Nginx1.16自動編譯

阅读: 561 | 文章分类: Shell | Tag: Nginx  

近期比較忙,所以沒時間更新文章,實在很抱歉,後續我會繼續努力更新我的技術文章 因為很久沒有寫文章了,所以我今天就將我週末兩天寫的一個腳本拿出來分享給大家 是一個自動編譯nginx的腳本,因個人需求需要在yum裝的nginx模塊基礎上再添加其他 第三方的模塊近來,所以我就寫了一個腳本來安裝,解決在編譯過程中的繁多依賴包 腳本如下 ``` #!/bin/bash # Author: Gabe # Start Date : 2019-07-03 # Update date: 2019-07-08 # System: CentOS_7.6.1810 # Version: v2.0_1 : << EOF --- Third party module --- - ngx_brotli : https://github.com/google/ngx_brotli - openssl-1.1.1c : https://www.openssl.org/source/ - ModSecurity-nginx : https://github.com/SpiderLabs/ModSecurity-nginx - ModSecurity V3 : https://github.com/SpiderLabs/ModSecurity - ngx_cache_purge-2.3 : http://labs.frickle.com/nginx_ngx_cache_purge/ - lua-upstream-cache-nginx-module : https://github.com/cloudflare/lua-upstream-cache-nginx-module - nginx-rtmp-module : https://github.com/arut/nginx-rtmp-module.git - websocket nchan : https://github.com/slact/nchan.git - ngx_dynamic_limit_req_module : https://github.com/limithit/ngx_dynamic_limit_req_module.git - GeoIP2 : https://github.com/leev/ngx_http_geoip2_module.git EOF # env # User and Group name user='nginx' # - include - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/sbin export PATH export INC_HOME="$(pwd)/" export _SRC="${INC_HOME}src" export _NGINX="${_SRC}/nginx-1.16.0" export _NGX_BROTLI="${_SRC}/ngx_brotli" export _OPENSSL="${_SRC}/openssl-1.1.1c" export _MODSECURITY_NGX="${_SRC}/ModSecurity-nginx" export _MODSECURITY="${_SRC}/ModSecurity" export _CACHE_PURGE="${_SRC}/ngx_cache_purge-2.3" export _RTMP="${_SRC}/nginx-rtmp-module" export _WEBSOCKET="${_SRC}/nchan" export _DYNAMIC_LIMIT_REQ="${_SRC}/ngx_dynamic_limit_req_module" export _GEOIP="${_SRC}/ngx_http_geoip2_module" # - check system - function Check_OS(){ if test -e /etc/redhat-release; then if [ `id -u` -ne 0 ];then echo -e "\033[41;33m ERROR: Please use the root user to execute. \033[0m" exit 1 elif test -e /usr/sbin/nginx; then echo -e "\033[41;33m ERROR: Please uninstall the original nginx service first. \033[0m" exit 1 else Download_Module Install_Nginx fi else echo -e "\033[41;33m ERROR: The current version only supports CentOS 7. \033[0m" fi } # - Download module - function Download_Module(){ # mkdir mkdir ${_SRC} # install git yum -y install git # - Download - # Nginx cd ${_SRC} curl -sO https://nginx.org/download/nginx-1.16.0.tar.gz tar xf nginx-1.16.0.tar.gz # Brotli cd ${_SRC} git clone https://github.com/google/ngx_brotli.git cd ngx_brotli git submodule update --init # OpenSSL cd ${_SRC} curl -sO https://www.openssl.org/source/openssl-1.1.1c.tar.gz tar xf openssl-1.1.1c.tar.gz # ModSecurity-nginx cd ${_SRC} git clone https://github.com/SpiderLabs/ModSecurity-nginx.git # ModSecurity cd ${_SRC} git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity cd ModSecurity git submodule init git submodule update # ngx_cache_purge cd ${_SRC} curl -sO http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz tar xf ngx_cache_purge-2.3.tar.gz # lua-upstream-cache-nginx-module cd ${_SRC} git clone https://github.com/cloudflare/lua-upstream-cache-nginx-module.git # nginx-rtmp-module cd ${_SRC} git clone https://github.com/arut/nginx-rtmp-module.git # nchan cd ${_SRC} git clone https://github.com/slact/nchan.git # ngx_dynamic_limit_req_module cd ${_SRC} git clone https://github.com/limithit/ngx_dynamic_limit_req_module.git # GeoIP cd ${_SRC} git clone https://github.com/leev/ngx_http_geoip2_module.git } # - make install - function Make_Install(){ make -j$(grep -c 'processor' /proc/cpuinfo) if [ $? -eq 0 ]; then make -j$(grep -c 'processor' /proc/cpuinfo) install else make make install fi } function _success(){ Copy_Condig echo -e "\033[42m Success: Installed, you can start the nginx service with 'systemctl start nginx.service' or '/etc/init.d/nginx start'. \033[0m" } function _error(){ echo -e "\033[41;33m ERROR: Installation failed, please check the dependency package. \033[0m" } # - depend install - function Install_ELY(){ # yum install mkdir /etc/yum.repos.d/bak mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak cd /etc/yum.repos.d/ curl -sO http://mirrors.aliyun.com/repo/Centos-7.repo curl -sO http://mirrors.aliyun.com/repo/epel-7.repo sed -i '/aliyuncs/d' *.repo yum clean all yum -y install gcc gcc-c++ unzip ntp libtool libtool-ltdl-devel gcc gcc-c++ autoconf automake libcurl libcurl-devel yajl yajl-devel lmdb-devel ssdeep-devel lua-devel gperftools pcre pcre-devel zlib zlib-devel hiredis hiredis-devel libmaxminddb libmaxminddb-devel # time ntpdate ntp1.aliyun.com # openssl install cd ${_OPENSSL} ./config Make_Install # ModSecurity cd ${_MODSECURITY} #git submodule init #git submodule update ./build.sh ./configure Make_Install # OpenSSL .so links ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/libssl.so.1.1 ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1 echo "/usr/local/lib64" >> /etc/ld.so.conf ldconfig -v } # - copy conf - function Copy_Condig(){ # conf cp ${_NGINX}/man/nginx.8 /usr/share/man/man8/ # systemctl file cat > /usr/lib/systemd/system/nginx.service << EOF [Unit] Description=nginx - high performance web server Documentation=http://nginx.org/en/docs/ After=network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] Type=forking PIDFile=/data/nginx/run/nginx.pid ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf ExecReload=/bin/kill -s HUP \$MAINPID ExecStop=/bin/kill -s TERM \$MAINPID [Install] WantedBy=multi-user.target EOF # init.d file cat > /etc/init.d/nginx << EOF #!/bin/bash # chkconfig: 2345 55 25 # Description: Startup script for nginx webserver on Debian. Place in /etc/init.d and # run 'update-rc.d -f nginx defaults', or use the appropriate command on your # distro. For CentOS/Redhat run: 'chkconfig --add nginx' ### BEGIN INIT INFO # Provides: nginx # Required-Start: \$all # Required-Stop: \$all # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: starts the nginx web server # Description: starts nginx using start-stop-daemon ### END INIT INFO # Author: Gabe # Date: 2019-07-02 NGINX_BIN='/usr/sbin/nginx' CONFIG='/etc/nginx/nginx.conf' case "\$1" in start) echo -e "\\033[42m Starting nginx... \\033[0m" PID=\$(ps -ef | grep "\$NGINX_BIN" | grep -v grep | awk '{print \$2}') if [ "\$PID" != "" ]; then echo "nginx (pid \$PID) already running." exit 1 fi \$NGINX_BIN -c \$CONFIG if [ "\$?" != 0 ]; then echo -e "\\033[41;33m failed \\033[0m" exit 1 else sleep 1 echo -e "\\033[42m ok \\033[0m" fi ;; stop) echo -e "\\033[42m Stoping