing from the $brotli directory. -- --Please make sure that the git submodule has been checked out: -- -- cd $ngx_addon_dir && git submodule update --init && cd $PWD -+Brotli library not found. Don't you have app-arch/brotli installed? - - END - exit 1 diff --git a/www-servers/nginx/files/http_cache_purge-1.11.6+.patch b/www-servers/nginx/files/http_cache_purge-1.11.6+.patch deleted file mode 100644 index c4596bf..0000000 --- a/www-servers/nginx/files/http_cache_purge-1.11.6+.patch +++ /dev/null @@ -1,22 +0,0 @@ -Fix compatibility with nginx-1.11.6+ - -https://github.com/FRiCKLE/ngx_cache_purge/pull/51 - ---- - ngx_cache_purge_module.c | 4 ++++ - 1 file changed, 4 insertions(+) - ---- a/ngx_cache_purge_module.c -+++ b/ngx_cache_purge_module.c -@@ -492,7 +492,11 @@ typedef struct { - ngx_str_t body_source; - # endif /* nginx_version < 1007008 */ - -+# if (nginx_version >= 1011006) -+ ngx_http_complex_value_t *method; -+# else - ngx_str_t method; -+# endif /* nginx_version >= 1011006 */ - ngx_str_t location; - ngx_str_t url; - diff --git a/www-servers/nginx/files/http_sticky-nginx-1.23.0.patch b/www-servers/nginx/files/http_sticky-nginx-1.23.0.patch deleted file mode 100644 index da6126e..0000000 --- a/www-servers/nginx/files/http_sticky-nginx-1.23.0.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 105c946c0c1af93099502417784888acf60da540 Mon Sep 17 00:00:00 2001 -From: Younes El-karama -Date: Sat, 2 Jul 2022 04:56:12 +0000 -Subject: [PATCH] make it compatible with nginx 1.23 - ---- - ngx_http_sticky_module.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ngx_http_sticky_module.c b/ngx_http_sticky_module.c -index c9a0a04..37b5bc3 100644 ---- a/ngx_http_sticky_module.c -+++ b/ngx_http_sticky_module.c -@@ -204,7 +204,7 @@ static ngx_int_t ngx_http_init_sticky_peer(ngx_http_request_t *r, ngx_http_upstr - iphp->request = r; - - /* check weather a cookie is present or not and save it */ -- if (ngx_http_parse_multi_header_lines(&r->headers_in.cookies, &iphp->sticky_conf->cookie_name, &route) != NGX_DECLINED) { -+ if (ngx_http_parse_multi_header_lines(r, r->headers_in.cookie, &iphp->sticky_conf->cookie_name, &route) != NULL) { - /* a route cookie has been found. Let's give it a try */ - ngx_log_debug(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "[sticky/init_sticky_peer] got cookie route=%V, let's try to find a matching peer", &route); - --- -2.36.1 - diff --git a/www-servers/nginx/files/http_uploadprogress-nginx-1.23.0.patch b/www-servers/nginx/files/http_uploadprogress-nginx-1.23.0.patch deleted file mode 100644 index 3635aa4..0000000 --- a/www-servers/nginx/files/http_uploadprogress-nginx-1.23.0.patch +++ /dev/null @@ -1,74 +0,0 @@ -diff -pNura http-uploadprogress.orig/ngx_http_uploadprogress_module.c http-uploadprogress/ngx_http_uploadprogress_module.c ---- http-uploadprogress.orig/ngx_http_uploadprogress_module.c 2020-10-03 02:05:45.000000000 +0700 -+++ http-uploadprogress/ngx_http_uploadprogress_module.c 2022-06-24 16:24:16.196626939 +0700 -@@ -550,12 +550,12 @@ ngx_http_reportuploads_handler(ngx_http_ - ngx_chain_t out; - ngx_int_t rc, found=0, done=0, err_status=0; - off_t rest=0, length=0; -- ngx_uint_t len, i; -+ ngx_uint_t len; - ngx_slab_pool_t *shpool; - ngx_http_uploadprogress_conf_t *upcf; - ngx_http_uploadprogress_ctx_t *ctx; - ngx_http_uploadprogress_node_t *up; -- ngx_table_elt_t *expires, *cc, **ccp; -+ ngx_table_elt_t *expires, *cc; - ngx_http_uploadprogress_state_t state; - ngx_http_uploadprogress_template_t *t; - -@@ -628,6 +628,7 @@ ngx_http_reportuploads_handler(ngx_http_ - } - - r->headers_out.expires = expires; -+ expires->next = NULL; - - expires->hash = 1; - expires->key.len = sizeof("Expires") - 1; -@@ -637,37 +638,30 @@ ngx_http_reportuploads_handler(ngx_http_ - len = sizeof("Mon, 28 Sep 1970 06:00:00 GMT"); - expires->value.len = len - 1; - -- ccp = r->headers_out.cache_control.elts; -- if (ccp == NULL) { -+ cc = r->headers_out.cache_control; - -- if (ngx_array_init(&r->headers_out.cache_control, r->pool, -- 1, sizeof(ngx_table_elt_t *)) -- != NGX_OK) { -- return NGX_HTTP_INTERNAL_SERVER_ERROR; -- } -- -- ccp = ngx_array_push(&r->headers_out.cache_control); -- if (ccp == NULL) { -- return NGX_HTTP_INTERNAL_SERVER_ERROR; -- } -+ if (cc == NULL) { - - cc = ngx_list_push(&r->headers_out.headers); - if (cc == NULL) { -+ expires->hash = 0; - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - -+ r->headers_out.cache_control = cc; -+ cc->next = NULL; -+ - cc->hash = 1; - cc->key.len = sizeof("Cache-Control") - 1; - cc->key.data = (u_char *) "Cache-Control"; - -- *ccp = cc; -- - } else { -- for (i = 1; i < r->headers_out.cache_control.nelts; i++) { -- ccp[i]->hash = 0; -+ for (cc = cc->next; cc; cc = cc->next) { -+ cc->hash = 0; - } - -- cc = ccp[0]; -+ cc = r->headers_out.cache_control; -+ cc->next = NULL; - } - - expires->value.data = (u_char *) "Thu, 01 Jan 1970 00:00:01 GMT"; diff --git a/www-servers/nginx/files/http_upstream_check-nginx-1.11.5+.patch b/www-servers/nginx/files/http_upstream_check-nginx-1.11.5+.patch deleted file mode 100644 index a894bde..0000000 --- a/www-servers/nginx/files/http_upstream_check-nginx-1.11.5+.patch +++ /dev/null @@ -1,246 +0,0 @@ -Upstream: https://github.com/yaoweibin/nginx_upstream_check_module/pull/119 - -diff --git src/http/modules/ngx_http_upstream_hash_module.c src/http/modules/ngx_http_upstream_hash_module.c -index 6c28c64..a187887 100644 ---- src/http/modules/ngx_http_upstream_hash_module.c -+++ src/http/modules/ngx_http_upstream_hash_module.c -@@ -9,6 +9,9 @@ - #include - #include - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+#include "ngx_http_upstream_check_module.h" -+#endif - - typedef struct { - uint32_t hash; -@@ -235,6 +238,16 @@ ngx_http_upstream_get_hash_peer(ngx_peer_connection_t *pc, void *data) - goto next; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, -+ "get hash peer, check_index: %ui", -+ peer->check_index); -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ goto next; -+ } -+#endif -+ -+ - if (peer->max_fails - && peer->fails >= peer->max_fails - && now - peer->checked <= peer->fail_timeout) -@@ -538,6 +551,15 @@ ngx_http_upstream_get_chash_peer(ngx_peer_connection_t *pc, void *data) - continue; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, -+ "get consistent_hash peer, check_index: %ui", -+ peer->check_index); -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ continue; -+ } -+#endif -+ - if (peer->server.len != server->len - || ngx_strncmp(peer->server.data, server->data, server->len) - != 0) -diff --git src/http/modules/ngx_http_upstream_ip_hash_module.c src/http/modules/ngx_http_upstream_ip_hash_module.c -index 296108f..135ce5d 100644 ---- src/http/modules/ngx_http_upstream_ip_hash_module.c -+++ src/http/modules/ngx_http_upstream_ip_hash_module.c -@@ -9,6 +9,9 @@ - #include - #include - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+#include "ngx_http_upstream_check_module.h" -+#endif - - typedef struct { - /* the round robin data must be first */ -@@ -205,6 +208,15 @@ ngx_http_upstream_get_ip_hash_peer(ngx_peer_connection_t *pc, void *data) - goto next; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, -+ "get ip_hash peer, check_index: %ui", -+ peer->check_index); -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ goto next; -+ } -+#endif -+ - if (peer->max_fails - && peer->fails >= peer->max_fails - && now - peer->checked <= peer->fail_timeout) -diff --git