official repo release

Author: theraw

.github/scripts/deb/debian/12.sh

@@ -39,99 +39,99 @@ echo "Install reqs..." && apt-get -y install wget zip unzip build-essential libs
 echo "Install reqs..." && apt-get install -y libtool pkg-config make cmake automake autoconf > /dev/null 2>&1
 echo "Install reqs..." && apt-get install -y libyajl-dev ssdeep zlib1g-dev libxslt1-dev libgd-dev libgeoip-dev liblmdb-dev libfuzzy-dev libmaxminddb-dev libcurl4-openssl-dev libxml2 libxml2-dev libpcre3-dev mercurial libpcre2-dev libc-ares-dev libre2-dev rsync > /dev/null 2>&1
 # ====================================================================================
-mkdir -p $GITHUB_WORKSPACE/nginx_source
-mkdir -p $GITHUB_WORKSPACE/nginx_mods
+mkdir -p $NGX_WORK_FOLDER/nginx_source
+mkdir -p $NGX_WORK_FOLDER/nginx_mods
 # ====================================================================================
-if [ ! -d "$GITHUB_WORKSPACE/nginx_source/nginx-${NGINX_VERSION}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_source; echo "Downloading Nginx v${NGINX_VERSION}..."; wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz > /dev/null 2>&1; tar xf nginx-${NGINX_VERSION}.tar.gz && rm -Rf nginx-${NGINX_VERSION}.tar.gz
+if [ ! -d "$NGX_WORK_FOLDER/nginx_source/nginx-${NGINX_VERSION}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_source; echo "Downloading Nginx v${NGINX_VERSION}..."; wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz > /dev/null 2>&1; tar xf nginx-${NGINX_VERSION}.tar.gz && rm -Rf nginx-${NGINX_VERSION}.tar.gz
 else
     echo "nginx-${NGINX_VERSION} already exists, skipping download."
 fi
 # ====================================================================================
 # BORINGSSL
 
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/boringssl" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods; git clone https://boringssl.googlesource.com/boringssl > /dev/null 2>&1
-    cd $GITHUB_WORKSPACE/nginx_mods/boringssl; mkdir -p build; cd build; cmake .. > /dev/null 2>&1; echo "Building BoringSSL..." && make -j$CORES > /dev/null 2>&1
-    mkdir -p "$GITHUB_WORKSPACE/nginx_mods/boringssl/.openssl/lib"
-    cd "$GITHUB_WORKSPACE/nginx_mods/boringssl/.openssl"; ln -s ../include include
-    cd "$GITHUB_WORKSPACE/nginx_mods/boringssl"; cp "build/libcrypto.a" ".openssl/lib"; cp "build/libssl.a" ".openssl/lib"
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/boringssl" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods; git clone https://boringssl.googlesource.com/boringssl > /dev/null 2>&1
+    cd $NGX_WORK_FOLDER/nginx_mods/boringssl; mkdir -p build; cd build; cmake .. > /dev/null 2>&1; echo "Building BoringSSL..." && make -j$CORES > /dev/null 2>&1
+    mkdir -p "$NGX_WORK_FOLDER/nginx_mods/boringssl/.openssl/lib"
+    cd "$NGX_WORK_FOLDER/nginx_mods/boringssl/.openssl"; ln -s ../include include
+    cd "$NGX_WORK_FOLDER/nginx_mods/boringssl"; cp "build/libcrypto.a" ".openssl/lib"; cp "build/libssl.a" ".openssl/lib"
 else
     echo "BoringSSL already exists, skipping download."
