Репозиторий пакетов для Red Hat Enterprise Linux и CentOS

CodeIT является разработчиком решений в сфере ПО (в том числе, и на базе веб-технологий). Поэтому нам регулярно необходимо свежее серверное программное обеспечение с поддержкой современных возможностей. Например, NGINX и Apache httpd, собранные для промышленных дистрибутивов с поддержкой HTTP/2 и brotli. А их, увы, не нашлось. Поэтому мы используем сами и приглашаем вас использовать наш репозиторий для RHEL/CentOS/Rocky Linux/Alma Linux/Oracle Linux:

Версия Поддерживаемые платформы Статус
6.x x86_64 поддержка прекращена с 12.2020
7.x x86_64 Актуален
8.x x86_64, aarch64 Актуален
9.x x86_64, aarch64 Актуален

Чтобы включить автоматическое обновление пакетов для Linux, настройте репозиторий yum для дистрибутивов RHEL/CentOS.

ГОТОВЫЕ ПАКЕТЫ СТАБИЛЬНЫХ/MAINLINE ВЕРСИЙ

Для настройки RPM-репозитория Mainline для RHEL/CentOS необходимо просто установить пакет:

CentOS 7 / RHEL 7:

Stable: yum install -y https://repo.codeit.guru/codeit-repo-release.el7.rpm epel-release

Mainline: yum install -y https://repo.codeit.guru/codeit-repo-release.el7.rpm epel-release && yum-config-manager --enable CodeIT-mainline --save

QUIC / HTTP/3: yum install -y https://repo.codeit.guru/codeit-repo-release.el7.rpm epel-release && yum-config-manager --enable CodeIT-quic --save

CentOS 8-9 / RHEL 8-9 / Rocky Linux 8-9 / Alma Linux 8-9:

EL8: yum install -y https://repo.codeit.guru/codeit-repo-release.el8.rpm epel-release

EL9: yum install -y https://repo.codeit.guru/codeit-repo-release.el9.rpm epel-release

QUIC stream: dnf module enable -y nginx:codeit-quic

Mainline stream (1.21.x, 1.23.x, …): dnf module enable -y nginx:codeit-mainline

Stable stream (1.20.x, 1.22.x): dnf module enable -y nginx:codeit-stable

Apache httpd stable: dnf module enable -y httpd:codeit

Если же вы хотите посмотреть списки имеющихся пакетов, можете просмотреть репозиторий. Обращаю ваше внимание на тот факт, что в зависимостях некоторых пакетов присутствуют библиотеки из репозитория EPEL, такие как apr-util, libnghttp. Таким образом, для использования Apache HTTPd проще всего подключить репозиторий EPEL:

yum install -y epel-release

Зачем для этого отдельный репозиторий?

Здесь будут публиковаться свежие версии nginx (из веток mainline и stable). Чем они лучше официальных? Тем, что наши пакеты:

    • собраны c OpenSSL 1.1.1+ ради поддержки ALPN (заявление поддержки http2 ещё на этапе согласования TLS-соединения) и TLS 1.3 RFC 8446, которых нет из коробки. Это важно для нас, поскольку с мая 2016 года Google Chrome отменяет поддержку NPN и те, кто не имеет ALPN, останутся без http2.
    • есть поддержка сжатия контента brotli с помощью собранного плагина ngx_brotli + libbrotli, которая оформлена отдельным пакетом.

Мы следим за версиями openssl, nginx и будем регулярно обновлять наши сборки. В будущем планируем расширить список программных продуктов, следите за сообщениями в блоге. Конечно, все SRPM доступны в репозитории. Первая версия собрана с OpenSSL 1.0.2h. Пакеты в репозитории подписаны нашим GPG-ключом, открытый ключ находится здесь.

Репозиторий пакетов для Red Hat Enterprise Linux и CentOS: 120 комментариев

  1. On
    Distributor ID: RedHatEnterpriseServer
    Description: Red Hat Enterprise Linux Server release 6.10 (Santiago)
    Release: 6.10
    Codename: Santiago

    I get this error when trying to add the repo

    # cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q —qf «%{VERSION}» $(rpm -q —whatprovides redhat-release)`.repo
    —2019-07-29 16:19:24— https://repo.codeit.guru/codeit.el6Server.repo
    Resolving repo.codeit.guru… 144.76.75.30, 2a01:4f8:191:9348::5
    Connecting to repo.codeit.guru|144.76.75.30|:443… connected.
    HTTP request sent, awaiting response… 404 Not Found
    2019-07-29 16:19:24 ERROR 404: Not Found.

    Ответить

    1. Hello,

      Please run:
      cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el6.repo

      Could you also provide us with output for the following commands:


      rpm -q --whatprovides redhat-release
      rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release)

      Thank you!

      Ответить

  2. Is there no changes. I followed the above procedure, actually, I’m looking for a change on this.
    Please support me.

    HTTP/1.1 200 OK
    Date: Tue, 03 Sep 2019 11:45:54 GMT
    Server: Apache/2.4.41 (codeit) PHP/7.2.22
    Last-Modified: Tue, 03 Sep 2019 11:29:11 GMT
    ETag: «1d-591a465c41698»
    Accept-Ranges: bytes
    Content-Length: 29
    Content-Type: text/html; charset=UTF-8

    Ответить

  4. Hi,

    For some reason using your repo is now creating a dependancy to install nginx as a new package because of the following:

    nginx x86_64 1:1.16.1-1.el7.codeit CodeIT 3.5 M
    replacing libbrotli.x86_64 1:1.0.6-1.codeit.el7

    Ответить

  6. Hi

    I am trying to run «yum update httpd» but failing in dependency.

