X-Original-To: alpine-aports@lists.alpinelinux.org
Received: from caracal.ash.relay.mailchannels.net (caracal.ash.relay.mailchannels.net [23.83.222.30])
	by lists.alpinelinux.org (Postfix) with ESMTP id D741D5C44B8
	for <alpine-aports@lists.alpinelinux.org>; Fri, 17 Mar 2017 12:27:09 +0000 (GMT)
X-Sender-Id: mxroute|x-authuser|developer@it-offshore.co.uk
Received: from relay.mailchannels.net (localhost [127.0.0.1])
	by relay.mailchannels.net (Postfix) with ESMTP id AA423201F36
	for <alpine-aports@lists.alpinelinux.org>; Fri, 17 Mar 2017 12:27:05 +0000 (UTC)
Received: from ocean.mxroute.com (unknown [100.96.133.127])
	by relay.mailchannels.net (Postfix) with ESMTPA id F1EF3201DEE
	for <alpine-aports@lists.alpinelinux.org>; Fri, 17 Mar 2017 12:27:04 +0000 (UTC)
X-Sender-Id: mxroute|x-authuser|developer@it-offshore.co.uk
Received: from ocean.mxroute.com (ocean-ptr.mxroute.com [100.96.133.1])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384)
	by 0.0.0.0:2500 (trex/5.7.36);
	Fri, 17 Mar 2017 12:27:05 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: mxroute|x-authuser|developer@it-offshore.co.uk
X-MailChannels-Auth-Id: mxroute
X-Average-Lonely: 17cc2e173ca7c144_1489753625545_3524412177
X-MC-Loop-Signature: 1489753625545:2949959450
X-MC-Ingress-Time: 1489753625544
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=it-offshore.co.uk; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date:
	Message-ID:From:To:References:Subject:Reply-To:Sender:Cc:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	 bh=R96sLbDOYipQNwLfVWbYs+zRLTxYrya3oO7ke/7j2bw=; b=uYkybhCj5XBGVuaJlN92dopTd
	HeOTgqUwOgKj3HKOKwe/0NOZoT4ACXeSUuHeDtbylKVCONhkaKQYw0bi7XM2iMODp2IVcDUchMhIL
	BPrudr7KANsCQucb5VB/vb7w/5HRGCq2OTPareQlaDuMF7pSZRvVxpfSKRrGam6MtALp+OfF1P0Kv
	STBCtqOlwoXIvriYOBog+vJ5sLfbYTH8kWnZZIx0K9qGuoURLstxArwsayO8mDlyD5yDAggzdVFGW
	1cHQF436Bgiu96qZ1weF5aSTs7HCQqUgCq5TTOj5Ubgsyft16OlcaP2wglYvuu3FCmv4zKb3y6Fay
	8sM6ISzXw==;
Reply-To: developer@it-offshore.co.uk
Subject: Re: [alpine-aports] [PATCH] rename: testing/nginx-naxsi ->
 testing/nginx-current
References: <20170317113156.2367-1-valery.kartel@gmail.com>
To: alpine-aports@lists.alpinelinux.org
From: Stuart Cardall <developer@it-offshore.co.uk>
Message-ID: <c2b10182-e5be-5d25-f6bd-a0832c2bdb95@it-offshore.co.uk>
Date: Fri, 17 Mar 2017 12:28:50 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.8.0
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
In-Reply-To: <20170317113156.2367-1-valery.kartel@gmail.com>
Content-Type: multipart/alternative;
 boundary="------------804F65FA9030BE2A1C4FC645"
X-OutGoing-Spam-Status: No, score=0.4
X-AuthUser: developer@it-offshore.co.uk

This is a multi-part message in MIME format.
--------------804F65FA9030BE2A1C4FC645
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

I don't agree to the name change & adding lua / disabling the PaX memory
protections.

I keep nginx-naxsi as light & secure as possible so it's harder to
exploit. The memory protections help stop attacks & lower ram usage.

Valery - why don't you create a completely new nginx-current ?

Stuart Cardall.


On 03/17/2017 11:31 AM, Valery Kartel wrote:
> - upgrade to 1.11.10
> - sync with /main/nginx APKBUILD
> ---
>  testing/nginx-current/APKBUILD                     | 225 +++++++++++++=
++++++++
>  testing/{nginx-naxsi =3D> nginx-current}/ipv6.patch  |   0
>  .../{nginx-naxsi =3D> nginx-current}/sysguard.patch  |   0
>  testing/nginx-naxsi/APKBUILD                       | 204 -------------=
------
>  testing/nginx-naxsi/anonymise.patch                |  76 -------
>  testing/nginx-naxsi/default.conf                   |  18 --
>  testing/nginx-naxsi/nginx-naxsi.pre-install        |   9 -
>  testing/nginx-naxsi/nginx-naxsi.pre-upgrade        |   1 -
>  testing/nginx-naxsi/nginx.conf                     |  92 ---------
>  testing/nginx-naxsi/nginx.initd                    |  67 ------
>  testing/nginx-naxsi/nginx.logrotate                |  12 --
>  11 files changed, 225 insertions(+), 479 deletions(-)
>  create mode 100644 testing/nginx-current/APKBUILD
>  rename testing/{nginx-naxsi =3D> nginx-current}/ipv6.patch (100%)
>  rename testing/{nginx-naxsi =3D> nginx-current}/sysguard.patch (100%)
>  delete mode 100644 testing/nginx-naxsi/APKBUILD
>  delete mode 100644 testing/nginx-naxsi/anonymise.patch
>  delete mode 100644 testing/nginx-naxsi/default.conf
>  delete mode 100644 testing/nginx-naxsi/nginx-naxsi.pre-install
>  delete mode 120000 testing/nginx-naxsi/nginx-naxsi.pre-upgrade
>  delete mode 100644 testing/nginx-naxsi/nginx.conf
>  delete mode 100644 testing/nginx-naxsi/nginx.initd
>  delete mode 100644 testing/nginx-naxsi/nginx.logrotate
>
> diff --git a/testing/nginx-current/APKBUILD b/testing/nginx-current/APK=
BUILD
> new file mode 100644
> index 0000000000..383f6e48c1
> --- /dev/null
> +++ b/testing/nginx-current/APKBUILD
> @@ -0,0 +1,225 @@
> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> +# Contributor: Cameron Banta <cbanta@gmail.com>
> +# Contributor: Jeff Bilyk <jbilyk@gmail.com>
> +# Contributor: Bart=C5=82omiej Piotrowski <nospam@bpiotrowski.pl>
> +# Contributor: Valery Kartel <valery.kartel@gmail.com>
> +
> +pkgname=3Dnginx-current
> +_pkgreal=3Dnginx
> +pkgver=3D1.11.10
> +pkgrel=3D0
> +pkgdesc=3D"HTTP and reverse proxy server (current release)"
> +url=3D"http://www.nginx.org/en"
> +arch=3D"all"
> +options=3D"!check"
> +license=3D"custom"
> +depends=3D""
> +replaces=3D"$_pkgreal"
> +provides=3D"$_pkgreal-$pkgver-r$pkgrel"
> +[ "$CARCH" =3D "s390x" ] && _lua_dep=3D"lua5.1-dev" || _lua_dep=3D"lua=
jit-dev"
> +makedepends=3D"linux-headers gd-dev geoip-dev libxml2-dev libxslt-dev =
$_lua_dep
> +	libressl-dev paxmark pcre-dev perl-dev pkgconf zlib-dev"
> +subpackages=3D"$pkgname-doc $pkgname-mod-http-perl:_perl"
> +
> +# Modules with external sources
> +_dkmod=3Dngx_devel_kit
> +_dkver=3D0.3.0
> +_modsub=3D"$_modsub devel-kit:ndk_http_module"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_dksrc:=3D$srcdir/$_dkmod=
-$_dkver}"
> +_modsrc=3D"$_modsrc $_dkmod-$_dkver.tar.gz::https://github.com/simpl/$=
_dkmod/archive/v$_dkver.tar.gz"
> +
> +_ecmod=3Decho-nginx-module
> +_ecver=3D0.60
> +_modsub=3D"$_modsub http-echo"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ecsrc:=3D$srcdir/$_ecmod=
-$_ecver}"
> +_modsrc=3D"$_modsrc $_ecmod-$_ecver.tar.gz::https://github.com/openres=
ty/$_ecmod/archive/v$_ecver.tar.gz"
> +
> +_fimod=3Dngx-fancyindex
> +_fiver=3D0.4.1
> +_modsub=3D"$_modsub http-fancyindex"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_fisrc:=3D$srcdir/$_fimod=
-$_fiver}"
> +_modsrc=3D"$_modsrc $_fimod-$_fiver.tar.gz::https://github.com/aperezd=
c/$_fimod/archive/v$_fiver.tar.gz"
> +
> +_hmmod=3Dheaders-more-nginx-module
> +_hmver=3D0.32
> +_modsub=3D"$_modsub http-headers-more:ngx_http_headers_more_filter_mod=
ule"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_hmsrc:=3D$srcdir/$_hmmod=
-$_hmver}"
> +_modsrc=3D"$_modsrc $_hmmod-$_hmver.tar.gz::https://github.com/openres=
ty/$_hmmod/archive/v$_hmver.tar.gz"
> +
> +_lumod=3Dlua-nginx-module
> +_luver=3D0.10.7
> +_modsub=3D"$_modsub http-lua"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_lusrc:=3D$srcdir/$_lumod=
-$_luver}"
> +_modsrc=3D"$_modsrc $_lumod-$_luver.tar.gz::https://github.com/openres=
ty/$_lumod/archive/v$_luver.tar.gz"
> +_http_lua_depends=3D"$pkgname-mod-devel-kit"
> +
> +_ncmod=3Dnchan
> +_ncver=3D1.1.2
> +_modsub=3D"$_modsub http-nchan:ngx_nchan_module"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ncsrc:=3D$srcdir/$_ncmod=
-$_ncver}"
> +_modsrc=3D"$_modsrc $_ncmod-$_ncver.tar.gz::https://github.com/slact/$=
_ncmod/archive/v$_ncver.tar.gz"
> +
> +_upmod=3Dnginx-upload-progress-module
> +_upver=3D0.9.2
> +_modsub=3D"$_modsub http-upload-progress:ngx_http_uploadprogress_modul=
e"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_upsrc:=3D$srcdir/$_upmod=
-$_upver}"
> +_modsrc=3D"$_modsrc $_upmod-$_upver.tar.gz::https://github.com/masterz=
en/$_upmod/archive/v$_upver.tar.gz"
> +
> +_rtmod=3Dnginx-rtmp-module
> +_rtver=3D1.1.11
> +_modsub=3D"$_modsub rtmp"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_rtsrc:=3D$srcdir/$_rtmod=
-$_rtver}"
> +_modsrc=3D"$_modsrc $_rtmod-$_rtver.tar.gz::https://github.com/arut/$_=
rtmod/archive/v$_rtver.tar.gz"
> +
> +_nxmod=3Dnaxsi
> +_nxver=3D0.55.3
> +_modsub=3D"$_modsub http-naxsi"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_nxsrc:=3D$srcdir/$_nxmod=
-$_nxver/naxsi_src}"
> +_modsrc=3D"$_modsrc $_nxmod-$_nxver.tar.gz::https://github.com/nbs-sys=