src/http/modules/ngx_http_upstream_least_conn_module.c src/http/modules/ngx_http_upstream_least_conn_module.c -index ebe0627..94f1883 100644 ---- src/http/modules/ngx_http_upstream_least_conn_module.c -+++ src/http/modules/ngx_http_upstream_least_conn_module.c -@@ -9,6 +9,10 @@ - #include - #include - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+#include "ngx_http_upstream_check_module.h" -+#endif -+ - - static ngx_int_t ngx_http_upstream_init_least_conn_peer(ngx_http_request_t *r, - ngx_http_upstream_srv_conf_t *us); -@@ -147,6 +151,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data) - continue; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, -+ "get least_conn peer, check_index: %ui", -+ peer->check_index); -+ -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ continue; -+ } -+#endif -+ - if (peer->max_fails - && peer->fails >= peer->max_fails - && now - peer->checked <= peer->fail_timeout) -@@ -202,6 +216,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data) - continue; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, -+ "get least_conn peer, check_index: %ui", -+ peer->check_index); -+ -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ continue; -+ } -+#endif -+ - if (peer->conns * best->weight != best->conns * peer->weight) { - continue; - } -diff --git src/http/ngx_http_upstream_round_robin.c src/http/ngx_http_upstream_round_robin.c -index 0137bf6..99f0923 100644 ---- src/http/ngx_http_upstream_round_robin.c -+++ src/http/ngx_http_upstream_round_robin.c -@@ -9,6 +9,9 @@ - #include - #include - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+#include "ngx_http_upstream_check_module.h" -+#endif - - #define ngx_http_upstream_tries(p) ((p)->number \ - + ((p)->next ? (p)->next->number : 0)) -@@ -97,7 +100,14 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf, - peer[n].fail_timeout = server[i].fail_timeout; - peer[n].down = server[i].down; - peer[n].server = server[i].name; -- -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ if (!server[i].down) { -+ peer[n].check_index = -+ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]); -+ } else { -+ peer[n].check_index = (ngx_uint_t) NGX_ERROR; -+ } -+#endif - *peerp = &peer[n]; - peerp = &peer[n].next; - n++; -@@ -161,7 +171,15 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf, - peer[n].fail_timeout = server[i].fail_timeout; - peer[n].down = server[i].down; - peer[n].server = server[i].name; -- -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ if (!server[i].down) { -+ peer[n].check_index = -+ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]); -+ } -+ else { -+ peer[n].check_index = (ngx_uint_t) NGX_ERROR; -+ } -+#endif - *peerp = &peer[n]; - peerp = &peer[n].next; - n++; -@@ -228,6 +246,9 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf, - peer[i].max_conns = 0; - peer[i].max_fails = 1; - peer[i].fail_timeout = 10; -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ peer[i].check_index = (ngx_uint_t) NGX_ERROR; -+#endif - *peerp = &peer[i]; - peerp = &peer[i].next; - } -@@ -344,6 +365,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r, - peer[0].max_conns = 0; - peer[0].max_fails = 1; - peer[0].fail_timeout = 10; -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ peer[0].check_index = (ngx_uint_t) NGX_ERROR; -+#endif - peers->peer = peer; - - } else { -@@ -378,6 +402,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r, - peer[i].max_conns = 0; - peer[i].max_fails = 1; - peer[i].fail_timeout = 10; -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ peer[i].check_index = (ngx_uint_t) NGX_ERROR; -+#endif - *peerp = &peer[i]; - peerp = &peer[i].next; - } -@@ -443,6 +470,12 @@ ngx_http_upstream_get_round_robin_peer(ngx_peer_connection_t *pc, void *data) - goto failed; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ goto failed; -+ } -+#endif -+ - rrp->current = peer; - - } else { -@@ -537,6 +570,12 @@ ngx_http_upstream_get_peer(ngx_http_upstream_rr_peer_data_t *rrp) - continue; - } - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ if (ngx_http_upstream_check_peer_down(peer->check_index)) { -+ continue; -+ } -+#endif -+ - if (peer->max_fails - && peer->fails >= peer->max_fails - && now - peer->checked <= peer->fail_timeout) -diff --git src/http/ngx_http_upstream_round_robin.h src/http/ngx_http_upstream_round_robin.h -index 45f258d..dee91d0 100644 ---- src/http/ngx_http_upstream_round_robin.h -+++ src/http/ngx_http_upstream_round_robin.h -@@ -38,6 +38,10 @@ struct ngx_http_upstream_rr_peer_s { - ngx_msec_t slow_start; - ngx_msec_t start_time; - -+#if (NGX_HTTP_UPSTREAM_CHECK) -+ ngx_uint_t check_index; -+#endif -+ - ngx_uint_t down; - - #if (NGX_HTTP_SSL || NGX_COMPAT) diff --git a/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch b/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch deleted file mode 100644 index b3b4cf4..0000000 --- a/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch +++ /dev/null @@ -1,21 +0,0 @@ -From f0a5f61d9aad59c23e2c877094a8f17c43bee5b5 Mon Sep 17 00:00:00 2001 -From: freultwah <631910+freultwah@users.noreply.github.com> -Date: Tue, 23 Aug 2022 18:09:45 +0300 -Subject: [PATCH] Make the module not crash with nginx >1.23.* - ---- - ngx_http_auth_ldap_module.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c -index 2f4e592..83b481c 100644 ---- a/ngx_http_auth_ldap_module.c -+++ b/ngx_http_auth_ldap_module.c -@@ -1779,6 +1779,7 @@ ngx_http_auth_ldap_set_realm(ngx_http_request_t *r, ngx_str_t *realm) - } - - r->headers_out.www_authenticate->hash = 1; -+ r->headers_out.www_authenticate->next = NULL; - r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1; - r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate"; - r->headers_out.www_authenticate->value = *realm; diff --git a/www-servers/nginx/files/nginx-1.4.1-fix-perl-install-path.patch b/www-servers/nginx/files/nginx-1.4.1-fix-perl-install-path.patch deleted file mode 100644 index 601a79b..0000000 --- a/www-servers/nginx/files/nginx-1.4.1-fix-perl-install-path.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/auto/lib/perl/make b/auto/lib/perl/make -index 260bd95..857ece6 100644 ---- a/auto/lib/perl/make -+++ b/auto/lib/perl/make -@@ -35,6 +35,8 @@ $NGX_OBJS/src/http/modules/perl/Makefile: \\ - NGX_DEPS="\$(CORE_DEPS) \$(HTTP_DEPS)" \\ - $NGX_PERL Makefile.PL \\ - LIB=$NGX_PERL_MODULES \\ -+ PREFIX=$NGX_PREFIX \\ -+ INSTALLDIRS=vendor \\ - INSTALLSITEMAN3DIR=$NGX_PERL_MODULES_MAN - - END diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch b/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch deleted file mode 100644 index 4a6372a..0000000 --- a/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch +++ /dev/null @@ -1,54 +0,0 @@ -httpoxy mitigation - -See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details. ---- - conf/fastcgi.conf | 3 +++ - conf/fastcgi_params | 3 +++ - conf/scgi_params | 3 +++ - conf/uwsgi_params | 3 +++ - 4 files changed, 12 insertions(+) - -diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf -index 091738c..9f7e192 100644 ---- a/conf/fastcgi.conf -+++ b/conf/fastcgi.conf -@@ -24,3 +24,6 @@ fastcgi_param SERVER_NAME $server_name; - - # PHP only, required if PHP was built with --enable-force-cgi-redirect - fastcgi_param REDIRECT_STATUS 200; -+ -+# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) -+fastcgi_param HTTP_PROXY ""; -diff --git a/conf/fastcgi_params b/conf/fastcgi_params -index 28decb9..3be3a95 100644 ---- a/conf/fastcgi_params -+++ b/conf/fastcgi_params -@@ -23,3 +23,6 @@ fastcgi_param SERVER_NAME $server_name; - - # PHP only, required if PHP was built with --enable-force-cgi-redirect - fastcgi_param REDIRECT_STATUS 200; -+ -+# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) -+fastcgi_param HTTP_PROXY ""; -diff --git a/conf/scgi_params b/conf/scgi_params -index 6d4ce4f..a9da34f 100644 ---- a/conf/scgi_params -+++ b/conf/scgi_params -@@ -15,3 +15,6 @@ scgi_param REMOTE_ADDR $remote_addr; - scgi_param REMOTE_PORT $remote_port; - scgi_param SERVER_PORT $server_port; - scgi_param SERVER_NAME $server_name; -+ -+# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) -+scgi_param HTTP_PROXY ""; -diff --git a/conf/uwsgi_params b/conf/uwsgi_params -index 09c732c..9d67d3d 100644 ---- a/conf/uwsgi_params -+++ b/conf/uwsgi_params -@@ -15,3 +15,6 @@ uwsgi_param REMOTE_ADDR $remote_addr; - uwsgi_param REMOTE_PORT $remote_port; - uwsgi_param SERVER_PORT $server_port; - uwsgi_param SERVER_NAME $server_name; -+ -+# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) -+uwsgi_param HTTP_PROXY ""; diff --git a/www-servers/nginx/files/nginx.conf-r3 b/www-servers/nginx/files/nginx.conf-r3 deleted file mode 100644 index aedaad4..0000000 --- a/www-servers/nginx/files/nginx.conf-r3 +++ /dev/null @@ -1,70 +0,0 @@ -user nginx nginx; -worker_processes 1; - -error_log /var/log/nginx/error_log info; - -events { - worker_connections 1024; - use epoll; -} - -http { - include /etc/nginx/mime.types.nginx; - types_hash_max_size 4096; - default_type application/octet-stream; - - log_format main - '$remote_addr - $remote_user [$time_local] ' - '"$request" $status $bytes_sent ' - '"$http_referer" "$http_user_agent" ' - '"$gzip_ratio"'; - - client_header_timeout 10m; - client_body_timeout 10m; - send_timeout 10m; - - connection_pool_size 256; - client_header_buffer_size 1k; - large_client_header_buffers 4 2k; - request_pool_size 4k; - - gzip off; - - output_buffers 1 32k; - postpone_output 1460; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - - keepalive_timeout 75 20; - - ignore_invalid_headers on; - - index index.html; - - server { - listen 127.0.0.1; - server_name localhost; - - access_log /var/log/nginx/localhost.access_log main; - error_log /var/log/nginx/localhost.error_log info; - - root /var/www/localhost/htdocs; - } - - # SSL example - #server { - # listen 127.0.0.1:443; - # server_name localhost; - - # ssl on; - # ssl_certificate /etc/ssl/nginx/nginx.pem; - # ssl_certificate_key /etc/ssl/nginx/nginx.key; - - # access_log /var/log/nginx/localhost.ssl_access_log main; - # error_log /var/log/nginx/localhost.ssl_error_log info; - - # root /var/www/localhost/htdocs; - #} -} diff --git a/www-servers/nginx/files/nginx.confd b/www-servers/nginx/files/nginx.confd deleted file mode 100644 index f4b8043..0000000 --- a/www-servers/nginx/files/nginx.confd +++ /dev/null @@ -1,32 +0,0 @@ -# /etc/conf.d/nginx - -# Configuration file -#NGINX_CONFIGFILE="/etc/nginx/nginx.conf" - -# PID file -# If you should ever change this, remember to update -# "/etc/logrotate.d/nginx", too. -#NGINX_PIDFILE="/run/nginx.pid" - -# User to run nginx as -# If you should ever change this, make sure this user has -# execution permission on any of your log directories -# (/var/log/nginx per default) but do NOT forget other log directories -# one of your vhost(s) maybe using or logging after logrotation will -# be broken). -#NGINX_USER="nginx" - -# Group to run nginx as -# See the note above regarding NGINX_USER. -#NGINX_GROUP="nginx" - -# You can use this configuration option to pass additional options to the -# start-stop-daemon, see start-stop-daemon(8) for more details. -# Per default we wait 1000ms after we have started the service to ensure -# that the