-
Couldn't load subscription status.
- Fork 4
3. Builds
Shared libraries with a .so extension are produced for each Linux distro, in your local ./build folder:
alpine.ngx_curity_http_oauth_proxy_module_1.27.4.so
debian.bookworm.ngx_curity_http_oauth_proxy_module_1.27.4.so
ubuntu.24.04.ngx_curity_http_oauth_proxy_module_1.27.4.so
Build the code into a dynamic module for a single platform like this:
export NGINX_VERSION='1.27.4'
export LINUX_DISTRO='alpine'
./build.shProduce all pre-built releases with the following script:
./buildall.shTo build for older releases it is possible that you need to use older versions of dependency libraries like PCRE and ZLIB. For example, to build version 1.19.5 you can use the following approach:
- Find a release like 1.2.0 that includes the old NGINX version.
- View the 1.2.0 Docker Build Resource which uses
pcre-dev. - Update the Latest Docker Build Resource to use
pcre-devinstead ofpcre2-dev.
When the ./configure script is called, the main NGINX system's ./configure script is invoked.
This can accept custom parameters from this nginx page including these:
| Option | Description |
|---|---|
| --with-cc-opt | Settings to add to the CFLAGS variable used by the linker |
| --with-ld-opt | Settings to add to LDFLAGS variable used by the linker |
The NGINX configure script uses automake to produce the build file at ./nginx-1.25.5/objs/Makefile.
Some CFLAGS settings, such as -std=c99, are dictated by the nginx system.
The Linux build finds OpenSSL headers by installing libssl-dev, then dynamcally links to OpenSSL libraries.
Dynamic linking ensures that any OpenSSL security fixes can be resolved by updating the customer NGINX system.
$(LINK) -o objs/ngx_curity_http_oauth_proxy_module.so \
objs/addon/src/oauth_proxy_module.o \
objs/addon/src/oauth_proxy_configuration.o \
objs/addon/src/oauth_proxy_handler.o \
objs/addon/src/oauth_proxy_decryption.o \
objs/addon/src/oauth_proxy_encoding.o \
objs/addon/src/oauth_proxy_utils.o \
objs/ngx_curity_http_oauth_proxy_module_modules.o \
-shared
A multi-stage Docker build is used, to output built .so files to an nginx-module-builder image.
To troubleshoot failures, remote to the most recent Docker image in docker image list.
Build commands can then be run manually if required, to understand the failure cause:
docker run -it a77962ad4c52
cd /tmp
makeOccasionally the library download URLs in the Dockerfile need updating to point to newer versions.