    The following commands:
    rpm -q —whatprovides redhat-release
    rpm -q —qf «%{VERSION}» $(rpm -q —whatprovides redhat-release)

    Gives results as :redhat-release-server-7.6-4.el7.x86_64 and 7.6

    What to do to upgrade Apache beyong 2.4.16. Right now I have 2.4.6

    Achintya

    Ответить

  7. #cat /etc/yum.repos.d/codeit.el7.repo
    [CodeIT]
    name=CodeIT repo
    baseurl=https://repo.codeit.guru/packages/centos/7/$basearch
    enabled=1
    gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
    gpgcheck=1
    #yum update httpd*

    Dependencies Resolved

    =============================================================================
    Package Arch Version Repository Size
    =============================================================================
    Updating:
    apr x86_64 1.5.2-1.el7.codeit CodeIT 111 k
    httpd x86_64 2.4.41-4.codeit.el7 CodeIT 1.4 M
    httpd-tools x86_64 2.4.41-4.codeit.el7 CodeIT 1.3 M
    Installing for dependencies:
    httpd-filesystem noarch 2.4.41-4.codeit.el7 CodeIT 27 k
    libnghttp2 x86_64 1.31.1-2.el7 epel 67 k
    mod_http2 x86_64 1.15.3-1.codeit CodeIT 208 k

    Transaction Summary
    =============================================================================
    Install ( 3 Dependent packages)
    Upgrade 3 Packages

    Total download size: 3.0 M
    # rpm -qa | grep httpd
    httpd-tools-2.4.6-90.el7.centos.x86_64
    httpd-2.4.6-90.el7.centos.x86_64
    httpd-itk-2.4.7.04-2.el7.x86_64
    Соотвественно:

    AssignUserId p603 p603-www


    и
    LoadModule mpm_itk_module modules/mod_mpm_itk.so

    После yum update
    Апач не стартует.
    В логах:
    [Wed Feb 05 13:10:21.337262 2020] [suexec:notice] [pid 1203:tid 140542650091712] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
    [Wed Feb 05 13:10:21.337376 2020] [mpm_itk:crit] [pid 1203:tid 140542650091712] mpm-itk cannot use threaded MPMs; please use prefork.

    Помогло откатить пакеты httpd на те которые не из вашего репозитория.
    Я так понимаю что httpd-itk-2.4.7.04-2.el7.x86_64 с httpd-2.4.41-4.codeit.el7.x86_64.rpm не работает.
    У вас в репозитории httpd-itk нет.

    Ответить

    1. Добрый день, Ярослав.
      Да, именно так, для вас новости плохие.
      Мы не поддерживаем mpm itk, а только делаем аналог «родного» httpd с патчами Redhat/Fedora для CentOS 6/7.

      Но всё же попробуйте поменять mpm на prefork в своём конфиге. Мы не тестировали это никогда.

      Ответить

      1. как временное решение:
        # cat codeit.el7.repo
        [CodeIT]
        name=CodeIT repo
        baseurl=https://repo.codeit.guru/packages/centos/7/$basearch
        enabled=1
        gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
        gpgcheck=1
        exclude=httpd*

        Ответить

  8. NGINX 1.17.7 mainline built against OpenSSL 1.1.1d with TLS 1.3 Final (RFC 8446) and brotli for Red Hat Enterprise Linux and CentOS

    brotli compression is not working …. (content-encoding: gzip)
    TLS 1.3 work fine …

    Install on:
    Linux l 3.10.0-1062.12.1.el7.x86_64
    brotli-1.0.7-5.el7.x86_64 (from epel)
    nginx.conf:
    brotli_static on;
    brotli_comp_level 6;
    brotli_types *;

    please help …

    Ответить

  9. Hi,

    First of all thanks for your builds, during few years I’ve been using your repot to have my webservers updated.

    I’m writting this coment to request adding LUA Support for your nginx, that would enable using your builds with a lot of external third-party integrations.

    Regards,

    Ответить

  11. Hello and thanks for the compilation here.
    I would like to build the packages from the src.rpm myself and have a few questions about it:
    — are certain options used when building openssl or is it just a simple «./config && make»?
    — apr-util needs mariadb-connector-c-devel for building — is it possible to use the package from CentOS 8?

    Thanks!

    Ответить

  12. Hello Alexander & all,

    as you might have noticed, today there has been a release of nginx-1.18.0 stable version.

    Since I have nginx repo somehow forgotten in my list, my webserver got upgraded via yum update and since that nginx stopped working. I fixed the configuration reflecting changes in nginx directives for version 1.18 and got it back functional. But only after I have done that, noted my website is no longer running TLS 1.3

    Having realized this, found out that official nginx repo contains a build compiled still against an ancient OpenSSL version:

    [[email protected] ~]# nginx -V
    nginx version: nginx/1.18.0
    built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
    built with OpenSSL 1.0.2k-fips 26 Jan 2017
    TLS SNI support enabled

    which is obviously the reason TLS 1.3 not working for me now.

    Will you be creating your CodeIT package built with OpenSSL 1.1.1d or later version for the new nginx anytime soon? I would not like to go back older nginx versions at this point since my configuration seems to work well enough, but it would be great to have your package from CodeIT repository instead.

    Thank you in advance,

    Daniel.

    Ответить

      1. Hello Alexander,

        great news. Yeah OpenSSL 1.1.1g version was also out yesterday, right..

        Do I have the right repository for RHEL7 where to expect it then? 🙂

        I have currently codeit.el7.repo :

        [CodeIT]
        name=CodeIT repo
        baseurl=https://repo.codeit.guru/packages/centos/7/$basearch
        enabled=1
        gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
        gpgcheck=1

        Thank you,

        Daniel.

        Ответить

  13. Hi Alexander, thanks for quick reply and for suggestions which I’ve double-checked.
    However, your suggestion prompted me to look deeper and compare operational server with vanilla build. Turns out «which hostname» on a vanilla machine yields the «correct» /usr/bin/hostname.

    Traced to inconsistent PATH settings set in csh.login, in turn traced this to setup-2.8-x.rpm
    The misbehaving server would appear to have the CentOS «cr» repo enabled. This increments the base setup-2.8.71-10.el7.noarch to setup-2.8.71-11.el7.noarch.

    One change is a difference in /etc/csh.login which is defining a completely different PATH variable than system default — csh.login in later version has a setenv PATH statement which is placing /bin before /usr/bin and therefore resulting in the error reported.

