Recompile NGINX with OpenSSL 1.0.2+ for HTTP/2

No matter how “stable” your “surroundings” are, eventually you will face HTTP/2 and all those requirements to run it on your server using Linux and some HTTP daemon. One of those requirements will be the OpenSSL version 1.0.2 (with ALPN support).

You might be lucky and you will find proper package of the OpenSSL for your Linux distribution. But then, you might be required to recompile your HTTP daemon from source. Yes, I’m in this situation now: Debian 8, OpenSSL 1.0.2 from “backports” and NGINX 1.10 (from DotDeb.org or NGINX.org).

Thanks to the Ramūnas (colleague of mine) for the link Recompile NGINX with OpenSSL 1.0.2+ for HTTP/2 via ALPN – Ubuntu 14.04 – this helps me to deal quicker with NGINX on Debian 8 at least for development environment.

Encrypt password on Ubuntu/Debian

Sometimes I need to encrypt password same “way” as it done in /etc/shadow. For example: to place it in the Puppet config. I think there is a plenty of ways to do it. Here is my favorite: mkpasswd

# Install "whois" package in case we don't have it
sudo apt-get install whois
# Get available encryption methods
mkpasswd -m help
# Encrypt using SHA-256
mkpasswd -m sha-256
# Encrypt using SHA-512
mkpasswd -m sha-512