nginx... \\033[0m" PID=\$(ps -ef | grep "\$NGINX_BIN" | grep -v grep | awk '{print \$2}') if [ "\$PID" = "" ]; then echo -e "\\033[42m nginx is not running. \\033[0m" exit 1 fi \$NGINX_BIN -s stop if [ "\$?" != 0 ] ; then echo -e "\\033[41;33m failed. Use force-quit \\033[0m" \$0 force-quit else sleep 1 echo -e "\\033[42m ok \\033[0m" fi ;; status) PID=\$(ps -ef | grep "\$NGINX_BIN" | grep -v grep | awk '{print \$2}') if [ "\$PID" != "" ]; then echo -e "\\033[42m nginx (pid \$PID) is running... \\033[0m" else echo -e "\\033[42m nginx is stopped. \\033[0m" exit 0 fi ;; force-quit|kill) echo -e "\\033[42m Terminating nginx... \\033[0m" PID=\$(ps -ef | grep "\$NGINX_BIN" | grep -v grep | awk '{print \$2}') if [ "\$PID" = "" ]; then echo -e "\\033[42m nginx is is stopped. \\033[0m" exit 1 fi kill \$PID if [ "\$?" != 0 ]; then echo " failed" exit 1 else echo " done" fi ;; restart) \$0 stop sleep 1 \$0 start ;; reload) echo -e "\\033[42m Reload nginx... \\033[0m" PID=\$(ps -ef | grep "\$NGINX_BIN" | grep -v grep | awk '{print \$2}') if [ "\$PID" != "" ]; then \$NGINX_BIN -s reload echo -e "\\033[42m done \\033[0m" else echo -e "\\033[41;33m nginx is not running, can't reload. \\033[0m" exit 1 fi ;; configtest) echo -e "\\033[42m Test nginx configure files... \\033[0m" \$NGINX_BIN -t ;; *) echo -e "\\033[41;33m Usage: \$0 {start|stop|restart|reload|status|configtest|force-quit|kill}. \\033[0m" exit 1 ;; esac EOF chmod u+x /etc/init.d/nginx # repo rm -rf /etc/yum.repos.d/*.repo mv /etc/yum.repos.d/bak/* /etc/yum.repos.d/ rm -rf /etc/yum.repos.d/bak/ yum clean all } # - Nginx Install - function Install_Nginx(){ # add user and group groupadd ${user} useradd -M -s /sbin/nologin -g ${user} ${user} # Create an aide and modify the permissions mkdir -p /data/nginx/cache/ /data/nginx/logs/ /data/nginx/run chown -R ${user}. /data/nginx # install ely Install_ELY # make install nginx cd ${_NGINX} ./configure \ --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib64/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/data/nginx/logs/error.log \ --http-log-path=/data/nginx/logs/access.log \ --pid-path=/data/nginx/run/nginx.pid \ --lock-path=/data/nginx/run/nginx.lock \ --http-client-body-temp-path=/data/nginx/cache/client_temp \ --http-proxy-temp-path=/data/nginx/cache/proxy_temp \ --http-fastcgi-temp-path=/data/nginx/cache/fastcgi_temp \ --http-uwsgi-temp-path=/data/nginx/cache/uwsgi_temp \ --http-scgi-temp-path=/data/nginx/cache/scgi_temp \ --user=${user} \ --group=${user} \ --with-compat \ --with-file-aio \ --with-threads \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_mp4_module \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-google_perftools_module \ --with-pcre-jit \ --with-ld-opt=-ljemalloc \ --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' \ --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' \ --add-module=${_NGX_BROTLI} \ --add-module=${_MODSECURITY_NGX} \ --add-module=${_CACHE_PURGE} \ --add-module=${_RTMP} \ --add-module=${_WEBSOCKET} \ --add-dynamic-module=${_DYNAMIC_LIMIT_REQ} \ --add-dynamic-module=${_GEOIP} \ --with-openssl=${_OPENSSL} \ --with-openssl-opt=enable-tls1_3 \ --with-debug Make_Install [ $? -eq 0 ] && _success || _error } Check_OS ```