ngx_security_headers icon indicating copy to clipboard operation
ngx_security_headers copied to clipboard

Published 20 hours ago verified publisher icon GetPageSpeed

release prebuilt package in apt repository

Open FinalDes opened this issue 5 years ago • 6 comments
trafficstars

release prebuilt package in apt repository

FinalDes avatar Apr 24 '20 18:04 FinalDes

I added this module in my own stack on http://deb.paranoid.nl/pages/nginx.html

eilandert avatar Jun 20 '20 19:06 eilandert

Hi @eilandert ,

Thank you for that. A bit an off-topic question, but have you seen any issue when you don't place the ModSecurity module's load_module as last in the configuration?

Asking because I see you added that note also, and I can't seem to reproduce #1 with the recent ModSecurity, and then it would be good to get rid of that note about having to load it last.

dvershinin avatar Jun 20 '20 20:06 dvershinin

Hi @dvershinin,

I haven't seen interactions with your module, but have in the past with other security modules. So when I checked your module it seemed only logical to add that note ;-)

eilandert avatar Jun 20 '20 20:06 eilandert

@dvershinin Just out of interest as this has been an open issue for a bit of time, is an apt repository something you would consider? I appreciate you seem to work with rpm based Linux distributions i.e. Redhat, CentOS, Fedora etc, but for those running Debian based distro's i.e. Ubuntu Server, an apt repository is certainly going to be useful to install as a package, much like the nginx extras package.

Compiling modules is fun and all, but maintaining and keep such updated is more painful. Less so when your NGINX version is fairly stable on the LTS branch, more of a problem when you have NGINX update more frequently or indeed the module itself.

jamesmacwhite avatar Mar 18 '22 17:03 jamesmacwhite

@jamesmacwhite apt repository is something planned, for sure. It is simply that existing RHEL RPM builds provided an easier way to expand to more RPM-based systems.

Now that the Fedora packages system is complete, the RPM repository covers most of the RPM userbase. So it is a good time to start with the deb packaging effort, which has a furthermore larger userbase...

The question is, whether to base the deb releases from nginx.org's packaging or nginx-extras, etc. of Ubuntu's own packaging efforts:

  • If the module's deb package/repository targets nginx.org packaging conventions, it can be used without problems if nginx itself was installed from nginx.org repo;
  • if it targets/is based on Ubuntu's own nginx packaging for nginx and modules, it will be incompatible with users of nginx.org repositories...

dvershinin avatar Mar 19 '22 12:03 dvershinin

That's good that it's potentially planned.

I prefer to not add loads of PPAs and repos unless necessary, I have installed nginx from Ubuntu's standard repos which is currently nginx 1.18 on 20.04.4 LTS, so a little behind, but LTS favouring more stable and longer term support anyway.

I understand the dilemma though.

jamesmacwhite avatar Mar 19 '22 12:03 jamesmacwhite