amuck-landowner

Should I compile Nginx from source or just use the version in the Debian repo?

vpsnewb

New Member
Aside from the version compiled from source being newer, is there really any downside to using the version you get when doing a simple 'apt-get install nginx' ?

I cant find too much data about performance benefits of using the newer ones from source so was wondering if it was a big deal.
 

drmike

100% Tier-1 Gogent
I'll never get this right, but I think using Nginx repositories for new versions gets you a leaner version (plus newer).

By leaner, it has less addons/plugins/whatever they call the wizbang features that aren't the barebones version.   For instance, the location/IP to location functionality isn't in the Nginx shipped version.  Requires a custom compile  to enable that.  But, I think the Debian releases have the geo functions in what they ship, albeit a more bloated version.

Again, I might have who includes what mixed up.  I haven't danced with Nginx this week :)
 

mikho

Not to be taken seriously, ever!
The "regular" that you get via apt-get install doesn't have all modules and if you don't need something more then you would be fine with it.


Then again, some might arguee that you should always compile from source since when you apt-get it, you get to many included modules. :)
 

drmike

100% Tier-1 Gogent
Right :) @mikho.  The regular one is what most docs/tutorials say.  So lacking the additional modules.

Benefits of using the lesser module heavy versions should be reduced memory consumption and better static throughput--- maybe.

New versions, especially source give you cutting edge and often are optimizations and bug fixes.  So recommended to keep on top of versions with Nginx since it's a really big target based on growing popularity.
 

nunim

VPS Junkie
If you're on Debian your best bet is to use the DotDeb repos for Nginx/PHP/Mysql.  Older versions of Nginx included in distro repositories may still be vulnerable so i would upgrade to the latest and greatest.
 

drmike

100% Tier-1 Gogent
  • Like
Reactions: acd

acd

New Member
+1 vote for dotdeb. nginx in stable is generally new enough (currently 1.2.1) for me unless I need something specific, for example, websocket proxying (which rolled into mainline around 1.3.1). Dotdeb has a relatively recent version of all the main web stack stuff, php5, nginx, et.al. No problems with it so far.


If you're on Debian your best bet is to use the DotDeb repos for Nginx/PHP/Mysql.  Older versions of Nginx included in distro repositories may still be vulnerable so i would upgrade to the latest and greatest.
When nginx--or any software--releases security vulnerability fixes, debian makes a security release which backports the fix into stable. If you keep up with stable-security, you're probably good.
 
Last edited by a moderator:

vanarp

Active Member
When nginx--or any software--releases security vulnerability fixes, debian makes a security release which backports the fix into stable. If you keep up with stable-security, you're probably good.
 
Is it the same with Ubuntu as well ?
 

acd

New Member
Is it the same with Ubuntu as well ?
I can't speak for their responsiveness, but I expect it's about the same. Debian will apply the fix to all vulnerable environments (unstable/testing/stable). Worst case, ubuntu pulls the patch from unstable after debian fixes it and rolls it into their own updates. Ubuntu is pretty good about pushing new software versions to users, even in LTS.
 
Top
amuck-landowner