tem/$_nxmod/archive/$_nxver.tar.gz"
> +
> +_cpmod=3Dngx_cache_purge
> +_cpver=3D2.3.0.1
> +_modsub=3D"$_modsub http-cache-purge"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_cpsrc:=3D$srcdir/$_cpmod=
-$_cpver}"
> +_modsrc=3D"$_modsrc $_cpmod-$_cpver.tar.gz::https://github.com/itoffsh=
ore/$_cpmod/archive/v$_cpver.tar.gz"
> +
> +_ufmod=3Dnginx-upstream-fair
> +_ufver=3D0.1.1
> +_modsub=3D"$_modsub http-upstream-fair"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ufsrc:=3D$srcdir/$_ufmod=
-$_ufver}"
> +_modsrc=3D"$_modsrc $_ufmod-$_ufver.tar.gz::https://github.com/itoffsh=
ore/$_ufmod/archive/v$_ufver.tar.gz"
> +
> +_sgmod=3Dtengine-http-sysguard
> +_sgver=3D2.2.0
> +_modsub=3D"$_modsub http-sysguard"
> +_modcfg=3D"$_modcfg --add-dynamic-module=3D${_sgsrc:=3D$srcdir/$_sgmod=
-$_sgver}"
> +_modsrc=3D"$_modsrc $_sgmod-$_sgver.tar.gz::https://github.com/itoffsh=
ore/$_sgmod/archive/v$_sgver.tar.gz
> +	sysguard.patch"
> +
> +source=3D"http://nginx.org/download/$_pkgreal-$pkgver.tar.gz
> +	ipv6.patch
> +	$_modsrc
> +	"
> +
> +_module_dir=3Dusr/lib/$_pkgreal
> +for _module in http-geoip http-image-filter http-xslt-filter mail stre=
am $_modsub; do
> +	_modvar=3D${_module//-/_}
> +	[ -z "${_module##*:*}" ] && eval _so_${_modvar%:*}=3D${_module#*:}
> +	subpackages=3D"$subpackages $pkgname-mod-${_module%:*}:_module"
> +done
> +
> +builddir=3D"$srcdir/$_pkgreal-$pkgver"
> +
> +build() {
> +	cd "$builddir"
> +
> +	export LUAJIT_LIB=3D"$(pkgconf --variable=3Dlibdir luajit)"
> +	export LUAJIT_INC=3D"$(pkgconf --variable=3Dincludedir luajit)"
> +	./configure \
> +		--prefix=3D/var/lib/$_pkgreal \
> +		--sbin-path=3D/usr/sbin/$_pkgreal \
> +		--modules-path=3D/$_module_dir \
> +		--conf-path=3D/etc/$_pkgreal/$_pkgreal.conf \
> +		--pid-path=3D/run/$_pkgreal/$_pkgreal.pid \
> +		--lock-path=3D/run/$_pkgreal/$_pkgreal.lock \
> +		--http-client-body-temp-path=3D/var/lib/$_pkgreal/tmp/client_body \
> +		--http-proxy-temp-path=3D/var/lib/$_pkgreal/tmp/proxy \
> +		--http-fastcgi-temp-path=3D/var/lib/$_pkgreal/tmp/fastcgi \
> +		--http-uwsgi-temp-path=3D/var/lib/$_pkgreal/tmp/uwsgi \
> +		--http-scgi-temp-path=3D/var/lib/$_pkgreal/tmp/scgi \
> +		--with-perl_modules_path=3D/usr/lib/perl5/vendor_perl \
> +		\
> +		--user=3D$_pkgreal \
> +		--group=3D$_pkgreal \
> +		--with-threads \
> +		--with-file-aio \
> +		--with-ipv6 \
> +		\
> +		--with-http_ssl_module \
> +		--with-http_v2_module \
> +		--with-http_realip_module \
> +		--with-http_addition_module \
> +		--with-http_xslt_module=3Ddynamic \
> +		--with-http_image_filter_module=3Ddynamic \
> +		--with-http_geoip_module=3Ddynamic \
> +		--with-http_sub_module \
> +		--with-http_dav_module \
> +		--with-http_flv_module \
> +		--with-http_mp4_module \
> +		--with-http_gunzip_module \
> +		--with-http_gzip_static_module \
> +		--with-http_auth_request_module \
> +		--with-http_random_index_module \
> +		--with-http_secure_link_module \
> +		--with-http_slice_module \
> +		--with-http_stub_status_module \
> +		--with-http_perl_module=3Ddynamic \
> +		--with-http_realip_module \
> +		--with-mail=3Ddynamic \
> +		--with-mail_ssl_module \
> +		--with-stream=3Ddynamic \
> +		--with-stream_ssl_module \
> +		$_modcfg || return 1
> +	make
> +}
> +
> +package() {
> +	depends=3D"$_pkgreal"
> +	make -C "$builddir" DESTDIR=3D"$pkgdir" install || return 1
> +
> +	# Disable some PaX protections; this is needed for Lua module.
> +	local paxflags=3D"-m"
> +	[ "$CARCH" =3D "x86" ] && paxflags=3D"-msp"
> +	paxmark $paxflags "$pkgdir"/usr/sbin/nginx || return 1
> +
> +	install -Dm644 "$builddir"/LICENSE \
> +		"$pkgdir"/usr/share/licenses/$_pkgreal/LICENSE || return 1
> +	install -Dm644 "$builddir"/README \
> +		"$pkgdir"/usr/share/doc/$_pkgreal/README || return 1
> +
> +	rm -rf "$pkgdir"/run "$pkgdir"/var "$pkgdir"/etc
> +}
> +
> +doc() {
> +	default_doc || return 1
> +	depends=3D"$_pkgreal-doc"
> +	replaces=3D"$_pkgreal-doc"
> +}
> +
> +_module() {
> +	local name=3D${subpkgname#$pkgname-mod-}
> +	replaces=3D"$_pkgreal-mod-$name"
> +	provides=3D"$replaces-$pkgver-r$pkgrel"
> +	install_if=3D"$pkgname=3D$pkgver-r$pkgrel $replaces"
> +	name=3D${name//-/_}
> +	local soname=3D$(eval echo \${_so_$name:-ngx_${name}_module}.so)
> +	pkgdesc=3D"$pkgdesc (module $name)"
> +	depends=3D$(eval echo \${_${name}_depends:-$pkgname $replaces})
> +
> +	mkdir -p "$subpkgdir"/$_module_dir || return 1
> +
> +	mv "$pkgdir"/$_module_dir/$soname \
> +		"$subpkgdir"/$_module_dir/$soname
> +}
> +
> +
> +_perl() {
> +	_module || return 1
> +	mv "$pkgdir"/usr/lib/perl5 "$subpkgdir"/usr/lib/
> +}
> +
> +sha512sums=3D"b6437d8305547a834a0f3ad076ac591b90189eb922f48759094efaa9=
618e39fc249600ab13650113fe841fc9af0b736acc61a9b9baba7bacd35224c34df1bbc9 =
 nginx-1.11.10.tar.gz
> +cae9f842c3d1188730d4355440476ad2338b19c027c4b329efe88d4487e90d96bf60de=
a6feb4be6a6f96d4b356fc154345e32c2bb643d70f68e428df26330a49  ipv6.patch
> +558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da=
7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614  ngx_devel_kit=
-0.3.0.tar.gz
> +c455bee73cebd0752449472452d15614b9587ddd199263d366484ede890c4d108eacbb=
eaef31adc9dc7732b56ef2bfc73c0fef3366366db03a8ec3fdc27a985c  echo-nginx-mo=
dule-0.60.tar.gz
> +ce0043ad4a2b638c5d99244d6caaa65ad142cea78884084a9aeca5a9593c68dbe508c9=
e4dd85dc5722eb63ef386612bffc48d4b6fc1487df244fbcb7a73bffe1  ngx-fancyinde=
x-0.4.1.tar.gz
> +e42582b45c3111de3940bbeb67ce161aca2d55adcfb00c61c12256fa0e36221d387230=
13f36edbcf6d1b520f8dfb49d4657df8a956e66d36e68425afad382bd1  headers-more-=
nginx-module-0.32.tar.gz
> +d060a13de4d01d77e6d6cd1635ecbb405330e4326b71b89341c1c128ee4182978a51d5=
3355bc07c350e3c3a7df15325e3df380d9c3a98b2ff7d7efa18fa09b32  lua-nginx-mod=
ule-0.10.7.tar.gz
> +14af65d57325afa961bc6606f2c938acff0206914248b8ca810293113fdab859c1db9c=
9abce9263b9da5c2371b299770682d9ec49fbf7a356da9fbfb3e15c3c7  nchan-1.1.2.t=
ar.gz
> +c31c46344d49704389722325a041b9cd170fa290acefe92cfc572c07f711cd3039de78=
f28df48ca7dcb79b2e4bbe442580aaaf4d92883fd3a14bf41d66dd9d8c  nginx-upload-=
progress-module-0.9.2.tar.gz
> +e7c897265d1e93b06f7e46a653b113e24d2451e2112a7a6da415f130928437444a0346=
832fd9c10042397fea6120e4e44acc2bccf649ec30ca5bffbf985672e2  nginx-rtmp-mo=
dule-1.1.11.tar.gz
> +9e8f41a5cd1342cc9b8aa334a603842d14a256aab1f4a21205bb1278aecbb0c49e39c8=
89d8113a5b41aad2efeaa2ed9f11cba6929173f50add91f54c4c59c8a0  naxsi-0.55.3.=
tar.gz
> +c49c81dbdb8bd507fccf31295e603cea8f0a964867c27eff0436dcea3b4a547c8ae2f1=
1ecf49c4d82c693cf8138c17ebbed395738539d0d61254951e5f0db7e3  ngx_cache_pur=
ge-2.3.0.1.tar.gz
> +fd305b859c868ef55171b05f64071a2836c12073bcd89d6197af4946a3d1177f77c670=
8d4d589d460c84967273dee87ca9de97ab0f0d47e6d65f86b465d70316  nginx-upstrea=
m-fair-0.1.1.tar.gz
> +2743d9aea60bd4984b650213e571cf27e6ff5b3db708242ccb53b8fc669d1cc82ee224=
ba79aee2f6969b6e13821cfdd3df7b412541e1fdbb867ecc95326e07e1  tengine-http-=
sysguard-2.2.0.tar.gz
> +2dca2ac74fb92e330fde7b6b6120b2fd2565c377a629c9536cf77beebe41aa4b092d42=
29d5b487b0fb02be4f2cc5b897c429c87bbbbc7b0d31e1cbb94231ddce  sysguard.patc=
h"
> diff --git a/testing/nginx-naxsi/ipv6.patch b/testing/nginx-current/ipv=
6.patch
> similarity index 100%
> rename from testing/nginx-naxsi/ipv6.patch
> rename to testing/nginx-current/ipv6.patch
> diff --git a/testing/nginx-naxsi/sysguard.patch b/testing/nginx-current=
/sysguard.patch
> similarity index 100%
> rename from testing/nginx-naxsi/sysguard.patch
> rename to testing/nginx-current/sysguard.patch
> diff --git a/testing/nginx-naxsi/APKBUILD b/testing/nginx-naxsi/APKBUIL=
D
> deleted file mode 100644
> index c020427da8..0000000000
> --- a/testing/nginx-naxsi/APKBUILD
> +++ /dev/null
> @@ -1,204 +0,0 @@
> -# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
> -# Contributor: Cameron Banta <cbanta@gmail.com>
> -# Contributor: Jeff Bilyk <jbilyk@gmail.com>
> -# Contributor: Bart=C5=82omiej Piotrowski <nospam@bpiotrowski.pl>
> -
> -pkgname=3Dnginx-naxsi
> -_pkgname=3Dnginx
> -pkgver=3D1.11.9
> -pkgrel=3D0
> -pkgdesc=3D"Lightweight HTTP and reverse proxy server with Naxsi WAF su=
pport, see also 'nxapi'"
> -url=3D"http://www.nginx.org | https://github.com/nbs-system/naxsi"
> -arch=3D"all"
> -license=3D"custom"
> -
> -# Modules
> -_ngx_naxsi_name=3Dnaxsi
> -_ngx_naxsi_ver=3D0.55.1
> -_ngx_naxsi_dir=3D"$srcdir/$_ngx_naxsi_name-$_ngx_naxsi_ver/naxsi_src"
> -
> -_ngx_cache_purge_name=3Dngx_cache_purge
> -_ngx_cache_purge_ver=3D2.3.0.1
> -_ngx_cache_purge_dir=3D"$srcdir/$_ngx_cache_purge_name-$_ngx_cache_pur=
ge_ver"
> -
