nginx: Linux packages
Currently, nginx packages are available for the following distributions and versions:
RHEL/CentOS:
Version Supported Platforms 6.x x86_64, i386 7.4+ x86_64, ppc64le
Debian:
Version Codename Supported Platforms 8.x jessie x86_64, i386 9.x stretch x86_64, i386
Ubuntu:
Version Codename Supported Platforms 14.04 trusty x86_64, i386, aarch64/arm64 16.04 xenial x86_64, i386, ppc64el, aarch64/arm64 18.04 bionic x86_64, aarch64/arm64 18.10 cosmic x86_64
SLES:
Version Supported Platforms 12 x86_64 15 x86_64
To enable automatic updates of Linux packages set up the yum repository for the RHEL/CentOS distributions, the apt repository for the Debian/Ubuntu distributions, or the zypper repository for SLES.
Pre-Built Packages for Stable version
To set up the yum repository for RHEL/CentOS, create the file named
/etc/yum.repos.d/nginx.repo
with the following contents:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1
Replace “OS” with “rhel” or
“centos”,
depending on the distribution used, and “OSRELEASE”
with “6” or “7”, for 6.x or 7.x versions,
respectively.
For Debian/Ubuntu, in order to authenticate the nginx repository signature
and to eliminate warnings about missing PGP key during installation of the
nginx package, it is necessary to add the key used to sign the nginx
packages and repository to the apt program keyring.
Please download this
key from our web site, and add it to the apt
program keyring with the following command:
sudo apt-key add nginx_signing.key
For Debian replace codename with Debian distribution
codename, and append the following to
the end of the /etc/apt/sources.list file:
deb http://nginx.org/packages/debian/ codename nginx deb-src http://nginx.org/packages/debian/ codename nginx
For Ubuntu replace codename with Ubuntu distribution
codename, and append the following to
the end of the /etc/apt/sources.list file:
deb http://nginx.org/packages/ubuntu/ codename nginx deb-src http://nginx.org/packages/ubuntu/ codename nginx
For Debian/Ubuntu then run the following commands:
apt-get update apt-get install nginx
For SLES 12 run the following command:
zypper addrepo -G -t yum -c 'http://nginx.org/packages/sles/12' nginx
For SLES 15 run the following command:
zypper addrepo -G -t yum -c 'http://nginx.org/packages/sles/15' nginx
Pre-Built Packages for Mainline version
To set up the yum repository for RHEL/CentOS, create the file named
/etc/yum.repos.d/nginx.repo
with the following contents:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/mainline/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1
Replace “OS” with “rhel” or
“centos”,
depending on the distribution used, and “OSRELEASE”
with “6” or “7”, for 6.x or 7.x versions,
respectively.
For Debian/Ubuntu, in order to authenticate the nginx repository signature
and to eliminate warnings about missing PGP key during installation of the
nginx package, it is necessary to add the key used to sign the nginx
packages and repository to the apt program keyring.
Please download this
key from our web site, and add it to the apt
program keyring with the following command:
sudo apt-key add nginx_signing.key
For Debian replace codename with Debian distribution
codename, and append the following to
the end of the /etc/apt/sources.list file:
deb http://nginx.org/packages/mainline/debian/ codename nginx deb-src http://nginx.org/packages/mainline/debian/ codename nginx
For Ubuntu replace codename with Ubuntu distribution
codename, and append the following to
the end of the /etc/apt/sources.list file:
deb http://nginx.org/packages/mainline/ubuntu/ codename nginx deb-src http://nginx.org/packages/mainline/ubuntu/ codename nginx
For Debian/Ubuntu then run the following commands:
apt-get update apt-get install nginx
For SLES 12 run the following command:
zypper addrepo -G -t yum -c 'http://nginx.org/packages/mainline/sles/12' nginx
For SLES 15 run the following command:
zypper addrepo -G -t yum -c 'http://nginx.org/packages/mainline/sles/15' nginx
Source Packages
Packaging sources can be found in the packaging sources repository.
The default branch holds packaging sources for the current
mainline version, while stable-* branches contain latest
sources for stable releases.
To build binary packages, run make in
debian/ directory on Debian/Ubuntu, or in
rpm/SPECS/ on RHEL/CentOS/SLES.
Packaging sources are distributed under the same 2-clause BSD-like license used by nginx.
Dynamic Modules
Main nginx package is built with all modules that do not require additional libraries to avoid extra dependencies. Since version 1.9.11, nginx supports dynamic modules and the following modules are built as dynamic and shipped as separate packages:
nginx-module-geoip nginx-module-image-filter nginx-module-njs nginx-module-perl nginx-module-xslt
Signatures
Both RPM packages and Debian/Ubuntu repositories use digital signatures
to verify the integrity and origin of the downloaded package.
In order to check a signature it is necessary to download
nginx signing key
and import it to the rpm or apt
program’s keyring:
-
On Debian/Ubuntu:
sudo apt-key add nginx_signing.key
-
On RHEL/CentOS:
sudo rpm --import nginx_signing.key
-
On SLES:
sudo rpm --import nginx_signing.key
On Debian/Ubuntu/SLES signatures are checked by default, but on RHEL/CentOS it is necessary to set
gpgcheck=1
in the
/etc/yum.repos.d/nginx.repo file.
Since our PGP keys and packages are located on the same server, they are equally trusted. It is highly advised to additionally verify the authenticity of the downloaded PGP key. PGP has the “Web of Trust” concept, when a key is signed by someone else’s key, that in turn is signed by another key and so on. It often makes possible to build a chain from an arbitrary key to someone’s key who you know and trust personally, thus verify the authenticity of the first key in a chain. This concept is described in details in GPG Mini Howto. Our keys have enough signatures, and their authenticity is relatively easy to check.