Date: Monday, March 27, 2017 @ 10:47:28 Author: bpiotrowski Revision: 291721
archrelease: copy trunk to community-testing-i686, community-testing-x86_64 Added: nginx/repos/community-testing-i686/ nginx/repos/community-testing-i686/PKGBUILD (from rev 291720, nginx/trunk/PKGBUILD) nginx/repos/community-testing-i686/logrotate (from rev 291720, nginx/trunk/logrotate) nginx/repos/community-testing-i686/nginx.install (from rev 291720, nginx/trunk/nginx.install) nginx/repos/community-testing-i686/service (from rev 291720, nginx/trunk/service) nginx/repos/community-testing-x86_64/ nginx/repos/community-testing-x86_64/PKGBUILD (from rev 291720, nginx/trunk/PKGBUILD) nginx/repos/community-testing-x86_64/logrotate (from rev 291720, nginx/trunk/logrotate) nginx/repos/community-testing-x86_64/nginx.install (from rev 291720, nginx/trunk/nginx.install) nginx/repos/community-testing-x86_64/service (from rev 291720, nginx/trunk/service) ----------------------------------------+ community-testing-i686/PKGBUILD | 126 +++++++++++++++++++++++++++++++ community-testing-i686/logrotate | 10 ++ community-testing-i686/nginx.install | 27 ++++++ community-testing-i686/service | 17 ++++ community-testing-x86_64/PKGBUILD | 126 +++++++++++++++++++++++++++++++ community-testing-x86_64/logrotate | 10 ++ community-testing-x86_64/nginx.install | 27 ++++++ community-testing-x86_64/service | 17 ++++ 8 files changed, 360 insertions(+) Copied: nginx/repos/community-testing-i686/PKGBUILD (from rev 291720, nginx/trunk/PKGBUILD) =================================================================== --- community-testing-i686/PKGBUILD (rev 0) +++ community-testing-i686/PKGBUILD 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,126 @@ +# $Id$ +# Maintainer: Bartłomiej Piotrowski <bpiotrow...@archlinux.org> +# Maintainer: Sébastien Luttringer +# Contributor: Sergej Pupykin <pupykin.s+a...@gmail.com> +# Contributor: Miroslaw Szot <m...@czlug.icis.pcz.pl> +# Contributor: Daniel Micay <danielmi...@gmail.com> + +pkgname=nginx +pkgver=1.10.3 +pkgrel=5 +pkgdesc='Lightweight HTTP server and IMAP/POP3 proxy server' +arch=('i686' 'x86_64') +url='https://nginx.org' +license=('custom') +depends=('pcre' 'zlib' 'openssl' 'geoip') +makedepends=('hardening-wrapper') +backup=('etc/nginx/fastcgi.conf' + 'etc/nginx/fastcgi_params' + 'etc/nginx/koi-win' + 'etc/nginx/koi-utf' + 'etc/nginx/mime.types' + 'etc/nginx/nginx.conf' + 'etc/nginx/scgi_params' + 'etc/nginx/uwsgi_params' + 'etc/nginx/win-utf' + 'etc/logrotate.d/nginx') +install=nginx.install +source=($url/download/nginx-$pkgver.tar.gz{,.asc} + service + logrotate) +validpgpkeys=('B0F4253373F8F6F510D42178520A9993A1C052F8') # Maxim Dounin <mdou...@mdounin.ru> +md5sums=('204a20cb4f0b0c9db746c630d89ff4ea' + 'SKIP' + '09862c34cd9593bc40da81f88c5fc4b2' + '6a01fb17af86f03707c8ae60f98a2dc2') + +_common_flags=( + --with-pcre-jit + --with-file-aio + --with-http_addition_module + --with-http_auth_request_module + --with-http_dav_module + --with-http_degradation_module + --with-http_flv_module + --with-http_geoip_module + --with-http_gunzip_module + --with-http_gzip_static_module + --with-http_mp4_module + --with-http_realip_module + --with-http_secure_link_module + --with-http_slice_module + --with-http_ssl_module + --with-http_stub_status_module + --with-http_sub_module + --with-http_v2_module + --with-mail + --with-mail_ssl_module + --with-stream + --with-stream_ssl_module + --with-threads +) + +_stable_flags=( + --with-ipv6 +) + +build() { + cd $pkgname-$pkgver + + ./configure \ + --prefix=/etc/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --sbin-path=/usr/bin/nginx \ + --pid-path=/run/nginx.pid \ + --lock-path=/run/lock/nginx.lock \ + --user=http \ + --group=http \ + --http-log-path=/var/log/nginx/access.log \ + --error-log-path=stderr \ + --http-client-body-temp-path=/var/lib/nginx/client-body \ + --http-proxy-temp-path=/var/lib/nginx/proxy \ + --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ + --http-scgi-temp-path=/var/lib/nginx/scgi \ + --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ + ${_common_flags[@]} \ + ${_stable_flags[@]} + + make +} + +package() { + cd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + + sed -e 's|\<user\s\+\w\+;|user html;|g' \ + -e '44s|html|/usr/share/nginx/html|' \ + -e '54s|html|/usr/share/nginx/html|' \ + -i "$pkgdir"/etc/nginx/nginx.conf + + rm "$pkgdir"/etc/nginx/*.default + + install -d "$pkgdir"/var/lib/nginx + install -dm700 "$pkgdir"/var/lib/nginx/proxy + + chmod 755 "$pkgdir"/var/log/nginx + chown root:root "$pkgdir"/var/log/nginx + + install -d "$pkgdir"/usr/share/nginx + mv "$pkgdir"/etc/nginx/html/ "$pkgdir"/usr/share/nginx + + install -Dm644 ../logrotate "$pkgdir"/etc/logrotate.d/nginx + install -Dm644 ../service "$pkgdir"/usr/lib/systemd/system/nginx.service + install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE + + rmdir "$pkgdir"/run + + install -d "$pkgdir"/usr/share/man/man8/ + gzip -9c man/nginx.8 > "$pkgdir"/usr/share/man/man8/nginx.8.gz + + for i in ftdetect indent syntax; do + install -Dm644 contrib/vim/${i}/nginx.vim \ + "${pkgdir}/usr/share/vim/vimfiles/${i}/nginx.vim" + done +} + +# vim:set ts=2 sw=2 et: Copied: nginx/repos/community-testing-i686/logrotate (from rev 291720, nginx/trunk/logrotate) =================================================================== --- community-testing-i686/logrotate (rev 0) +++ community-testing-i686/logrotate 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,10 @@ +/var/log/nginx/*log { + missingok + notifempty + create 640 http log + sharedscripts + compress + postrotate + test ! -r /run/nginx.pid || kill -USR1 `cat /run/nginx.pid` + endscript +} Copied: nginx/repos/community-testing-i686/nginx.install (from rev 291720, nginx/trunk/nginx.install) =================================================================== --- community-testing-i686/nginx.install (rev 0) +++ community-testing-i686/nginx.install 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,27 @@ +post_upgrade() { + if (( $(vercmp $2 1.2.7-4) <= 0 )); then + chmod 750 var/log/nginx + chown http:log var/log/nginx + fi + + if (( $(vercmp $2 1.2.1-2) <= 0 )); then + echo ':: Since 1.2.1-2 several changes has been made in package:' + echo ' - *.conf files have been moved to /etc/nginx' + echo ' - /etc/conf.d/nginx has been removed' + echo ' Main configuration file is set to /etc/nginx/nginx.conf' + echo ' - access.log and error.log can be found in /var/log/nginx by default' + echo ' - bundled *.html files have been moved to /usr/share/nginx/html' + echo ' - /etc/nginx/{html,logs} symbolic links and *.default files have been removed' + fi + + if (( $(vercmp $2 1.10.2-3) < 0)); then + chown root:root var/log/nginx + fi + + if (( $(vercmp $2 1.10.3-2) < 0 )); then + chmod 755 var/log/nginx + echo ':: Security notice:' + echo ' - When additional log directories are used in /var/log/nginx make sure they' + echo ' are owned by root:root and have 755 set as permission to