> -_ngx_upstream_fair_name=3Dnginx-upstream-fair
> -_ngx_upstream_fair_ver=3D0.1.1
> -_ngx_upstream_fair_dir=3D"$srcdir/$_ngx_upstream_fair_name-$_ngx_upstr=
eam_fair_ver"
> -
> -_ngx_http_sysguard_name=3Dtengine-http-sysguard
> -_ngx_http_sysguard_ver=3D2.2.0
> -_ngx_http_sysguard_dir=3D"$srcdir/$_ngx_http_sysguard_name-$_ngx_http_=
sysguard_ver"
> -
> -depends=3D"!nginx"
> -makedepends=3D"linux-headers gd-dev geoip-dev libxml2-dev libxslt-dev =
libressl-dev
> -	pcre-dev perl-dev pkgconf zlib-dev"
> -pkgusers=3D"nginx"
> -_grp_ngx=3D"nginx"
> -_grp_www=3D"www-data"
> -pkggroups=3D"$_grp_ngx $_grp_www"
> -install=3D"$pkgname.pre-install $pkgname.pre-upgrade"
> -subpackages=3D"$pkgname-doc"
> -source=3D"http://nginx.org/download/$_pkgname-$pkgver.tar.gz
> -	naxsi-$_ngx_naxsi_ver.tar.gz::https://github.com/nbs-system/$_ngx_nax=
si_name/archive/$_ngx_naxsi_ver.tar.gz
> -	ngx_cache_purge-$_ngx_cache_purge_ver.tar.gz::https://github.com/itof=
fshore/$_ngx_cache_purge_name/archive/v$_ngx_cache_purge_ver.tar.gz
> -	upstream-fair-$_ngx_upstream_fair_ver.tar.gz::https://github.com/itof=
fshore/$_ngx_upstream_fair_name/archive/v$_ngx_upstream_fair_ver.tar.gz
> -	sysguard-$_ngx_http_sysguard_ver.tar.gz::https://github.com/itoffshor=
e/$_ngx_http_sysguard_name/archive/v$_ngx_http_sysguard_ver.tar.gz
> -
> -	anonymise.patch
> -	ipv6.patch
> -	sysguard.patch
> -
> -	nginx.initd
> -	nginx.logrotate
> -	"
> -builddir=3D"$srcdir"/$_pkgname-$pkgver
> -
> -_modules_dir=3D"usr/lib/nginx/modules"
> -_modules=3D"
> -	http-geoip
> -	http-image-filter
> -	http-perl
> -	http-xslt-filter
> -	mail
> -	stream
> -	http-naxsi
> -	http-cache-purge
> -	http-upstream-fair
> -	http-sysguard
> -	"
> -
> -for _m in $_modules; do
> -	subpackages=3D"$subpackages $pkgname-mod-$_m:_module"
> -done
> -
> -
> -build() {
> -	cd "$builddir"
> -	./configure \
> -		--prefix=3D/var/lib/$_pkgname \
> -		--sbin-path=3D/usr/sbin/$_pkgname \
> -		--modules-path=3D/$_modules_dir \
> -		--conf-path=3D/etc/$_pkgname/$_pkgname.conf \
> -		--pid-path=3D/run/$_pkgname/$_pkgname.pid \
> -		--lock-path=3D/run/$_pkgname/$_pkgname.lock \
> -		--error-log-path=3D/var/log/$_pkgname/error.log \
> -		--http-log-path=3D/var/log/$_pkgname/access.log \
> -		--http-client-body-temp-path=3D/var/lib/$_pkgname/tmp/client_body \
> -		--http-proxy-temp-path=3D/var/lib/$_pkgname/tmp/proxy \
> -		--http-fastcgi-temp-path=3D/var/lib/$_pkgname/tmp/fastcgi \
> -		--with-perl_modules_path=3D/usr/lib/perl5/vendor_perl \
> -		\
> -		--user=3D$pkgusers \
> -		--group=3D$_grp_ngx \
> -		--with-threads \
> -		--with-file-aio \
> -		--without-http_uwsgi_module \
> -		--without-http_scgi_module \
> -		\
> -		--with-http_ssl_module \
> -		--with-http_v2_module \
> -		--with-http_realip_module \
> -		--with-http_addition_module \
> -		--with-http_sub_module \
> -		--with-http_dav_module \
> -		--with-http_flv_module \
> -		--with-http_mp4_module \
> -		--with-http_gunzip_module \
> -		--with-http_gzip_static_module \
> -		--with-http_auth_request_module \
> -		--with-http_random_index_module \
> -		--with-http_secure_link_module \
> -		--with-http_slice_module \
> -		--with-http_stub_status_module \
> -		--with-http_realip_module \
> -		--with-http_xslt_module=3Ddynamic \
> -		--with-http_image_filter_module=3Ddynamic \
> -		--with-http_geoip_module=3Ddynamic \
> -		--with-http_perl_module=3Ddynamic \
> -		--with-mail=3Ddynamic \
> -		--with-mail_ssl_module \
> -		--with-stream=3Ddynamic \
> -		--with-stream_ssl_module \
> -		\
> -		--add-dynamic-module=3D"$_ngx_naxsi_dir" \
> -		--add-dynamic-module=3D"$_ngx_cache_purge_dir" \
> -		--add-dynamic-module=3D"$_ngx_upstream_fair_dir" \
> -		--add-dynamic-module=3D"$_ngx_http_sysguard_dir" \
> -		|| return 1
> -	make || return 1
> -}
> -
> -package() {
> -	cd "$builddir"
> -
> -	make DESTDIR=3D"$pkgdir" install
> -
> -	install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
> -	install -Dm644 README "$pkgdir"/usr/share/doc/$pkgname/README
> -
> -	cd "$pkgdir"
> -
> -	install -Dm644 "$srcdir"/nginx.conf ./etc/$_pkgname/nginx.conf
> -	install -Dm644 "$srcdir"/default.conf ./etc/$_pkgname/conf.d/default.=
conf
> -	install -m755 -D "$srcdir"/$_pkgname.initd ./etc/init.d/$_pkgname
> -	install -m644 -D "$srcdir"/$_pkgname.logrotate ./etc/logrotate.d/$_pk=
gname
> -	install -m644 -D "$srcdir"/naxsi-$_ngx_naxsi_ver/naxsi_config/naxsi_c=
ore.rules ./etc/nginx/naxsi_core.rules
> -
> -	install -dm755 ./etc/$_pkgname/modules
> -	install -dm750 -o $pkgusers -g $_grp_ngx ./var/lib/$_pkgname
> -	install -dm700 -o $pkgusers -g $_grp_ngx ./var/lib/$_pkgname/tmp
> -
> -	ln -sf /$_modules_dir ./var/lib/$_pkgname/modules
> -	ln -sf /var/log/$_pkgname ./var/lib/$_pkgname/logs
> -	ln -sf /run/$_pkgname ./var/lib/$_pkgname/run
> -
> -	rm -rf ./run ./etc/$_pkgname/*.default
> -}
> -
> -_module() {
> -	local name=3D"${subpkgname#$pkgname-mod-}"
> -	name=3D"${name//-/_}"
> -	soname=3D"ngx_${name}_module.so"
> -
> -	pkgdesc=3D"$pkgdesc (module $name)"
> -	depends=3D"!nginx-mod-$name"
> -	provides=3D"$name"
> -
> -	mkdir -p "$subpkgdir"/$_modules_dir
> -	cd "$subpkgdir"
> -
> -	mv "$pkgdir"/$_modules_dir/$soname ./$_modules_dir/$soname || return =
1
> -	mkdir -p "$subpkgdir"/etc/nginx/modules
> -	echo "load_module \"modules/$soname\";" > ./etc/nginx/modules/$name.c=
onf
> -}
> -
> -md5sums=3D"7aeca793819c2b8df134c0b1cfe98361  nginx-1.11.9.tar.gz
> -b894ea5327a3d102a56aeddb79d2e047  naxsi-0.55.1.tar.gz
> -dedef1e47a26500993a88c96112d5d0f  ngx_cache_purge-2.3.0.1.tar.gz
> -233861df4dc0872f727fc4c7e5c72dca  upstream-fair-0.1.1.tar.gz
> -3a72f075bb114f1a97976c088a81c7f7  sysguard-2.2.0.tar.gz
> -31d29937da95b31714faa399aeb07407  anonymise.patch
> -f478d8391dafa32a8b0b3a9f21d7a080  ipv6.patch
> -50357b75049d878c0bcce10d0c60f9ed  sysguard.patch
> -2e56b3f21f19aecc5500c9efc9222782  nginx.initd
> -8823274a834332d3db4f62bf7dd1fb7d  nginx.logrotate"
> -sha256sums=3D"dc22b71f16b551705930544dc042f1ad1af2f9715f565187ec22c7a4=
b2625748  nginx-1.11.9.tar.gz
> -45dd0df7a6b0b6aa9c64eb8c39a8e294d659d87fb18e192cf58f1402f3cdb0a8  naxs=
i-0.55.1.tar.gz
> -5da9360cd805a432ea7a08832ec3dd3a5d9f1574f71b3acdd53210610aee94e5  ngx_=
cache_purge-2.3.0.1.tar.gz
> -e8aec578f03259c6f457575360f70d57aea385a1864562b0ba6e57d6a75d52c7  upst=
ream-fair-0.1.1.tar.gz
> -6051eb52361d602011b4c7e88b63384bcc8ebc4b004bd4b12eec3e5dce953f1d  sysg=
uard-2.2.0.tar.gz
> -28adf3605875197d5822fa382f5fd3c9c80f7d3a561e904fee223fa051f98810  anon=
ymise.patch
> -4a1a24a92657432012f08c52e8099c7abae390c9c4cb76483cacd012e26a57ac  ipv6=
.patch
> -18090329435c32d91621a5943acc5b8bbe89aaa3c2fa334c3a4cdeb00efb6226  sysg=
uard.patch
> -decb084e29b584fb54b57a199f5a480dd77a4c1b3ef3da515c2eb76bd32172c5  ngin=
x.initd
> -cea0c6f8de55a4c3a3eccc57910de1c3116634082c8e5b660630fb927a29f38d  ngin=
x.logrotate"
> -sha512sums=3D"95247d5db3e23a0ea22686cc3fe4295f8854948a6f168a783082fdbb=
2acbecdad61cd9c8cadd84c1f74c1e87becdca8d6664622ff9cebc72687f20b29cc09fd0 =
 nginx-1.11.9.tar.gz
> -aebda20e5b78e9111b7bac1e15829258e6b85b80e4ce333e4dba8caead36287b3f0fcb=
453c51d7c59f07d637fa62f5c6b23aecd3bf6a3c3da4abebf1a6689f14  naxsi-0.55.1.=
tar.gz
> -c49c81dbdb8bd507fccf31295e603cea8f0a964867c27eff0436dcea3b4a547c8ae2f1=
1ecf49c4d82c693cf8138c17ebbed395738539d0d61254951e5f0db7e3  ngx_cache_pur=
ge-2.3.0.1.tar.gz
> -fd305b859c868ef55171b05f64071a2836c12073bcd89d6197af4946a3d1177f77c670=
8d4d589d460c84967273dee87ca9de97ab0f0d47e6d65f86b465d70316  upstream-fair=
-0.1.1.tar.gz
> -2743d9aea60bd4984b650213e571cf27e6ff5b3db708242ccb53b8fc669d1cc82ee224=
ba79aee2f6969b6e13821cfdd3df7b412541e1fdbb867ecc95326e07e1  sysguard-2.2.=
0.tar.gz
> -f8e46dafcf553edd35699dc2a47a54756e0a4c690fc13f81436ad9db1026739ba331ad=
99d3d05d8a7c089a5c067bf45f4aca3a98fdd9483b7b0123a837e695be  anonymise.pat=
ch
> -cae9f842c3d1188730d4355440476ad2338b19c027c4b329efe88d4487e90d96bf60de=
a6feb4be6a6f96d4b356fc154345e32c2bb643d70f68e428df26330a49  ipv6.patch
> -2dca2ac74fb92e330fde7b6b6120b2fd2565c377a629c9536cf77beebe41aa4b092d42=
29d5b487b0fb02be4f2cc5b897c429c87bbbbc7b0d31e1cbb94231ddce  sysguard.patc=
h
> -6c27d605536a31159b65776098926ede0b5045210b190e803681a10c06a10556283d87=
3e772fd635642b18846549ec3a18989ca9fe6466f120ce9e1327dcacd5  nginx.initd
> -01b77cff16f6e8bfd7fa1d4d20f625bbcddd08f0509173452d060c342c93dc315a7b05=
60f4734323a5d29ea294de0491f2e3f32e5337574e1a28ebc005eceea8  nginx.logrota=
te"
> diff --git a/testing/nginx-naxsi/anonymise.patch b/testing/nginx-naxsi/=
anonymise.patch
> deleted file mode 100644
> index 17bca99b51..0000000000