    This is clearly self-inflicted on our test box, apologies for taking up your time, thanks for reviewing.

    For anyone else experiencing same issues, be very wary of the CentOS7 «cr» repo!

    Ответить

  14. Hi Alexander, the plot thickens…
    I’m going to backtrack on that. Seems the pathnames were a redherring. I have just built a virgin CentOS7 machine, applied the EPEL repo to it, carried out a full update then added the CodeIT CentOS7 repo.
    Here’s my results.

    It will quite happily install an earlier version of mod_ssl but not latest from CodeIT repo. To my little brain, it would appear something is actually amiss with mod_ssl package?
    Grateful for any ideas

    Cheers
    Rob

    [[email protected] yum.repos.d]# echo $PATH
    /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
    [[email protected] yum.repos.d]# which hostname
    /bin/hostname
    [[email protected] yum.repos.d]# dnf install httpd mod_ssl
    Last metadata expiration check: 0:06:57 ago on Mon 27 Apr 2020 14:05:30 UTC.
    Dependencies resolved.

    Problem: cannot install the best candidate for the job
    — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
    =====================================================================================================================================================
    Package Arch Version Repository Size
    =====================================================================================================================================================
    Installing:
    httpd x86_64 2.4.43-2.codeit.el7 CodeIT 1.4 M
    mod_ssl x86_64 1:2.4.43-2.codeit.el7 CodeIT 1.3 M
    Installing dependencies:
    brotli x86_64 1.0.7-5.el7 epel 318 k
    libnghttp2 x86_64 1.31.1-2.el7 epel 67 k
    sscg x86_64 2.6.1-1.el7 epel 60 k
    libtalloc x86_64 2.1.16-1.el7 cr 33 k
    libpath_utils x86_64 0.2.1-32.el7 base 28 k
    mailcap noarch 2.1.41-2.el7 base 31 k
    apr x86_64 1.7.0-2.el7 CodeIT 122 k
    apr-util x86_64 1.6.1-6.el7 CodeIT 98 k
    httpd-filesystem noarch 2.4.43-2.codeit.el7 CodeIT 27 k
    httpd-tools x86_64 2.4.43-2.codeit.el7 CodeIT 1.3 M
    mod_http2 x86_64 1.15.7-1.codeit CodeIT 208 k
    Skipping packages with broken dependencies:
    mod_ssl x86_64 1:2.4.43-6.codeit.el7 CodeIT 121 k

    Transaction Summary
    =====================================================================================================================================================
    Install 13 Packages
    Skip 1 Package

    Total download size: 5.0 M
    Installed size: 14 M
    Is this ok [y/N]:

    Ответить

  15. Hi Alexander,
    Once again this side bad, and for complete disclosure the issue is with YUM vs DNF.
    Turns out that on the test box yum had been swapped for dnf in the extras repo.
    Interestingly yum behaves where dnf does not. dnf DOES behave if wanting to install previous version of mod_ssl. I have never delved into rpm specifications, so cannot answer why one works and the other doesnt.

    yum install httpd mod_ssl

    —> Finished Dependency Resolution

    Dependencies Resolved

    =====================================================================================================================================================
    Package Arch Version Repository Size
    =====================================================================================================================================================
    Installing:
    httpd x86_64 2.4.43-6.codeit.el7 CodeIT 1.4 M
    mod_ssl x86_64 1:2.4.43-6.codeit.el7 CodeIT 121 k
    Installing for dependencies:
    apr x86_64 1.7.0-2.el7 CodeIT 122 k
    apr-util x86_64 1.6.1-6.el7 CodeIT 98 k
    brotli x86_64 1.0.7-5.el7 epel 318 k
    httpd-filesystem noarch 2.4.43-6.codeit.el7 CodeIT 29 k
    httpd-tools x86_64 2.4.43-6.codeit.el7 CodeIT 94 k
    libnghttp2 x86_64 1.31.1-2.el7 epel 67 k
    libpath_utils x86_64 0.2.1-32.el7 base 28 k
    libtalloc x86_64 2.1.16-1.el7 base 33 k
    mailcap noarch 2.1.41-2.el7 base 31 k
    mod_http2 x86_64 1.15.7-1.codeit CodeIT 208 k
    openssl111-libs x86_64 1.1.1g-2.codeit.el7 CodeIT 1.4 M
    sscg x86_64 2.6.1-1.el7 epel 60 k

    Transaction Summary
    =====================================================================================================================================================
    Install 2 Packages (+12 Dependent packages)

    # dnf install httpd mod_ssl
    Last metadata expiration check: 0:04:04 ago on Mon 27 Apr 2020 15:30:34 UTC.
    Dependencies resolved.

    Problem: cannot install the best candidate for the job
    — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
    =====================================================================================================================================================
    Package Arch Version Repository Size
    =====================================================================================================================================================
    Installing:
    httpd x86_64 2.4.43-2.codeit.el7 CodeIT 1.4 M
    mod_ssl x86_64 1:2.4.43-2.codeit.el7 CodeIT 1.3 M
    Installing dependencies:
    brotli x86_64 1.0.7-5.el7 epel 318 k
    libnghttp2 x86_64 1.31.1-2.el7 epel 67 k
    sscg x86_64 2.6.1-1.el7 epel 60 k
    libpath_utils x86_64 0.2.1-32.el7 base 28 k
    libtalloc x86_64 2.1.16-1.el7 base 33 k
    mailcap noarch 2.1.41-2.el7 base 31 k
    apr x86_64 1.7.0-2.el7 CodeIT 122 k
    apr-util x86_64 1.6.1-6.el7 CodeIT 98 k
    httpd-filesystem noarch 2.4.43-2.codeit.el7 CodeIT 27 k
    httpd-tools x86_64 2.4.43-2.codeit.el7 CodeIT 1.3 M
    mod_http2 x86_64 1.15.7-1.codeit CodeIT 208 k
    Skipping packages with broken dependencies:
    mod_ssl x86_64 1:2.4.43-6.codeit.el7 CodeIT 121 k

    Transaction Summary
    =====================================================================================================================================================
    Install 13 Packages
    Skip 1 Package

    Thanks for your attention and apologies for taking your time!