 fi
 # ====================================================================================
 # ZLIB
-# cd $GITHUB_WORKSPACE/nginx_mods && echo "Downloading ZLIB..." && wget http://zlib.net/current/zlib.tar.gz > /dev/null 2>&1
-# cd $GITHUB_WORKSPACE/nginx_mods && tar xf zlib.tar.gz; rm -Rf zlib.tar.gz; mv zlib-* zlib
-# cd $GITHUB_WORKSPACE/nginx_mods/zlib && CFLAGS=-fPIC CXXFLAGS=-fPIC CPPFLAGS="-fPIC" ./configure > /dev/null 2>&1; make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/zlib" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods && echo "Downloading ZLIB..." && git clone https://github.com/cloudflare/zlib.git > /dev/null 2>&1
-    cd $GITHUB_WORKSPACE/nginx_mods/zlib && CFLAGS=-fPIC CXXFLAGS=-fPIC CPPFLAGS="-fPIC" ./configure > /dev/null 2>&1; make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
+# cd $NGX_WORK_FOLDER/nginx_mods && echo "Downloading ZLIB..." && wget http://zlib.net/current/zlib.tar.gz > /dev/null 2>&1
+# cd $NGX_WORK_FOLDER/nginx_mods && tar xf zlib.tar.gz; rm -Rf zlib.tar.gz; mv zlib-* zlib
+# cd $NGX_WORK_FOLDER/nginx_mods/zlib && CFLAGS=-fPIC CXXFLAGS=-fPIC CPPFLAGS="-fPIC" ./configure > /dev/null 2>&1; make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/zlib" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods && echo "Downloading ZLIB..." && git clone https://github.com/cloudflare/zlib.git > /dev/null 2>&1
+    cd $NGX_WORK_FOLDER/nginx_mods/zlib && CFLAGS=-fPIC CXXFLAGS=-fPIC CPPFLAGS="-fPIC" ./configure > /dev/null 2>&1; make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
 else
     echo "ZLIB already exists, skipping download."
 fi
 # ====================================================================================
 # SYSTEM_MODSECURITY
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/ModSecurity" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods; echo "Downloading ModSecurity..." && git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity.git > /dev/null 2>&1
-    cd $GITHUB_WORKSPACE/nginx_mods/ModSecurity; git submodule init > /dev/null 2>&1; git submodule update > /dev/null 2>&1; ./build.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building ModSecurity..." && make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/ModSecurity" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods; echo "Downloading ModSecurity..." && git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity.git > /dev/null 2>&1
+    cd $NGX_WORK_FOLDER/nginx_mods/ModSecurity; git submodule init > /dev/null 2>&1; git submodule update > /dev/null 2>&1; ./build.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building ModSecurity..." && make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
 else
     echo "ModSecurity already exists, skipping download."
 fi
 # ====================================================================================
 # SYSTEM_PCRE
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods && echo "Downloading ZLIB..." && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${SYSTEM_PCRE}.tar.gz > /dev/null 2>&1
-    cd $GITHUB_WORKSPACE/nginx_mods && tar xf pcre2-${SYSTEM_PCRE}.tar.gz; rm -Rf pcre2-${SYSTEM_PCRE}.tar.gz
-    cd $GITHUB_WORKSPACE/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE} && ./autogen.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building PCRE2..." && make -j$CORES > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods && echo "Downloading ZLIB..." && wget https://github.com/PCRE2Project/pcre2/archive/refs/tags/pcre2-${SYSTEM_PCRE}.tar.gz > /dev/null 2>&1
+    cd $NGX_WORK_FOLDER/nginx_mods && tar xf pcre2-${SYSTEM_PCRE}.tar.gz; rm -Rf pcre2-${SYSTEM_PCRE}.tar.gz
+    cd $NGX_WORK_FOLDER/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE} && ./autogen.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building PCRE2..." && make -j$CORES > /dev/null 2>&1
 else
     echo "PCRE2 already exists, skipping download."
 fi
 # ====================================================================================
 # LibInjection
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods && echo "Downloading LibInjection..." && git clone https://github.com/libinjection/libinjection.git > /dev/null 2>&1
-    cd $GITHUB_WORKSPACE/nginx_mods/libinjection && ./autogen.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building LibInjection..." && make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods && echo "Downloading LibInjection..." && git clone https://github.com/libinjection/libinjection.git > /dev/null 2>&1
+    cd $NGX_WORK_FOLDER/nginx_mods/libinjection && ./autogen.sh > /dev/null 2>&1; ./configure > /dev/null 2>&1; echo "Building LibInjection..." && make -j$CORES > /dev/null 2>&1; make install > /dev/null 2>&1
 else
     echo "LibInjection already exists, skipping download."
 fi
 # ====================================================================================
 # NGX_MOD_MODSECURITY
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/ModSecurity-nginx-${NGX_MOD_MODSECURITY}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods/; echo "Downloading NgxModSec v${NGX_MOD_MODSECURITY}..." && wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MOD_MODSECURITY}.tar.gz > /dev/null 2>&1; tar xf v${NGX_MOD_MODSECURITY}.tar.gz; rm -Rf v${NGX_MOD_MODSECURITY}.tar.gz
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/ModSecurity-nginx-${NGX_MOD_MODSECURITY}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods/; echo "Downloading NgxModSec v${NGX_MOD_MODSECURITY}..." && wget https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${NGX_MOD_MODSECURITY}.tar.gz > /dev/null 2>&1; tar xf v${NGX_MOD_MODSECURITY}.tar.gz; rm -Rf v${NGX_MOD_MODSECURITY}.tar.gz
 else
     echo "ngx_modsecurity already exists, skipping download."