> --- a/testing/nginx-naxsi/anonymise.patch
> +++ /dev/null
> @@ -1,76 +0,0 @@
> ---- nginx-1.6.1/src/http/ngx_http_header_filter_module.c
> -+++ nginx-1.6.1/src/http/ngx_http_header_filter_module.c
> -@@ -46,8 +46,8 @@
> - };
> -=20
> -=20
> --static char ngx_http_server_string[] =3D "Server: nginx" CRLF;
> --static char ngx_http_server_full_string[] =3D "Server: " NGINX_VER CR=
LF;
> -+static char ngx_http_server_string[] =3D "";
> -+static char ngx_http_server_full_string[] =3D "";
> -=20
> -=20
> - static ngx_str_t ngx_http_status_lines[] =3D {
> -@@ -278,8 +278,8 @@
> -     clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module);
> -=20
> -     if (r->headers_out.server =3D=3D NULL) {
> --        len +=3D clcf->server_tokens ? sizeof(ngx_http_server_full_st=
ring) - 1:
> --                                     sizeof(ngx_http_server_string) -=
 1;
> -+        len +=3D clcf->server_tokens ? sizeof(ngx_http_server_full_st=
ring) - 0:
> -+                                     sizeof(ngx_http_server_string) -=
 0;
> -     }
> -=20
> -     if (r->headers_out.date =3D=3D NULL) {
> ---- nginx-1.6.1/src/http/ngx_http_special_response.c
> -+++ nginx-1.6.1/src/http/ngx_http_special_response.c
> -@@ -19,14 +19,14 @@
> -=20
> -=20
> - static u_char ngx_http_error_full_tail[] =3D
> --"<hr><center>" NGINX_VER "</center>" CRLF
> -+"<hr><center>127.0.0.1</center>" CRLF
> - "</body>" CRLF
> - "</html>" CRLF
> - ;
> -=20
> -=20
> - static u_char ngx_http_error_tail[] =3D
> --"<hr><center>nginx</center>" CRLF
> -+"<hr><center>localhost</center>" CRLF
> - "</body>" CRLF
> - "</html>" CRLF
> - ;
> ---- nginx-1.9.12/src/http/v2/ngx_http_v2_filter_module.c
> -+++ nginx-1.9.12/src/http/v2/ngx_http_v2_filter_module.c.new
> -@@ -229,9 +229,9 @@
> -=20
> -     clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module);
> -=20
> --    if (r->headers_out.server =3D=3D NULL) {
> -+/*  if (r->headers_out.server =3D=3D NULL) {
> -         len +=3D 1 + (clcf->server_tokens ? nginx_ver_len : sizeof(ng=
inx));
> --    }
> -+    } */
> -=20
> -     if (r->headers_out.date =3D=3D NULL) {
> -         len +=3D 1 + ngx_http_v2_literal_size("Wed, 31 Dec 1986 18:00=
:00 GMT");
> -@@ -434,7 +434,7 @@
> -         pos =3D ngx_sprintf(pos, "%03ui", r->headers_out.status);
> -     }
> -=20
> --    if (r->headers_out.server =3D=3D NULL) {
> -+/*  if (r->headers_out.server =3D=3D NULL) {
> -         ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
> -                        "http2 output header: \"server: %s\"",
> -                        clcf->server_tokens ? NGINX_VER : "nginx");
> -@@ -453,7 +453,7 @@
> -         } else {
> -             pos =3D ngx_cpymem(pos, nginx, sizeof(nginx));
> -         }
> --    }
> -+    } */
> -=20
> -     if (r->headers_out.date =3D=3D NULL) {
> -         ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
> -
> diff --git a/testing/nginx-naxsi/default.conf b/testing/nginx-naxsi/def=
ault.conf
> deleted file mode 100644
> index 9ae25d8fca..0000000000
> --- a/testing/nginx-naxsi/default.conf
> +++ /dev/null
> @@ -1,18 +0,0 @@
> -# This is a default site configuration which will simply return 404, p=
reventing
> -# chance access to any other virtualhost.
> -
> -server {
> -	listen 80 default_server;
> -	listen [::]:80 default_server;
> -
> -	# Everything is a 404
> -	location / {
> -		return 404;
> -	}
> -
> -	# You may need this to prevent return 404 recursion.
> -	location =3D /404.html {
> -		internal;
> -	}
> -}
> -
> diff --git a/testing/nginx-naxsi/nginx-naxsi.pre-install b/testing/ngin=
x-naxsi/nginx-naxsi.pre-install
> deleted file mode 100644
> index 8512f43dda..0000000000
> --- a/testing/nginx-naxsi/nginx-naxsi.pre-install
> +++ /dev/null
> @@ -1,9 +0,0 @@
> -#!/bin/sh
> -
> -addgroup -S -g 82 www-data 2>/dev/null
> -addgroup -S nginx 2>/dev/null
> -adduser -S -D -H -h /var/www/localhost/htdocs -s /sbin/nologin -G ngin=
x \
> -	-g nginx nginx 2>/dev/null
> -addgroup nginx www-data 2>/dev/null
> -
> -exit 0
> diff --git a/testing/nginx-naxsi/nginx-naxsi.pre-upgrade b/testing/ngin=
x-naxsi/nginx-naxsi.pre-upgrade
> deleted file mode 120000
> index 364e0b943c..0000000000
> --- a/testing/nginx-naxsi/nginx-naxsi.pre-upgrade
> +++ /dev/null
> @@ -1 +0,0 @@
> -nginx-naxsi.pre-install
> \ No newline at end of file
> diff --git a/testing/nginx-naxsi/nginx.conf b/testing/nginx-naxsi/nginx=
.conf
> deleted file mode 100644
> index c637b92e32..0000000000
> --- a/testing/nginx-naxsi/nginx.conf
> +++ /dev/null
> @@ -1,92 +0,0 @@
> -# /etc/nginx/nginx.conf
> -
> -user nginx;
> -
> -# Set number of worker processes automatically based on number of CPU =
cores.
> -worker_processes auto;
> -
> -# Enables the use of JIT for regular expressions to speed-up their pro=
cessing.
> -pcre_jit on;
> -
> -# Configures default error logger.
> -error_log /var/log/nginx/error.log warn;
> -
> -# Includes files with directives to load dynamic modules.
> -include /etc/nginx/modules/*.conf;
> -
> -
> -events {
> -	# The maximum number of simultaneous connections that can be opened b=
y
> -	# a worker process.
> -	worker_connections 1024;
> -}
> -
> -http {
> -	# Includes mapping of file name extensions to MIME types of responses
> -	# and defines the default type.
> -	include /etc/nginx/mime.types;
> -	default_type application/octet-stream;
> -
> -	# Name servers used to resolve names of upstream servers into address=
es.
> -	# It's also needed when using tcpsocket and udpsocket in Lua modules.
> -	#resolver 208.67.222.222 208.67.220.220;
> -
> -	# Don't tell nginx version to clients.
> -	server_tokens off;
> -
> -	# Specifies the maximum accepted body size of a client request, as
> -	# indicated by the request header Content-Length. If the stated conte=
nt
> -	# length is greater than this size, then the client receives the HTTP
> -	# error code 413. Set to 0 to disable.
> -	client_max_body_size 1m;
> -
> -	# Timeout for keep-alive connections. Server will close connections a=
fter
> -	# this time.
> -	keepalive_timeout 65;
> -
> -	# Sendfile copies data between one FD and other from within the kerne=
l,
> -	# which is more efficient than read() + write().
> -	sendfile on;
> -
> -	# Don't buffer data-sends (disable Nagle algorithm).
> -	# Good for sending frequent small bursts of data in real time.
> -	tcp_nodelay on;
> -
> -	# Causes nginx to attempt to send its HTTP response head in one packe=
t,
> -	# instead of using partial frames.
> -	#tcp_nopush on;
> -
> -
> -	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
> -	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
> -
> -	# Specifies that our cipher suits should be preferred over client cip=
hers.
> -	ssl_prefer_server_ciphers on;
> -
> -	# Enables a shared SSL cache with size that can hold around 8000 sess=
ions.
> -	ssl_session_cache shared:SSL:2m;
> -
> -
> -	# Enable gzipping of responses.
> -	#gzip on;
> -
> -	# Set the Vary HTTP header as defined in the RFC 2616.
> -	gzip_vary on;
> -
> -	# Enable checking the existence of precompressed files.
> -	#gzip_static on;
> -
> -
> -	# Specifies the main log format.
> -	log_format main '$remote_addr - $remote_user [$time_local] "$request"=
 '
> -			'$status $body_bytes_sent "$http_referer" '
> -			'"$http_user_agent" "$http_x_forwarded_for"';
> -
> -	# Sets the path, format, and configuration for a buffered log write.
> -	access_log /var/log/nginx/access.log main;
> -
> -
> -	# Includes virtual hosts configs.
> -	include /etc/nginx/conf.d/*.conf;
> -}
> -
> diff --git a/testing/nginx-naxsi/nginx.initd b/testing/nginx-naxsi/ngin=
x.initd
> deleted file mode 100644
> index 9e51e7dfa3..0000000000
> --- a/testing/nginx-naxsi/nginx.initd
> +++ /dev/null
> @@ -1,67 +0,0 @@
> -#!/sbin/openrc-run
> -
> -description=3D"Nginx http and reverse proxy server"
> -extra_started_commands=3D"reload reopen upgrade"
> -
> -cfgfile=3D${cfgfile:-/etc/nginx/nginx.conf}
> -pidfile=3D/run/nginx/nginx.pid
> -command=3D/usr/sbin/nginx
> -command_args=3D"-c $cfgfile"
> -required_files=3D"$cfgfile"
> -
> -depend() {
> -	need net
> -	use dns logger netmount
> -}
> -
> -start_pre() {
> -	ebegin
> -	checkpath --directory --owner nginx:nginx ${pidfile%/*}
> -	$command $command_args -t -q
> -	eend $?
> -}
> -
> -reload() {
> -	ebegin "Reloading ${SVCNAME} configuration"
> -	start_pre && start-stop-daemon --signal HUP --pidfile $pidfile
> -	eend $?
> -}
> -
> -reopen() {
> -	ebegin "Reopening ${SVCNAME} log files"
> -	start-stop-daemon --signal USR1 --pidfile $pidfile
> -	eend $?