    Ответить

      1. Hi Alexander, revisiting this
        Please review https://bugzilla.redhat.com/show_bug.cgi?id=1645638 which kind of shows the same issue — unresolved dependencies with /usr/bin/hostname. The suggestion is that the rpm package is wrong.

        A «dnf deplist » gives the dependency and provider.
        For mod_ssl-1:2.4.43-6.codeit.el7.x86_64, this gives an unresolved dependency of /usr/bin/hostname

        By contrast dnf deplist mod_ssl-1:2.4.43-2.codeit.el7.x86_64 shows no such dependency requirement which suggests why it works.

        Apparently the correct approach is to remove the invalid dependency from the package. Either YUM or DNF will then operate correctly. It is not unreasonble to expect either system-provided package manager to work.

        Per previous — could I ask you to look again at the package?
        Thanks for your work
        Kindest regards
        Rob

        Ответить

        1. Hello Rob,

          Actually I think that problem is somewhere in the dnf database, as /usr/bin/hostname is registered as «provided» in the most recent «hostname» package. If I manually update it to the latest version, I do not see any problems with this dependency anymore.

          Anyway, to support dnf and avoid cases with non-updated OS we released a fix for this case, please test with testing repository and reply if it worked for you.

          https://repo.codeit.guru/packages/testing/x86_64/ — httpd-2.4.43-7

          Ответить

          1. Hey Alexander, thanks for looking at that
            TLDR: it worked cheers!

            The OS is up to date cannot understand your notes above.

            I looked at the link you gave, although a repodata folder’s in there I didn’t see any reference to a «testing» .repo available so I put my own, in order that either yum or, in this case, dnf could resolve all depedencies. Maybe I’m being thick and missed any published repo file.

            [CodeITtest]
            name=CodeIT test repo
            baseurl=https://repo.codeit.guru/packages/testing/x86_64/
            enabled=1

            dnf update
            =====================================================================================================================================================
            Package Arch Version Repository Size
            =====================================================================================================================================================
            Upgrading:
            httpd x86_64 2.4.43-7.codeit.el7 CodeITtest 1.4 M
            httpd-devel x86_64 2.4.43-7.codeit.el7 CodeITtest 213 k
            httpd-filesystem noarch 2.4.43-7.codeit.el7 CodeITtest 29 k
            httpd-tools x86_64 2.4.43-7.codeit.el7 CodeITtest 94 k
            mod_ssl x86_64 1:2.4.43-7.codeit.el7 CodeITtest 122 k

            Transaction Summary
            =====================================================================================================================================================
            Upgrade 5 Packages

            Total download size: 1.8 M
            Is this ok [y/N]: y

            No complaints about dependencies, clean upgrade and all sorted
            Thanks for your work!
            Kindest regards
            Rob

  16. Hello Alexander,
    The command
    rpm -q —whatprovides redhat-release
    It gives me the following version:
    redhat-release-server-7.8-2.el7.x86_64

    Do you not have a repository for this version?

    —2020-05-06 17: 24: 17— https://repo.codeit.guru/codeit.el7.8.repo
    Resolving repo.codeit.guru (repo.codeit.guru) … 144.76.75.67, 2a01: 4f8: 191: 9348 :: 6
    Connecting to repo.codeit.guru (repo.codeit.guru) | 144.76.75.67 |: 443 … connected.
    HTTP request sent, awaiting response … 404 Not Found
    2020-05-06 17:24:17 ERROR 404: Not Found.

    Ответить

  17. Hello Alexander,
    I already had it configured, I have reconfigured it but yum info httpd
    it shows me the following:

    Loaded plugins: product-id, search-disabled-repos, subscription-manager
    Installed Packages
    Name : httpd
    Arch : x86_64
    Version : 2.4.6
    Release : 93.el7
    Size : 3.7 M
    Repo : installed
    From repo : rhel-7-server-rpms
    Summary : Apache HTTP Server
    URL : http://httpd.apache.org/
    License : ASL 2.0
    Description : The Apache HTTP Server is a powerful, efficient, and extensible

    I need to update apache to version.

    Thanks for your help.

    Ответить

  19. Hello,
    please, could you build a separate package which includes support for Virtualmin?
    That is, enough to point to /home for suexec docroot, then you could explain to create a local repo and yum replace httpd —replace-with=your package

    Please, let me know, ok? thank you very much

    Ответить

  20. Installed the latest from codeIT and can’t access the Apache main page on port 80:

    HTTP/1.1 403 Forbidden
    Connection: Keep-Alive
    Content-Length: 318
    Content-Type: text/html; charset=iso-8859-1
    Date: Wed, 26 Aug 2020 22:09:41 GMT
    Keep-Alive: timeout=5, max=100
    Server: Apache/2.4.46 (codeit)

    403 Forbidden

    Forbidden
    You don’t have permission to access this resource.
    Additionally, a 403 Forbidden
    error was encountered while trying to use an ErrorDocument to handle the request.

    Ответить

  22. Buenos días, podrían ayudarme a resolver este error de PERMISO DENEGADO:

    [[email protected] ~]$ cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q —qf «%{VERSION}» $(rpm -q —whatprovides redhat-release)`.repo —2020-11-11 11:38:55— https://repo.codeit.guru/codeit.el7.repo
    Resolviendo repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
    Conectando con repo.codeit.guru (repo.codeit.guru)[144.76.75.67]:443… conectado.
    Petición HTTP enviada, esperando respuesta… 200 OK
    Longitud: 159 [application/octet-stream]
    codeit.el7.repo: Permiso denegado

    No se puede escribir a “codeit.el7.repo” (Conseguido).

