CodeIT является разработчиком решений в сфере ПО (в том числе, и на базе веб-технологий). Поэтому нам регулярно необходимо свежее серверное программное обеспечение с поддержкой современных возможностей. Например, NGINX и Apache httpd, собранные для промышленных дистрибутивов с поддержкой HTTP/2 и brotli. А их, увы, не нашлось. Поэтому мы используем сами и приглашаем вас использовать наш репозиторий для RHEL/CentOS/Rocky Linux/Alma Linux/Oracle Linux:
Версия | Поддерживаемые платформы | Статус |
6.x | x86_64 | поддержка прекращена с 12.2020 |
7.x | x86_64 | Поддержка до 06.2024 |
8.x | x86_64, aarch64 | Актуален |
9.x | x86_64, aarch64 | Актуален |
Чтобы включить автоматическое обновление пакетов для Linux, настройте репозиторий yum для дистрибутивов RHEL/CentOS.
ГОТОВЫЕ ПАКЕТЫ СТАБИЛЬНЫХ/MAINLINE ВЕРСИЙ
Для настройки RPM-репозитория Mainline для RHEL/CentOS необходимо просто установить пакет:
CentOS 7 / RHEL 7:
Stable:
yum install -y https://repo.codeit.guru/codeit-repo-release.el7.rpm epel-release
Mainline with QUIC / HTTP/3:
yum install -y https://repo.codeit.guru/codeit-repo-release.el7.rpm epel-release && yum-config-manager --enable CodeIT-mainline --save
CentOS 8-9 / RHEL 8-9 / Rocky Linux 8-9 / Alma Linux 8-9:
EL8: yum install -y https://repo.codeit.guru/codeit-repo-release.el8.rpm epel-release
EL9: yum install -y https://repo.codeit.guru/codeit-repo-release.el9.rpm epel-release
Mainline with QUIC stream (1.21.x, 1.23.x, …): dnf module enable -y nginx:codeit-mainline
Stable stream (1.20.x, 1.22.x): dnf module enable -y nginx:codeit-stable
Apache httpd stable: dnf module enable -y httpd:codeit
Если же вы хотите посмотреть списки имеющихся пакетов, можете просмотреть репозиторий. Обращаю ваше внимание на тот факт, что в зависимостях некоторых пакетов присутствуют библиотеки из репозитория EPEL, такие как apr-util, libnghttp. Таким образом, для использования Apache HTTPd проще всего подключить репозиторий EPEL:
yum install -y epel-release
Зачем для этого отдельный репозиторий?
Здесь будут публиковаться свежие версии nginx (из веток mainline и stable). Чем они лучше официальных? Тем, что наши пакеты:
-
- собраны c OpenSSL 1.1.1+ ради поддержки ALPN (заявление поддержки http2 ещё на этапе согласования TLS-соединения) и TLS 1.3 RFC 8446, которых нет из коробки. Это важно для нас, поскольку с мая 2016 года Google Chrome отменяет поддержку NPN и те, кто не имеет ALPN, останутся без http2.
-
- есть поддержка сжатия контента brotli с помощью собранного плагина ngx_brotli + libbrotli, которая оформлена отдельным пакетом.
Мы следим за версиями openssl, nginx и будем регулярно обновлять наши сборки. В будущем планируем расширить список программных продуктов, следите за сообщениями в блоге. Конечно, все SRPM доступны в репозитории. Первая версия собрана с OpenSSL 1.0.2h. Пакеты в репозитории подписаны нашим GPG-ключом, открытый ключ находится здесь.
Is there no changes. I followed the above procedure, actually, I’m looking for a change on this.
Please support me.
HTTP/1.1 200 OK
Date: Tue, 03 Sep 2019 11:45:54 GMT
Server: Apache/2.4.41 (codeit) PHP/7.2.22
Last-Modified: Tue, 03 Sep 2019 11:29:11 GMT
ETag: «1d-591a465c41698»
Accept-Ranges: bytes
Content-Length: 29
Content-Type: text/html; charset=UTF-8
Guys,
Love the Builds. Great Work
Love from India
Hi,
First of all thanks for your builds, during few years I’ve been using your repot to have my webservers updated.
I’m writting this coment to request adding LUA Support for your nginx, that would enable using your builds with a lot of external third-party integrations.
Regards,
Hello,
Just asking is the repos are safe.. I am seeing codeit along with the installed packages
Hello Arun,
You use this repository as is at your own risk.
Hello Alexander,
Thanks for your reply.
I am going to do the source code compilation method.
Hello Alexander,
The command
rpm -q —whatprovides redhat-release
It gives me the following version:
redhat-release-server-7.8-2.el7.x86_64
Do you not have a repository for this version?
—2020-05-06 17: 24: 17— https://repo.codeit.guru/codeit.el7.8.repo
Resolving repo.codeit.guru (repo.codeit.guru) … 144.76.75.67, 2a01: 4f8: 191: 9348 :: 6
Connecting to repo.codeit.guru (repo.codeit.guru) | 144.76.75.67 |: 443 … connected.
HTTP request sent, awaiting response … 404 Not Found
2020-05-06 17:24:17 ERROR 404: Not Found.
Hello Sancho,
Please use EL7 repo at https://repo.codeit.guru/codeit.el7.repo
Hello Alexander,
I already had it configured, I have reconfigured it but yum info httpd
it shows me the following:
Loaded plugins: product-id, search-disabled-repos, subscription-manager
Installed Packages
Name : httpd
Arch : x86_64
Version : 2.4.6
Release : 93.el7
Size : 3.7 M
Repo : installed
From repo : rhel-7-server-rpms
Summary : Apache HTTP Server
URL : http://httpd.apache.org/
License : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
I need to update apache to version.
Thanks for your help.
Very good work, thank you very much!
Hello,
please, could you build a separate package which includes support for Virtualmin?
That is, enough to point to /home for suexec docroot, then you could explain to create a local repo and yum replace httpd —replace-with=your package
Please, let me know, ok? thank you very much
Hello Frank,
Sorry, we do not provide support for Virtualmin. If you believe this flavour is easy to support, you can use our source RPMs and add a simple patch for your own builds.
Installed the latest from codeIT and can’t access the Apache main page on port 80:
HTTP/1.1 403 Forbidden
Connection: Keep-Alive
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 26 Aug 2020 22:09:41 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.46 (codeit)
403 Forbidden
Forbidden
You don’t have permission to access this resource.
Additionally, a 403 Forbidden
error was encountered while trying to use an ErrorDocument to handle the request.
This is the default page. Please simply add index.html to your document root.
Buenos días, podrían ayudarme a resolver este error de PERMISO DENEGADO:
[groot@srvtickets ~]$ cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q —qf «%{VERSION}» $(rpm -q —whatprovides redhat-release)`.repo —2020-11-11 11:38:55— https://repo.codeit.guru/codeit.el7.repo
Resolviendo repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
Conectando con repo.codeit.guru (repo.codeit.guru)[144.76.75.67]:443… conectado.
Petición HTTP enviada, esperando respuesta… 200 OK
Longitud: 159 [application/octet-stream]
codeit.el7.repo: Permiso denegado
No se puede escribir a “codeit.el7.repo” (Conseguido).
Hello,
I still using HTTP/1 on my Centos 7 server with Magento 2.
How can I upgrade to HTTP/2 ?
Thanks a lot for answering
Hello,
We do not provide support for upgrading the installations. Usually, this is easy: just upgrade the httpd package and mod_ssl with our ones, check that ssl.conf contains ciphers list and http2 protocol enabled (default sample already has everything to test it).
However, if you are not familiar with the Apache httpd settings, please try first to play with upgrading in the test environment or hire system administrator/devops who has experience with these httpd settings.
When I run cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo, I get:
—2021-01-12 15:20:51— https://repo.codeit.guru/codeit.el7.repo
Resolving repo.codeit.guru (repo.codeit.guru)… 144.76.75.67, 2a01:4f8:191:9348::6
Connecting to repo.codeit.guru (repo.codeit.guru)|144.76.75.67|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 159 [application/octet-stream]
codeit.el7.repo: Permission denied
Cannot write to ‘codeit.el7.repo’ (Success).
Is something down at the moment? Thanks!
Hello,
We are running smoothly.
I read the error description and see that you have file write problem to your disk.
Please run this from root user.
Don’t I feel foolish. 🙂
After installing codeit.el7.repo I updated httpd packages on CentOS 7 to latest version (2.4.46). Apache restarts and works fine, but ionCube will not load anymore. ionCube works from CLI, but not in Apache. No error messages in the logs. Apache displays a message that ionCube PHP Loader is not installed. It most certainly is, I triple-checked, the file’s there, it’s defined in php.ini, paths are fine — and it WORKED before installing this repo and updating httpd.
I’ve googled for the issue and the only suggestion that comes up is that it’s an SElinux issue. Well, on this box SElinux has been disabled from day one (don’t ask, it’s a special requirement for the app running on this machine).
Any idea how to get ionCube to load with the version of httpd installed from the codeit.el7.repo repo?
Can you please add mod_fcgid as a RPM to your Apache repo?
https://httpd.apache.org/mod_fcgid/
Added, please test.
Error: Package: mod_http2-1.15.23-1.codeit.x86_64 (CodeIT)
Requires: libnghttp2 >= 1.21.1
Error: Package: 1:mod_ssl-2.4.48-1.codeit.el7.x86_64 (CodeIT)
Requires: sscg >= 2.2.0
Error: Package: mod_http2-1.15.23-1.codeit.x86_64 (CodeIT)
Requires: libnghttp2.so.14()(64bit)
You could try using —skip-broken to work around the problem
You could try running: rpm -Va —nofiles —nodigest
i can see this error msg when i upgrade httpd and connected with
cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo
Please install EPEL repo, we require it for all the dependencies.
I have the same problem as Sam — CentOS 7. You say «install EPEL repo» but «yum install epel-release» says there is «Nothing to do». I have followed all steps you listed.
Marc,
You can always recheck if you are able to install libnghttp2 1.33.0 from EPEL, if you really think that you have EPEL repo, it is enabled, libnghttp2 is not blacklisted, overrided etc.
We do not provide support unfortunately for the operating system and only provide packages as is.
Indeed, our epel.repo was disabled!
Thanks!
sudo nano /etc/yum.repos.d/epel.rep
Change enabled=0 to enabled=1
Any chance to package pagespeed as a module too? Would pair really well with http/2 and brotli support.
Cheers and thanks for your great work!
Thank you Alexander for your great work and support.
Hi just did the repos install and enable module httpd but get these errors whenever I do a dnf update this is on Almalinux 8.5
Modular dependency problem:
Problem: module php:7.2:8030020210119114311:2c7ca891.x86_64 requires module(httpd:2.4), but none of the providers can be installed
— module httpd:2.4:8060020220510105858:9edba152.x86_64 conflicts with module(httpd:codeit) provided by httpd:codeit:1:el8.noarch
— module httpd:codeit:1:el8.noarch conflicts with module(httpd:2.4) provided by httpd:2.4:8060020220510105858:9edba152.x86_64
— module httpd:2.4:8060020220622110449:9edba152.x86_64 conflicts with module(httpd:codeit) provided by httpd:codeit:1:el8.noarch
— module httpd:codeit:1:el8.noarch conflicts with module(httpd:2.4) provided by httpd:2.4:8060020220622110449:9edba152.x86_64
— conflicting requests
Dependency issues.
Transaction check error:
file /usr/lib64/libbrotlicommon.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64
file /usr/lib64/libbrotlidec.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64
file /usr/lib64/libbrotlienc.so.1 from install of libbrotli-1.0.9-1.codeit.el7.x86_64 conflicts with file from package brotli-1.0.7-5.el7.x86_64
Error Summary
Re: Dependency issue above.
I have both apache and nginx installed. I resolved the issue by upgrading apache first.
Looking for ETA for openssl3.0 support with apache.
Openssl1.1.1 will reach EOL by the end of Sep 2023.
Thanks for pointing out!
We definitely plan to stay with 100% supported software and will move to OpenSSL 3 before the 1.1.1 EOL.
FYI EL7 builds are already in the testing repo.
No issues found, CI/CD and tests pass normally, so please expect OpenSSL 3 transfer in May/June.
This will require some time where users will have broken dependencies, as soon as we do not want to change OpenSSL package name (we will keep it as openssl-quic-libs; now it is openssl-quic-libs-1.1.1t, will be openssl-quic-libs-3.0.8).
Thus, it requires preliminary builds put to testing repos.
Hi,
I am attempting to add the CodeIT repo as a custom repo in Red Hat Satellite 6.11. When attempting a sync of the repo, I see this error: «Katello::Errors::Pulp3Error null value in column «arch» violates not-null constraint DETAIL: Failing row contains (129f0b17-e0bc-4726-8d62-f1aeca3c912f, httpd, codeit, 1, el8, null, [{}], [«httpd-0:2.4.54-1.module_codeit.codeit.el8.x86_64», «httpd-0:2…., f).»
According to a support case opened with Red Hat, they reference https://access.redhat.com/solutions/7007535 where is the repo maintainer needs to set the architecture value.
I have been using your repo for Apache web server for quite a while now and have been very satisfied with it. Perhaps I am over looking something while trying to create the repo sync in Satellite.
Hi,
The article you provided requires a paid subscription from my side. If you can provide me with clear instructions and a test output, I would be happy to add the arch value in this case.
createrepo --help
andcreaterepo_mod --help
do not provide any options to set this value.Thanks for getting back. The support rep ran a test of a custom yum/dnf repo.
Here are the steps they used and the comments made:
~~~
# cat /etc/yum.repos.d/custom.repo
[custom_repo]
name = custom_repo
baseurl = https://repo.codeit.guru/packages/centos/8/x86_64/
enabled = 1
metadata_expire = 1
enabled_metadata = 1
~~~
— Once done, run below command to check the architecture of ‘httpd’ module coming from above mentioned ‘custom_repo’.
# dnf module info httpd
Name : httpd
Stream : codeit
Version : 1
Context : el8
Architecture : <=========== This is BLANK
Profiles : common
Default profiles :
Repo : custom_repo
Summary : Apache httpd CodeIT Builds
Description : Apache HTTPd server with HTTP/2, TLSv1.3, Brotli support
Requires :
Notice the architecture is blank above. The issue should be addressed from the maintainer of the repository. Ensure that every module in the repository has an Architecture Value set for it.
It looks like the architecture is set in the *-modules.yaml under the «data:» section
I also use a module repo from Remi for PHP. Here is a snippet from their current YAML
—
document: modulemd
version: 2
data:
name: php
stream: remi-8.0
version: 20230511155149
context: 00000000
arch: x86_64
summary: PHP scripting language
Russel, thanks for pointing out!
I used modulemd-tools 0.7 for EL8. My first thought that 0.7 can be outdated and compiled latest variant, 0.13. Unfortunately, it still did not create arch field in the module yaml despite specifying it as httpd:codeit:1:el8:aarch64:
nsvca Module name, stream version, context and architecture
in a N:S:V:C:A format
Of course, I will dig it more, but if you will be able to provide any recipes for dir2module, it will be helpful.
For this moment I don’t like the idea to patch yaml file with the simple script.
Hi Alexander,
I have been pressing Red Hat support to give me some insight to help. They have two questions.
1. «Please confirm, In which tool CodeIT repo maintainer passing .yml file input to generate arch?»
2. «Please confirm, CodeIT repo maintainer trying to create a custom module?»
I appreciate your willingness work on this since I would prefer to use your repo instead of the back ported version of httpd Red Hat provides.
Hi Russel!
1. We use «createrepo_mod» and «dir2module» tools to create the module from directory files
2. Yes, we created custom nginx and httpd modules so users can select them and install our versions instead of RedHat ones.
Thanks for the donation!
Please also check if EL8 builds (both x86_64 and aarch) are now parsed properly for you. Manual patching added. If it works, I will add these hacks for EL9.
Alexander,
The latest sync worked perfectly. Thanks for working to get this going. I know it’s frustrating to manually patch. I do appreciate it.
Great it works! EL9 patching added to the CI/CD pipelines.
Hello-
I got apache 2.4 to install on Amazon Linux 2 with your packages. I am also able to get openssl1.1.1x installed with their epel repo.
I picked the latest version of your http24 (httpd-2.4.57-1.codeit.el7.x86_64.rpm) and it started looking for openssl 3.0.x dependencies. Is the most recent version that supports openssl 1.1.1 httpd-2.4.46-1.codeit.el7.x86_64.rpm?
Thanks!
Hello Alex,
We need specific package, openssl-quic-libs from our repo, not usual openssl.
Please do not install outdated vulnerable httpd 2.4.46. Always use latest versions without known vulnerabilities.
Thanks, Alexander. For Amazon Linux 2 I kept getting an invalid URL for the repo. Because of that I ended up installing the packages via the URL to the RPM with yum. That would make it so that the pacakges would be upgraded (downgraded) back to the Amazon repos with higher priority after they were installed. I ended up hardcoding the $releasever value in the URL to the repo to 7 (it detects as 2 due to Amazon Linux «2»). I then set a priority level to 9 (one under the Amazon repo value of 10) to make it prefer your repo. This is the final repo file:
[CodeIT]
name=CodeIT repo
priority=9
baseurl=https://repo.codeit.guru/packages/centos/7/$basearch
enabled=1
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
gpgcheck=1
[CodeIT-mainline]
name=CodeIT mainline repo
priority=9
baseurl=https://repo.codeit.guru/packages/mainline/centos/7/$basearch
enabled=1
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
gpgcheck=1
[CodeIT-quic]
name=CodeIT mainline repo
priority=9
baseurl=https://repo.codeit.guru/packages/quic/7/$basearch
enabled=0
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
gpgcheck=1
[CodeIT-testing]
name=CodeIT testing repo
priority=9
baseurl=https://repo.codeit.guru/packages/testing/7/$basearch
enabled=0
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-codeit
gpgcheck=1
Now all packages are installed by your REPO with the standard yum install httpd and mod_ssl.
Thanks for the great work and help!
Alex, we do not support any rpm repo. I am aware that Amazon linux is not compatible with Redhat enterprise linux and thus we cannot guarantee that every dependency can be satisfied.
I never tested our repo on Amazon linux, but you can hardcode/replace $releasever or 7 in your example with 8 or 9.
But if you want to use our repo, please set up a new instance with a supported OS
My apololgies for the confusion… I meant I was installing your packages with commands like:
«yum install https://repo.codeit.guru/packages/centos/7/x86_64/httpd-2.4.57-1.codeit.el7.x86_64.rpm»
Thanks for the other information.
Dear Codeit,
we tried to sync your repo with pulp 3 but it fails within step: «Downloading Artifacts»
traceback:
SNIP…..
File \»/usr/local/lib/python3.8/site-packages/pulp_rpm/app/modulemd.py\», line 202, in parse_modular\n modulemd_all.append(create_modulemd(parsed_data, module))\n File \»/usr/local/lib/python3.8/site-packages/pulp_rpm/app/modulemd.py\», line 120, in create_modulemd\n data[PULP_MODULE_ATTR.NAME],\n»,
«description»: «‘name'»
SNIP…..
It looks like there ist some complaint about the modulemd restriction or artifacts/content regarding to the repomd. Do you have any idea?
Hello, I do not have any ideas regarding this error unfortunately. We test our repos with yum/dnf only, this is the supported way to use it.
If you see any anomalies with other software, please report with steps to fix it.
Because Red Hat prohibits the recompilation version, it is expected that a series of versions such as almalinux will hardly survive. We also plan to migrate to the Debian platform. Are you planning to launch a corresponding package for Debian?
Thanks.
James, why do you think that «almalinux will hardly survive»?
Please check their blog to find official plans.
For now I do not see any needs to support Debian for us, but anyway if community really needs it and want to support it, let’s think about it.
Alexander,
I have seen their plans, although I also like almalinux, but I don’t think their plans will work, I don’t think their staff reserves and technical reserves and financial strength, it is really difficult to keep up with Red Hat’s bugfix and security patches, they don’t have the ability to maintain a release.
Just a kernel patch, Red Hat can kill other recompiled versions, users will have a great sense of incompleteness, in fact, I am not willing to leave the platform that I have used for 17 years, but at present, almalinux rocky oraclelinux It’s only a matter of time before we leave.