Or uWSGI, or Daphne, or any other WSGI server that supports Django as an application.
I don’t know what Linux distribution you are using, but from what I’m seeing related to Debian / Ubuntu, you don’t need to compile nginx itself. You need to download the sources because you need to compile a module for nginx.
I don’t have any first-hand knowledge on this topic - if you have information to the contrary, please let me know!
(I don’t know what the steps might be if you’re using a RedHat derrivative, but I’d be surprised if it were significantly different.)
This statement is not accurate on both counts. (How do you think the distros build their packages from upstream sources? They compile them. That’s about as scalable as you can imagine when you consider the thousands of packages the major distros make available.)
You compile the connector module once, and if necessary, create an installable package for it.
It’s a question of what you’re needing to update, but calling it a “nightmare” is a bit of an overstatement. Yes it’s an extra step, but it’s hardly something to be scared of.
Any half-way decent software written for a reasonable Posix-like environment is designed to be compiled by an end-user. The idea of expecting your distro to supply everything you’re going to ever need is a relatively recent concept. There are still a number of niche areas where you’re expected to build your own software customized for your particular situation, because the distros don’t handle it.
Now having said all that, …
That’s a perfectly valid choice. There’s nothing wrong with avoiding steps in your build process.
Side note: See the announcement at F5 NGINX ModSecurity WAF Is Transitioning to End-of-Life - NGINX. This may also affect the long-term viability of ModSecurity with Apache as well - that’s a topic you may wish to keep your eyes on.