前言
此脚本用于安装 nginx;tengine;openresty. 安装版本为:
- nginx: 1.14
- openresty: 1.15.8.3
- tengine: 2.1.2 # 这是一个很古老的版本…
目录结构
因为是编译安装,所以产出目录均在 /usr/local/<nginx/openresty/tengine>,除了 logs 做了软链 /usr/local/xxx/logs -> /export/logs/nginx
/usr/local/xxx/conf 目录结构
# 下面两个主配置文件会告诉你,相应的上下文配置,应该以什么结尾!!!
include /usr/local/${NginxVer}/nginx/conf/server/*.server;
include /usr/local/${NginxVer}/nginx/conf/upstream/*.upstream;
脚本在此
#!/bin/bash
basedir=/usr/local/src
cd $basedir
runuser=`whoami`
[[ $runuser == 'root' ]] || {
echo "ERROR:执行用户不是$runuser" && exit
}
[[ -d /export/logs/nginx ]] || {
echo "/export/logs/nginx/目录不存在" && exit
}
CpuNum=`cat /proc/cpuinfo | grep processor | wc -l`
read -p "输入安装的Nginx版本:(nginx;tengine;openresty):" NginxVer
read -p "输入开发日常操作用户:" KaifaUser
read -p "输入nginx worker用户:" NginxWorkerUser
useradd -s /sbin/nologin ${NginxWorkerUser}
usermod -a -G ${KaifaUser} ${NginxWorkerUser}
cd /usr/local/src
rm -rf ${NginxVer} && mkdir ${NginxVer}
cat>>$basedir/test.com.server<<EOF
server {
listen 80;
server_name test.com;
root /export/${NginxWorkerUser}/test.com;
#charset koi8-r;
access_log logs/nginx-test.com.access.log main;
error_log logs/nginx-test.com.error.log;
# 关闭日志
location = /favicon.ico {
log_not_found off;
access_log off;
}
# 关闭日志
location = /robots.txt {
auth_basic off;
allow all;
log_not_found off;
access_log off;
}
# 拒绝探测网站根下的隐藏文件 Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
#开启浏览器静态文件缓存
location ~ .*\.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css)\$ {
expires 3h;
}
location / {
#######这个是一个thinkphp框架的伪静态规则,请忽略
if (!-e \$request_filename) {
rewrite ^(.*)\$ /index.php?s=\$1 last;
break;
}
#######
index index.php;
}
# 若php-fpm,请保留这里修改
location ~ \.php {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_connect_timeout 10s;
fastcgi_send_timeout 10s;
fastcgi_read_timeout 10s;
fastcgi_buffers 8 256k;
fastcgi_buffer_size 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_intercept_errors on;
}
# 若 http,请保留这里修改
location / {
proxy_pass http://127.0.0.1:8080;
proxy_connect_timeout 300ms;
proxy_send_timeout 300ms;
proxy_read_timeout 300ms;
proxy_max_temp_file_size 1024m;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_buffers 256 4k;
proxy_intercept_errors on;
}
}
EOF
cat>>nginx_status.server<<EOF
server {
listen 80;
server_name 127.0.0.1;
# charset koi8-r;
access_log off;
location /server_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
EOF
###################
if [[ $NginxVer == 'nginx' ]];then
[[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
yum install readline-devel pcre-devel openssl-devel gcc
wget http://${NginxVer}.org/download/${NginxVer}-1.14.0.tar.gz -O ${NginxVer}.tar.gz
tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_v2_module || exit
make
make install
cd /usr/local/${NginxVer} && rm -rf logs
ln -s /export/logs/nginx logs
cd /usr/local/${NginxVer}/conf
mkdir {location,ssl,upstream,server}
mv $basedir/{test.com.server,nginx_status.server} server/
rm -rf nginx.conf
cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
http {
include mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
#跨域访问
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Headers X-Requested-With;
#add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
server {
listen 80 backlog=8092;
location / {
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/${NginxVer}/conf/server/*.server;
include /usr/local/${NginxVer}/conf/upstream/*.upstream;
}
EOF
elif [[ $NginxVer == 'openresty' ]];then
[[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
yum install readline-devel pcre-devel openssl-devel gcc
wget https://openresty.org/download/openresty-1.15.8.3.tar.gz -O ${NginxVer}.tar.gz
tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_v2_module || exit
make
make install
cd /usr/local/${NginxVer}/nginx && rm -rf logs
ln -s /export/logs/nginx logs
cd /usr/local/${NginxVer}/nginx/conf
mkdir {location,ssl,upstream,server}
mv $basedir/{test.com.server,nginx_status.server} server/
rm -rf nginx.conf
cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
http {
include mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';
log_format mainjson escape=json '{"@timestamp":"$time_iso8601",'
'"@source":"$server_addr",'
'"hostname":"$hostname",'
'"remote_user":"$remote_user",'
'"ip":"$http_x_forwarded_for",'
'"client":"$remote_addr",'
'"request_method":"$request_method",'
'"scheme":"$scheme",'
'"domain":"$server_name",'
'"referer":"$http_referer",'
'"request":"$request_uri",'
'"requesturl":"$request",'
'"args":"$args",'
'"size":$body_bytes_sent,'
'"status": $status,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamaddr":"$upstream_addr",'
'"http_user_agent":"$http_user_agent",'
'"http_cookie":"$http_cookie",'
'"https":"$https"'
'}';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
#跨域访问
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Headers X-Requested-With;
#add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
server {
listen 80 backlog=8092;
location / {
return 444;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/${NginxVer}/nginx/conf/server/*.server;
include /usr/local/${NginxVer}/nginx/conf/upstream/*.upstream;
}
EOF
elif [[ $NginxVer == 'tengine' ]];then
[[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
yum install readline-devel pcre-devel openssl-devel gcc jemalloc-devel
wget http://tengine.taobao.org/download/tengine-2.1.2.tar.gz -O ${NginxVer}.tar.gz
tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-jemalloc || exit
make
make install
cd /usr/local/${NginxVer} && rm -rf logs
ln -s /export/logs/nginx logs
cd /usr/local/${NginxVer}/conf
mkdir {location,ssl,upstream,server}
mv $basedir/{test.com.server,nginx_status.server} server/
rm -rf nginx.conf
cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
http {
include mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
#跨域访问
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Headers X-Requested-With;
#add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
server {
listen 80 backlog=8092;
location / {
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/${NginxVer}/conf/server/*.server;
include /usr/local/${NginxVer}/conf/upstream/*.upstream;
}
EOF
fi