nginx☞安装

阅读量: zyh 2020-05-15 11:48:44
Categories: > Tags:

前言

此脚本用于安装 nginx;tengine;openresty. 安装版本为:

目录结构

因为是编译安装,所以产出目录均在 /usr/local/<nginx/openresty/tengine>,除了 logs 做了软链 /usr/local/xxx/logs -> /export/logs/nginx

/usr/local/xxx/conf 目录结构

image-20200515120037239

# 下面两个主配置文件会告诉你,相应的上下文配置,应该以什么结尾!!!
include /usr/local/${NginxVer}/nginx/conf/server/*.server;
include /usr/local/${NginxVer}/nginx/conf/upstream/*.upstream;

脚本在此

#!/bin/bash
basedir=/usr/local/src
cd $basedir
runuser=`whoami`
[[ $runuser == 'root' ]] || { 
    echo "ERROR:执行用户不是$runuser" && exit 
}

[[ -d /export/logs/nginx ]] || { 
    echo "/export/logs/nginx/目录不存在" && exit 
}
CpuNum=`cat /proc/cpuinfo | grep processor | wc -l`
read -p "输入安装的Nginx版本:(nginx;tengine;openresty):" NginxVer
read -p "输入开发日常操作用户:" KaifaUser
read -p "输入nginx worker用户:" NginxWorkerUser
useradd -s /sbin/nologin ${NginxWorkerUser}
usermod -a -G ${KaifaUser} ${NginxWorkerUser}

cd /usr/local/src
rm -rf ${NginxVer} && mkdir ${NginxVer}

cat>>$basedir/test.com.server<<EOF
server {
    listen 80;
    server_name test.com;
    root /export/${NginxWorkerUser}/test.com;

    #charset koi8-r;
    access_log logs/nginx-test.com.access.log main;
    error_log logs/nginx-test.com.error.log;

    # 关闭日志
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }
    # 关闭日志
    location = /robots.txt {
        auth_basic off;
        allow all;
        log_not_found off;
        access_log off;
    }

    # 拒绝探测网站根下的隐藏文件 Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }

    location / {
        #######这个是一个thinkphp框架的伪静态规则,请忽略
        if (!-e \$request_filename) {
           rewrite ^(.*)\$ /index.php?s=\$1 last;
           break;
        }
        #######
        index index.php;
    }

    #开启浏览器静态文件缓存
    location ~ .*\.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css)\$ { 
        expires 3h; 
    } 

    # 若php-fpm,请保留这里修改
    location ~ \.php {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        include fastcgi.conf;
        fastcgi_connect_timeout 10s;
        fastcgi_send_timeout 10s;
        fastcgi_read_timeout 10s;
        fastcgi_buffers 8 256k;                           
        fastcgi_buffer_size 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_intercept_errors on;
    }
    # 若 http,请保留这里修改
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_connect_timeout 300ms;
        proxy_send_timeout 300ms;
        proxy_read_timeout 300ms;
        proxy_max_temp_file_size 1024m;
        proxy_set_header   Host         $host;
        proxy_set_header   X-Real-IP    $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_buffers 256 4k;
        proxy_intercept_errors on;
    }
}
EOF

cat>>nginx_status.server<<EOF
server {
    listen 80;
    server_name 127.0.0.1;

   # charset koi8-r;
    access_log off;

    location /server_status {
        stub_status on;
        access_log off;
        allow 127.0.0.1;
        deny all;
    }
}
EOF

###################
if [[ $NginxVer == 'nginx' ]];then
    [[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
    yum install readline-devel pcre-devel openssl-devel gcc
    wget http://${NginxVer}.org/download/${NginxVer}-1.14.0.tar.gz -O ${NginxVer}.tar.gz
    tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
    cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_v2_module || exit
    make
    make install
    cd /usr/local/${NginxVer} && rm -rf logs
    ln -s /export/logs/nginx logs
    cd /usr/local/${NginxVer}/conf
    mkdir {location,ssl,upstream,server}
    mv $basedir/{test.com.server,nginx_status.server} server/
    rm -rf nginx.conf
    cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
    use epoll;
    worker_connections 65535; 
}

error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

http {
    include mime.types;
    default_type application/octet-stream;

    log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';

    access_log logs/access.log main;

    sendfile on;
    keepalive_timeout 65;

    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
    gzip_vary off;
    gzip_disable "MSIE [1-6]\.";