    Ответить

  23. Buenos días, podrían ayudarme a resolver este error de PERMISO DENEGADO:

    [[email protected] ~]$ cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q —qf «%{VERSION}» $(rpm -q —whatprovides redhat-release)`.repo —2020-11-11 11:38:55— https://repo.codeit.guru/codeit.el7.repo
    Resolviendo repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
    Conectando con repo.codeit.guru (repo.codeit.guru)[144.76.75.67]:443… conectado.
    Petición HTTP enviada, esperando respuesta… 200 OK
    Longitud: 159 [application/octet-stream]
    codeit.el7.repo: Permiso denegado

    No se puede escribir a “codeit.el7.repo” (Conseguido).

    Ответить

    1. Hello,

      We do not provide support for upgrading the installations. Usually, this is easy: just upgrade the httpd package and mod_ssl with our ones, check that ssl.conf contains ciphers list and http2 protocol enabled (default sample already has everything to test it).

      However, if you are not familiar with the Apache httpd settings, please try first to play with upgrading in the test environment or hire system administrator/devops who has experience with these httpd settings.

      Ответить

  25. Hello,

    I see that there are no nginx 1.19.x packages available in CentOS 7 Mainline repo.

    Will you be adding 1.19.x packages to the Mainline repo any time soon?

    Thank you for all your efforts!

    Please let us know!
    Cheers

    Ответить

  26. Hello,

    I would like to know whether CodeIT mainline CentOS 7 repo will provide nginx-1.19.x builds.

    Currently, I don’t see any 1.19.x packages available. Please let me know.

    Thank you for all your kind and great work with modern package builds for CentOS!

    (Note: I posted a similar question a few days ago, but I don’t see it here!)

    Cheers,
    Nick

    Ответить

  27. When I run cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo, I get:

    —2021-01-12 15:20:51— https://repo.codeit.guru/codeit.el7.repo
    Resolving repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
    Connecting to repo.codeit.guru (repo.codeit.guru)|144.76.75.67|:443… connected.
    HTTP request sent, awaiting response… 200 OK
    Length: 159 [application/octet-stream]
    codeit.el7.repo: Permission denied
    Cannot write to ‘codeit.el7.repo’ (Success).

    Is something down at the moment? Thanks!

    Ответить

  28. After installing codeit.el7.repo I updated httpd packages on CentOS 7 to latest version (2.4.46). Apache restarts and works fine, but ionCube will not load anymore. ionCube works from CLI, but not in Apache. No error messages in the logs. Apache displays a message that ionCube PHP Loader is not installed. It most certainly is, I triple-checked, the file’s there, it’s defined in php.ini, paths are fine — and it WORKED before installing this repo and updating httpd.

    I’ve googled for the issue and the only suggestion that comes up is that it’s an SElinux issue. Well, on this box SElinux has been disabled from day one (don’t ask, it’s a special requirement for the app running on this machine).

    Any idea how to get ionCube to load with the version of httpd installed from the codeit.el7.repo repo?

    Ответить

  30. Error: Package: mod_http2-1.15.23-1.codeit.x86_64 (CodeIT)
    Requires: libnghttp2 >= 1.21.1
    Error: Package: 1:mod_ssl-2.4.48-1.codeit.el7.x86_64 (CodeIT)
    Requires: sscg >= 2.2.0
    Error: Package: mod_http2-1.15.23-1.codeit.x86_64 (CodeIT)
    Requires: libnghttp2.so.14()(64bit)
    You could try using —skip-broken to work around the problem
    You could try running: rpm -Va —nofiles —nodigest

    i can see this error msg when i upgrade httpd and connected with
    cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo

    Ответить

        1. Marc,

          You can always recheck if you are able to install libnghttp2 1.33.0 from EPEL, if you really think that you have EPEL repo, it is enabled, libnghttp2 is not blacklisted, overrided etc.

          We do not provide support unfortunately for the operating system and only provide packages as is.

          Ответить

  32. After upgrading everything (yum update -y; reboot) on a CentOS 7 server which uses Apache, I’m getting this:

    $ /usr/sbin/apachectl configtest
    httpd: Syntax error on line 1 of /etc/httpd/conf/httpd.conf:
    Syntax error on line 63 of /etc/httpd/conf.modules.d/000-web-base.conf:
    Cannot load modules/mod_http2.so into server: /etc/httpd/modules/mod_http2.so:
    undefined symbol: EVP_MD_CTX_new

    I have Apache from CodeIT’s repository.
    Do you know what the error above means? It works if I simply remove the «mod_http2» module, but this obviously isn’t ideal as I won’t benefit from HTTP2.

    Server Version: Apache/2.4.48 (codeit) OpenSSL/1.1.1l
    Server MPM: event
    Server Built: May 26 2021 11:40:06

    openssl:

    # openssl version
    OpenSSL 1.0.2k-fips 26 Jan 2017

    While Apache says:

    OpenSSL/1.1.1l
    So something doesn’t seem to be right!

    Ответить

    1. I resolved by downgrading to previous version:

      # yum downgrade mod_http2-1.15.23

      Removed:
      mod_http2.x86_64 0:1.15.24-1.codeit

      Installed:
      mod_http2.x86_64 0:1.15.23-1.codeit

      Complete!

      # /usr/sbin/apachectl configtest
      Syntax OK

      # systemctl restart httpd

      (full restart is required rather than graceful reload, otherwise we’ll get “exit signal Segmentation fault (11)”)

      Ответить

          1. CentOS itself has «OpenSSL 1.0.2k-fips» installed, but Apache’s mod_http2 (from CodeIT) seems to require «OpenSSL/1.1.1l».

            My understanding is that Apache itself has its own «OpenSSL/1.1.1l» bundled?
            How can I made «mod_http2» use that one instead?

            And any idea why the previous version works, but just the latest version doesn’t?

            Thanks much!

          2. Of course 1.0.2 bundled with CentOS is OK, but you can have any other openssl 1.1.x libraries installed (e.g. openssl11-libs from epel). We never tested mod_ssl and mod_http2 with epel openssl11-libs.

            Please also try to update our openssl111-libs package to the latest version. It’s not bundled now: it’s a separate package.

