summaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-httpd/nginx/files
Commit message (Collapse)AuthorAgeFilesLines
* nginx: Upgrade stable 1.24.0 -> 1.26.0Peter Marko2024-04-301-78/+0
| | | | | | | | | | | | | nginx-1.26.0 stable version has been released, incorporating new features and bug fixes from the 1.25.x mainline branch - including experimental HTTP/3 support, HTTP/2 on a per-server basis virtual servers in the stream module, passing stream connections to listen sockets, and more. License-Update: copyright years refreshed Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix CVE-2023-44487alperak2024-01-111-0/+78
| | | | | | | | | | | Upstream-Status: Backport from [https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9] WARNING: nginx-1.24.0-r0 do_cve_check: Found unpatched CVE (CVE-2023-44487) This vulnerability exists between the following versions -> From(including) 1.9.5 Up to(including) 1.25.2 Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: add configure optionJoe Slater2023-10-041-0/+39
| | | | | | | | Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: upgrade 1.20.1 -> 1.23.3Wang Mingyu2023-03-091-107/+0
| | | | | | | | | | | | | | | | | | | | | | | | CVE-2021-3618.patch removed since it's included in 1.23.3 Changelog: ========== *) Bugfix: an error might occur when reading PROXY protocol version 2 header with large number of TLVs. *) Bugfix: a segmentation fault might occur in a worker process if SSI was used to process subrequests created by other modules. Thanks to Ciel Zhao. *) Workaround: when a hostname used in the "listen" directive resolves to multiple addresses, nginx now ignores duplicates within these addresses. *) Bugfix: nginx might hog CPU during unbuffered proxying if SSL connections to backends were used. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix CVE-2021-3618Joe Slater2021-08-201-0/+107
| | | | | | | | | | | Backport with no change a patch from version 1.21.0. This patch was not cherry-picked by nginx to version 1.20.1. Information about this CVE comes from https://ubuntu.com/security/CVE-2021-3618. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix error during service startupChangqing Li2020-02-261-0/+99
| | | | | | | | | fix below error: nginx.service: failed to parse pid from file /run/nginx/nginx.pid: invalid argument Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix kill path in nginx systemd unit filenick83ola2019-05-271-1/+1
| | | | | | | the kill utility is located in /bin/kill -> use base_bindir instead of bindir Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: add default proxy_paramsAndré Draszik2019-01-191-0/+4
| | | | | | | | | | | | | As per Debian packaging - to use it, see https://wiki.debian.org/Nginx/DirectoryStructure#Extra_Parameters This file is most commonly included when Nginx is acting as a reverse proxy: include /etc/nginx/proxy_params; proxy_pass http://localhost:8000; Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: configuration updateAndré Draszik2019-01-192-105/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restructure the main configuration file to simplify custom configuration: * support inclusion of configuration fragments from subdirectories: - /etc/nginx/modules-enabled/*.conf - /etc/nginx/conf.d/*.conf - /etc/nginx/sites-enabled/* * default site (port 80): - move into /etc/nginx/sites-available/default_server and enable via symlink in /etc/nginx/sites-enabled/ - listen on IPv6 - drop unneeded example fragments * configure and enable gzip * update TLS settings to drop SSLv3 and enable TLSv1.3 for some safer defaults * update remaining bits to follow Debian standard configuration https://salsa.debian.org/nginx-team/nginx/blob/62a54a8ba66ee6cc1b4f8a33dab9a6f27a3fdac4/debian/conf/nginx.conf * drop unneeded example configuration bits from /etc/nginx/*.default These changes, in particular the configuration fragment support allow to easily customise nginx based on individual requirements. In addition, it is now possible for other recipes / packages to drop fragments into the respective directories in /etc/nginx without having to meddle with /etc/nginx/nginx.conf Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update systemd unit using nginx recommendationAndré Draszik2019-01-191-3/+7
| | | | | | | | | | | | | | | | | | Our systemd unit doesn't follow the official recommendation, see https://www.nginx.com/resources/wiki/start/topics/examples/systemd/ Most importantly: * it should start after some additional specific targets/units * using PrivateTmp is a useful security feature, in particular to avoid cross domain scripting via the temp folder * using systemd's $MAINPID, we can distinguish between multiple running nginx instances correctly Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: refresh patchesArmin Kuster2018-04-131-26/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WARNING: nginx-1.12.2-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch nginx-cross.patch patching file auto/feature patching file auto/options Hunk #1 succeeded at 386 (offset 33 lines). Hunk #2 succeeded at 580 (offset 35 lines). Hunk #3 succeeded at 599 (offset 22 lines). patching file auto/types/sizeof patching file auto/unix Hunk #1 succeeded at 587 (offset 194 lines). Hunk #2 succeeded at 604 with fuzz 1 (offset 188 lines). Hunk #3 succeeded at 620 with fuzz 2 (offset 188 lines). Now at patch nginx-cross.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: correctly set the endianness of the targetDerek Straka2017-12-111-0/+80
| | | | | | | | Add an inherit for siteinfo to get access to SITEINFO_ENDIANNESS Add a patch to have nginx actually use the user provided --with-endian Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: use consistent pid file location accross recipe and init scriptsPascal Bach2017-05-231-1/+1
| | | | | | | | The recipe and the systemd service file use /run/nginx/nginx.pid, while the sys v init script used /var/run/nginx/nginx.pid Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: make sure the user is correctly set for the volatile directoriesPascal Bach2017-03-311-1/+1
| | | | | Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: make user in nginx.conf consistent with the default valuePascal Bach2017-03-311-1/+1
| | | | | | | | | It gets replaces with the real NGINX_USER anyway, but it confuses people that there is a different value by default. So just make it the same as the default NGINX_USER Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: optimize systemd unit fileSzombathelyi György2016-08-221-5/+4
| | | | | | | | | - Call the nginx binary directly, no need to wrap the SysV init file. - Create /var/log/nginx with tmpfiles, like volatiles without systemd. - Run nginx with ${NGINX_USER} (user ${NGINX_USER} in nginx.conf) Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: update stable version to 1.10.0Derek Straka2016-05-061-19/+12
| | | | | | | | The 1.8 version is now considered legacy and the stable versions 1.10.X Updated the license checksum to reflect copyright date update to 2016 Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: Fix systemd service fileAmarnath Valluri2015-11-111-1/+1
| | | | | | | systemd service file expects full path of the executatbles. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: update to 1.9.5Jens Rehsack2015-10-231-8/+9
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: Add suport for systemdAlejandro Hernandez2015-05-221-0/+12
| | | | | | | Adds support for systemd, creates a service for nginx and installs it if required Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* nginx: new recipestephen.arnold422013-12-094-0/+389
Initial recipe created by Steve Arnold. Original build patch and 1.0.10 recipe graciously contributed by bencoh (in #oe on irc.freenode.net). New recipe and init script contributed by this author. Built and tested on master branches using author's fork of meta-raspberrypi. Signed-off-by: stephen.arnold42 <stephen.arnold42@gmail.com> Signed-off-by: Sébastien Mennetrier <s.mennetrier@innotis.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-05-20 16:10:38 +0000