search

eilandert / deb.myguard.nl

issue tracker for deb.myguard.nl packages
https://deb.myguard.nl
1 stars 0 forks source link

Nginx Installation Failed on Debian 12 Bookworm #1

Open joglomedia opened 5 months ago

joglomedia commented 5 months ago

Hi there,

I am managing LEMP stack installer script and want to incorporate MyGuard repository to my script, unfortunately, got installation error

here is my installation 

apt-get install -q -y nginx nginx-common \
libnginx-mod-http-auth-pam \
libnginx-mod-http-brotli \
libnginx-mod-http-cache-purge \
libnginx-mod-http-fancyindex \
libnginx-mod-http-geoip \
libnginx-mod-stream-geoip \
libnginx-mod-http-headers-more-filter \
libnginx-mod-http-image-filter \
libnginx-mod-http-subs-filter \
libnginx-mod-http-vhost-traffic-status \
libnginx-mod-http-xslt-filter \
libnginx-mod-mail \
libnginx-mod-stream
The following packages have unmet dependencies:
 libnginx-mod-http-auth-pam : Depends: nginx-abi-1.22.1-7
 libnginx-mod-http-cache-purge : Depends: nginx-abi-1.22.1-7
 libnginx-mod-http-fancyindex : Depends: nginx-abi-1.22.1-7
 libnginx-mod-http-headers-more-filter : Depends: nginx-abi-1.22.1-7
 libnginx-mod-http-subs-filter : Depends: nginx-abi-1.22.1-7
E: Unable to correct problems, you have held broken packages.

My repo setup

touch "/etc/apt/sources.list.d/myguard-${NGINX_REPO}-${RELEASE_NAME}.list"
bash -c "echo 'deb [arch=${DISTRIB_ARCH}] http://deb.myguard.nl ${RELEASE_NAME} main' > /etc/apt/sources.list.d/myguard-${NGINX_REPO}-${RELEASE_NAME}.list"
bash -c "echo 'deb [arch=${DISTRIB_ARCH}] http://deb.myguard.nl/openssl3 ${RELEASE_NAME} main' >> /etc/apt/sources.list.d/myguard-${NGINX_REPO}-${RELEASE_NAME}.list"

wget -qO "/etc/apt/trusted.gpg.d/deb.myguard.nl.gpg" "https://deb.myguard.nl/pool/deb.myguard.nl.gpg"
eilandert commented 5 months ago

Hi, thanks for using my repo.

It seems those packages come from another repo, 1.22.1-7 is not what I use. (myguard is on 1.25.5 abi). Can you check if some repo is pinned? (Those configs are in /etc/apt/preferences.d)

Also, please don't use the openssl3 repo anymore, since Bookworm (and ubuntu Jammy) OpenSSL3 is part of the distribution, so I don't need to maintain those repo's anymore.

joglomedia commented 5 months ago

Hi @eilandert

It seems the package from default Debian repo, because there is no other Nginx related repo

admin@deb:~/LEMPer$ sudo apt-cache policy libnginx-mod-http-auth-pam
libnginx-mod-http-auth-pam:
  Installed: (none)
  Candidate: 1:1.5.3-3
  Version table:
     1:1.5.3-3 500
        500 mirror+file:/etc/apt/mirrors/debian.list bookworm/main amd64 Packages
admin@deb:~/LEMPer$ sudo apt-cache policy nginx
nginx:
  Installed: (none)
  Candidate: 1.22.1-9
  Version table:
     1.22.1-9 500
        500 mirror+file:/etc/apt/mirrors/debian.list bookworm/main amd64 Packages

Is it safe to disable this debian.list repo?

eilandert commented 5 months ago

I dont think that 's safe.

I wonder why it is not coming from deb.myguard.nl anyway :s Did you do apt update?

joglomedia commented 5 months ago

Yes, i have double check it apt update and apt upgrade

Here is the full result of apt search nginx, we can see some module come from your repo and the other from default Debian repo

libnginx-mod-http-access-plus/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx module allows limiting access to certain http request methods and client addresses.

libnginx-mod-http-auth-ldap/bookworm 1.25.5-4myguard1~bookworm amd64
  LDAP authentication module for nginx

libnginx-mod-http-auth-pam/stable 1:1.5.3-3 amd64
  PAM authentication module for Nginx

libnginx-mod-http-auth-spnego/bookworm 1.25.5-4myguard1~bookworm amd64
  SPNEGO authentication module for nginx

libnginx-mod-http-brotli/bookworm 1.25.5-4myguard1~bookworm amd64
  NGINX module for Brotli compression

libnginx-mod-http-brotli-filter/stable 1.0.0~rc-3 amd64
  Brotli lossless compression support for Nginx - filter

libnginx-mod-http-brotli-static/stable 1.0.0~rc-3 amd64
  Brotli lossless compression support for Nginx - static

libnginx-mod-http-cache-purge/stable 1:2.3-4 amd64
  Purge content from Nginx caches

libnginx-mod-http-captcha/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx module for generate captcha and validate captcha code

libnginx-mod-http-concat/bookworm 1.25.5-4myguard1~bookworm amd64
  A Nginx module for concatenating files in a given context: CSS and JS files usually

libnginx-mod-http-dav-ext/stable 1:3.0.0-3 amd64
  WebDAV missing commands support for Nginx

libnginx-mod-http-doh/bookworm 1.25.5-4myguard1~bookworm amd64
  Simple Nginx module for serving DNS-over-HTTPS (DOH) requests.