            I have the idea why latest version is broken for you: apache httpd developers did an extremely massive rework in the latest version to avoid deprecation warnings and switch to using OpenSSL EVP_* API to avoid deprecation warnings with OpenSSL 3.0. Thus, new APIs are in use and probably they are not available in your library version.

          3. Thanks!

            Seems «openssl11-libs» finds epel,
            «openssl111-libs» finds CodeIT.
            Only «openssl111-libs» says «installed».

            But «mod_http2» doesn’t seem to find it… and I have no idea how I can make it use «openssl111» 🙂

            # yum info openssl11-libs
            Loaded plugins: changelog, copr, fastestmirror, langpacks
            Loading mirror speeds from cached hostfile
            * base: mirror.phx1.us.spryservers.net
            * epel: d2lzkl7pfhq30w.cloudfront.net
            * extras: mirrors.sonic.net
            * remi: mirror.bebout.net
            * remi-safe: mirror.bebout.net
            * rpmfusion-free-updates: muug.ca
            * updates: mirrors.ocf.berkeley.edu
            Available Packages
            Name : openssl11-libs
            Arch : x86_64
            Epoch : 1
            Version : 1.1.1g
            Release : 3.el7
            Size : 1.5 M
            Repo : epel/x86_64
            Summary : A general purpose cryptography library with TLS implementation
            URL : http://www.openssl.org/
            License : OpenSSL and ASL 2.0
            Description : OpenSSL is a toolkit for supporting cryptography. The openssl11-libs
            : package contains the libraries that are used by various applications which
            : support cryptographic algorithms and protocols.

            # yum info openssl111-libs
            Loaded plugins: changelog, copr, fastestmirror, langpacks
            Loading mirror speeds from cached hostfile
            * base: mirror.phx1.us.spryservers.net
            * epel: d2lzkl7pfhq30w.cloudfront.net
            * extras: mirrors.sonic.net
            * remi: mirror.bebout.net
            * remi-safe: mirror.bebout.net
            * rpmfusion-free-updates: muug.ca
            * updates: mirrors.ocf.berkeley.edu
            Installed Packages
            Name : openssl111-libs
            Arch : x86_64
            Version : 1.1.1l
            Release : 1.codeit.el7
            Size : 3.5 M
            Repo : installed
            From repo : CodeIT
            Summary : A general purpose cryptography library with TLS implementation
            URL : http://www.openssl.org/
            License : OpenSSL
            Description : OpenSSL is a toolkit for supporting cryptography. The openssl-libs
            : package contains the libraries that are used by various applications which
            : support cryptographic algorithms and protocols.

          5. Seems to say installed, anyway!

            But the «Name» field doesn’t include the «L»:

            # yum info openssl111-libs-1.1.1l
            Loaded plugins: changelog, copr, fastestmirror, langpacks
            Loading mirror speeds from cached hostfile
            * base: mirror.phx1.us.spryservers.net
            * epel: d2lzkl7pfhq30w.cloudfront.net
            * extras: mirrors.sonic.net
            * remi: mirror.bebout.net
            * remi-safe: mirror.bebout.net
            * rpmfusion-free-updates: muug.ca
            * updates: mirrors.ocf.berkeley.edu
            Installed Packages
            Name : openssl111-libs
            Arch : x86_64
            Version : 1.1.1l
            Release : 1.codeit.el7
            Size : 3.5 M
            Repo : installed
            From repo : CodeIT
            Summary : A general purpose cryptography library with TLS implementation
            URL : http://www.openssl.org/
            License : OpenSSL
            Description : OpenSSL is a toolkit for supporting cryptography. The openssl-libs
            : package contains the libraries that are used by various
            : applications which support cryptographic algorithms and protocols.

  35. dnf update
    Última comprobación de caducidad de metadatos hecha hace 0:00:36, el vie 01 oct 2021 15:49:14 CEST.
    Dependencias resueltas.

    Problema: package nginx-1:1.16.1-1.el7.codeit.x86_64 requires libbrotlienc.so.1()(64bit), but none of the providers can be installed
    — package nginx-1:1.16.1-1.el7.codeit.x86_64 obsoletes libbrotli provided by libbrotli-1.0.9-1.codeit.el7.x86_64
    — cannot install both brotli-1.0.7-5.el7.x86_64 and brotli-1.0.9-1.codeit.el7.x86_64
    — cannot install the best update candidate for package libbrotli-1.0.9-1.codeit.el7.x86_64
    — cannot install the best update candidate for package brotli-1.0.9-1.codeit.el7.x86_64
    =============================================================================================================================================================================================
    Paquete Arquitectura Versión Repositorio Tamaño
    =============================================================================================================================================================================================
    Descartando paquetes con conflictos:
    (añada ‘—best —allowerasing’ a la linea de comandos para forzar su actualización):
    brotli x86_64 1.0.7-5.el7 epel 318 k
    Descartando paquetes con conflictos en las dependencias:
    nginx x86_64 1:1.16.1-1.el7.codeit CodeIT 3.5 M

    Resumen de la transacción
    =============================================================================================================================================================================================
    Descartar 2 Paquetes

    Nada por hacer.
    ¡Listo!

    Ответить

      1. I have not installed nginx, but apache

        # yum list installed | grep CodeIT
        apr.x86_64 1.7.0-2.el7 @CodeIT
        apr-devel.x86_64 1.7.0-2.el7 @CodeIT
        apr-util.x86_64 1.6.1-6.el7 @CodeIT
        apr-util-devel.x86_64 1.6.1-6.el7 @CodeIT
        brotli.x86_64 1.0.9-1.codeit.el7 @CodeIT
        httpd.x86_64 2.4.49-1.codeit.el7 @CodeIT
        httpd-filesystem.noarch 2.4.49-1.codeit.el7 @CodeIT
        httpd-tools.x86_64 2.4.49-1.codeit.el7 @CodeIT
        libbrotli.x86_64 1.0.9-1.codeit.el7 @CodeIT
        mc.x86_64 1:4.8.27-1.codeit.el7 @CodeIT
        mod_http2.x86_64 1.15.24-1.codeit @CodeIT
        mod_ssl.x86_64 1:2.4.49-1.codeit.el7 @CodeIT
        openssl111-libs.x86_64 1.1.1l-1.codeit.el7 @CodeIT
        # yum list installed | grep nginx
        none

