Should I compile Nginx from source or just use the version in the Debian repo?

[vpsnewb]

Aside from the version compiled from source being newer, is there really any downside to using the version you get when doing a simple 'apt-get install nginx' ?

I cant find too much data about performance benefits of using the newer ones from source so was wondering if it was a big deal.

 

[drmike]

I'll never get this right, but I think using Nginx repositories for new versions gets you a leaner version (plus newer).

By leaner, it has less addons/plugins/whatever they call the wizbang features that aren't the barebones version.   For instance, the location/IP to location functionality isn't in the Nginx shipped version.  Requires a custom compile  to enable that.  But, I think the Debian releases have the geo functions in what they ship, albeit a more bloated version.

Again, I might have who includes what mixed up.  I haven't danced with Nginx this week

 

[eva2000]

Don't use debian but centos via source nginx compiles. But for debian there's actually several nginx packages - light, full, extras, naxsi - you can see comparison at http://wiki.debian.org/Nginx#Recap_of_the_differents_modules_in_every_package_.28starting_Squeeze-Backports.29

 

[drmike]

Good link there @eva2000 nice comparisons.

 

[mikho]

The "regular" that you get via apt-get install doesn't have all modules and if you don't need something more then you would be fine with it.


Then again, some might arguee that you should always compile from source since when you apt-get it, you get to many included modules.

 

[drmike]

Right @mikho.  The regular one is what most docs/tutorials say.  So lacking the additional modules.

Benefits of using the lesser module heavy versions should be reduced memory consumption and better static throughput--- maybe.

New versions, especially source give you cutting edge and often are optimizations and bug fixes.  So recommended to keep on top of versions with Nginx since it's a really big target based on growing popularity.

 

[nunim]

If you're on Debian your best bet is to use the DotDeb repos for Nginx/PHP/Mysql.  Older versions of Nginx included in distro repositories may still be vulnerable so i would upgrade to the latest and greatest.

 

[drmike]

Using Dotdeb is very simple:

1. Add the main repository to your sources.list
Depending on your distribution (Wheezy or Squeeze), add these two lines to your /etc/apt/sources.list file (you can also choose a mirror near you) :

deb http://packages.dotdeb.org wheezy all
deb-src http://packages.dotdeb.org wheezy all

or

deb http://packages.dotdeb.org squeeze all
deb-src http://packages.dotdeb.org squeeze all

2. Options
If you want to install :

• PHP 5.4 on Debian 6.0

 

[NodeBytes]

I run a dotdeb mirror btw - http://dotdeb.mirror.softgit.com/

If you get better speeds from it, feel free to use it.

 

[acd]

+1 vote for dotdeb. nginx in stable is generally new enough (currently 1.2.1) for me unless I need something specific, for example, websocket proxying (which rolled into mainline around 1.3.1). Dotdeb has a relatively recent version of all the main web stack stuff, php5, nginx, et.al. No problems with it so far.

If you're on Debian your best bet is to use the DotDeb repos for Nginx/PHP/Mysql.  Older versions of Nginx included in distro repositories may still be vulnerable so i would upgrade to the latest and greatest.

When nginx--or any software--releases security vulnerability fixes, debian makes a security release which backports the fix into stable. If you keep up with stable-security, you're probably good.

 

[vanarp]

When nginx--or any software--releases security vulnerability fixes, debian makes a security release which backports the fix into stable. If you keep up with stable-security, you're probably good.

 
Is it the same with Ubuntu as well ?

 

[dmmcintyre3]

I use the official nginx repos.

 

[acd]

Is it the same with Ubuntu as well ?

I can't speak for their responsiveness, but I expect it's about the same. Debian will apply the fix to all vulnerable environments (unstable/testing/stable). Worst case, ubuntu pulls the patch from unstable after debian fixes it and rolls it into their own updates. Ubuntu is pretty good about pushing new software versions to users, even in LTS.