libnginx-mod-http-dynamic-etag/bookworm 1.25.5-4myguard1~bookworm amd64
  NGINX module for adding ETag to dynamic content

libnginx-mod-http-early-hints/bookworm 1.25.5-4myguard1~bookworm amd64
  This is an experimental nginx module that sending 103 early hints before sending content(NGX_HTTP_ACCESS_PHASE).

libnginx-mod-http-echo/stable 1:0.63-4 amd64
  Bring echo and more shell style goodies to Nginx

libnginx-mod-http-encrypted-session/bookworm 1.25.5-4myguard1~bookworm amd64
  encrypt and decrypt nginx variable values

libnginx-mod-http-eval/bookworm 1.25.5-4myguard1~bookworm amd64
  A module for evaluating memcached or proxy response into variable

libnginx-mod-http-fancyindex/stable 1:0.5.2-3 amd64
  Fancy indexes module for the Nginx

libnginx-mod-http-flv-live/bookworm 1.25.5-4myguard1~bookworm amd64
  A media streaming server based on nginx-rtmp-module.

libnginx-mod-http-geoip/bookworm 1.25.5-4myguard1~bookworm amd64
  GeoIP HTTP module for Nginx

libnginx-mod-http-geoip2/stable 1:3.4-3 amd64
  GeoIP2 HTTP module for Nginx

libnginx-mod-http-headers-more-filter/stable 1:0.34-3 amd64
  Set and clear input and output headers for Nginx

libnginx-mod-http-hmac-secure-link/bookworm 1.25.5-4myguard1~bookworm amd64
  HMAC Secure Link module for NGINX.

libnginx-mod-http-image-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  HTTP image filter module for Nginx

libnginx-mod-http-immutable/bookworm 1.25.5-4myguard1~bookworm amd64
  NGINX module for setting immutable caching on static assets

libnginx-mod-http-ipset-blacklist/bookworm 1.25.5-4myguard1~bookworm amd64
  for using netfilter ipsets as a black/white list

libnginx-mod-http-js/stable 0.7.9-2 amd64
  JavaScript HTTP module for Nginx

libnginx-mod-http-js-challenge/bookworm 1.25.5-4myguard1~bookworm amd64
  Simple javascript proof-of-work based access for Nginx with virtually no overhead.

libnginx-mod-http-length-hiding-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx filter module to append random generated string to the end of HTML response.

libnginx-mod-http-lua/stable 1:0.10.23-1 amd64
  Lua module for Nginx

libnginx-mod-http-memc/stable 0.19-2 amd64
  Extended memcached commands module for Nginx

libnginx-mod-http-modsecurity/bookworm 1.25.5-4myguard1~bookworm amd64
  Connector for libmodsecurity

libnginx-mod-http-naxsi/bookworm 1.25.5-4myguard1~bookworm amd64
  NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

libnginx-mod-http-ndk/stable 1:0.3.2-3 amd64
  Nginx Development Kit module

libnginx-mod-http-ndk-dev/stable 1:0.3.2-3 all
  Nginx Development Kit module - development files

libnginx-mod-http-njs/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx njs dynamic modules

libnginx-mod-http-perl/bookworm 1.25.5-4myguard1~bookworm amd64
  Perl module for Nginx

libnginx-mod-http-redis2/bookworm 1.25.5-4myguard1~bookworm amd64
  Nginx upstream module for the Redis 2.0 protocol

libnginx-mod-http-security-headers/bookworm 1.25.5-4myguard1~bookworm amd64
  NGINX Module for sending security headers

libnginx-mod-http-set-misc/bookworm 1.25.5-4myguard1~bookworm amd64
  Various set_xxx directives added to nginx's rewrite module (md5/sha1, sql/json quoting, and many more)

libnginx-mod-http-srcache-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  Transparent subrequest-based caching layout for arbitrary nginx locations

libnginx-mod-http-subs-filter/stable 1:0.6.4-4 amd64
  Substitution filter module for Nginx

libnginx-mod-http-sysguard/bookworm 1.25.5-4myguard1~bookworm amd64
  This module can be used to protect your server in case system load or memory use goes too high

libnginx-mod-http-testcookie-access/bookworm 1.25.5-4myguard1~bookworm amd64
  simple robot mitigation module using cookie based challenge/response technique.