daemon is really up and running. -#NGINX_SSDARGS="--wait 1000" - -# The termination timeout (start-stop-daemon parameter "retry") ensures -# that the service will be terminated within a given time (60 + 5 seconds -# per default) when you are stopping the service. -#NGINX_TERMTIMEOUT="TERM/60/KILL/5" diff --git a/www-servers/nginx/files/nginx.initd-r4 b/www-servers/nginx/files/nginx.initd-r4 deleted file mode 100644 index 31f79ba..0000000 --- a/www-servers/nginx/files/nginx.initd-r4 +++ /dev/null @@ -1,92 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="configtest" -extra_started_commands="upgrade reload" - -description="Robust, small and high performance http and reverse proxy server" -description_configtest="Run nginx' internal config check." -description_upgrade="Upgrade the nginx binary without losing connections." -description_reload="Reload the nginx configuration without losing connections." - -NGINX_CONFIGFILE=${NGINX_CONFIGFILE:-/etc/nginx/nginx.conf} - -command="/usr/sbin/nginx" -command_args="-c \"${NGINX_CONFIGFILE}\"" -start_stop_daemon_args=${NGINX_SSDARGS:-"--wait 1000"} -pidfile=${NGINX_PIDFILE:-/run/nginx.pid} -user=${NGINX_USER:-nginx} -group=${NGINX_GROUP:-nginx} -retry=${NGINX_TERMTIMEOUT:-"TERM/60/KILL/5"} - -depend() { - need net - use dns logger netmount -} - -start_pre() { - if [ "${RC_CMD}" != "restart" ]; then - configtest || return 1 - fi -} - -stop_pre() { - if [ "${RC_CMD}" = "restart" ]; then - configtest || return 1 - fi -} - -stop_post() { - rm -f ${pidfile} -} - -reload() { - configtest || return 1 - ebegin "Refreshing nginx' configuration" - start-stop-daemon --signal SIGHUP --pidfile "${pidfile}" - eend $? "Failed to reload nginx" -} - -upgrade() { - configtest || return 1 - ebegin "Upgrading nginx" - - einfo "Sending USR2 to old binary" - start-stop-daemon --signal SIGUSR2 --pidfile "${pidfile}" - - einfo "Sleeping 3 seconds before pid-files checking" - sleep 3 - - if [ ! -f "${pidfile}.oldbin" ]; then - eerror "File with old pid not found" - return 1 - fi - - if [ ! -f "${pidfile}" ]; then - eerror "New binary failed to start" - return 1 - fi - - einfo "Sleeping 3 seconds before WINCH" - sleep 3 - # Cannot send "WINCH" using start-stop-daemon yet, https://bugs.gentoo.org/604986 - kill -WINCH $(cat "${pidfile}.oldbin") - - einfo "Sending QUIT to old binary" - start-stop-daemon --signal SIGQUIT --pidfile "${pidfile}.oldbin" - - einfo "Upgrade completed" - eend $? "Upgrade failed" -} - -configtest() { - ebegin "Checking nginx' configuration" - ${command} -c "${NGINX_CONFIGFILE}" -t -q - - if [ $? -ne 0 ]; then - ${command} -c "${NGINX_CONFIGFILE}" -t - fi - - eend $? "failed, please correct errors above" -} diff --git a/www-servers/nginx/files/nginx.logrotate-r1 b/www-servers/nginx/files/nginx.logrotate-r1 deleted file mode 100644 index bc9d87a..0000000 --- a/www-servers/nginx/files/nginx.logrotate-r1 +++ /dev/null @@ -1,11 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -/var/log/nginx/*_log { - missingok - delaycompress - sharedscripts - postrotate - test -r /run/nginx.pid && kill -USR1 `cat /run/nginx.pid` - endscript -} diff --git a/www-servers/nginx/files/nginx.service-r1 b/www-servers/nginx/files/nginx.service-r1 deleted file mode 100644 index e160af7..0000000 --- a/www-servers/nginx/files/nginx.service-r1 +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=The nginx HTTP and reverse proxy server -After=network.target remote-fs.target nss-lookup.target - -[Service] -Type=forking -PIDFile=/run/nginx.pid -ExecStartPre=/usr/sbin/nginx -t -ExecStart=/usr/sbin/nginx -ExecStartPost=/bin/sleep 0.1 -ExecReload=/bin/kill -HUP $MAINPID -ExecStop=/bin/kill -QUIT $MAINPID - -[Install] -WantedBy=multi-user.target -- cgit v1.2.3