> -}
> -
> -upgrade() {
> -	start_pre || return 1
> -
> -	ebegin "Upgrading ${SVCNAME} binary"
> -
> -	einfo "Sending USR2 to old binary"
> -	start-stop-daemon --signal USR2 --pidfile $pidfile
> -
> -	einfo "Sleeping 3 seconds before pid-files checking"
> -	sleep 3
> -
> -	if [ ! -f $pidfile.oldbin ]; then
> -		eerror "File with old pid ($pidfile.oldbin) not found"
> -		return 1
> -	fi
> -
> -	if [ ! -f $pidfile ]; then
> -		eerror "New binary failed to start"
> -		return 1
> -	fi
> -
> -	einfo "Sleeping 3 seconds before WINCH"
> -	sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin
> -
> -	einfo "Sending QUIT to old binary"
> -	start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin
> -
> -	einfo "Upgrade completed"
> -
> -	eend $? "Upgrade failed"
> -}
> -
> diff --git a/testing/nginx-naxsi/nginx.logrotate b/testing/nginx-naxsi/=
nginx.logrotate
> deleted file mode 100644
> index 7778b1108b..0000000000
> --- a/testing/nginx-naxsi/nginx.logrotate
> +++ /dev/null
> @@ -1,12 +0,0 @@
> -# Copyright 1999-2010 Gentoo Foundation
> -# Distributed under the terms of the GNU General Public License v2
> -# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.logro=
tate,v 1.1 2010/01/03 20:29:40 djc Exp $
> -
> -/var/log/nginx/*.log {
> -	missingok
> -	sharedscripts
> -	postrotate
> -		kill -USR1 `cat /var/run/nginx.pid`
> -	endscript
> -}
> -


--------------804F65FA9030BE2A1C4FC645
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html>
  <head>
    <meta content=3D"text/html; charset=3Dutf-8" http-equiv=3D"Content-Ty=
pe">
  </head>
  <body bgcolor=3D"#FFFFFF" text=3D"#000099">
    <p><font face=3D"Helvetica, Arial, sans-serif">I don't agree to the
        name change &amp; adding lua / disabling the PaX memory
        protections.</font></p>
    <p><font face=3D"Helvetica, Arial, sans-serif">I keep nginx-naxsi as
        light &amp; secure as possible so it's harder to exploit. The
        memory protections help stop attacks &amp; lower ram usage.<br>
      </font></p>
    <p><font face=3D"Helvetica, Arial, sans-serif">Valery - why don't you
        create a completely new nginx-current ?</font></p>
    <p><font face=3D"Helvetica, Arial, sans-serif">Stuart Cardall.</font>=
<br>
    </p>
    <br>
    <div class=3D"moz-cite-prefix">On 03/17/2017 11:31 AM, Valery Kartel
      wrote:<br>
    </div>
    <blockquote cite=3D"mid:20170317113156.2367-1-valery.kartel@gmail.com=
"
      type=3D"cite">
      <pre wrap=3D"">- upgrade to 1.11.10
- sync with /main/nginx APKBUILD
---
 testing/nginx-current/APKBUILD                     | 225 +++++++++++++++=
++++++
 testing/{nginx-naxsi =3D&gt; nginx-current}/ipv6.patch  |   0
 .../{nginx-naxsi =3D&gt; nginx-current}/sysguard.patch  |   0
 testing/nginx-naxsi/APKBUILD                       | 204 ---------------=
----
 testing/nginx-naxsi/anonymise.patch                |  76 -------
 testing/nginx-naxsi/default.conf                   |  18 --
 testing/nginx-naxsi/nginx-naxsi.pre-install        |   9 -
 testing/nginx-naxsi/nginx-naxsi.pre-upgrade        |   1 -
 testing/nginx-naxsi/nginx.conf                     |  92 ---------
 testing/nginx-naxsi/nginx.initd                    |  67 ------
 testing/nginx-naxsi/nginx.logrotate                |  12 --
 11 files changed, 225 insertions(+), 479 deletions(-)
 create mode 100644 testing/nginx-current/APKBUILD
 rename testing/{nginx-naxsi =3D&gt; nginx-current}/ipv6.patch (100%)
 rename testing/{nginx-naxsi =3D&gt; nginx-current}/sysguard.patch (100%)
 delete mode 100644 testing/nginx-naxsi/APKBUILD
 delete mode 100644 testing/nginx-naxsi/anonymise.patch
 delete mode 100644 testing/nginx-naxsi/default.conf
 delete mode 100644 testing/nginx-naxsi/nginx-naxsi.pre-install
 delete mode 120000 testing/nginx-naxsi/nginx-naxsi.pre-upgrade
 delete mode 100644 testing/nginx-naxsi/nginx.conf
 delete mode 100644 testing/nginx-naxsi/nginx.initd
 delete mode 100644 testing/nginx-naxsi/nginx.logrotate

diff --git a/testing/nginx-current/APKBUILD b/testing/nginx-current/APKBU=
ILD
new file mode 100644
index 0000000000..383f6e48c1
--- /dev/null
+++ b/testing/nginx-current/APKBUILD
@@ -0,0 +1,225 @@
+# Maintainer: Stuart Cardall <a class=3D"moz-txt-link-rfc2396E" href=3D"=
mailto:developer@it-offshore.co.uk">&lt;developer@it-offshore.co.uk&gt;</=
a>
+# Contributor: Cameron Banta <a class=3D"moz-txt-link-rfc2396E" href=3D"=
mailto:cbanta@gmail.com">&lt;cbanta@gmail.com&gt;</a>
+# Contributor: Jeff Bilyk <a class=3D"moz-txt-link-rfc2396E" href=3D"mai=
lto:jbilyk@gmail.com">&lt;jbilyk@gmail.com&gt;</a>
+# Contributor: Bart=C5=82omiej Piotrowski <a class=3D"moz-txt-link-rfc23=
96E" href=3D"mailto:nospam@bpiotrowski.pl">&lt;nospam@bpiotrowski.pl&gt;<=
/a>
+# Contributor: Valery Kartel <a class=3D"moz-txt-link-rfc2396E" href=3D"=
mailto:valery.kartel@gmail.com">&lt;valery.kartel@gmail.com&gt;</a>
+
+pkgname=3Dnginx-current
+_pkgreal=3Dnginx
+pkgver=3D1.11.10
+pkgrel=3D0
+pkgdesc=3D"HTTP and reverse proxy server (current release)"
+url=3D<a class=3D"moz-txt-link-rfc2396E" href=3D"http://www.nginx.org/en=
">"http://www.nginx.org/en"</a>
+arch=3D"all"
+options=3D"!check"
+license=3D"custom"
+depends=3D""
+replaces=3D"$_pkgreal"
+provides=3D"$_pkgreal-$pkgver-r$pkgrel"
+[ "$CARCH" =3D "s390x" ] &amp;&amp; _lua_dep=3D"lua5.1-dev" || _lua_dep=3D=
"luajit-dev"
+makedepends=3D"linux-headers gd-dev geoip-dev libxml2-dev libxslt-dev $_=
lua_dep
+	libressl-dev paxmark pcre-dev perl-dev pkgconf zlib-dev"
+subpackages=3D"$pkgname-doc $pkgname-mod-http-perl:_perl"
+
+# Modules with external sources
+_dkmod=3Dngx_devel_kit
+_dkver=3D0.3.0
+_modsub=3D"$_modsub devel-kit:ndk_http_module"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_dksrc:=3D$srcdir/$_dkmod-$=
_dkver}"
+_modsrc=3D"$_modsrc $_dkmod-$_dkver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/simpl/$_dkmod/archive/v$_dkver.tar.gz">=
https://github.com/simpl/$_dkmod/archive/v$_dkver.tar.gz</a>"
+
+_ecmod=3Decho-nginx-module
+_ecver=3D0.60
+_modsub=3D"$_modsub http-echo"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ecsrc:=3D$srcdir/$_ecmod-$=
_ecver}"
+_modsrc=3D"$_modsrc $_ecmod-$_ecver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/openresty/$_ecmod/archive/v$_ecver.tar.=
gz">https://github.com/openresty/$_ecmod/archive/v$_ecver.tar.gz</a>"
+
+_fimod=3Dngx-fancyindex
+_fiver=3D0.4.1
+_modsub=3D"$_modsub http-fancyindex"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_fisrc:=3D$srcdir/$_fimod-$=
_fiver}"
+_modsrc=3D"$_modsrc $_fimod-$_fiver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/aperezdc/$_fimod/archive/v$_fiver.tar.g=
z">https://github.com/aperezdc/$_fimod/archive/v$_fiver.tar.gz</a>"
+
+_hmmod=3Dheaders-more-nginx-module
+_hmver=3D0.32
+_modsub=3D"$_modsub http-headers-more:ngx_http_headers_more_filter_modul=
e"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_hmsrc:=3D$srcdir/$_hmmod-$=
_hmver}"
+_modsrc=3D"$_modsrc $_hmmod-$_hmver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/openresty/$_hmmod/archive/v$_hmver.tar.=
gz">https://github.com/openresty/$_hmmod/archive/v$_hmver.tar.gz</a>"
+
+_lumod=3Dlua-nginx-module
+_luver=3D0.10.7
+_modsub=3D"$_modsub http-lua"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_lusrc:=3D$srcdir/$_lumod-$=
_luver}"
+_modsrc=3D"$_modsrc $_lumod-$_luver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/openresty/$_lumod/archive/v$_luver.tar.=
gz">https://github.com/openresty/$_lumod/archive/v$_luver.tar.gz</a>"
+_http_lua_depends=3D"$pkgname-mod-devel-kit"
+
+_ncmod=3Dnchan
+_ncver=3D1.1.2
+_modsub=3D"$_modsub http-nchan:ngx_nchan_module"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ncsrc:=3D$srcdir/$_ncmod-$=
_ncver}"
+_modsrc=3D"$_modsrc $_ncmod-$_ncver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/slact/$_ncmod/archive/v$_ncver.tar.gz">=
https://github.com/slact/$_ncmod/archive/v$_ncver.tar.gz</a>"
+
+_upmod=3Dnginx-upload-progress-module
+_upver=3D0.9.2
+_modsub=3D"$_modsub http-upload-progress:ngx_http_uploadprogress_module"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_upsrc:=3D$srcdir/$_upmod-$=
_upver}"
+_modsrc=3D"$_modsrc $_upmod-$_upver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/masterzen/$_upmod/archive/v$_upver.tar.=
gz">https://github.com/masterzen/$_upmod/archive/v$_upver.tar.gz</a>"
+
+_rtmod=3Dnginx-rtmp-module
+_rtver=3D1.1.11
+_modsub=3D"$_modsub rtmp"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_rtsrc:=3D$srcdir/$_rtmod-$=
_rtver}"
+_modsrc=3D"$_modsrc $_rtmod-$_rtver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/arut/$_rtmod/archive/v$_rtver.tar.gz">h=
ttps://github.com/arut/$_rtmod/archive/v$_rtver.tar.gz</a>"
+
+_nxmod=3Dnaxsi
+_nxver=3D0.55.3
+_modsub=3D"$_modsub http-naxsi"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_nxsrc:=3D$srcdir/$_nxmod-$=
_nxver/naxsi_src}"
+_modsrc=3D"$_modsrc $_nxmod-$_nxver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/nbs-system/$_nxmod/archive/$_nxver.tar.=
gz">https://github.com/nbs-system/$_nxmod/archive/$_nxver.tar.gz</a>"
+
+_cpmod=3Dngx_cache_purge
+_cpver=3D2.3.0.1
+_modsub=3D"$_modsub http-cache-purge"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_cpsrc:=3D$srcdir/$_cpmod-$=
_cpver}"
+_modsrc=3D"$_modsrc $_cpmod-$_cpver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/itoffshore/$_cpmod/archive/v$_cpver.tar=
.gz">https://github.com/itoffshore/$_cpmod/archive/v$_cpver.tar.gz</a>"
+
+_ufmod=3Dnginx-upstream-fair
+_ufver=3D0.1.1
+_modsub=3D"$_modsub http-upstream-fair"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_ufsrc:=3D$srcdir/$_ufmod-$=
_ufver}"
+_modsrc=3D"$_modsrc $_ufmod-$_ufver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/itoffshore/$_ufmod/archive/v$_ufver.tar=
.gz">https://github.com/itoffshore/$_ufmod/archive/v$_ufver.tar.gz</a>"
+
+_sgmod=3Dtengine-http-sysguard
+_sgver=3D2.2.0
+_modsub=3D"$_modsub http-sysguard"
+_modcfg=3D"$_modcfg --add-dynamic-module=3D${_sgsrc:=3D$srcdir/$_sgmod-$=
_sgver}"
+_modsrc=3D"$_modsrc $_sgmod-$_sgver.tar.gz::<a class=3D"moz-txt-link-fre=
etext" href=3D"https://github.com/itoffshore/$_sgmod/archive/v$_sgver.tar=
.gz">https://github.com/itoffshore/$_sgmod/archive/v$_sgver.tar.gz</a>
+	sysguard.patch"
+
+source=3D<a class=3D"moz-txt-link-rfc2396E" href=3D"http://nginx.org/dow=
nload/$_pkgreal-$pkgver.tar.gz+ipv6.patch+$_modsrc+">"http://nginx.org/do=
wnload/$_pkgreal-$pkgver.tar.gz
+	ipv6.patch
+	$_modsrc
+	"</a>
+
+_module_dir=3Dusr/lib/$_pkgreal
+for _module in http-geoip http-image-filter http-xslt-filter mail stream=
 $_modsub; do
+	_modvar=3D${_module//-/_}
+	[ -z "${_module##*:*}" ] &amp;&amp; eval _so_${_modvar%:*}=3D${_module#=
*:}
+	subpackages=3D"$subpackages $pkgname-mod-${_module%:*}:_module"
+done
+
+builddir=3D"$srcdir/$_pkgreal-$pkgver"
+
+build() {
+	cd "$builddir"
+
+	export LUAJIT_LIB=3D"$(pkgconf --variable=3Dlibdir luajit)"
+	export LUAJIT_INC=3D"$(pkgconf --variable=3Dincludedir luajit)"
+	./configure \
+		--prefix=3D/var/lib/$_pkgreal \
+		--sbin-path=3D/usr/sbin/$_pkgreal \
+		--modules-path=3D/$_module_dir \
+		--conf-path=3D/etc/$_pkgreal/$_pkgreal.conf \
+		--pid-path=3D/run/$_pkgreal/$_pkgreal.pid \
+		--lock-path=3D/run/$_pkgreal/$_pkgreal.lock \
+		--http-client-body-temp-path=3D/var/lib/$_pkgreal/tmp/client_body \
+		--http-proxy-temp-path=3D/var/lib/$_pkgreal/tmp/proxy \
+		--http-fastcgi-temp-path=3D/var/lib/$_pkgreal/tmp/fastcgi \
+		--http-uwsgi-temp-path=3D/var/lib/$_pkgreal/tmp/uwsgi \
+		--http-scgi-temp-path=3D/var/lib/$_pkgreal/tmp/scgi \
+		--with-perl_modules_path=3D/usr/lib/perl5/vendor_perl \
+		\
+		--user=3D$_pkgreal \
+		--group=3D$_pkgreal \
+		--with-threads \
+		--with-file-aio \
+		--with-ipv6 \
+		\
+		--with-http_ssl_module \
+		--with-http_v2_module \
+		--with-http_realip_module \
+		--with-http_addition_module \
+		--with-http_xslt_module=3Ddynamic \
+		--with-http_image_filter_module=3Ddynamic \
+		--with-http_geoip_module=3Ddynamic \
+		--with-http_sub_module \
+		--with-http_dav_module \
+		--with-http_flv_module \
+		--with-http_mp4_module \
+		--with-http_gunzip_module \
+		--with-http_gzip_static_module \
+		--with-http_auth_request_module \
+		--with-http_random_index_module \
+		--with-http_secure_link_module \
+		--with-http_slice_module \
+		--with-http_stub_status_module \
+		--with-http_perl_module=3Ddynamic \
+		--with-http_realip_module \
+		--with-mail=3Ddynamic \
+		--with-mail_ssl_module \
+		--with-stream=3Ddynamic \
+		--with-stream_ssl_module \
+		$_modcfg || return 1
+	make
+}
+
+package() {
+	depends=3D"$_pkgreal"
+	make -C "$builddir" DESTDIR=3D"$pkgdir" install || return 1
+
+	# Disable some PaX protections; this is needed for Lua module.
+	local paxflags=3D"-m"
+	[ "$CARCH" =3D "x86" ] &amp;&amp; paxflags=3D"-msp"
+	paxmark $paxflags "$pkgdir"/usr/sbin/nginx || return 1
+
+	install -Dm644 "$builddir"/LICENSE \
+		"$pkgdir"/usr/share/licenses/$_pkgreal/LICENSE || return 1
+	install -Dm644 "$builddir"/README \
+		"$pkgdir"/usr/share/doc/$_pkgreal/README || return 1
+
+	rm -rf "$pkgdir"/run "$pkgdir"/var "$pkgdir"/etc
+}
+
+doc() {
+	default_doc || return 1
+	depends=3D"$_pkgreal-doc"
+	replaces=3D"$_pkgreal-doc"
+}
+
+_module() {
+	local name=3D${subpkgname#$pkgname-mod-}
+	replaces=3D"$_pkgreal-mod-$name"
+	provides=3D"$replaces-$pkgver-r$pkgrel"
+	install_if=3D"$pkgname=3D$pkgver-r$pkgrel $replaces"
+	name=3D${name//-/_}
+	local soname=3D$(eval echo \${_so_$name:-ngx_${name}_module}.so)
+	pkgdesc=3D"$pkgdesc (module $name)"
+	depends=3D$(eval echo \${_${name}_depends:-$pkgname $replaces})
+
+	mkdir -p "$subpkgdir"/$_module_dir || return 1
+
+	mv "$pkgdir"/$_module_dir/$soname \
+		"$subpkgdir"/$_module_dir/$soname
+}
+
+
+_perl() {
+	_module || return 1
+	mv "$pkgdir"/usr/lib/perl5 "$subpkgdir"/usr/lib/
+}
+
+sha512sums=3D"b6437d8305547a834a0f3ad076ac591b90189eb922f48759094efaa961=
8e39fc249600ab13650113fe841fc9af0b736acc61a9b9baba7bacd35224c34df1bbc9  n=
ginx-1.11.10.tar.gz
+cae9f842c3d1188730d4355440476ad2338b19c027c4b329efe88d4487e90d96bf60dea6=
feb4be6a6f96d4b356fc154345e32c2bb643d70f68e428df26330a49  ipv6.patch
+558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a=
8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614  ngx_devel_kit-0=
.3.0.tar.gz
+c455bee73cebd0752449472452d15614b9587ddd199263d366484ede890c4d108eacbbea=
ef31adc9dc7732b56ef2bfc73c0fef3366366db03a8ec3fdc27a985c  echo-nginx-modu=
le-0.60.tar.gz
+ce0043ad4a2b638c5d99244d6caaa65ad142cea78884084a9aeca5a9593c68dbe508c9e4=
dd85dc5722eb63ef386612bffc48d4b6fc1487df244fbcb7a73bffe1  ngx-fancyindex-=
0.4.1.tar.gz
+e42582b45c3111de3940bbeb67ce161aca2d55adcfb00c61c12256fa0e36221d38723013=
f36edbcf6d1b520f8dfb49d4657df8a956e66d36e68425afad382bd1  headers-more-ng=
inx-module-0.32.tar.gz
+d060a13de4d01d77e6d6cd1635ecbb405330e4326b71b89341c1c128ee4182978a51d533=
55bc07c350e3c3a7df15325e3df380d9c3a98b2ff7d7efa18fa09b32  lua-nginx-modul=
e-0.10.7.tar.gz
+14af65d57325afa961bc6606f2c938acff0206914248b8ca810293113fdab859c1db9c9a=
bce9263b9da5c2371b299770682d9ec49fbf7a356da9fbfb3e15c3c7  nchan-1.1.2.tar=
.gz
+c31c46344d49704389722325a041b9cd170fa290acefe92cfc572c07f711cd3039de78f2=
8df48ca7dcb79b2e4bbe442580aaaf4d92883fd3a14bf41d66dd9d8c  nginx-upload-pr=
ogress-module-0.9.2.tar.gz
+e7c897265d1e93b06f7e46a653b113e24d2451e2112a7a6da415f130928437444a034683=
2fd9c10042397fea6120e4e44acc2bccf649ec30ca5bffbf985672e2  nginx-rtmp-modu=
le-1.1.11.tar.gz
+9e8f41a5cd1342cc9b8aa334a603842d14a256aab1f4a21205bb1278aecbb0c49e39c889=
d8113a5b41aad2efeaa2ed9f11cba6929173f50add91f54c4c59c8a0  naxsi-0.55.3.ta=
r.gz
+c49c81dbdb8bd507fccf31295e603cea8f0a964867c27eff0436dcea3b4a547c8ae2f11e=
cf49c4d82c693cf8138c17ebbed395738539d0d61254951e5f0db7e3  ngx_cache_purge=
-2.3.0.1.tar.gz
+fd305b859c868ef55171b05f64071a2836c12073bcd89d6197af4946a3d1177f77c6708d=
4d589d460c84967273dee87ca9de97ab0f0d47e6d65f86b465d70316  nginx-upstream-=
fair-0.1.1.tar.gz
+2743d9aea60bd4984b650213e571cf27e6ff5b3db708242ccb53b8fc669d1cc82ee224ba=
79aee2f6969b6e13821cfdd3df7b412541e1fdbb867ecc95326e07e1  tengine-http-sy=
sguard-2.2.0.tar.gz
+2dca2ac74fb92e330fde7b6b6120b2fd2565c377a629c9536cf77beebe41aa4b092d4229=
d5b487b0fb02be4f2cc5b897c429c87bbbbc7b0d31e1cbb94231ddce  sysguard.patch"
diff --git a/testing/nginx-naxsi/ipv6.patch b/testing/nginx-current/ipv6.=
patch
similarity index 100%
rename from testing/nginx-naxsi/ipv6.patch
rename to testing/nginx-current/ipv6.patch
diff --git a/testing/nginx-naxsi/sysguard.patch b/testing/nginx-current/s=
ysguard.patch
similarity index 100%
rename from testing/nginx-naxsi/sysguard.patch
rename to testing/nginx-current/sysguard.patch
diff --git a/testing/nginx-naxsi/APKBUILD b/testing/nginx-naxsi/APKBUILD
deleted file mode 100644
index c020427da8..0000000000
--- a/testing/nginx-naxsi/APKBUILD
+++ /dev/null
@@ -1,204 +0,0 @@
-# Maintainer: Stuart Cardall <a class=3D"moz-txt-link-rfc2396E" href=3D"=
mailto:developer@it-offshore.co.uk">&lt;developer@it-offshore.co.uk&gt;</=
a>
-# Contributor: Cameron Banta <a class=3D"moz-txt-link-rfc2396E" href=3D"=
mailto:cbanta@gmail.com">&lt;cbanta@gmail.com&gt;</a>
-# Contributor: Jeff Bilyk <a class=3D"moz-txt-link-rfc2396E" href=3D"mai=
lto:jbilyk@gmail.com">&lt;jbilyk@gmail.com&gt;</a>
-# Contributor: Bart=C5=82omiej Piotrowski <a class=3D"moz-txt-link-rfc23=
96E" href=3D"mailto:nospam@bpiotrowski.pl">&lt;nospam@bpiotrowski.pl&gt;<=
/a>
-
-pkgname=3Dnginx-naxsi
-_pkgname=3Dnginx
-pkgver=3D1.11.9
-pkgrel=3D0
-pkgdesc=3D"Lightweight HTTP and reverse proxy server with Naxsi WAF supp=
ort, see also 'nxapi'"
-url=3D<a class=3D"moz-txt-link-rfc2396E" href=3D"http://www.nginx.org|ht=
tps://github.com/nbs-system/naxsi">"http://www.nginx.org | https://github=
.com/nbs-system/naxsi"</a>
-arch=3D"all"
-license=3D"custom"
-
-# Modules
-_ngx_naxsi_name=3Dnaxsi
-_ngx_naxsi_ver=3D0.55.1
-_ngx_naxsi_dir=3D"$srcdir/$_ngx_naxsi_name-$_ngx_naxsi_ver/naxsi_src"
-
-_ngx_cache_purge_name=3Dngx_cache_purge
-_ngx_cache_purge_ver=3D2.3.0.1
-_ngx_cache_purge_dir=3D"$srcdir/$_ngx_cache_purge_name-$_ngx_cache_purge=
_ver"
-
-_ngx_upstream_fair_name=3Dnginx-upstream-fair
-_ngx_upstream_fair_ver=3D0.1.1
-_ngx_upstream_fair_dir=3D"$srcdir/$_ngx_upstream_fair_name-$_ngx_upstrea=
m_fair_ver"
-
-_ngx_http_sysguard_name=3Dtengine-http-sysguard
-_ngx_http_sysguard_ver=3D2.2.0
-_ngx_http_sysguard_dir=3D"$srcdir/$_ngx_http_sysguard_name-$_ngx_http_sy=
sguard_ver"
-
-depends=3D"!nginx"
-makedepends=3D"linux-headers gd-dev geoip-dev libxml2-dev libxslt-dev li=
bressl-dev
-	pcre-dev perl-dev pkgconf zlib-dev"
-pkgusers=3D"nginx"
-_grp_ngx=3D"nginx"
-_grp_www=3D"www-data"
-pkggroups=3D"$_grp_ngx $_grp_www"
-install=3D"$pkgname.pre-install $pkgname.pre-upgrade"
-subpackages=3D"$pkgname-doc"
-source=3D<a class=3D"moz-txt-link-rfc2396E" href=3D"http://nginx.org/dow=
nload/$_pkgname-$pkgver.tar.gz-naxsi-$_ngx_naxsi_ver.tar.gz::https://gith=
ub.com/nbs-system/$_ngx_naxsi_name/archive/$_ngx_naxsi_ver.tar.gz-ngx_cac=
he_purge-$_ngx_cache_purge_ver.tar.gz::https://github.com/itoffshore/$_ng=
x_cache_purge_name/archive/v$_ngx_cache_purge_ver.tar.gz-upstream-fair-$_=
ngx_upstream_fair_ver.tar.gz::https://github.com/itoffshore/$_ngx_upstrea=
m_fair_name/archive/v$_ngx_upstream_fair_ver.tar.gz-sysguard-$_ngx_http_s=
ysguard_ver.tar.gz::https://github.com/itoffshore/$_ngx_http_sysguard_nam=
e/archive/v$_ngx_http_sysguard_ver.tar.gz--anonymise.patch-ipv6.patch-sys=
guard.patch--nginx.initd-nginx.logrotate-">"http://nginx.org/download/$_p=
kgname-$pkgver.tar.gz
-	naxsi-$_ngx_naxsi_ver.tar.gz::https://github.com/nbs-system/$_ngx_naxsi=
_name/archive/$_ngx_naxsi_ver.tar.gz
-	ngx_cache_purge-$_ngx_cache_purge_ver.tar.gz::https://github.com/itoffs=
hore/$_ngx_cache_purge_name/archive/v$_ngx_cache_purge_ver.tar.gz
-	upstream-fair-$_ngx_upstream_fair_ver.tar.gz::https://github.com/itoffs=
hore/$_ngx_upstream_fair_name/archive/v$_ngx_upstream_fair_ver.tar.gz
-	sysguard-$_ngx_http_sysguard_ver.tar.gz::https://github.com/itoffshore/=
$_ngx_http_sysguard_name/archive/v$_ngx_http_sysguard_ver.tar.gz
-
-	anonymise.patch
-	ipv6.patch
-	sysguard.patch
-
-	nginx.initd
-	nginx.logrotate
-	"</a>
-builddir=3D"$srcdir"/$_pkgname-$pkgver
-
-_modules_dir=3D"usr/lib/nginx/modules"
-_modules=3D"
-	http-geoip
-	http-image-filter
-	http-perl
-	http-xslt-filter
-	mail
-	stream
-	http-naxsi
-	http-cache-purge
-	http-upstream-fair
-	http-sysguard
-	"
-
-for _m in $_modules; do
-	subpackages=3D"$subpackages $pkgname-mod-$_m:_module"
-done
-
-
-build() {
-	cd "$builddir"
-	./configure \
-		--prefix=3D/var/lib/$_pkgname \
-		--sbin-path=3D/usr/sbin/$_pkgname \
