mirror of
https://github.com/KevinMidboe/nginx.git
synced 2025-10-29 17:50:26 +00:00
44 lines
2.8 KiB
Markdown
44 lines
2.8 KiB
Markdown
# Nginx config
|
|
|
|
Includes all nginx sites, snippets & required modules for homelab.
|
|
|
|
# Modules
|
|
|
|
Current configuration files require the following modules:
|
|
- [headers-more-nginx-module](#headers-more-nginx-module)
|
|
|
|
We need to compile static modules like this from source (`modules-available/`) into `*.so` dynamic module files that can be loaded from `modules/`.[^1]
|
|
|
|
|
|
[^1]: [https://www.nginx.com/resources/wiki/extending/converting](https://www.nginx.com/resources/wiki/extending/converting)
|
|
|
|
## headers-more-nginx-module
|
|
- [github.com/openresty/headers-more-nginx-module](https://github.com/openresty/headers-more-nginx-module)
|
|
|
|
We want to add headers from snippets, and in `server` & `location` blocks, through snippets and define in `location` blocks. Nginx `add_header` directive by design only adds headers if not previously added, this means `server` & snippet headers will be removed from response if `location` block uses `add_header`.
|
|
|
|
> There could be several add_header directives. These directives are inherited from the previous configuration level if and only if there are no add_header directives defined on the current level.[^2]
|
|
|
|
Instead we use module `headers-more` to replace directive `add_header 'key' 'value'` with `more_set_headers 'key value`. This will prevent removing previously defined headers and enable setting headers from snippets, and in `server` & `location` blocks.
|
|
|
|
[^2]: [https://nginx.org/en/docs/http/ngx_http_headers_module.html](https://nginx.org/en/docs/http/ngx_http_headers_module.html)
|
|
|
|
# CI/CD
|
|
|
|
[Drone CI config file](https://github.com/kevinmidboe/nginx/blob/main/.drone.yml) defines compiling modules from source and transfering to nginx host during deploy step.
|
|
|
|
**Setup environment:**
|
|
Current configs have references to SSL cert & key location. To validate nginx config with these references dummy cert & key files are created and symlinked to SSL cert & key locations defined in configs.
|
|
|
|
**Compiling nginx binary & modules:**
|
|
It is setup to pull git submodules and build `modules-available/` from source. This requires us to pull latest nginx source-code, configure it, build and folder reference in `--add-dynamic-module` flag when compiling nginx.
|
|
|
|
Since we compile nginx binary from source we need to enable flags for all common nginx modules we use in configs. View flags in [.circleci compile step](https://github.com/kevinmidboe/nginx/blob/main/.drone.yml). Flags currently set (prefix with `--with-{NGINX_MODULE_NAME}`):
|
|
|
|
- [http_ssl_module](https://nginx.org/en/docs/http/ngx_http_ssl_module.html)
|
|
- [http_v2_module](https://nginx.org/en/docs/http/ngx_http_v2_module.html)
|
|
- [http_stub_status_module](https://nginx.org/en/docs/http/ngx_http_stub_status_module.html)
|
|
- [http_gzip_static_module](https://nginx.org/en/docs/http/ngx_http_gzip_static_module.html)
|
|
- [http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html)
|
|
|