    #跨域访问
    #add_header Access-Control-Allow-Origin *; 
    #add_header Access-Control-Allow-Headers X-Requested-With;
    #add_header Access-Control-Allow-Methods GET,POST,OPTIONS;

    server {
        listen 80 backlog=8092;
        location / {
        deny all;
        }
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
    }
    include /usr/local/${NginxVer}/conf/server/*.server;
    include /usr/local/${NginxVer}/conf/upstream/*.upstream;
}
EOF

elif [[ $NginxVer == 'openresty' ]];then
    [[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
    yum install readline-devel pcre-devel openssl-devel gcc
    wget https://openresty.org/download/openresty-1.15.8.3.tar.gz -O ${NginxVer}.tar.gz
    tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
    cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_v2_module || exit
    make
    make install
    cd /usr/local/${NginxVer}/nginx && rm -rf logs
    ln -s /export/logs/nginx logs
    cd /usr/local/${NginxVer}/nginx/conf
    mkdir {location,ssl,upstream,server}
    mv $basedir/{test.com.server,nginx_status.server} server/
    rm -rf nginx.conf
    cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
    use epoll;
    worker_connections 65535; 
}

error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

http {
    include mime.types;
    default_type application/octet-stream;

    log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';

    log_format mainjson escape=json '{"@timestamp":"$time_iso8601",'
                    '"@source":"$server_addr",'
                    '"hostname":"$hostname",'
                    '"remote_user":"$remote_user",'
                    '"ip":"$http_x_forwarded_for",'
                    '"client":"$remote_addr",'
                    '"request_method":"$request_method",'
                    '"scheme":"$scheme",'
                    '"domain":"$server_name",'
                    '"referer":"$http_referer",'
                    '"request":"$request_uri",'
                    '"requesturl":"$request",'
                    '"args":"$args",'
                    '"size":$body_bytes_sent,'
                    '"status": $status,'
                    '"responsetime":$request_time,'
                    '"upstreamtime":"$upstream_response_time",'
                    '"upstreamaddr":"$upstream_addr",'
                    '"http_user_agent":"$http_user_agent",'
                    '"http_cookie":"$http_cookie",'
                    '"https":"$https"'
                    '}';
    access_log logs/access.log main;

    sendfile on;
    keepalive_timeout 65;

    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
    gzip_vary off;
    gzip_disable "MSIE [1-6]\.";

    #跨域访问
    #add_header Access-Control-Allow-Origin *; 
    #add_header Access-Control-Allow-Headers X-Requested-With;
    #add_header Access-Control-Allow-Methods GET,POST,OPTIONS;

    server {
        listen 80 backlog=8092;
        location / {
            return 444;
        }
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
    }

    include /usr/local/${NginxVer}/nginx/conf/server/*.server;
    include /usr/local/${NginxVer}/nginx/conf/upstream/*.upstream;
}
EOF
elif [[ $NginxVer == 'tengine' ]];then
    [[ -d /usr/local/$NginxVer ]] && echo '/usr/local/$NginxVer 已存在' && exit
    yum install readline-devel pcre-devel openssl-devel gcc jemalloc-devel
    wget http://tengine.taobao.org/download/tengine-2.1.2.tar.gz -O ${NginxVer}.tar.gz
    tar xf ${NginxVer}.tar.gz --strip-components 1 -C ${NginxVer}
    cd ${NginxVer} && ./configure --prefix=/usr/local/${NginxVer} --user=${NginxWorkerUser} --group=${NginxWorkerUser} --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-jemalloc || exit
    make
    make install
    cd /usr/local/${NginxVer} && rm -rf logs
    ln -s /export/logs/nginx logs
    cd /usr/local/${NginxVer}/conf
    mkdir {location,ssl,upstream,server}
    mv $basedir/{test.com.server,nginx_status.server} server/
    rm -rf nginx.conf
    cat >>nginx.conf<<EOF
user ${NginxWorkerUser};
worker_processes auto;
worker_rlimit_nofile 65535;
events {
    use epoll;
    worker_connections 65535; 
}

error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

http {
    include mime.types;
    default_type application/octet-stream;

    log_format main '\$remote_addr - \$remote_user [\$time_local] \$request_time \$host "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for" \$upstream_addr \$upstream_status';

    access_log logs/access.log main;

    sendfile on;
    keepalive_timeout 65;

    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css text/javascript application/xml application/ms* application/vnd* application/postscript application/javascript application/json application/x-httpd-php application/x-httpd-fastphp;
    gzip_vary off;
    gzip_disable "MSIE [1-6]\.";

    #跨域访问
    #add_header Access-Control-Allow-Origin *; 
    #add_header Access-Control-Allow-Headers X-Requested-With;
    #add_header Access-Control-Allow-Methods GET,POST,OPTIONS;

    server {
        listen 80 backlog=8092;
        location / {
            deny all;
        }
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
    }

    include /usr/local/${NginxVer}/conf/server/*.server;
    include /usr/local/${NginxVer}/conf/upstream/*.upstream;
}
EOF
fi