-		--modules-path=3D/$_modules_dir \
-		--conf-path=3D/etc/$_pkgname/$_pkgname.conf \
-		--pid-path=3D/run/$_pkgname/$_pkgname.pid \
-		--lock-path=3D/run/$_pkgname/$_pkgname.lock \
-		--error-log-path=3D/var/log/$_pkgname/error.log \
-		--http-log-path=3D/var/log/$_pkgname/access.log \
-		--http-client-body-temp-path=3D/var/lib/$_pkgname/tmp/client_body \
-		--http-proxy-temp-path=3D/var/lib/$_pkgname/tmp/proxy \
-		--http-fastcgi-temp-path=3D/var/lib/$_pkgname/tmp/fastcgi \
-		--with-perl_modules_path=3D/usr/lib/perl5/vendor_perl \
-		\
-		--user=3D$pkgusers \
-		--group=3D$_grp_ngx \
-		--with-threads \
-		--with-file-aio \
-		--without-http_uwsgi_module \
-		--without-http_scgi_module \
-		\
-		--with-http_ssl_module \
-		--with-http_v2_module \
-		--with-http_realip_module \
-		--with-http_addition_module \
-		--with-http_sub_module \
-		--with-http_dav_module \
-		--with-http_flv_module \
-		--with-http_mp4_module \
-		--with-http_gunzip_module \
-		--with-http_gzip_static_module \
-		--with-http_auth_request_module \
-		--with-http_random_index_module \
-		--with-http_secure_link_module \
-		--with-http_slice_module \
-		--with-http_stub_status_module \
-		--with-http_realip_module \
-		--with-http_xslt_module=3Ddynamic \
-		--with-http_image_filter_module=3Ddynamic \
-		--with-http_geoip_module=3Ddynamic \
-		--with-http_perl_module=3Ddynamic \
-		--with-mail=3Ddynamic \
-		--with-mail_ssl_module \
-		--with-stream=3Ddynamic \
-		--with-stream_ssl_module \
-		\
-		--add-dynamic-module=3D"$_ngx_naxsi_dir" \
-		--add-dynamic-module=3D"$_ngx_cache_purge_dir" \
-		--add-dynamic-module=3D"$_ngx_upstream_fair_dir" \
-		--add-dynamic-module=3D"$_ngx_http_sysguard_dir" \
-		|| return 1
-	make || return 1
-}
-
-package() {
-	cd "$builddir"
-
-	make DESTDIR=3D"$pkgdir" install
-
-	install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
-	install -Dm644 README "$pkgdir"/usr/share/doc/$pkgname/README
-
-	cd "$pkgdir"
-
-	install -Dm644 "$srcdir"/nginx.conf ./etc/$_pkgname/nginx.conf
-	install -Dm644 "$srcdir"/default.conf ./etc/$_pkgname/conf.d/default.co=
nf
-	install -m755 -D "$srcdir"/$_pkgname.initd ./etc/init.d/$_pkgname
-	install -m644 -D "$srcdir"/$_pkgname.logrotate ./etc/logrotate.d/$_pkgn=
ame
-	install -m644 -D "$srcdir"/naxsi-$_ngx_naxsi_ver/naxsi_config/naxsi_cor=
e.rules ./etc/nginx/naxsi_core.rules
-
-	install -dm755 ./etc/$_pkgname/modules
-	install -dm750 -o $pkgusers -g $_grp_ngx ./var/lib/$_pkgname
-	install -dm700 -o $pkgusers -g $_grp_ngx ./var/lib/$_pkgname/tmp
-
-	ln -sf /$_modules_dir ./var/lib/$_pkgname/modules
-	ln -sf /var/log/$_pkgname ./var/lib/$_pkgname/logs
-	ln -sf /run/$_pkgname ./var/lib/$_pkgname/run
-
-	rm -rf ./run ./etc/$_pkgname/*.default
-}
-
-_module() {
-	local name=3D"${subpkgname#$pkgname-mod-}"
-	name=3D"${name//-/_}"
-	soname=3D"ngx_${name}_module.so"
-
-	pkgdesc=3D"$pkgdesc (module $name)"
-	depends=3D"!nginx-mod-$name"
-	provides=3D"$name"
-
-	mkdir -p "$subpkgdir"/$_modules_dir
-	cd "$subpkgdir"
-
-	mv "$pkgdir"/$_modules_dir/$soname ./$_modules_dir/$soname || return 1
-	mkdir -p "$subpkgdir"/etc/nginx/modules
-	echo "load_module \"modules/$soname\";" &gt; ./etc/nginx/modules/$name.=
conf
-}
-
-md5sums=3D"7aeca793819c2b8df134c0b1cfe98361  nginx-1.11.9.tar.gz
-b894ea5327a3d102a56aeddb79d2e047  naxsi-0.55.1.tar.gz
-dedef1e47a26500993a88c96112d5d0f  ngx_cache_purge-2.3.0.1.tar.gz
-233861df4dc0872f727fc4c7e5c72dca  upstream-fair-0.1.1.tar.gz
-3a72f075bb114f1a97976c088a81c7f7  sysguard-2.2.0.tar.gz
-31d29937da95b31714faa399aeb07407  anonymise.patch
-f478d8391dafa32a8b0b3a9f21d7a080  ipv6.patch
-50357b75049d878c0bcce10d0c60f9ed  sysguard.patch
-2e56b3f21f19aecc5500c9efc9222782  nginx.initd
-8823274a834332d3db4f62bf7dd1fb7d  nginx.logrotate"
-sha256sums=3D"dc22b71f16b551705930544dc042f1ad1af2f9715f565187ec22c7a4b2=
625748  nginx-1.11.9.tar.gz
-45dd0df7a6b0b6aa9c64eb8c39a8e294d659d87fb18e192cf58f1402f3cdb0a8  naxsi-=
0.55.1.tar.gz
-5da9360cd805a432ea7a08832ec3dd3a5d9f1574f71b3acdd53210610aee94e5  ngx_ca=
che_purge-2.3.0.1.tar.gz
-e8aec578f03259c6f457575360f70d57aea385a1864562b0ba6e57d6a75d52c7  upstre=
am-fair-0.1.1.tar.gz
-6051eb52361d602011b4c7e88b63384bcc8ebc4b004bd4b12eec3e5dce953f1d  sysgua=
rd-2.2.0.tar.gz
-28adf3605875197d5822fa382f5fd3c9c80f7d3a561e904fee223fa051f98810  anonym=
ise.patch
-4a1a24a92657432012f08c52e8099c7abae390c9c4cb76483cacd012e26a57ac  ipv6.p=
atch
-18090329435c32d91621a5943acc5b8bbe89aaa3c2fa334c3a4cdeb00efb6226  sysgua=
rd.patch
-decb084e29b584fb54b57a199f5a480dd77a4c1b3ef3da515c2eb76bd32172c5  nginx.=
initd
-cea0c6f8de55a4c3a3eccc57910de1c3116634082c8e5b660630fb927a29f38d  nginx.=
logrotate"
-sha512sums=3D"95247d5db3e23a0ea22686cc3fe4295f8854948a6f168a783082fdbb2a=
cbecdad61cd9c8cadd84c1f74c1e87becdca8d6664622ff9cebc72687f20b29cc09fd0  n=
ginx-1.11.9.tar.gz
-aebda20e5b78e9111b7bac1e15829258e6b85b80e4ce333e4dba8caead36287b3f0fcb45=
3c51d7c59f07d637fa62f5c6b23aecd3bf6a3c3da4abebf1a6689f14  naxsi-0.55.1.ta=
r.gz
-c49c81dbdb8bd507fccf31295e603cea8f0a964867c27eff0436dcea3b4a547c8ae2f11e=
cf49c4d82c693cf8138c17ebbed395738539d0d61254951e5f0db7e3  ngx_cache_purge=
-2.3.0.1.tar.gz
-fd305b859c868ef55171b05f64071a2836c12073bcd89d6197af4946a3d1177f77c6708d=
4d589d460c84967273dee87ca9de97ab0f0d47e6d65f86b465d70316  upstream-fair-0=
.1.1.tar.gz
-2743d9aea60bd4984b650213e571cf27e6ff5b3db708242ccb53b8fc669d1cc82ee224ba=
79aee2f6969b6e13821cfdd3df7b412541e1fdbb867ecc95326e07e1  sysguard-2.2.0.=
tar.gz
-f8e46dafcf553edd35699dc2a47a54756e0a4c690fc13f81436ad9db1026739ba331ad99=
d3d05d8a7c089a5c067bf45f4aca3a98fdd9483b7b0123a837e695be  anonymise.patch
-cae9f842c3d1188730d4355440476ad2338b19c027c4b329efe88d4487e90d96bf60dea6=
feb4be6a6f96d4b356fc154345e32c2bb643d70f68e428df26330a49  ipv6.patch
-2dca2ac74fb92e330fde7b6b6120b2fd2565c377a629c9536cf77beebe41aa4b092d4229=
d5b487b0fb02be4f2cc5b897c429c87bbbbc7b0d31e1cbb94231ddce  sysguard.patch
-6c27d605536a31159b65776098926ede0b5045210b190e803681a10c06a10556283d873e=
772fd635642b18846549ec3a18989ca9fe6466f120ce9e1327dcacd5  nginx.initd
-01b77cff16f6e8bfd7fa1d4d20f625bbcddd08f0509173452d060c342c93dc315a7b0560=
f4734323a5d29ea294de0491f2e3f32e5337574e1a28ebc005eceea8  nginx.logrotate=
"
diff --git a/testing/nginx-naxsi/anonymise.patch b/testing/nginx-naxsi/an=
onymise.patch
deleted file mode 100644
index 17bca99b51..0000000000
--- a/testing/nginx-naxsi/anonymise.patch
+++ /dev/null
@@ -1,76 +0,0 @@
---- nginx-1.6.1/src/http/ngx_http_header_filter_module.c
-+++ nginx-1.6.1/src/http/ngx_http_header_filter_module.c
-@@ -46,8 +46,8 @@
- };
-=20
-=20
--static char ngx_http_server_string[] =3D "Server: nginx" CRLF;
--static char ngx_http_server_full_string[] =3D "Server: " NGINX_VER CRLF=
;
-+static char ngx_http_server_string[] =3D "";
-+static char ngx_http_server_full_string[] =3D "";
-=20
-=20
- static ngx_str_t ngx_http_status_lines[] =3D {
-@@ -278,8 +278,8 @@
-     clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module);
-=20
-     if (r-&gt;headers_out.server =3D=3D NULL) {
--        len +=3D clcf-&gt;server_tokens ? sizeof(ngx_http_server_full_s=
tring) - 1:
--                                     sizeof(ngx_http_server_string) - 1=
;
-+        len +=3D clcf-&gt;server_tokens ? sizeof(ngx_http_server_full_s=
tring) - 0:
-+                                     sizeof(ngx_http_server_string) - 0=
;
-     }
-=20
-     if (r-&gt;headers_out.date =3D=3D NULL) {
---- nginx-1.6.1/src/http/ngx_http_special_response.c
-+++ nginx-1.6.1/src/http/ngx_http_special_response.c
-@@ -19,14 +19,14 @@
-=20
-=20
- static u_char ngx_http_error_full_tail[] =3D
--"&lt;hr&gt;&lt;center&gt;" NGINX_VER "&lt;/center&gt;" CRLF
-+"&lt;hr&gt;&lt;center&gt;127.0.0.1&lt;/center&gt;" CRLF
- "&lt;/body&gt;" CRLF
- "&lt;/html&gt;" CRLF
- ;
-=20
-=20
- static u_char ngx_http_error_tail[] =3D
--"&lt;hr&gt;&lt;center&gt;nginx&lt;/center&gt;" CRLF
-+"&lt;hr&gt;&lt;center&gt;localhost&lt;/center&gt;" CRLF