        # yum list installed | grep epel
        certbot.noarch 1.11.0-1.el7 @epel
        epel-release.noarch 7-14 @epel
        htop.x86_64 2.2.0-3.el7 @epel
        jq.x86_64 1.6-2.el7 @epel
        libdb4.x86_64 4.8.30-13.el7 @epel
        libdb4-utils.x86_64 4.8.30-13.el7 @epel
        libmspack.x86_64 0.7-0.1.alpha.el7 @epel
        libnghttp2.x86_64 1.33.0-1.1.el7 @epel
        oniguruma.x86_64 6.8.2-1.el7 @epel
        python-ndg_httpsclient.noarch 0.3.2-1.el7 @epel
        python-requests-toolbelt.noarch 0.8.0-3.el7 @epel
        python-zope-component.noarch 1:4.1.0-5.el7 @epel
        python-zope-event.noarch 4.0.3-2.el7 @epel
        python2-acme.noarch 1.11.0-1.el7 @epel
        python2-certbot.noarch 1.11.0-1.el7 @epel
        python2-configargparse.noarch 0.11.0-2.el7 @epel
        python2-dialog.noarch 3.3.0-6.el7 @epel
        python2-distro.noarch 1.2.0-3.el7 @epel
        python2-future.noarch 0.18.2-2.el7 @epel
        python2-josepy.noarch 1.3.0-2.el7 @epel
        python2-mock.noarch 1.0.1-10.el7 @epel
        python2-parsedatetime.noarch 2.4-6.el7 @epel
        python2-pip.noarch 8.1.2-14.el7 @epel
        python2-psutil.x86_64 5.6.7-1.el7 @epel
        python2-pyrfc3339.noarch 1.1-3.el7 @epel
        python2-six.noarch 1.9.0-0.el7 @epel
        sscg.x86_64 2.6.1-1.el7 @epel

        Ответить

  36. I have problem on dnf update

    Problema: package nginx-1:1.16.1-1.el7.codeit.x86_64 requires libbrotlienc.so.1()(64bit), but none of the providers can be installed
    — package nginx-1:1.16.1-1.el7.codeit.x86_64 obsoletes libbrotli provided by libbrotli-1.0.9-1.codeit.el7.x86_64
    — cannot install both brotli-1.0.7-5.el7.x86_64 and brotli-1.0.9-1.codeit.el7.x86_64
    — cannot install the best update candidate for package libbrotli-1.0.9-1.codeit.el7.x86_64
    — cannot install the best update candidate for package brotli-1.0.9-1.codeit.el7.x86_64
    ===========================================================================================================================================================
    Paquete Arquitectura Versión Repositorio
    ===========================================================================================================================================================
    Descartando paquetes con conflictos:
    (añada ‘—best —allowerasing’ a la linea de comandos para forzar su actualización):
    brotli x86_64 1.0.7-5.el7 epel
    Descartando paquetes con conflictos en las dependencias:
    nginx x86_64 1:1.16.1-1.el7.codeit CodeIT

    Resumen de la transacción
    ===========================================================================================================================================================

    Ответить

  37. It seems that there is something wrong with mod_http2:
    [[email protected] ~]# rpm -q —requires mod_http2
    config(mod_http2) = 1.15.24-1.codeit
    httpd-mmn = 20120211×8664
    libc.so.6()(64bit)
    libc.so.6(GLIBC_2.14)(64bit)
    libc.so.6(GLIBC_2.2.5)(64bit)
    libc.so.6(GLIBC_2.3)(64bit)
    libcrypto.so.10()(64bit)
    libcrypto.so.10(libcrypto.so.10)(64bit)
    libnghttp2 >= 1.21.1
    libnghttp2.so.14()(64bit)
    rpmlib(CompressedFileNames) <= 3.0.4-1
    rpmlib(FileDigests) <= 4.6.0-1
    rpmlib(PayloadFilesHavePrefix) <= 4.0-1
    rtld(GNU_HASH)
    rpmlib(PayloadIsXz) <= 5.2-1

    Which is wrong, because mod_httpd2 should require libcrypto.so.1.1, which is provided by openssl111-libs.

    Ответить

  38. Hello, we are running into the following error. Is the gpg key expired?:

    cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q –qf “%{VERSION}” $(rpm -q –whatprovides redhat-release)`.repo

    —2021-11-18 13:07:32— https://repo.codeit.guru/codeit.elpackage
    Resolving repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
    Connecting to repo.codeit.guru (repo.codeit.guru)|144.76.75.67|:443… connected.
    ERROR: cannot verify repo.codeit.guru’s certificate, issued by ‘/C=US/O=Let’s Encrypt/CN=R3’:
    Issued certificate has expired.
    To connect to repo.codeit.guru insecurely, use `—no-check-certificate’.

    We very much would not like to disable gpg key check for any repo

    Ответить

  39. works fine on CentOS 7 for montsh, but can’t update now, getting dependency error (yum update):

    Error: Package: nghttp2-1.33.0-1.1.el7.x86_64 (@epel)
    Requires: libnghttp2(x86-64) = 1.33.0-1.1.el7
    Removing: libnghttp2-1.33.0-1.1.el7.x86_64 (@epel)
    libnghttp2(x86-64) = 1.33.0-1.1.el7
    Updated By: libnghttp2-1.46.0-1.codeit.el7.x86_64 (CodeIT)
    libnghttp2(x86-64) = 1.46.0-1.codeit.el7

    What to do?

    Ответить

  40. Hi Alexander, thank you for hint.

    I don’t know nghttp2 is for, was installed at setup. Removed it now with «yum erase nghtzp2» with no dependency issue and all seems to work normal.

    Do you have an idea, what impact missing nghttp2 could have?