mitigate CVE-2016-1247' + fi +} Copied: nginx/repos/community-testing-i686/service (from rev 291720, nginx/trunk/service) =================================================================== --- community-testing-i686/service (rev 0) +++ community-testing-i686/service 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,17 @@ +[Unit] +Description=A high performance web server and a reverse proxy server +After=network.target + +[Service] +Type=forking +PIDFile=/run/nginx.pid +PrivateDevices=yes +SyslogLevel=err + +ExecStart=/usr/bin/nginx -g 'pid /run/nginx.pid; error_log stderr;' +ExecReload=/usr/bin/nginx -s reload +KillSignal=SIGQUIT +KillMode=mixed + +[Install] +WantedBy=multi-user.target Copied: nginx/repos/community-testing-x86_64/PKGBUILD (from rev 291720, nginx/trunk/PKGBUILD) =================================================================== --- community-testing-x86_64/PKGBUILD (rev 0) +++ community-testing-x86_64/PKGBUILD 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,126 @@ +# $Id$ +# Maintainer: Bartłomiej Piotrowski <bpiotrow...@archlinux.org> +# Maintainer: Sébastien Luttringer +# Contributor: Sergej Pupykin <pupykin.s+a...@gmail.com> +# Contributor: Miroslaw Szot <m...@czlug.icis.pcz.pl> +# Contributor: Daniel Micay <danielmi...@gmail.com> + +pkgname=nginx +pkgver=1.10.3 +pkgrel=5 +pkgdesc='Lightweight HTTP server and IMAP/POP3 proxy server' +arch=('i686' 'x86_64') +url='https://nginx.org' +license=('custom') +depends=('pcre' 'zlib' 'openssl' 'geoip') +makedepends=('hardening-wrapper') +backup=('etc/nginx/fastcgi.conf' + 'etc/nginx/fastcgi_params' + 'etc/nginx/koi-win' + 'etc/nginx/koi-utf' + 'etc/nginx/mime.types' + 'etc/nginx/nginx.conf' + 'etc/nginx/scgi_params' + 'etc/nginx/uwsgi_params' + 'etc/nginx/win-utf' + 'etc/logrotate.d/nginx') +install=nginx.install +source=($url/download/nginx-$pkgver.tar.gz{,.asc} + service + logrotate) +validpgpkeys=('B0F4253373F8F6F510D42178520A9993A1C052F8') # Maxim Dounin <mdou...@mdounin.ru> +md5sums=('204a20cb4f0b0c9db746c630d89ff4ea' + 'SKIP' + '09862c34cd9593bc40da81f88c5fc4b2' + '6a01fb17af86f03707c8ae60f98a2dc2') + +_common_flags=( + --with-pcre-jit + --with-file-aio + --with-http_addition_module + --with-http_auth_request_module + --with-http_dav_module + --with-http_degradation_module + --with-http_flv_module + --with-http_geoip_module + --with-http_gunzip_module + --with-http_gzip_static_module + --with-http_mp4_module + --with-http_realip_module + --with-http_secure_link_module + --with-http_slice_module + --with-http_ssl_module + --with-http_stub_status_module + --with-http_sub_module + --with-http_v2_module + --with-mail + --with-mail_ssl_module + --with-stream + --with-stream_ssl_module + --with-threads +) + +_stable_flags=( + --with-ipv6 +) + +build() { + cd $pkgname-$pkgver + + ./configure \ + --prefix=/etc/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --sbin-path=/usr/bin/nginx \ + --pid-path=/run/nginx.pid \ + --lock-path=/run/lock/nginx.lock \ + --user=http \ + --group=http \ + --http-log-path=/var/log/nginx/access.log \ + --error-log-path=stderr \ + --http-client-body-temp-path=/var/lib/nginx/client-body \ + --http-proxy-temp-path=/var/lib/nginx/proxy \ + --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ + --http-scgi-temp-path=/var/lib/nginx/scgi \ + --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ + ${_common_flags[@]} \ + ${_stable_flags[@]} + + make +} + +package() { + cd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + + sed -e 's|\<user\s\+\w\+;|user html;|g' \ + -e '44s|html|/usr/share/nginx/html|' \ + -e '54s|html|/usr/share/nginx/html|' \ + -i "$pkgdir"/etc/nginx/nginx.conf + + rm "$pkgdir"/etc/nginx/*.default + + install -d "$pkgdir"/var/lib/nginx + install -dm700 "$pkgdir"/var/lib/nginx/proxy + + chmod 755 "$pkgdir"/var/log/nginx + chown root:root "$pkgdir"/var/log/nginx + + install -d "$pkgdir"/usr/share/nginx + mv "$pkgdir"/etc/nginx/html/ "$pkgdir"/usr/share/nginx + + install -Dm644 ../logrotate "$pkgdir"/etc/logrotate.d/nginx + install -Dm644 ../service "$pkgdir"/usr/lib/systemd/system/nginx.service + install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE + + rmdir "$pkgdir"/run + + install -d "$pkgdir"/usr/share/man/man8/ + gzip -9c man/nginx.8 > "$pkgdir"/usr/share/man/man8/nginx.8.gz + + for i in ftdetect indent syntax; do + install -Dm644 contrib/vim/${i}/nginx.vim \ + "${pkgdir}/usr/share/vim/vimfiles/${i}/nginx.vim" + done +} + +# vim:set ts=2 sw=2 et: Copied: nginx/repos/community-testing-x86_64/logrotate (from rev 291720, nginx/trunk/logrotate) =================================================================== --- community-testing-x86_64/logrotate (rev 0) +++ community-testing-x86_64/logrotate 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,10 @@ +/var/log/nginx/*log { + missingok + notifempty + create 640 http log + sharedscripts + compress + postrotate + test ! -r /run/nginx.pid || kill -USR1 `cat /run/nginx.pid` + endscript +} Copied: nginx/repos/community-testing-x86_64/nginx.install (from rev 291720, nginx/trunk/nginx.install) =================================================================== --- community-testing-x86_64/nginx.install (rev 0) +++ community-testing-x86_64/nginx.install 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,27 @@ +post_upgrade() { + if (( $(vercmp $2 1.2.7-4) <= 0 )); then + chmod 750 var/log/nginx + chown http:log var/log/nginx + fi + + if (( $(vercmp $2 1.2.1-2) <= 0 )); then + echo ':: Since 1.2.1-2 several changes has been made in package:' + echo ' - *.conf files have been moved to /etc/nginx' + echo ' - /etc/conf.d/nginx has been removed' + echo ' Main configuration file is set to /etc/nginx/nginx.conf' + echo ' - access.log and error.log can be found in /var/log/nginx by default' + echo ' - bundled *.html files have been moved to /usr/share/nginx/html' + echo ' - /etc/nginx/{html,logs} symbolic links and *.default files have been removed' + fi + + if (( $(vercmp $2 1.10.2-3) < 0)); then + chown root:root var/log/nginx + fi + + if (( $(vercmp $2 1.10.3-2) < 0 )); then + chmod 755 var/log/nginx + echo ':: Security notice:' + echo ' - When additional log directories are used in /var/log/nginx make sure they' + echo ' are owned by root:root and have 755 set as permission to mitigate CVE-2016-1247' + fi +} Copied: nginx/repos/community-testing-x86_64/service (from rev 291720, nginx/trunk/service) =================================================================== --- community-testing-x86_64/service (rev 0) +++ community-testing-x86_64/service 2017-03-27 10:47:28 UTC (rev 291721) @@ -0,0 +1,17 @@ +[Unit] +Description=A high performance web server and a reverse proxy server +After=network.target + +[Service] +Type=forking +PIDFile=/run/nginx.pid +PrivateDevices=yes +SyslogLevel=err + +ExecStart=/usr/bin/nginx -g 'pid /run/nginx.pid; error_log stderr;' +ExecReload=/usr/bin/nginx -s reload +KillSignal=SIGQUIT +KillMode=mixed + +[Install] +WantedBy=multi-user.target