- "&lt;/body&gt;" CRLF
- "&lt;/html&gt;" CRLF
- ;
---- nginx-1.9.12/src/http/v2/ngx_http_v2_filter_module.c
-+++ nginx-1.9.12/src/http/v2/ngx_http_v2_filter_module.c.new
-@@ -229,9 +229,9 @@
-=20
-     clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module);
-=20
--    if (r-&gt;headers_out.server =3D=3D NULL) {
-+/*  if (r-&gt;headers_out.server =3D=3D NULL) {
-         len +=3D 1 + (clcf-&gt;server_tokens ? nginx_ver_len : sizeof(n=
ginx));
--    }
-+    } */
-=20
-     if (r-&gt;headers_out.date =3D=3D NULL) {
-         len +=3D 1 + ngx_http_v2_literal_size("Wed, 31 Dec 1986 18:00:0=
0 GMT");
-@@ -434,7 +434,7 @@
-         pos =3D ngx_sprintf(pos, "%03ui", r-&gt;headers_out.status);
-     }
-=20
--    if (r-&gt;headers_out.server =3D=3D NULL) {
-+/*  if (r-&gt;headers_out.server =3D=3D NULL) {
-         ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc-&gt;log, 0,
-                        "http2 output header: \"server: %s\"",
-                        clcf-&gt;server_tokens ? NGINX_VER : "nginx");
-@@ -453,7 +453,7 @@
-         } else {
-             pos =3D ngx_cpymem(pos, nginx, sizeof(nginx));
-         }
--    }
-+    } */
-=20
-     if (r-&gt;headers_out.date =3D=3D NULL) {
-         ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc-&gt;log, 0,
-
diff --git a/testing/nginx-naxsi/default.conf b/testing/nginx-naxsi/defau=
lt.conf
deleted file mode 100644
index 9ae25d8fca..0000000000
--- a/testing/nginx-naxsi/default.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-# This is a default site configuration which will simply return 404, pre=
venting
-# chance access to any other virtualhost.
-
-server {
-	listen 80 default_server;
-	listen [::]:80 default_server;
-
-	# Everything is a 404
-	location / {
-		return 404;
-	}
-
-	# You may need this to prevent return 404 recursion.
-	location =3D /404.html {
-		internal;
-	}
-}
-
diff --git a/testing/nginx-naxsi/nginx-naxsi.pre-install b/testing/nginx-=
naxsi/nginx-naxsi.pre-install
deleted file mode 100644
index 8512f43dda..0000000000
--- a/testing/nginx-naxsi/nginx-naxsi.pre-install
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-
-addgroup -S -g 82 www-data 2&gt;/dev/null
-addgroup -S nginx 2&gt;/dev/null
-adduser -S -D -H -h /var/www/localhost/htdocs -s /sbin/nologin -G nginx =
\
-	-g nginx nginx 2&gt;/dev/null
-addgroup nginx www-data 2&gt;/dev/null
-
-exit 0
diff --git a/testing/nginx-naxsi/nginx-naxsi.pre-upgrade b/testing/nginx-=
naxsi/nginx-naxsi.pre-upgrade
deleted file mode 120000
index 364e0b943c..0000000000
--- a/testing/nginx-naxsi/nginx-naxsi.pre-upgrade
+++ /dev/null
@@ -1 +0,0 @@
-nginx-naxsi.pre-install
\ No newline at end of file
diff --git a/testing/nginx-naxsi/nginx.conf b/testing/nginx-naxsi/nginx.c=
onf
deleted file mode 100644
index c637b92e32..0000000000
--- a/testing/nginx-naxsi/nginx.conf
+++ /dev/null
@@ -1,92 +0,0 @@
-# /etc/nginx/nginx.conf
-
-user nginx;
-
-# Set number of worker processes automatically based on number of CPU co=
res.
-worker_processes auto;
-
-# Enables the use of JIT for regular expressions to speed-up their proce=
ssing.
-pcre_jit on;
-
-# Configures default error logger.
-error_log /var/log/nginx/error.log warn;
-
-# Includes files with directives to load dynamic modules.
-include /etc/nginx/modules/*.conf;
-
-
-events {
-	# The maximum number of simultaneous connections that can be opened by
-	# a worker process.
-	worker_connections 1024;
-}
-
-http {
-	# Includes mapping of file name extensions to MIME types of responses
-	# and defines the default type.
-	include /etc/nginx/mime.types;
-	default_type application/octet-stream;
-
-	# Name servers used to resolve names of upstream servers into addresses=
.
-	# It's also needed when using tcpsocket and udpsocket in Lua modules.
-	#resolver 208.67.222.222 208.67.220.220;
-
-	# Don't tell nginx version to clients.
-	server_tokens off;
-
-	# Specifies the maximum accepted body size of a client request, as
-	# indicated by the request header Content-Length. If the stated content
-	# length is greater than this size, then the client receives the HTTP
-	# error code 413. Set to 0 to disable.
-	client_max_body_size 1m;
-
-	# Timeout for keep-alive connections. Server will close connections aft=
er
-	# this time.
-	keepalive_timeout 65;
-
-	# Sendfile copies data between one FD and other from within the kernel,
-	# which is more efficient than read() + write().
-	sendfile on;
-
-	# Don't buffer data-sends (disable Nagle algorithm).
-	# Good for sending frequent small bursts of data in real time.
-	tcp_nodelay on;
-
-	# Causes nginx to attempt to send its HTTP response head in one packet,
-	# instead of using partial frames.
-	#tcp_nopush on;
-
-
-	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
-	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
-
-	# Specifies that our cipher suits should be preferred over client ciphe=
rs.
-	ssl_prefer_server_ciphers on;
-
-	# Enables a shared SSL cache with size that can hold around 8000 sessio=
ns.
-	ssl_session_cache shared:SSL:2m;
-
-
-	# Enable gzipping of responses.
-	#gzip on;
-
-	# Set the Vary HTTP header as defined in the RFC 2616.
-	gzip_vary on;
-
-	# Enable checking the existence of precompressed files.
-	#gzip_static on;
-
-
-	# Specifies the main log format.
-	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-			'$status $body_bytes_sent "$http_referer" '
-			'"$http_user_agent" "$http_x_forwarded_for"';
-
-	# Sets the path, format, and configuration for a buffered log write.
-	access_log /var/log/nginx/access.log main;
-
-
-	# Includes virtual hosts configs.
-	include /etc/nginx/conf.d/*.conf;
-}
-
diff --git a/testing/nginx-naxsi/nginx.initd b/testing/nginx-naxsi/nginx.=
initd
deleted file mode 100644
index 9e51e7dfa3..0000000000
--- a/testing/nginx-naxsi/nginx.initd
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/sbin/openrc-run
-
-description=3D"Nginx http and reverse proxy server"
-extra_started_commands=3D"reload reopen upgrade"
-
-cfgfile=3D${cfgfile:-/etc/nginx/nginx.conf}
-pidfile=3D/run/nginx/nginx.pid
-command=3D/usr/sbin/nginx
-command_args=3D"-c $cfgfile"
-required_files=3D"$cfgfile"
-
-depend() {
-	need net
-	use dns logger netmount
-}
-
-start_pre() {
-	ebegin
-	checkpath --directory --owner nginx:nginx ${pidfile%/*}
-	$command $command_args -t -q
-	eend $?
-}
-
-reload() {
-	ebegin "Reloading ${SVCNAME} configuration"
-	start_pre &amp;&amp; start-stop-daemon --signal HUP --pidfile $pidfile
-	eend $?
-}
-
-reopen() {
-	ebegin "Reopening ${SVCNAME} log files"
-	start-stop-daemon --signal USR1 --pidfile $pidfile
-	eend $?
-}
-
-upgrade() {
-	start_pre || return 1
-
-	ebegin "Upgrading ${SVCNAME} binary"
-
-	einfo "Sending USR2 to old binary"
-	start-stop-daemon --signal USR2 --pidfile $pidfile
-
-	einfo "Sleeping 3 seconds before pid-files checking"
-	sleep 3
-
-	if [ ! -f $pidfile.oldbin ]; then
-		eerror "File with old pid ($pidfile.oldbin) not found"
-		return 1
-	fi
-
-	if [ ! -f $pidfile ]; then
-		eerror "New binary failed to start"
-		return 1
-	fi
-
-	einfo "Sleeping 3 seconds before WINCH"
-	sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin
-
-	einfo "Sending QUIT to old binary"
-	start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin
-
-	einfo "Upgrade completed"
-
-	eend $? "Upgrade failed"
-}
-
diff --git a/testing/nginx-naxsi/nginx.logrotate b/testing/nginx-naxsi/ng=
inx.logrotate
deleted file mode 100644
index 7778b1108b..0000000000
--- a/testing/nginx-naxsi/nginx.logrotate
+++ /dev/null
@@ -1,12 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.logrota=
te,v 1.1 2010/01/03 20:29:40 djc Exp $
-
-/var/log/nginx/*.log {
-	missingok
-	sharedscripts
-	postrotate
-		kill -USR1 `cat /var/run/nginx.pid`
-	endscript
-}
-
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------804F65FA9030BE2A1C4FC645--


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---