    Ответить

  41. Hello, I’m trying to install latest apache version on a Centos 8 machine, I configured codeit repository but when i type «yum info httpd» the package in codeit repo is not seen. The repo seems correctly enabled, if I search other packages it finds them
    What else can I check?
    Thank you

    Ответить

  44. Hi just did the repos install and enable module httpd but get these errors whenever I do a dnf update this is on Almalinux 8.5

    Modular dependency problem:

    Problem: module php:7.2:8030020210119114311:2c7ca891.x86_64 requires module(httpd:2.4), but none of the providers can be installed
    — module httpd:2.4:8060020220510105858:9edba152.x86_64 conflicts with module(httpd:codeit) provided by httpd:codeit:1:el8.noarch
    — module httpd:codeit:1:el8.noarch conflicts with module(httpd:2.4) provided by httpd:2.4:8060020220510105858:9edba152.x86_64
    — module httpd:2.4:8060020220622110449:9edba152.x86_64 conflicts with module(httpd:codeit) provided by httpd:codeit:1:el8.noarch
    — module httpd:codeit:1:el8.noarch conflicts with module(httpd:2.4) provided by httpd:2.4:8060020220622110449:9edba152.x86_64
    — conflicting requests

    Ответить

  45. Dependency issues.
    Transaction check error:
    file /usr/lib64/libbrotlicommon.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64
    file /usr/lib64/libbrotlidec.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64
    file /usr/lib64/libbrotlienc.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64

    Error Summary

    Ответить

      1. FYI EL7 builds are already in the testing repo.
        No issues found, CI/CD and tests pass normally, so please expect OpenSSL 3 transfer in May/June.
        This will require some time where users will have broken dependencies, as soon as we do not want to change OpenSSL package name (we will keep it as openssl-quic-libs; now it is openssl-quic-libs-1.1.1t, will be openssl-quic-libs-3.0.8).
        Thus, it requires preliminary builds put to testing repos.

        Ответить

  48. Hi,

    I am attempting to add the CodeIT repo as a custom repo in Red Hat Satellite 6.11. When attempting a sync of the repo, I see this error: «Katello::Errors::Pulp3Error null value in column «arch» violates not-null constraint DETAIL: Failing row contains (129f0b17-e0bc-4726-8d62-f1aeca3c912f, httpd, codeit, 1, el8, null, [{}], [«httpd-0:2.4.54-1.module_codeit.codeit.el8.x86_64», «httpd-0:2…., f).»

    According to a support case opened with Red Hat, they reference https://access.redhat.com/solutions/7007535 where is the repo maintainer needs to set the architecture value.

    I have been using your repo for Apache web server for quite a while now and have been very satisfied with it. Perhaps I am over looking something while trying to create the repo sync in Satellite.

    Ответить

    1. Hi,

      The article you provided requires a paid subscription from my side. If you can provide me with clear instructions and a test output, I would be happy to add the arch value in this case.
      createrepo --help and createrepo_mod --help do not provide any options to set this value.

      Ответить

      1. Thanks for getting back. The support rep ran a test of a custom yum/dnf repo.
        Here are the steps they used and the comments made:

        ~~~
        # cat /etc/yum.repos.d/custom.repo
        [custom_repo]
        name = custom_repo
        baseurl = https://repo.codeit.guru/packages/centos/8/x86_64/
        enabled = 1
        metadata_expire = 1
        enabled_metadata = 1
        ~~~

        — Once done, run below command to check the architecture of ‘httpd’ module coming from above mentioned ‘custom_repo’.

        # dnf module info httpd

        Name : httpd
        Stream : codeit
        Version : 1
        Context : el8
        Architecture : <=========== This is BLANK
        Profiles : common
        Default profiles :
        Repo : custom_repo
        Summary : Apache httpd CodeIT Builds
        Description : Apache HTTPd server with HTTP/2, TLSv1.3, Brotli support
        Requires :

        Notice the architecture is blank above. The issue should be addressed from the maintainer of the repository. Ensure that every module in the repository has an Architecture Value set for it.

        Ответить

        1. It looks like the architecture is set in the *-modules.yaml under the «data:» section
          I also use a module repo from Remi for PHP. Here is a snippet from their current YAML


          document: modulemd
          version: 2
          data:
          name: php
          stream: remi-8.0
          version: 20230511155149
          context: 00000000
          arch: x86_64
          summary: PHP scripting language

          Ответить

          1. Russel, thanks for pointing out!

            I used modulemd-tools 0.7 for EL8. My first thought that 0.7 can be outdated and compiled latest variant, 0.13. Unfortunately, it still did not create arch field in the module yaml despite specifying it as httpd:codeit:1:el8:aarch64:

            nsvca Module name, stream version, context and architecture
            in a N:S:V:C:A format

            Of course, I will dig it more, but if you will be able to provide any recipes for dir2module, it will be helpful.

            For this moment I don’t like the idea to patch yaml file with the simple script.

  49. Hi Alexander,

    I have been pressing Red Hat support to give me some insight to help. They have two questions.

    1. «Please confirm, In which tool CodeIT repo maintainer passing .yml file input to generate arch?»
    2. «Please confirm, CodeIT repo maintainer trying to create a custom module?»

    I appreciate your willingness work on this since I would prefer to use your repo instead of the back ported version of httpd Red Hat provides.

    Ответить

    1. Hi Russel!

      1. We use «createrepo_mod» and «dir2module» tools to create the module from directory files
      2. Yes, we created custom nginx and httpd modules so users can select them and install our versions instead of RedHat ones.

      Thanks for the donation!

      Ответить

    2. Please also check if EL8 builds (both x86_64 and aarch) are now parsed properly for you. Manual patching added. If it works, I will add these hacks for EL9.

      Name             : httpd
Stream           : codeit
Version          : 1
Context          : el8
Architecture     : aarch64
Profiles         : common
Default profiles :
Repo             : CodeIT
Summary          : Apache httpd CodeIT Builds
Description      : Apache HTTPd server with HTTP/2, TLSv1.3, Brotli support
      Ответить

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *