Update 'nginx/build.sh'

Cette révision appartient à :
virtubox 2017-10-21 04:17:09 +00:00
Parent 2b97dc14bf
révision 61188910cb
1 fichiers modifiés avec 464 ajouts et 12 suppressions

Voir le fichier

@ -1,14 +1,309 @@
#!/bin/bash
apt-get install -y build-essential libtool automake autoconf zlib1g-dev libpcre3-dev libssl-dev libxslt1-dev libxml2-dev libgd2-xpm-dev libgeoip-dev libgoogle-perftools-dev libperl-dev
cd /usr/local/src
wget http://nginx.org/download/nginx-1.13.5.tar.gz
tar -xzvf nginx-1.13.5.tar.gz
mv nginx-1.13.5 nginx
# Colors
CSI="\033["
CEND="${CSI}0m"
CRED="${CSI}1;31m"
CGREEN="${CSI}1;32m"
# Check root access
if [[ "$EUID" -ne 0 ]]; then
echo -e "${CRED}Sorry, you need to run this as root${CEND}"
exit 1
fi
# releases
NGINX_VER=1.13.6
LIBRESSL_VER=2.6.2
OPENSSL_VER=1.1.0f
NPS_VER=1.12.34.3
HEADERMOD_VER=0.32
# Clear log files
echo "" > /tmp/plesk-nginx-autoinstall-output.log
echo "" > /tmp/plesk-nginx-autoinstall-error.log
clear
echo ""
echo "Welcome to the plesk-nginx-autoinstall script."
echo ""
echo "What do you want to do?"
echo " 1) Install or update Nginx"
echo " 2) Update the script"
echo " 3) Exit"
echo ""
while [[ $OPTION != "1" && $OPTION != "2" && $OPTION != "3" ]]; do
read -p "Select an option [1-3]: " OPTION
done
case $OPTION in
1)
echo "This script will install Nginx ${NGINX_VER} (mainline) with some optional modules."
echo ""
echo "Please tell me which modules you want to install."
echo "If you select none, Nginx will be installed with its default modules."
echo ""
echo "Modules to install :"
while [[ $PAGESPEED != "y" && $PAGESPEED != "n" ]]; do
read -p " PageSpeed $NPS_VER [y/n]: " -e PAGESPEED
done
while [[ $BROTLI != "y" && $BROTLI != "n" ]]; do
read -p " Brotli [y/n]: " -e BROTLI
done
while [[ $HEADERMOD != "y" && $HEADERMOD != "n" ]]; do
read -p " Headers More $HEADERMOD_VER [y/n]: " -e HEADERMOD
done
while [[ $GEOIP != "y" && $GEOIP != "n" ]]; do
read -p " GeoIP [y/n]: " -e GEOIP
done
while [[ $TCP != "y" && $TCP != "n" ]]; do
read -p " Cloudflare's TLS Dynamic Record Resizing patch [y/n]: " -e TCP
done
# Dependencies
echo -ne " Installing dependencies [..]\r"
apt-get update 2>> /tmp/plesk-nginx-autoinstall-error.log 1>> /tmp/plesk-nginx-autoinstall-output.log
apt-get install build-essential libtool automake autoconf zlib1g-dev libpcre3-dev libssl-dev libxslt1-dev libxml2-dev libgd2-xpm-dev libgeoip-dev libgoogle-perftools-dev libperl-dev -y 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Installing dependencies [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Installing dependencies [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# PageSpeed
if [[ "$PAGESPEED" = 'y' ]]; then
cd /usr/local/src
# Cleaning up in case of update
rm -r ngx_pagespeed-*-stable 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# Download and extract of PageSpeed module
echo -ne " Downloading ngx_pagespeed [..]\r"
wget https://github.com/pagespeed/ngx_pagespeed/archive/v${NPS_VER}-stable.zip 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
unzip v${NPS_VER}-stable.zip 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
rm v${NPS_VER}-stable.zip
cd ngx_pagespeed-${NPS_VER}-stable
psol_url=https://dl.google.com/dl/page-speed/psol/${NPS_VERSION}.tar.gz
[ -e scripts/format_binary_url.sh ] && psol_url=$(scripts/format_binary_url.sh PSOL_BINARY_URL)
wget ${psol_url} 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
tar -xzvf $(basename ${psol_url}) 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
rm $(basename ${psol_url})
if [ $? -eq 0 ]; then
echo -ne " Downloading ngx_pagespeed [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading ngx_pagespeed [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
#Brotli
if [[ "$BROTLI" = 'y' ]]; then
cd /usr/local/src
# Cleaning up in case of update
rm -r libbrotli 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# libbrolti is needed for the ngx_brotli module
# libbrotli download
echo -ne " Downloading libbrotli [..]\r"
git clone https://github.com/bagder/libbrotli 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Downloading libbrotli [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading libbrotli [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
cd libbrotli
echo -ne " Configuring libbrotli [..]\r"
./autogen.sh 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
./configure 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Configuring libbrotli [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Configuring libbrotli [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
echo -ne " Compiling libbrotli [..]\r"
make -j $(nproc) 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Compiling libbrotli [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Compiling libbrotli [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# libbrotli install
echo -ne " Installing libbrotli [..]\r"
make install 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Installing libbrotli [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Installing libbrotli [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# Linking libraries to avoid errors
ldconfig 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# ngx_brotli module download
cd /usr/local/src
rm -r ngx_brotli 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
echo -ne " Downloading ngx_brotli [..]\r"
git clone https://github.com/google/ngx_brotli 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
cd ngx_brotli
git submodule update --init 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Downloading ngx_brotli [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading ngx_brotli [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
# More Headers
if [[ "$HEADERMOD" = 'y' ]]; then
cd /usr/local/src
# Cleaning up in case of update
rm -r headers-more-nginx-module-* 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
echo -ne " Downloading ngx_headers_more [..]\r"
wget https://github.com/openresty/headers-more-nginx-module/archive/v${HEADERMOD_VER}.tar.gz 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
tar xaf v${HEADERMOD_VER}.tar.gz
rm v${HEADERMOD_VER}.tar.gz
if [ $? -eq 0 ]; then
echo -ne " Downloading ngx_headers_more [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading ngx_headers_more [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
# GeoIP
if [[ "$GEOIP" = 'y' ]]; then
# Dependence
apt-get install libgeoip-dev -y 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
cd /usr/local/src
# Cleaning up in case of update
rm -r geoip-db 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
mkdir geoip-db
cd geoip-db
echo -ne " Downloading GeoIP databases [..]\r"
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
gunzip GeoIP.dat.gz
gunzip GeoLiteCity.dat.gz
mv GeoIP.dat GeoIP-Country.dat
mv GeoLiteCity.dat GeoIP-City.dat
if [ $? -eq 0 ]; then
echo -ne " Downloading GeoIP databases [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading GeoIP databases [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
# OpenSSL
if [[ "$OPENSSL" = 'y' ]]; then
cd /usr/local/src
# Cleaning up in case of update
rm -r openssl-* 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# OpenSSL download
echo -ne " Downloading OpenSSL [..]\r"
wget https://www.openssl.org/source/openssl-${OPENSSL_VER}.tar.gz 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
tar xaf openssl-${OPENSSL_VER}.tar.gz
rm openssl-${OPENSSL_VER}.tar.gz
cd openssl-${OPENSSL_VER}
if [ $? -eq 0 ]; then
echo -ne " Downloading OpenSSL [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading OpenSSL [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
echo -ne " Configuring OpenSSL [..]\r"
./config 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Configuring OpenSSL [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Configuring OpenSSL [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
# Cleaning up in case of update
rm -r /usr/local/src/nginx-* 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# Download and extract of Nginx source code
cd /usr/local/src/
echo -ne " Downloading Nginx [..]\r"
wget -qO- http://nginx.org/download/nginx-${NGINX_VER}.tar.gz | tar zxf -
mv nginx-${NGINX_VER} nginx
cd nginx
if [ $? -eq 0 ]; then
echo -ne " Downloading Nginx [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Downloading Nginx [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# other modules
cd /usr/local/src
git clone https://github.com/FRiCKLE/ngx_cache_purge.git
git clone https://github.com/openresty/memc-nginx-module.git
git clone https://github.com/simpl/ngx_devel_kit.git
git clone https://github.com/openresty/headers-more-nginx-module.git
git clone https://github.com/openresty/echo-nginx-module.git
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module.git
git clone https://github.com/openresty/redis2-nginx-module.git
@ -20,6 +315,166 @@ wget https://people.freebsd.org/~osa/ngx_http_redis-0.3.8.tar.gz
tar -zxf ngx_http_redis-0.3.8.tar.gz
mv ngx_http_redis-0.3.8 ngx_http_redis
# Modules configuration
# Common configuration
NGINX_OPTIONS="
--with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' \
--with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--user=nginx \
--group=nginx"
NGINX_MODULES="--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_addition_module \
--with-http_geoip_module \
--with-http_gzip_static_module \
--with-http_image_filter_module \
--with-http_v2_module \
--with-http_sub_module \
--with-http_xslt_module \
--with-threads
--add-module=/usr/local/src/ngx_cache_purge \
--add-module=/usr/local/src/memc-nginx-module \
--add-module=/usr/local/src/ngx_devel_kit \
--add-module=/usr/local/src/echo-nginx-module \
--add-module=/usr/local/src/ngx_http_substitutions_filter_module \
--add-module=/usr/local/src/redis2-nginx-module \
--add-module=/usr/local/src/srcache-nginx-module \
--add-module=/usr/local/src/set-misc-nginx-module \
--add-module=/usr/local/src/ngx_http_redis \
--with-openssl=/usr/local/src/openssl \
--with-openssl-opt=enable-tls1_3"
# PageSpeed
if [[ "$PAGESPEED" = 'y' ]]; then
NGINX_MODULES=$(echo $NGINX_MODULES; echo "--add-module=/usr/local/src/ngx_pagespeed-${NPS_VER}-stable")
fi
# Brotli
if [[ "$BROTLI" = 'y' ]]; then
NGINX_MODULES=$(echo $NGINX_MODULES; echo "--add-module=/usr/local/src/ngx_brotli")
fi
# More Headers
if [[ "$HEADERMOD" = 'y' ]]; then
NGINX_MODULES=$(echo $NGINX_MODULES; echo "--add-module=/usr/local/src/headers-more-nginx-module-${HEADERMOD_VER}")
fi
# GeoIP
if [[ "$GEOIP" = 'y' ]]; then
NGINX_MODULES=$(echo $NGINX_MODULES; echo "--with-http_geoip_module")
fi
# Cloudflare's TLS Dynamic Record Resizing patch
if [[ "$TCP" = 'y' ]]; then
echo -ne " TLS Dynamic Records support [..]\r"
wget https://raw.githubusercontent.com/cloudflare/sslconfig/master/patches/nginx__1.11.5_dynamic_tls_records.patch 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
patch -p1 < nginx__1.11.5_dynamic_tls_records.patch 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " TLS Dynamic Records support [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " TLS Dynamic Records support [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
fi
# We configure Nginx
echo -ne " Configuring Nginx [..]\r"
./configure $NGINX_OPTIONS $NGINX_MODULES 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Configuring Nginx [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Configuring Nginx [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# Then we compile
echo -ne " Compiling Nginx [..]\r"
make -j $(nproc) 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Compiling Nginx [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Compiling Nginx [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# Then we install \o/
echo -ne " Installing Nginx [..]\r"
make install 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
# remove debugging symbols
strip -s /usr/sbin/nginx
if [ $? -eq 0 ]; then
echo -ne " Installing Nginx [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Installing Nginx [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# Restart Nginx
echo -ne " Restarting Nginx [..]\r"
sudo systemctl unmask sw-nginx
sudo systemctl enable nginx
systemctl restart nginx 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
if [ $? -eq 0 ]; then
echo -ne " Restarting Nginx [${CGREEN}OK${CEND}]\r"
echo -ne "\n"
else
echo -e " Restarting Nginx [${CRED}FAIL${CEND}]"
echo ""
echo "Please look /tmp/nginx-autoinstall-error.log"
echo ""
exit 1
fi
# We're done !
echo ""
echo -e " ${CGREEN}Installation successful !${CEND}"
echo ""
exit
;;
3) # Update the script
wget https://raw.githubusercontent.com/Angristan/nginx-autoinstall/master/nginx-autoinstall.sh -O nginx-autoinstall.sh 2>> /tmp/nginx-autoinstall-error.log 1>> /tmp/nginx-autoinstall-output.log
chmod +x nginx-autoinstall.sh
echo ""
echo -e "${CGREEN}Update succcessful !${CEND}"
sleep 2
./nginx-autoinstall.sh
exit
;;
4) # Exit
exit
;;
git clone https://github.com/google/ngx_brotli.git
cd ngx_brotli
git submodule update --init --recursive
@ -78,16 +533,13 @@ patch -p1 < nginx__dynamic_tls_records_1.11.5*.patch
--with-openssl=/usr/local/src/openssl \
--with-openssl-opt=enable-tls1_3
make -j $(nproc)
make install
wget -O /etc/systemd/system/multi-user.target.wants/nginx.service https://git.virtubox.net/virtubox/plesk-script/raw/master/nginx/nginx.service
sudo systemctl unmask sw-nginx
sudo systemctl enable nginx
sudo systemctl start nginx
wget -O /etc/nginx/nginx.conf https://git.virtubox.net/virtubox/plesk-onyx-config/raw/master/etc/nginx/nginx.conf
wget -O /etc/nginx/conf.d/ssl.conf https://git.virtubox.net/virtubox/plesk-onyx-config/raw/master/etc/nginx/conf.d/ssl.conf
wget -O /etc/nginx/nginx.conf https://raw.githubusercontent.com/VirtuBox/plesk-nginx/master/etc/nginx/nginx.conf
wget -O /etc/nginx/conf.d/ssl.conf https://raw.githubusercontent.com/VirtuBox/plesk-nginx/master/etc/nginx/conf.d/ssl.conf
nginx -t && service nginx reload
sudo systemctl restart nginx