Skip to content

Commit 6af64fb

Browse files
anestosanestos
authored
Merge pull request #47 from curityio/feat/master/build-module
added build.sh file that creates dynamic modules for 10 platforms.
2 parents a91c7c3 + f450277 commit 6af64fb

File tree

5 files changed

+273
-35
lines changed

5 files changed

+273
-35
lines changed

.gitignore

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Prerequisites
22
*.d
3-
3+
.DS_Store
44
# Object files
55
*.o
66
*.ko

Dockerfile

+185
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,185 @@
1+
######
2+
FROM ubuntu:18.04 as ubuntu18-builder
3+
4+
RUN apt-get update && \
5+
apt-get install -y build-essential libxslt1-dev
6+
7+
COPY configure /tmp
8+
COPY config /tmp
9+
COPY Makefile /tmp
10+
COPY phantom_token.c /tmp
11+
ARG NGINX_VERSION
12+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
13+
14+
WORKDIR /tmp
15+
RUN ./configure && make
16+
17+
######
18+
FROM ubuntu:20.04 as ubuntu20-builder
19+
20+
RUN apt-get update && \
21+
apt-get install -y build-essential wget
22+
23+
COPY configure /tmp
24+
COPY config /tmp
25+
COPY Makefile /tmp
26+
COPY phantom_token.c /tmp
27+
ARG NGINX_VERSION
28+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
29+
30+
WORKDIR /tmp
31+
RUN wget https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.gz && tar xzvf pcre-8.44.tar.gz
32+
RUN wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz
33+
RUN CONFIG_OPTS="--with-pcre=../pcre-8.44 --with-zlib=../zlib-1.2.11" ./configure && make
34+
35+
######
36+
FROM centos:6 as centos6-builder
37+
38+
RUN yum install -y \
39+
gcc pcre-devel zlib-devel
40+
41+
COPY configure /tmp
42+
COPY config /tmp
43+
COPY Makefile /tmp
44+
COPY phantom_token.c /tmp
45+
ARG NGINX_VERSION
46+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
47+
48+
WORKDIR /tmp
49+
RUN ./configure && make
50+
51+
######
52+
FROM centos:7 as centos7-builder
53+
54+
RUN yum install -y \
55+
gcc pcre-devel zlib-devel make
56+
57+
COPY configure /tmp
58+
COPY config /tmp
59+
COPY Makefile /tmp
60+
COPY phantom_token.c /tmp
61+
ARG NGINX_VERSION
62+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
63+
64+
WORKDIR /tmp
65+
RUN ./configure && make
66+
67+
######
68+
FROM centos:8 as centos8-builder
69+
70+
RUN yum install -y \
71+
gcc pcre-devel zlib-devel make
72+
73+
COPY configure /tmp
74+
COPY config /tmp
75+
COPY Makefile /tmp
76+
COPY phantom_token.c /tmp
77+
ARG NGINX_VERSION
78+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
79+
80+
WORKDIR /tmp
81+
RUN ./configure && make
82+
83+
######
84+
FROM debian:stretch as debian9-builder
85+
86+
RUN apt update && apt install -y \
87+
wget build-essential git tree software-properties-common dirmngr apt-transport-https ufw
88+
89+
COPY configure /tmp
90+
COPY config /tmp
91+
COPY Makefile /tmp
92+
COPY phantom_token.c /tmp
93+
ARG NGINX_VERSION
94+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
95+
96+
WORKDIR /tmp
97+
RUN wget https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.gz && tar xzvf pcre-8.44.tar.gz
98+
RUN wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz
99+
RUN CONFIG_OPTS="--with-pcre=../pcre-8.44 --with-zlib=../zlib-1.2.11" ./configure && make
100+
101+
######
102+
FROM debian:buster as debian10-builder
103+
104+
RUN apt update && apt install -y \
105+
wget build-essential git tree software-properties-common dirmngr apt-transport-https ufw
106+
107+
COPY configure /tmp
108+
COPY config /tmp
109+
COPY Makefile /tmp
110+
COPY phantom_token.c /tmp
111+
ARG NGINX_VERSION
112+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
113+
114+
WORKDIR /tmp
115+
RUN wget https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.gz && tar xzvf pcre-8.44.tar.gz
116+
RUN wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz
117+
RUN CONFIG_OPTS="--with-pcre=../pcre-8.44 --with-zlib=../zlib-1.2.11" ./configure && make
118+
119+
######
120+
FROM amazonlinux:1 as amzn-builder
121+
122+
RUN yum install -y \
123+
gcc pcre-devel zlib-devel make
124+
125+
COPY configure /tmp
126+
COPY config /tmp
127+
COPY Makefile /tmp
128+
COPY phantom_token.c /tmp
129+
ARG NGINX_VERSION
130+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
131+
132+
WORKDIR /tmp
133+
RUN ./configure && make
134+
135+
######
136+
FROM amazonlinux:2 as amzn2-builder
137+
138+
RUN yum install -y \
139+
gcc pcre-devel zlib-devel make
140+
141+
COPY configure /tmp
142+
COPY config /tmp
143+
COPY Makefile /tmp
144+
COPY phantom_token.c /tmp
145+
ARG NGINX_VERSION
146+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
147+
148+
WORKDIR /tmp
149+
RUN ./configure && make
150+
151+
######
152+
FROM alpine as alpine-builder
153+
154+
RUN apk add --no-cache --virtual .build-deps \
155+
gcc libc-dev make openssl-dev pcre-dev zlib-dev linux-headers libxslt-dev \
156+
gd-dev geoip-dev perl-dev libedit-dev mercurial bash alpine-sdk findutils bash
157+
158+
COPY configure /tmp
159+
COPY config /tmp
160+
COPY Makefile /tmp
161+
COPY phantom_token.c /tmp
162+
ARG NGINX_VERSION
163+
ADD nginx-$NGINX_VERSION.tar.gz /tmp/
164+
165+
WORKDIR /tmp
166+
RUN ./configure && make
167+
168+
######
169+
FROM alpine
170+
171+
ARG NGINX_VERSION
172+
COPY --from=ubuntu18-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/ubuntu.18.04.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
173+
COPY --from=ubuntu20-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/ubuntu.20.04.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
174+
COPY --from=centos6-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/centos.6.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
175+
COPY --from=centos7-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/centos.7.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
176+
COPY --from=centos8-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/centos.8.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
177+
COPY --from=debian9-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/debian.stretch.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
178+
COPY --from=debian10-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/debian.buster.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
179+
COPY --from=amzn-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/amzn.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
180+
COPY --from=amzn2-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/amzn2.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
181+
COPY --from=alpine-builder /tmp/nginx-$NGINX_VERSION/objs/ngx_curity_http_phantom_token_module.so /build/alpine.ngx_curity_http_phantom_token_module_$NGINX_VERSION.so
182+
183+
ENTRYPOINT ["sleep"]
184+
185+
CMD ["300"]

README.md

+22-12
Original file line numberDiff line numberDiff line change
@@ -241,7 +241,7 @@ To build this module, simply do the following:
241241
make && make install
242242
```
243243

244-
This will download the NGINX source code if it is not already local. If it is, the location may be provided when prompted. By default, version 1.15.2 will be downloaded; a different version can be fetched by setting `NGINX_VERSION` before running the `configure` script. Any [additional parameters](http://nginx.org/en/docs/configure.html) (e.g., `--prefix`) that NGINX's `configure` script supports can also be provided. When this module's `configure` script is run, it will pass along `--with-compat` to NGINX's script. It asks if a dynamic module should be created (thus passing along `--add-dynamic-module`) or if the module should be compiled into the NGINX binary (thus passing `--add-module`); by default, it created a dynamically-linked module. It will also ask if debug flags should be enabled; if so, `--with-debug` and certain GCC flags will be passed on to NGINX's `configure` script to make debugging easier. After the script is run, just execute `make && make install`. These too will delegate to NGINX's `Makefile`. After this, the module will be usable and can be configured as described above.
244+
This will download the NGINX source code if it is not already local. If it is, the location may be provided when prompted. By default, version 1.19.0 will be downloaded; a different version can be fetched by setting `NGINX_VERSION` before running the `configure` script. Any [additional parameters](http://nginx.org/en/docs/configure.html) (e.g., `--prefix`) that NGINX's `configure` script supports can also be provided. When this module's `configure` script is run, it will pass along `--with-compat` to NGINX's script. It asks if a dynamic module should be created (thus passing along `--add-dynamic-module`) or if the module should be compiled into the NGINX binary (thus passing `--add-module`); by default, it created a dynamically-linked module. It will also ask if debug flags should be enabled; if so, `--with-debug` and certain GCC flags will be passed on to NGINX's `configure` script to make debugging easier. After the script is run, just execute `make && make install`. These too will delegate to NGINX's `Makefile`. After this, the module will be usable and can be configured as described above.
245245

246246
> *WARNING* If `--without-pcre`, `--without-http_gzip_module` and potentially other flags are provided to the `configure` script and a module is created, it will _not_ be compatible with NGINX Plus or the pre-compiled open source NGINX binaries; if you include such flags (when building the module), you will only be able to load it into a custom build of NGINX that also excludes the same functionality. If the `configure` script exits with an error about a missing dependency, like [PCRE](https://www.pcre.org/) and [zlib](http://zlib.net/), install those instead of excluding them if compatibility with pre-build NGINX binaries is desired.</p>
247247
@@ -264,6 +264,16 @@ sudo -u nginx \
264264

265265
If all certification tests and the phantom-token specific tests (see below) pass, the build can be certified. Also, it should be released on GitHub.
266266

267+
## Building dynamic modules
268+
269+
You can build the module (for all supported platforms) using the `build.sh` script.
270+
271+
This script reuquires docker and builds locally all 10 platforms that are listed below in Releases. You can build for any NGINX release by running it like so:
272+
273+
`NGINX_VERSION=X.X.X ./build.sh`
274+
275+
After running, all 10 `.so` files will be in the `./build` directory.
276+
267277
## Compatibility
268278

269279
This module is compatible with Curity version >= 2.2. It has been tested with NGINX 1.13.7 (NGINX Plus Release 14) and NGINX 1.13.10 (NGINX Plus Release 15). It is likely to work with other, newish versions of NGINX, but only these have been tested, pre-built and verified.
@@ -272,18 +282,18 @@ This module is compatible with Curity version >= 2.2. It has been tested with NG
272282

273283
Pre-built binaries of this module are provided for the following versions of NGINX on the corresponding operating system distributions:
274284

275-
| | NGINX 1.13.7 / NGINX Plus R14 | NGINX 1.13.10 / NGINX Plus R15 | NGINX 1.15.2 / NGINX Plus R16 |
285+
| | NGINX 1.17.6 / NGINX Plus R20 | NGINX 1.17.9 / NGINX Plus R21 | NGINX 1.19.0 / NGINX Plus R22 |
276286
| ----------------------------------|:-----------------------------:|:---------------------------------:|:---------------------------------:|
277-
| Amazon Linux | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn.ngx_curity_http_phantom_token_module_11.15.2so) |
278-
| Amazon Linux 2 | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn2.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn2.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/amzn2.ngx_curity_http_phantom_token_module_1.15.2.so) |
279-
| CentOS 6.5+ | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.6.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.6.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.6.ngx_curity_http_phantom_token_module_1.15.2.so) |
280-
| CentOS 7.0+ | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.7.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.7.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/centos.7.ngx_curity_http_phantom_token_module_1.15.2.so) |
281-
| Debian 8.0 (Jessie) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.jessie.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.jessie.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.jessie.ngx_curity_http_phantom_token_module_1.15.2.so) |
282-
| Debian 9.0 (Stretch) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.stretch.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.stretch.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/debian.stretch.ngx_curity_http_phantom_token_module_1.15.2.so) |
283-
| Ubuntu 14.04 LTS (Trusty Tahr) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.14.04.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.14.04.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.14.04.ngx_curity_http_phantom_token_module_1.15.2.so) |
284-
| Ubuntu 16.04 LTS (Xenial Xerus) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.16.04.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.16.04.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.16.04.ngx_curity_http_phantom_token_module_1.15.2.so) |
285-
| Ubuntu 17.04 (Zesty Zapus) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.17.04.ngx_curity_http_phantom_token_module_1.13.7.so) | | |
286-
| Ubuntu 17.10 (Artful Aardvark) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.17.10.ngx_curity_http_phantom_token_module_1.13.7.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.17.10.ngx_curity_http_phantom_token_module_1.13.10.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.0.3/ubuntu.17.10.ngx_curity_http_phantom_token_module_1.15.2.so) |
287+
| Amazon Linux | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn.ngx_curity_http_phantom_token_module_1.19.0.so) |
288+
| Amazon Linux 2 | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn2.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn2.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/amzn2.ngx_curity_http_phantom_token_module_1.19.0.so) |
289+
| CentOS 6.5+ | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.6.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.6.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.6.ngx_curity_http_phantom_token_module_1.19.0.so) |
290+
| CentOS 7.0+ | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.7.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.7.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.7.ngx_curity_http_phantom_token_module_1.19.0.so) |
291+
| CentOS 8.0+ | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.8.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.8.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/centos.8.ngx_curity_http_phantom_token_module_1.19.0.so) |
292+
| Debian 9.0 (Stretch) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.stretch.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.stretch.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.stretch.ngx_curity_http_phantom_token_module_1.19.0.so) |
293+
| Debian 10.0 (Buster) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.buster.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.buster.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/debian.buster.ngx_curity_http_phantom_token_module_1.19.0.so) |
294+
| Alpine | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/alpine.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/alpine.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/alpine.ngx_curity_http_phantom_token_module_1.19.0.so) |
295+
| Ubuntu 18.04 LTS (Bionic Beaver) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.18.04.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.18.04.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.18.04.ngx_curity_http_phantom_token_module_1.19.0.so) |
296+
| Ubuntu 20.04 LTS (Focal Fossa) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.20.04.ngx_curity_http_phantom_token_module_1.17.6.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.20.04.ngx_curity_http_phantom_token_module_1.17.9.so) | [](https://github.com/curityio/nginx_phantom_token_module/releases/download/1.1.0/ubuntu.20.04.ngx_curity_http_phantom_token_module_1.19.0.so) |
287297

288298
## Testing
289299

0 commit comments

Comments
 (0)