2016-02-17 20:41:04.0|分类: nginx|浏览量: 3100
nginx: Linux packagesCurrently, nginx packages are available for the following distributions and versions: RHEL/CentOS:
Debian:
Ubuntu:
SLES:
To enable automatic updates of Linux packages set up the yum repository for the RHEL/CentOS distributions, the apt repository for the Debian/Ubuntu distributions, or the zypper repository for SLES. Pre-Built Packages for Stable versionTo set up the yum repository for RHEL/CentOS, create the file named [nginx] name=nginx repo baseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1 Replace “ For Debian/Ubuntu, in order to authenticate the nginx repository signature and to eliminate warnings about missing PGP key during installation of the nginx package, it is necessary to add the key used to sign the nginx packages and repository to the sudo apt-key add nginx_signing.key For Debian replace codename with Debian distribution codename, and append the following to the end of the deb http://nginx.org/packages/debian/ codename nginx deb-src http://nginx.org/packages/debian/ codename nginx For Ubuntu replace codename with Ubuntu distribution codename, and append the following to the end of the deb http://nginx.org/packages/ubuntu/ codename nginx deb-src http://nginx.org/packages/ubuntu/ codename nginx For Debian/Ubuntu then run the following commands: apt-get update apt-get install nginx For SLES run the following command: zypper addrepo -G -t yum -c 'http://nginx.org/packages/sles/12' nginx Pre-Built Packages for Mainline versionTo set up the yum repository for RHEL/CentOS, create the file named [nginx] name=nginx repo baseurl=http://nginx.org/packages/mainline/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1 Replace “ For Debian/Ubuntu, in order to authenticate the nginx repository signature and to eliminate warnings about missing PGP key during installation of the nginx package, it is necessary to add the key used to sign the nginx packages and repository to the sudo apt-key add nginx_signing.key For Debian replace codename with Debian distribution codename, and append the following to the end of the deb http://nginx.org/packages/mainline/debian/ codename nginx deb-src http://nginx.org/packages/mainline/debian/ codename nginx For Ubuntu replace codename with Ubuntu distribution codename, and append the following to the end of the deb http://nginx.org/packages/mainline/ubuntu/ codename nginx deb-src http://nginx.org/packages/mainline/ubuntu/ codename nginx For Debian/Ubuntu then run the following commands: apt-get update apt-get install nginx For SLES run the following command: zypper addrepo -G -t yum -c 'http://nginx.org/packages/mainline/sles/12' nginx Configure ArgumentsConfigure arguments common for nginx binaries from pre-built packages for stable version: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_spdy_module --with-ipv6 Packages for mainline version also have the following arguments: --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module and --with-http_spdy_module replaced with --with-http_v2_module Package are built with all modules that do not require additional libraries to avoid extra dependencies. SignaturesBoth RPM packages and Debian/Ubuntu repositories use digital signatures to verify the integrity and origin of the downloaded package. In order to check a signature it is necessary to downloadnginx signing key and import it to the
On Debian/Ubuntu/SLES signatures are checked by default, but on RHEL/CentOS it is necessary to set gpgcheck=1 in the Since our PGP keys and packages are located on the same server, they are equally trusted. It is highly advised to additionally verify the authenticity of the downloaded PGP key. PGP has the “Web of Trust” concept, when a key is signed by someone else’s key, that in turn is signed by another key and so on. It often makes possible to build a chain from an arbitrary key to someone’s key who you know and trust personally, thus verify the authenticity of the first key in a chain. This concept is described in details in GPG Mini Howto. Our keys have enough signatures, and their authenticity is relatively easy to check. |