libnginx-mod-http-trim-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  A filter that modifies a response by removing unnecessary whitespaces and comments from HTML

libnginx-mod-http-uploadprogress/stable 1:0.9.2-3 amd64
  Upload progress system for Nginx

libnginx-mod-http-upstream-fair/stable 1:0.0~git20120408.a18b409-3 amd64
  Nginx Upstream Fair Proxy Load Balancer

libnginx-mod-http-user-agent/bookworm 1.25.5-4myguard1~bookworm amd64
  A nginx module to match browsers and crawlers

libnginx-mod-http-vhost-traffic-status/bookworm 1.25.5-4myguard1~bookworm amd64
  Nginx virtual host traffic status module

libnginx-mod-http-waf/bookworm 1.25.5-4myguard1~bookworm amd64
  Handy, High performance Nginx firewall module.

libnginx-mod-http-xslt-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  XSLT Transformation module for Nginx

libnginx-mod-http-xss-filter/bookworm 1.25.5-4myguard1~bookworm amd64
  Native cross-site scripting support in nginx

libnginx-mod-http-zstd/bookworm 1.25.5-4myguard1~bookworm amd64
  NGINX module for ZSTD compression

libnginx-mod-ipscrub/bookworm 1.25.5-4myguard1~bookworm amd64
  IP address anonymizer module for nginx

libnginx-mod-mail/bookworm 1.25.5-4myguard1~bookworm amd64
  Mail module for Nginx

libnginx-mod-nchan/stable 1:1.3.6+dfsg-2 amd64
  Fast, flexible pub/sub server for Nginx

libnginx-mod-pagespeed/bookworm 1.25.5-4myguard1~bookworm amd64
  http-pagespeed speeds up your site and reduces

libnginx-mod-rtmp/stable 1:1.2.2+dfsg-3 amd64
  RTMP support for Nginx

libnginx-mod-stream/bookworm 1.25.5-4myguard1~bookworm amd64
  Stream module for Nginx

libnginx-mod-stream-geoip/bookworm 1.25.5-4myguard1~bookworm amd64
  GeoIP Stream module for Nginx

libnginx-mod-stream-geoip2/stable 1:3.4-3 amd64
  GeoIP2 Stream module for Nginx

libnginx-mod-stream-js/stable 0.7.9-2 amd64
  JavaScript Stream module for Nginx

libnginx-mod-stream-lua/bookworm 1.25.5-4myguard1~bookworm amd64
  Lua module for Nginx

libnginx-mod-stream-njs/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx njs dynamic modules

njs/stable 0.7.9-2 amd64
  JavaScript for Nginx command-line utility

and here is the Nginx package

nginx/bookworm 1.25.5-4myguard1~bookworm amd64
  small, powerful, scalable web/proxy server

nginx-common/bookworm 1.25.5-4myguard1~bookworm amd64
  small, powerful, scalable web/proxy server - common files

nginx-confgen/stable 2.1-1 amd64
  nginx configuration file macro language and preprocessor

nginx-core/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server)

nginx-dev/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server - development headers

nginx-doc/bookworm 1.25.5-4myguard1~bookworm amd64
  small, powerful, scalable web/proxy server - documentation

nginx-extras/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server

nginx-full/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server (standard version with 3rd parties)

nginx-light/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server

nginx-minimal/bookworm 1.25.5-4myguard1~bookworm amd64
  nginx web/proxy server
joglomedia commented 5 months ago

Does the version table sorting affects the priority of package used?

admin@deb:~/LEMPer$ sudo apt-cache policy libnginx-mod-http-geoip2
libnginx-mod-http-geoip2:
  Installed: (none)
  Candidate: 1:3.4-3
  Version table:
     1:3.4-3 500
        500 mirror+file:/etc/apt/mirrors/debian.list bookworm/main amd64 Packages
     1.25.5-4myguard1~bookworm 500
        500 http://deb.myguard.nl bookworm/main amd64 Packages

I tried to make myguard repo have highest priority, file /etc/apt/preferences.d/myguard-nginx-bookworm.pref

Package: *
Pin: origin deb.myguard.nl
Pin-Priority: 1000

and now I get package from myguard as priority

admin@deb:~/LEMPer$ sudo apt-cache policy libnginx-mod-http-geoip2
libnginx-mod-http-geoip2:
  Installed: (none)
  Candidate: 1.25.5-4myguard1~bookworm
  Version table:
     1:3.4-3 500
        500 mirror+file:/etc/apt/mirrors/debian.list bookworm/main amd64 Packages
     1.25.5-4myguard1~bookworm 1000
       1000 http://deb.myguard.nl bookworm/main amd64 Packages

Now I could install Nginx from Myguard repo.

But, I am not sure whether it is safe for other packages?

eilandert commented 5 months ago

It seems the versioning of some packages has changed, I have to change it accordingly. I have to think about how I'll do that.

Priotizing deb.myguard.nl is safe ;-) Thanks for your report

eilandert commented 5 months ago

I changed the versioning, the buildsystem will start the build and upload soon.

There is no need for pinning or priotizing anymore. :-)

joglomedia commented 5 months ago

I changed the versioning, the buildsystem will start the build and upload soon.

There is no need for pinning or priotizing anymore. :-)

Thanks so much, it is working now

https://github.com/joglomedia/LEMPer/actions/runs/8918317046/job/24492734375#step:6:1114