# https://docs.fedoraproject.org/en-US/quick-docs/publish-rpm-on-copr # http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html # https://rpm-software-management.github.io/rpm/manual/macros.html # https://rpm-packaging-guide.github.io/ %global _owner pgnd %global _build_timestamp %( date +%%Y%%m%%d_%%H%%M%%S --utc ) %global _dist .%{_build_timestamp}.%{_owner}.fc%{fedora} # https://stackoverflow.com/questions/47838041/rpmbuild-how-to-disable-check-buildroot # https://rpm-software-management.github.io/rpm/manual/dependency_generators.html # %%global __spec_install_pre /bin/true # %%global __arch_install_post %%{nil} # %%global __os_install_post %%{nil} %global _disable_source_fetch 0 %global debug_package %{nil} # %%undefine _auto_set_build_flags %global _hardened_build 1 # %%global __brp_mangle_shebangs %%{nil} # %%global __brp_strip %%{nil} # %%global __requires_exclude ^.*/xxx/bin/python.*$ # %%global __requires_exclude_from ^.*/xxx/bin/python.*$ # %%global _build_id_links none # %%bcond_with XXX : opt build with XXX; default, without # %%bcond_without XXX : opt build without XXX; default, with # NGINX # https://github.com/nginx/nginx %global _ngx_pkgnm nginx %global _ngx_unitnm nginx %global _ngx_comment Nginx Web Server %global _ngx_descrip %{expand: %{_ngx_comment}.} # https://spdx.org/licenses/BSD-2-Clause.html %global _license BSD-2-Clause %global _ngx_usr wwwrun %global _ngx_grp www %global _ngx_install_dir /usr/local/nginx %global _ngx_bin_dir_r bin %global _ngx_cache_dir /dev/shm/nginx-cache %global _ngx_conf_dir /usr/local/etc/nginx %global _ngx_conf_dir_orig /usr/local/etc/ORIG-nginx %global _ngx_log_dir /var/log/nginx %global _ngx_mod_dir /usr/local/nginx-modules %global _ngx_pam_dir /etc/pam.d %global _ngx_pid_file %{_ngx_pkgnm}.pid %global _ngx_run_dir /run/%{_ngx_pkgnm} #!!! https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin %global _ngx_sbin_dir_r sbin %global _ngx_tmp_dir %{_localstatedir}/lib/nginx/tmp %global _ngx_unit_dir /etc/systemd/system %global _ngx_cc /usr/bin/gcc %global _ngx_cpp /usr/bin/cpp %global _phpfpm_pkgnm php-fpm %global _phpfpm_unitnm php-fpm %global _phpfpm_conf_dir /usr/local/etc/php8/ %global _phpfpm_run_dir %{_ngx_run_dir} %global _phpfpm_pid_file %{_phpfpm_pkgnm}.pid %global _phpfpm_socket %{_phpfpm_pkgnm}.sock %global _phpfpm_usr %{_ngx_usr} %global _phpfpm_grp %{_ngx_grp} # NGINX # https://github.com/nginx/nginx # https://docs.fedoraproject.org/en-US/packaging-guidelines/SourceURL %global _tmpl0_scm_repo nginx/nginx %global _tmpl0_scm_branch release-1.27.2 %global _tmpl0_scm_repo_esc %( echo %{_tmpl0_scm_repo} | sed 's|_|-|g' | sed 's|/|%2F|g') %global _tmpl0_scm_repo_norm %( echo %{_tmpl0_scm_repo} | sed 's|_|-|g' | sed 's|/|-|g' ) %global _tmpl0_scm_branch_norm %( echo %{_tmpl0_scm_branch} | sed 's|_|-|g' | sed 's|/|-|g' ) %global _tmpl0_scm_host https://github.com %global _tmpl0_scm_host_api https://api.github.com/repos %global _tmpl0_scm_url %{_tmpl0_scm_host}/%{_tmpl0_scm_repo}.git %global _tmpl0_scm_tarball %{_tmpl0_scm_host_api}/%{_tmpl0_scm_repo}/tarball/%{commit0} # !!NOTE!! GH API tarball extracts to: %global _tmpl0_scm_extract_dir %{_tmpl0_scm_repo_norm}-%{shortcommit0} %global forgeurl0 %{_tmpl0_scm_url} %global commit0 %( git ls-remote %{forgeurl0} | grep /%{_tmpl0_scm_branch}$ | cut -f1 ) %global shortcommit0 %( c=%{commit0}; echo ${c} | head -c 7 ) %global forgesource0 %{_tmpl0_scm_tarball} %global extractdir0 %{_tmpl0_scm_extract_dir} %global forgesetupargs0 -T -D -b 0 -n %{extractdir0} # https://github.com/openresty/headers-more-nginx-module %global _tmpl1_scm_repo openresty/headers-more-nginx-module %global _tmpl1_scm_url https://github.com/%{_tmpl1_scm_repo} %global forgeurl1 %{_tmpl1_scm_url} %global branch1 master # https://github.com/leev/ngx_http_geoip2_module %global _tmpl2_scm_repo leev/ngx_http_geoip2_module %global _tmpl2_scm_url https://github.com/%{_tmpl2_scm_repo} %global forgeurl2 %{_tmpl2_scm_url} %global branch2 master # https://github.com/vision5/ngx_devel_kit %global _tmpl3_scm_repo vision5/ngx_devel_kit %global _tmpl3_scm_url https://github.com/%{_tmpl3_scm_repo} %global forgeurl3 %{_tmpl3_scm_url} %global branch3 master # https://github.com/nginx/njs %global _tmpl4_scm_repo nginx/njs %global _tmpl4_scm_url https://github.com/%{_tmpl4_scm_repo} %global forgeurl4 %{_tmpl4_scm_url} %global branch4 master # https://github.com/GetPageSpeed/ngx_security_headers %global _tmpl5_scm_repo GetPageSpeed/ngx_security_headers %global _tmpl5_scm_url https://github.com/%{_tmpl5_scm_repo} %global forgeurl5 %{_tmpl5_scm_url} %global branch5 master # https://github.com/nulab/nginx-length-hiding-filter-module %global _tmpl6_scm_repo nulab/nginx-length-hiding-filter-module %global _tmpl6_scm_url https://github.com/%{_tmpl6_scm_repo} %global forgeurl6 %{_tmpl6_scm_url} %global branch6 master # https://github.com/GetPageSpeed/ngx_immutable %global _tmpl7_scm_repo GetPageSpeed/ngx_immutable %global _tmpl7_scm_url https://github.com/%{_tmpl7_scm_repo} %global forgeurl7 %{_tmpl7_scm_url} %global branch7 master # https://github.com/arut/nginx-dav-ext-module %global _tmpl8_scm_repo arut/nginx-dav-ext-module %global _tmpl8_scm_url https://github.com/%{_tmpl8_scm_repo} %global forgeurl8 %{_tmpl8_scm_url} %global branch8 master # https://github.com/sto/ngx_http_auth_pam_module %global _tmpl9_scm_repo sto/ngx_http_auth_pam_module %global _tmpl9_scm_url https://github.com/%{_tmpl9_scm_repo} %global forgeurl9 %{_tmpl9_scm_url} %global branch9 master # %%global forgeurlXX https://github.com/FRiCKLE/ngx_cache_purge # %%global branchXX master # %%global forgeurlXX https://github.com/samizdatco/nginx-http-auth-digest # %%global branchXX master # OTEL # https://github.com/nginxinc/nginx-otel # https://www.jaegertracing.io/ # https://medium.com/jaegertracing/jaeger-tracing-a-friendly-guide-for-beginners-7b53a4a568ca # LIBBROTLI # https://github.com/google/ngx_brotli # NOTE: needs `git submodule`; full _branch_ git checkout, not forge/tarball # https://github.com/google/ngx_brotli/blob/master/README.md#dynamically-loaded # https://github.com/google/ngx_brotli/issues/158#issuecomment-1754754162 %global _ngx_brotli_scm_repo google/ngx_brotli %global _ngx_brotli_scm_branch master %global _ngx_brotli_scm_repo_norm %( echo %{_ngx_brotli_scm_repo} | sed 's|/|-|g' | sed 's|_|-|g') %global _ngx_brotli_scm_url https://github.com/%{_ngx_brotli_scm_repo}.git %global _ngx_brotli_scm_archivename %{_ngx_brotli_scm_repo_norm}-%{_ngx_brotli_scm_branch} %forgemeta -i -a %global dist %{_dist} # Vendor Pinning Vendor: %{_owner} # NEVRA (n-e:v-r.a) Name: %{_ngx_pkgnm} Epoch: 0 # https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/ Version: %{scm0}_%( echo %{_tmpl0_scm_branch} | sed 's|-|_|g' ) Release: 0%{?dist} # https://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/ %global _same_evr %{epoch}:%{version}-%{release} Summary: %{_ngx_comment} License: %{_license} URL: %{forgeurl0} Source0: %{forgesource0} Source1: %{forgesource1} Source2: %{forgesource2} Source3: %{forgesource3} Source4: %{forgesource4} Source5: %{forgesource5} Source6: %{forgesource6} Source7: %{forgesource7} Source8: %{forgesource8} Source9: %{forgesource9} Source100: %{_ngx_unitnm}.service Source101: %{_ngx_unitnm}.target Source102: %{_phpfpm_unitnm}.service Source103: %{_ngx_unitnm}.pam Source200: https://nginx.org/en/CHANGES Source201: https://nginx.org/LICENSE BuildRequires: coreutils BuildRequires: c-ares-devel BuildRequires: cmake BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: git BuildRequires: grep BuildRequires: gnupg2 BuildRequires: libatomic_ops-devel BuildRequires: make BuildRequires: perl-ExtUtils-Embed BuildRequires: perl-generators BuildRequires: pkgconf BuildRequires: pkgconfig(gdlib) BuildRequires: pkgconfig(libbrotlicommon) BuildRequires: pkgconfig(libmaxminddb) BuildRequires: pkgconfig(libpcre2-posix) BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(libxslt) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(pam) BuildRequires: pkgconfig(zlib) # https://bugzilla.redhat.com/show_bug.cgi?id=2297642 %if 0%{?fedora} >= 41 BuildRequires: openssl-devel-engine %endif BuildRequires: systemd BuildRequires: systemd-rpm-macros %{?systemd_requires} Requires: nginx-filesystem = %{_same_evr} Requires: openssl Requires: pcre2 Requires: php-fpm Requires(pre): user(nginx) Requires(pre): group(nginx) Provides: nginx = %{_same_evr} Obsoletes: nginx < %{_same_evr} Provides: webserver Conflicts: nginx-core Conflicts: nginx-mimetypes %description %{_ngx_descrip} %package filesystem Summary: nginx directory layout BuildArch: noarch Requires(pre): shadow-utils Provides: nginx-filesystem = %{_same_evr} Obsoletes: nginx-filesystem < %{_same_evr} %description filesystem nginx directory layout dummy, to satisfy php-fpm reqt and prevent pulling distro pkg %prep echo '##### STARTING PREP #####' %forgesetup -a cp %{SOURCE200} %{SOURCE201} . echo '##### BROTLI GIT SUBMODULE #####' # https://github.com/openresty/headers-more-nginx-module cd %{_builddir} git clone --recurse-submodules -j${RPM_BUILD_NCPUS} %{_ngx_brotli_scm_url} %{_ngx_brotli_scm_archivename} cd %{_ngx_brotli_scm_archivename} git pull --recurse-submodules cd deps/brotli mkdir out cd out # -DCMAKE_C_FLAGS="-Ofast -m64 -march=native -mtune=native -flto -funroll-loops -ffunction-sections -fdata-sections -Wl,--gc-sections" # -DCMAKE_CXX_FLAGS="-Ofast -m64 -march=native -mtune=native -flto -funroll-loops -ffunction-sections -fdata-sections -Wl,--gc-sections" cmake \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_SHARED_LIBS=ON \ -DCMAKE_C_FLAGS="${CFLAGS}" \ -DCMAKE_CXX_FLAGS="${CFLAGS}" \ -DCMAKE_INSTALL_PREFIX=./installed .. cmake \ --build . \ -j${RPM_BUILD_NCPUS} \ --config Release \ --target brotlienc %build echo '##### STARTING BUILD #####' export DESTDIR=${RPM_BUILD_ROOT} cd %{_builddir}/%{extractdir0} echo '##### WHATS HERE #####' ls . ls %{_builddir} # https://nginx.org/en/docs/configure.html export LUAJIT_LIB="" export LUAJIT_INC="" ./auto/configure \ --with-debug \ --build="PGNd Custom Build" \ --user=%{_ngx_usr} --group=%{_ngx_grp} \ --prefix=%{_ngx_install_dir} \ --conf-path=%{_ngx_conf_dir_orig}/nginx.conf \ --error-log-path=%{_ngx_log_dir}/main.error.log \ --http-log-path=%{_ngx_log_dir}/main.access.log \ --modules-path=%{_ngx_mod_dir} \ --sbin-path=%{_ngx_install_dir}/%{_ngx_bin_dir_r}/nginx \ --http-client-body-temp-path=%{_ngx_tmp_dir}/client_body \ --http-proxy-temp-path=%{_ngx_tmp_dir}/proxy \ --http-fastcgi-temp-path=%{_ngx_tmp_dir}/fastcgi \ --http-uwsgi-temp-path=%{_ngx_tmp_dir}/uwsgi \ --http-scgi-temp-path=%{_ngx_tmp_dir}/scgi \ --pid-path=/run/nginx/nginx.pid \ --lock-path=/run/lock/subsys/nginx \ --with-compat \ --with-cc=%{_ngx_cc} \ --with-cpp=%{_ngx_cpp} \ --with-cc-opt="${CFLAGS}" \ --with-ld-opt="${LDFLAGS}" \ --with-libatomic \ --with-threads \ --with-pcre-jit \ --with-zlib-asm=pentiumpro \ --with-file-aio \ --with-mail=dynamic \ --with-mail_ssl_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_gzip_static_module \ --with-http_image_filter_module=dynamic \ --with-http_perl_module=dynamic \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-http_v3_module \ --with-http_xslt_module=dynamic \ --with-stream=dynamic \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --add-dynamic-module=../%{_ngx_brotli_scm_archivename} \ --add-dynamic-module=../%{archivename1} \ --add-dynamic-module=../%{archivename2} \ --add-dynamic-module=../%{archivename3} \ --add-dynamic-module=../%{archivename4}/nginx \ --add-dynamic-module=../%{archivename5} \ --add-dynamic-module=../%{archivename6} \ --add-dynamic-module=../%{archivename7} \ --add-dynamic-module=../%{archivename8} \ --add-dynamic-module=../%{archivename9} make V=1 -j${RPM_BUILD_NCPUS} %install echo '##### STARTING INSTALL #####' cd %{_builddir}/%{extractdir0}/ make install DESTDIR=${RPM_BUILD_ROOT} INSTALLDIRS=vendor find ${RPM_BUILD_ROOT} -type f -name .packlist -exec rm -f '{}' \; find ${RPM_BUILD_ROOT} -type f -name perllocal.pod -exec rm -f '{}' \; find ${RPM_BUILD_ROOT} -type f -empty -exec rm -f '{}' \; find ${RPM_BUILD_ROOT} -type f -iname '*.so' -exec chmod 0755 '{}' \; ## modify rpmbuild rpath check criteria # cref: /usr/lib/rpm/check-rpaths-worker # QA_RPATHS=$(( 0x0001|0x0002|0x0004|0x0008|0x0010|0x0020 )) # allow 'invalid' RPATHs export QA_RPATHS="$(( 0x0002 ))" mkdir -p ${RPM_BUILD_ROOT}/%{_ngx_unit_dir} mkdir -p ${RPM_BUILD_ROOT}/%{_ngx_pam_dir} sed -i \ -e 's|__NGX_EXEC__|%{_ngx_install_dir}/%{_ngx_bin_dir_r}/nginx|g' \ -e 's|__NGX_USR__|%{_ngx_usr}|g' \ -e 's|__NGX_GRP__|%{_ngx_grp}|g' \ -e 's|__NGX_CACHEDIR__|%{_ngx_cache_dir}|g' \ -e 's|__NGX_CONFDIR__|%{_ngx_conf_dir}|g' \ -e 's|__NGX_LOGDIR__|%{_ngx_log_dir}|g' \ -e 's|__NGX_RUNDIR__|%{_ngx_run_dir}|g' \ -e 's|__NGX_PIDFILE__|%{_ngx_pid_file}|g' \ %{SOURCE100} %{SOURCE103} install -D --preserve-timestamps --mode=644 --verbose \ %{SOURCE100} \ ${RPM_BUILD_ROOT}/%{_ngx_unit_dir}/%{_ngx_unitnm}.service install -D --preserve-timestamps --mode=644 --verbose \ %{SOURCE103} \ ${RPM_BUILD_ROOT}/%{_ngx_pam_dir}/nginx sed -i \ -e 's|__PHPFPM_EXEC__|/usr/sbin/php-fpm|g' \ -e 's|__PHPFPM_USR__|%{_phpfpm_usr}|g' \ -e 's|__PHPFPM_GRP__|%{_phpfpm_grp}|g' \ -e 's|__PHPFPM_CONFDIR__|%{_phpfpm_conf_dir}|g' \ -e 's|__PHPFPM_RUNDIR__|%{_phpfpm_run_dir}|g' \ -e 's|__PHPFPM_PIDFILE__|%{_phpfpm_pid_file}|g' \ -e 's|__PHPFPM_SOCKET__|%{_phpfpm_socket}|g' \ %{SOURCE102} install -D --preserve-timestamps --mode=644 --verbose \ %{SOURCE102} \ ${RPM_BUILD_ROOT}/%{_ngx_unit_dir}/%{_phpfpm_unitnm}.service install -D --preserve-timestamps --mode=644 --verbose \ %{SOURCE101} \ ${RPM_BUILD_ROOT}/%{_ngx_unit_dir}/%{_ngx_unitnm}.target %pre %pre filesystem %files # http://ftp.rpm.org/max-rpm/s1-rpm-inside-files-list-directives.html %license LICENSE %doc CHANGES %{_mandir}/man3/* %{_ngx_install_dir} %{_ngx_mod_dir} %{_ngx_conf_dir_orig} %dir %{perl_vendorarch}/auto/nginx %{perl_vendorarch}/nginx.pm %{perl_vendorarch}/auto/nginx/nginx.so %{_ngx_unit_dir}/%{_ngx_unitnm}* %{_ngx_unit_dir}/%{_phpfpm_unitnm}* %{_ngx_pam_dir}/nginx %files filesystem %post /bin/cp -af %{_ngx_conf_dir_orig}/mime.types %{_ngx_conf_dir}/mime.types %changelog * Wed Oct 30 2024 pgnd _ - bump 1730332866