ports@, Robert, I'd like to ping about this trivial patch that allows me to use nginx with unwind for last weeks.
Additionally, I had added ngx_cache_purge as new subpackage which brings qutie stable module https://github.com/FRiCKLE/ngx_cache_purge which allows to purge some elements of cache via HTTP request. I don't include it into default build, and build it as dynamic module. The original point about unwind patch: On Sat, 15 Jun 2024 12:09:21 +0100, Kirill A. Korinsky <kir...@korins.ky> wrote: > > ports@ > > Here a trivial patch which improves compatibility with unwind. > > I'm using the following unwind.config: > > preference { recursor oDoT-autoconf } > > forwarder { 172.31.2.1 } > > force accept bogus forwarder { > some.internal.domain > } > > where 172.31.2.1 is Unifi GW and nginx is configured as: > > server { > listen 127.0.0.1:80; > > resolver 127.0.0.1; > > set $nas_uri "http://nas.some.internal.domain";; > > location / { > proxy_pass $nas_uri; > } > } > > it can't be used due errors in log: > > 2024/06/15 11:53:55 [error] 30452#0: invalid UDP DNS response 49184 > fl:81A0 > 2024/06/15 11:54:00 [error] 30452#0: invalid UDP DNS response 30883 > fl:81A0 > 2024/06/15 11:54:00 [error] 30452#0: invalid UDP DNS response 49184 > fl:81A0 > 2024/06/15 11:54:05 [error] 30452#0: invalid UDP DNS response 30883 > fl:81A0 > > because nginx rejects response with enabled AD bit. > And, finally, the diff: diff --git www/nginx/Makefile www/nginx/Makefile index 7d86279085c..203e8aa3fc5 100644 --- www/nginx/Makefile +++ www/nginx/Makefile @@ -17,15 +17,17 @@ COMMENT-njs= nginx javascript scripting module COMMENT-passenger= nginx passenger (ruby/python/nodejs) integration module COMMENT-rtmp= nginx module for RTMP streaming COMMENT-securelink= nginx HMAC secure link module +COMMENT-cache_purge= nginx module which adds ability to purge cache content VERSION= 1.26.1 DISTNAME= nginx-${VERSION} CATEGORIES= www -REVISION-main= 0 +REVISION-main= 1 REVISION-passenger= 0 VERSION-njs= 0.8.2 VERSION-rtmp= 1.2.1 +VERSION-cache_purge= 2.3 PKGNAME-main= ${DISTNAME} PKGNAME-image_filter= nginx-image_filter-${VERSION} @@ -42,6 +44,7 @@ PKGNAME-njs= nginx-njs-${VERSION} PKGNAME-passenger= nginx-passenger-${VERSION} PKGNAME-rtmp= nginx-rtmp-${VERSION} PKGNAME-securelink= nginx-securelink-${VERSION} +PKGNAME-cache_purge= ngx_cache_purge-${VERSION} ONLY_FOR_ARCHS-passenger= aarch64 amd64 arm i386 @@ -59,7 +62,8 @@ _GH_MODS= \ nginx njs ${VERSION-njs} \ simpl ngx_devel_kit v0.3.0 \ leev ngx_http_geoip2_module 3.3 \ - nginx-modules ngx_http_hmac_secure_link_module 48c4625fbbf51ed5a95bfec23fa444f6c3702e50 + nginx-modules ngx_http_hmac_secure_link_module 48c4625fbbf51ed5a95bfec23fa444f6c3702e50 \ + FRiCKLE ngx_cache_purge ${VERSION-cache_purge} .for _a _p _c in ${_GH_MODS} DISTFILES.a+= ${_p}-{${_a}/${_p}/archive/}${_c}.tar.gz @@ -76,7 +80,7 @@ MULTI_PACKAGES = -main -naxsi -perl ${MODULE_PACKAGES} MODULE_PACKAGES = -image_filter -geoip2 -xslt -mailproxy -stream \ -passenger -headers_more -ldap_auth -lua -njs \ - -rtmp -securelink + -rtmp -securelink -cache_purge FLAVOR ?= PSEUDO_FLAVORS = no_lua no_njs no_passenger @@ -100,6 +104,7 @@ WANTLIB-headers_more= WANTLIB-perl= c m perl WANTLIB-passenger= m pthread ${COMPILER_LIBCXX} WANTLIB-securelink= crypto +WANTLIB-cache_purge= LIB_DEPENDS-main= devel/pcre2 LIB_DEPENDS-xslt= textproc/libxml \ @@ -114,6 +119,7 @@ LIB_DEPENDS-securelink= LIB_DEPENDS-njs= devel/pcre2 \ textproc/libxslt \ textproc/libxml +LIB_DEPENDS-cache_purge= MODLUA_RUNDEP= No RUN_DEPENDS= www/nginx,-main=${VERSION} @@ -202,7 +208,8 @@ CONFIGURE_ARGS+= --prefix=${NGINX_DIR} \ --add-dynamic-module=${WRKSRC}/headers-more-nginx-module \ --add-dynamic-module=${WRKSRC}/nginx-auth-ldap \ --add-dynamic-module=${WRKSRC}/ngx_http_geoip2_module \ - --add-dynamic-module=${WRKSRC}/ngx_http_hmac_secure_link_module + --add-dynamic-module=${WRKSRC}/ngx_http_hmac_secure_link_module \ + --add-dynamic-module=${WRKSRC}/ngx_cache_purge SUBSTFILES= conf/nginx.conf */config @@ -212,7 +219,7 @@ ALL_TARGET= pre-patch: .for i in headers-more-nginx-module lua-nginx-module naxsi njs \ nginx-auth-ldap ngx_devel_kit ngx_http_geoip2_module \ - ngx_http_hmac_secure_link_module + ngx_http_hmac_secure_link_module ngx_cache_purge cd ${WRKSRC} && mv ../$i-* $i .endfor diff --git www/nginx/distinfo www/nginx/distinfo index 05b5868d540..1138961174f 100644 --- www/nginx/distinfo +++ www/nginx/distinfo @@ -5,6 +5,7 @@ SHA256 (nginx-1.20.1-chroot.patch) = SS1TB0j8N4/dn5pUTGT6WvkN3aAUuKz5+R0Nt+MG0gk SHA256 (nginx-1.26.1.tar.gz) = +Rh0aP8usVkmC/1Thnwl/44zRyYjes8ie56HDlPT42s= SHA256 (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = aQxOW9sq4ZsP7nXNNW0YATRo20cmFrYJeloLvjRshGQ= SHA256 (nginx-rtmp-module-v1.2.1.tar.gz) = h6pZdACwtaBSdO4tI9jLgiThJoYiegq+MdeDs6ZF6jc= +SHA256 (ngx_cache_purge-2.3.tar.gz) = y31fIpGcYT8fAzQaGuuWCWUmkwLp6yNCXMqr0vXcu+w= SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk= SHA256 (ngx_http_geoip2_module-3.3.tar.gz) = QTeEOMgz4xOhiGnQxKcnBLSDXDCsr3/WgBOrZzL/eKc= SHA256 (ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = ZXpA2rODS1enIREzlD1OqWwpWcv3NOUXH4eUOgOAmqg= @@ -16,6 +17,7 @@ SIZE (nginx-1.20.1-chroot.patch) = 8783 SIZE (nginx-1.26.1.tar.gz) = 1244738 SIZE (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = 18542 SIZE (nginx-rtmp-module-v1.2.1.tar.gz) = 519919 +SIZE (ngx_cache_purge-2.3.tar.gz) = 11717 SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455 SIZE (ngx_http_geoip2_module-3.3.tar.gz) = 8509 SIZE (ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = 6159 diff --git www/nginx/patches/patch-ngx_cache_purge_config www/nginx/patches/patch-ngx_cache_purge_config new file mode 100644 index 00000000000..e12d5e5a802 --- /dev/null +++ www/nginx/patches/patch-ngx_cache_purge_config @@ -0,0 +1,25 @@ +Build ngx_cache_purge as dynamic module + +Index: ngx_cache_purge/config +--- ngx_cache_purge/config.orig ++++ ngx_cache_purge/config +@@ -15,7 +15,17 @@ if [ "$HTTP_UWSGI" = "YES" ]; then + fi + + ngx_addon_name=ngx_http_cache_purge_module +-HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module" +-NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_cache_purge_module.c" ++CACHE_PURGE_SRCS="$ngx_addon_dir/ngx_cache_purge_module.c" ++ ++if [ -n "$ngx_module_link" ]; then ++ ngx_module_type=HTTP ++ ngx_module_name="$ngx_addon_name" ++ ngx_module_srcs="$CACHE_PURGE_SRCS" ++ ++ . auto/module ++else ++ HTTP_MODULES="$HTTP_MODULES $ngx_addon_name" ++ NGX_ADDON_SRCS="$NGX_ADDON_SRCS $CACHE_PURGE_SRCS" ++fi + + have=NGX_CACHE_PURGE_MODULE . auto/have diff --git www/nginx/patches/patch-src_core_ngx_resolver_c www/nginx/patches/patch-src_core_ngx_resolver_c new file mode 100644 index 00000000000..b07cea4cc97 --- /dev/null +++ www/nginx/patches/patch-src_core_ngx_resolver_c @@ -0,0 +1,12 @@ +Index: src/core/ngx_resolver.c +--- src/core/ngx_resolver.c.orig ++++ src/core/ngx_resolver.c +@@ -1774,7 +1774,7 @@ ngx_resolver_process_response(ngx_resolver_t *r, u_cha + (response->nar_hi << 8) + response->nar_lo); + + /* response to a standard query */ +- if ((flags & 0xf870) != 0x8000 || (trunc && tcp)) { ++ if ((flags & 0xf850) != 0x8000 || (trunc && tcp)) { + ngx_log_error(r->log_level, r->log, 0, + "invalid %s DNS response %ui fl:%04Xi", + tcp ? "TCP" : "UDP", ident, flags); diff --git www/nginx/pkg/DESCR-cache_purge www/nginx/pkg/DESCR-cache_purge new file mode 100644 index 00000000000..a1021baf292 --- /dev/null +++ www/nginx/pkg/DESCR-cache_purge @@ -0,0 +1,8 @@ +ngx_cache_purge is nginx module which adds ability to purge content from +FastCGI, proxy, SCGI and uWSGI caches. + +It is build as separated dynamic module and it should be load as: + + load_module modules/ngx_http_cache_purge_module.so; + +Documentation available at https://github.com/FRiCKLE/ngx_cache_purge diff --git www/nginx/pkg/PLIST-cache_purge www/nginx/pkg/PLIST-cache_purge new file mode 100644 index 00000000000..ea7fe579cd9 --- /dev/null +++ www/nginx/pkg/PLIST-cache_purge @@ -0,0 +1 @@ +@so ngx_http_cache_purge_module.so -- wbr, Kirill