 fi
 # ====================================================================================
 # NGX_MOD_HEADERS_MORE
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/headers-more-nginx-module-${NGX_MOD_HEADERS_MORE}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods/; echo "Downloading Headers v${NGX_MOD_HEADERS_MORE}..." && wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_MOD_HEADERS_MORE}.tar.gz > /dev/null 2>&1; tar xf v${NGX_MOD_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_MOD_HEADERS_MORE}.tar.gz
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/headers-more-nginx-module-${NGX_MOD_HEADERS_MORE}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods/; echo "Downloading Headers v${NGX_MOD_HEADERS_MORE}..." && wget https://github.com/openresty/headers-more-nginx-module/archive/refs/tags/v${NGX_MOD_HEADERS_MORE}.tar.gz > /dev/null 2>&1; tar xf v${NGX_MOD_HEADERS_MORE}.tar.gz; rm -Rf v${NGX_MOD_HEADERS_MORE}.tar.gz
 else
     echo "ngx_headers_more already exists, skipping download."
 fi
 # ====================================================================================
 # Brotli
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/ngx_brotli" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods/; echo "Downloading Brotli..." && git clone https://github.com/google/ngx_brotli.git > /dev/null 2>&1; cd $GITHUB_WORKSPACE/nginx_mods/ngx_brotli && git submodule update --init > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/ngx_brotli" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods/; echo "Downloading Brotli..." && git clone https://github.com/google/ngx_brotli.git > /dev/null 2>&1; cd $NGX_WORK_FOLDER/nginx_mods/ngx_brotli && git submodule update --init > /dev/null 2>&1
 else
     echo "ngx_brotli already exists, skipping download."
 fi
 # ====================================================================================
 # NGX_MOD_GEOIP2
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/ngx_http_geoip2_module-${NGX_MOD_GEOIP2}" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods/; echo "Downloading GEOIP2 v${NGX_MOD_GEOIP2}..." && wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_MOD_GEOIP2}.tar.gz > /dev/null 2>&1; tar xf ${NGX_MOD_GEOIP2}.tar.gz; rm -Rf ${NGX_MOD_GEOIP2}.tar.gz
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/ngx_http_geoip2_module-${NGX_MOD_GEOIP2}" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods/; echo "Downloading GEOIP2 v${NGX_MOD_GEOIP2}..." && wget https://github.com/leev/ngx_http_geoip2_module/archive/refs/tags/${NGX_MOD_GEOIP2}.tar.gz > /dev/null 2>&1; tar xf ${NGX_MOD_GEOIP2}.tar.gz; rm -Rf ${NGX_MOD_GEOIP2}.tar.gz
 else
     echo "ngx_geoip2 already exists, skipping download."
 fi
 # ====================================================================================
 # Naxsi
-if [ ! -d "$GITHUB_WORKSPACE/nginx_mods/naxsi/naxsi_src" ]; then
-    cd $GITHUB_WORKSPACE/nginx_mods/; echo "Downloading Naxsi..." && git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi > /dev/null 2>&1
+if [ ! -d "$NGX_WORK_FOLDER/nginx_mods/naxsi/naxsi_src" ]; then
+    cd $NGX_WORK_FOLDER/nginx_mods/; echo "Downloading Naxsi..." && git clone --recurse-submodules https://github.com/wargio/naxsi.git naxsi > /dev/null 2>&1
 else
     echo "ngx_naxsi already exists, skipping download."
