my debian 12 os. I would like to install ispconfig with the pre build from nginx.org and the Perfect Server Automated ISPConfig 3. but it automatically installs the debian nginx-full package. can I change the script so that it installs nginx from the nginx.org repositories?
No, the official Nginx runs under a different user (nginx and not www-data), so your setup will not work.
Sure, you can try to replace the Debian package after you install the system. You have to take care that your manually compiled Nginx uses the same config file names, folders, and user and group as the default Nginx of the OS. Maybe even the Nginx from nginx.org works, if they made the user and group configurable so you can change both to www-data.
But you must be aware that using a newer version of Nginx than what the OS comes with might cause the setup to fail if Nginx changes any config settings or removes settings that ISPConfig uses. In such a case, you will have to alter the config file templates that ship with ISPConfig and adjust them to the Nginx version you use.
yes we can change the user and the group while compiling. I would like to test HTTP3 and brotli compression. I test and I tell you.
The only option that I knew might work well with less or no trouble with ISPConfig, is not directly from nginx, but from Ondrej Sury's nginx repo but I never tested this fully. Stable Version: https://launchpad.net/~ondrej/+archive/ubuntu/nginx Mainline Vershion: https://launchpad.net/~ondrej/+archive/ubuntu/nginx-mainline
By compiling the sources with the right variables, everything works correctly. It's just a bit long... @ahrasis: thank you, I will install to test
I found a solution. environment: Debian 12, ispconfig install with perfect auto Be careful, this manipulation may crash your server. change the sourcelist to: Types: deb deb-src URIs: mirror+file:///etc/apt/mirrors/debian.list Suites: trixie trixie-updates trixie-backports Components: main contrib non-free-firmware Types: deb deb-src URIs: mirror+file:///etc/apt/mirrors/debian-security.list Suites: trixie-security Components: main contrib non-free-firmware and I followed this tutorial: https://ginkcode.com/post/recompile-nginx-packaged-by-apt-on-ubuntu don't forget to put back the original sourcelist. Now I have nginx 1.26.0 (trixie) with the module_V3 module enabled. I took the opportunity to activate the brotli module. how can I use a snippet so that the configuration of a site (.vhost) includes the configuration to be in http3? http3 on; listen 443 quic; listen[::]:443 quic; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; quic_retry on; add_header Alt-Svc 'h3-29=":443"'; add_header Alt-Svc 'h3=":$server_port"; ma=3600, h2=":$server_port"; ma=3600'; add_header Alt-Svc 'h2=":$server_port"; my=2592000; persist=1'; add_header Alt-Svc 'h2=":$server_port"; my=2592000;'; ssl_dhparam /etc/nginx/ssl/dhparam; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE -RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384HE-RSA-CHACHA20-POLY1305; ssl_prefer_server_ciphers off; add_header Strict-Transport-Security "max-age=60" always; gzip off; #brotli brotli_comp_level 8; brotli_types image/* text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
Either change the default vhost template to activate it fro all sites, or use the nginx snippets function in ISPConfig and/or the nginx directives field of the website.
I have never used snippets. here is what I did: system menu snippets directive Add directive snippet put a name choice type: nginx I copied and pasted the lines to integrate into the vhosts. is there anything else to do?
I prefer not to use that repo since is not ISPConfig friendly like the one I suggested before. I find this howto is better (IMV) since he's using Ondrej Sury repo for nginx mainline: https://www.stevenz.blog/ubuntu-nginx-http3/ If I were you, I prefer this i.e. use conf-custom folder to customize default vhost template. There is actually other way, i.e. by enhancing ISPConfig default code, to detect and use http3 and quic, if they are available. For this to become permanently supported by ISPConfig, one should code, MR suggested codes in its git. I will also suggest the ciphers be upgraded as well as I think it is kinda low for even http2, what more if one use http3.
