Wikimedia Foundation Servers; by Victorgrigas (Own work) [CC BY-SA 3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons; https://commons.wikimedia.org/wiki/File%3AWikimedia_Foundation_Servers-8055_13.jpg

Compiling nginx with GitLab CI

Continuing my series on the fun I’m having with GitLab CI, it’s time to discuss using it to automate nginx builds. I’ve previously written about how and why I use a custom build, and a few months ago, I decided to remove the monotony from the process.

Now, when a new mainline release is available, or OpenSSL releases a new version, I update a few CI variables, run a pipeline, and a new nginx binary is available within a few minutes. I’m also able to build for multiple versions of Debian.

I’ve incorporated Google’s Brotli module and a certificate transparency module, as well as OpenSSL 1.1.1 for TLSv1.3 support. I use the script to build mainline versions, but it allows for any release nginx mirrors on GitHub (see https://www.nginx.com/blog/nginx-1-6-1-7-released/ for the differences between mainline and stable).

The build script and its CI configuration can be found at https://git.ethitter.com/debian/nginx-build. The pipeline for my v1.17.0 build can be seen at https://git.ethitter.com/debian/nginx-build/pipelines/1042.

I maintain a common set of images for CI purposes, and this uses the Debian-based build environments configured at https://git.ethitter.com/docker/images/tree/master/debian and served from that project’s container registry at https://git.ethitter.com/docker/images/container_registry. The build images are themselves built using GitLab CI, but that’s a topic for another post. 😆