 fi
 # ====================================================================================
-echo "Building Nginx v${NGINX_VERSION}..." && cd $GITHUB_WORKSPACE/nginx_source/nginx-${NGINX_VERSION} && CFLAGS=-fPIC CXXFLAGS=-fPIC ./configure --with-compat \
+echo "Building Nginx v${NGINX_VERSION}..." && cd $NGX_WORK_FOLDER/nginx_source/nginx-${NGINX_VERSION} && CFLAGS=-fPIC CXXFLAGS=-fPIC ./configure --with-compat \
                                           --user=raweb                                                            \
                                           --group=raweb                                                           \
                                           --build="Raweb Webserver v$NGINX_VERSION"                               \
@@ -147,10 +147,10 @@ echo "Building Nginx v${NGINX_VERSION}..." && cd $GITHUB_WORKSPACE/nginx_source/
                                           --http-fastcgi-temp-path=/var/tmp/raweb/body/fastcgi                    \
                                           --http-uwsgi-temp-path=/var/tmp/raweb/body/uwsgi                        \
                                           --http-scgi-temp-path=/var/tmp/raweb/body/scgi                          \
-                                          --with-openssl=$GITHUB_WORKSPACE/nginx_mods/boringssl                   \
+                                          --with-openssl=$NGX_WORK_FOLDER/nginx_mods/boringssl                   \
                                           --with-pcre                                                             \
-                                          --with-pcre=$GITHUB_WORKSPACE/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}     \
-                                          --with-zlib=$GITHUB_WORKSPACE/nginx_mods/zlib                           \
+                                          --with-pcre=$NGX_WORK_FOLDER/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}     \
+                                          --with-zlib=$NGX_WORK_FOLDER/nginx_mods/zlib                           \
                                           --with-poll_module                                                      \
                                           --with-threads                                                          \
                                           --with-file-aio                                                         \
@@ -180,15 +180,15 @@ echo "Building Nginx v${NGINX_VERSION}..." && cd $GITHUB_WORKSPACE/nginx_source/
                                           --with-stream_realip_module                                             \
                                           --with-stream_geoip_module                                              \
                                           --with-stream_ssl_preread_module                                        \
-                                          --add-module=$GITHUB_WORKSPACE/nginx_mods/ngx_http_geoip2_module-${NGX_MOD_GEOIP2}          \
-                                          --add-module=$GITHUB_WORKSPACE/nginx_mods/headers-more-nginx-module-${NGX_MOD_HEADERS_MORE} \
-                                          --add-module=$GITHUB_WORKSPACE/nginx_mods/ModSecurity-nginx-${NGX_MOD_MODSECURITY}          \
-                                          --add-module=$GITHUB_WORKSPACE/nginx_mods/naxsi/naxsi_src                                   \
-                                          --add-module=$GITHUB_WORKSPACE/nginx_mods/ngx_brotli                                        \
-                                          --with-cc-opt="-O3 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC -I $GITHUB_WORKSPACE/nginx_mods/boringssl/.openssl/include/" \
-                                          --with-ld-opt="-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -L $GITHUB_WORKSPACE/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}/.libs -lpcre2-8 -L/lib/x86_64-linux-gnu -lpcre -L $GITHUB_WORKSPACE/nginx_mods/boringssl/.openssl/lib/ -lstdc++"  > /dev/null 2>&1
-                                          touch $GITHUB_WORKSPACE/nginx_mods/boringssl/.openssl/include/openssl/ssl.h
-                                          make -j$CORES > /dev/null 2>&1; make install; make clean > /dev/null 2>&1
+                                          --add-module=$NGX_WORK_FOLDER/nginx_mods/ngx_http_geoip2_module-${NGX_MOD_GEOIP2}          \
+                                          --add-module=$NGX_WORK_FOLDER/nginx_mods/headers-more-nginx-module-${NGX_MOD_HEADERS_MORE} \
+                                          --add-module=$NGX_WORK_FOLDER/nginx_mods/ModSecurity-nginx-${NGX_MOD_MODSECURITY}          \
+                                          --add-module=$NGX_WORK_FOLDER/nginx_mods/naxsi/naxsi_src                                   \
+                                          --add-module=$NGX_WORK_FOLDER/nginx_mods/ngx_brotli                                        \
+                                          --with-cc-opt="-O3 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC -I $NGX_WORK_FOLDER/nginx_mods/boringssl/.openssl/include/" \
+                                          --with-ld-opt="-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -L $NGX_WORK_FOLDER/nginx_mods/pcre2-pcre2-${SYSTEM_PCRE}/.libs -lpcre2-8 -L/lib/x86_64-linux-gnu -lpcre -L $NGX_WORK_FOLDER/nginx_mods/boringssl/.openssl/lib/ -lstdc++"
+                                          touch $NGX_WORK_FOLDER/nginx_mods/boringssl/.openssl/include/openssl/ssl.h
+                                          make -j$CORES; make install; make clean > /dev/null 2>&1
                                           unset NGINX
 # ====================================================================================
 DEB_BUILD_DIR="$GITHUB_WORKSPACE/debbuild"