diff options
author | Stuart Cardall <developer@it-offshore.co.uk> | 2014-09-18 03:20:50 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-09-18 09:47:11 +0000 |
commit | 7596de12a5a72588a318d4768303b18635ab44b7 (patch) | |
tree | fad92b3d4e2aab3b3001b611398253dfd020ed37 /testing/nginx-naxsi/nginx.initd | |
parent | 080e012e1cc56363171c2544a7591918c7be26ad (diff) | |
download | aports-7596de12a5a72588a318d4768303b18635ab44b7.tar.bz2 aports-7596de12a5a72588a318d4768303b18635ab44b7.tar.xz |
testing/nginx-naxsi: new aport
NGINX with naxsi WAF support https://github.com/nbs-system/naxsi
Built with the same modules as Debian + SysGuard from Tengine.
Nginx patched to anonymise server strings.
With the WAF & SysGuard enabled nginx-naxsi benchmarked @ approx
600 connections / second (the same as the standard Alpine nginx pkg).
With the WAF disabled 640 connections / second (as the mail modules
are removed as per the naxsi author's recommendation).
Diffstat (limited to 'testing/nginx-naxsi/nginx.initd')
-rw-r--r-- | testing/nginx-naxsi/nginx.initd | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/testing/nginx-naxsi/nginx.initd b/testing/nginx-naxsi/nginx.initd new file mode 100644 index 0000000000..ce2b7b8bb9 --- /dev/null +++ b/testing/nginx-naxsi/nginx.initd @@ -0,0 +1,42 @@ +#!/sbin/runscript + +extra_started_commands="reload" +extra_commands="configtest" + +depend() { + need net + use dns logger netmount +} + +CONFFILE=${CONFFILE:-/etc/nginx/${SVCNAME}.conf} +PIDFILE=${PIDFILE:-/var/run/${SVCNAME}.pid} + +configtest() { + ebegin "Checking ${SVCNAME} configuration" + mkdir -p /tmp/nginx + /usr/sbin/nginx -c ${CONFFILE} -t + eend $? "failed, please correct errors above" +} + +start() { + configtest || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --pidfile "${PIDFILE}" \ + --exec /usr/sbin/nginx -- -c ${CONFFILE} -g "pid ${PIDFILE};" + eend $? "Failed to start ${SVCNAME}" +} + +stop() { + configtest || return 1 + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile "${PIDFILE}" + eend $? "Failed to stop ${SVCNAME}" + rm -f "${PIDFILE}" +} + +reload() { + configtest || return 1 + ebegin "Refreshing ${SVCNAME} configuration" + kill -HUP $(cat "${PIDFILE}") &>/dev/null + eend $? "Failed to reload nginx" +} |