Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release prebuilt package in apt repository #4

Open
FinalDes opened this issue Apr 24, 2020 · 6 comments
Open

release prebuilt package in apt repository #4

FinalDes opened this issue Apr 24, 2020 · 6 comments

Comments

@FinalDes
Copy link

release prebuilt package in apt repository
@eilandert
Copy link

eilandert commented Jun 20, 2020
edited
Loading

I added this module in my own stack on http://deb.paranoid.nl/pages/nginx.html

@dvershinin
Copy link
Contributor

Hi @eilandert ,

Thank you for that. A bit an off-topic question, but have you seen any issue when you don't place the ModSecurity module's load_module as last in the configuration?

Asking because I see you added that note also, and I can't seem to reproduce #1 with the recent ModSecurity, and then it would be good to get rid of that note about having to load it last.

@eilandert
Copy link

Hi @dvershinin,

I haven't seen interactions with your module, but have in the past with other security modules. So when I checked your module it seemed only logical to add that note ;-)

@jamesmacwhite
Copy link
Contributor

@dvershinin Just out of interest as this has been an open issue for a bit of time, is an apt repository something you would consider? I appreciate you seem to work with rpm based Linux distributions i.e. Redhat, CentOS, Fedora etc, but for those running Debian based distro's i.e. Ubuntu Server, an apt repository is certainly going to be useful to install as a package, much like the nginx extras package.

Compiling modules is fun and all, but maintaining and keep such updated is more painful. Less so when your NGINX version is fairly stable on the LTS branch, more of a problem when you have NGINX update more frequently or indeed the module itself.

@dvershinin
Copy link
Contributor

@jamesmacwhite apt repository is something planned, for sure. It is simply that existing RHEL RPM builds provided an easier way to expand to more RPM-based systems.

Now that the Fedora packages system is complete, the RPM repository covers most of the RPM userbase. So it is a good time to start with the deb packaging effort, which has a furthermore larger userbase...

The question is, whether to base the deb releases from nginx.org's packaging or nginx-extras, etc. of Ubuntu's own packaging efforts:

  • If the module's deb package/repository targets nginx.org packaging conventions, it can be used without problems if nginx itself was installed from nginx.org repo;
  • if it targets/is based on Ubuntu's own nginx packaging for nginx and modules, it will be incompatible with users of nginx.org repositories...

@jamesmacwhite
Copy link
Contributor

That's good that it's potentially planned.

I prefer to not add loads of PPAs and repos unless necessary, I have installed nginx from Ubuntu's standard repos which is currently nginx 1.18 on 20.04.4 LTS, so a little behind, but LTS favouring more stable and longer term support anyway.

I understand the dilemma though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dvershinin @FinalDes @eilandert @jamesmacwhite