1 #!/bin/bash
2 #
3 #tddh 2017-6-6 ********@163.com rhel6u4 x86_64
4 #
5 #nginx install
6 #
7 ##########################################################################################
8
9 #定义参数
10 cur_dir=`pwd` #packages……
11 nginx_user=www
12
13 zlib=zlib-1.2.11.tar.gz
14 zlib_version=zlib-1.2.11
15
16 openssl=openssl-1.1.0f.tar.gz
17 openssl_version=openssl-1.1.0f
18
19 pcre=pcre-8.10.tar.gz
20 pcre_version=pcre-8.10
21
22 nginx=nginx-1.13.1.tar.gz
23 nginx_version=nginx-1.13.1
24
25 module1=nginx-goodies-nginx-sticky-module-ng-c78b7dd79d0d.zip
26 module1_version=nginx-goodies-nginx-sticky-module-ng-c78b7dd79d0d
27
28 module2=nginx_upstream_check_module-master.zip
29 module2_version=nginx_upstream_check_module-master
30
31 #cdrom="/app/system/rhel6.SIO" #光盘位置,全路径
32
33
34 #依赖包,#yum安装源配置
35
36 #安装nginx
37
38 #系统变量
39
40
41 cp /etc/sysctl.conf /etc/sysctl.conf_swyang.conf
42
43 cat <<EOF> /etc/sysctl.conf
44 net.ipv4.ip_forward = 0
45 net.ipv4.conf.default.rp_filter = 1
46 net.ipv4.conf.default.accept_source_route = 0
47 kernel.sysrq = 0
48 kernel.core_uses_pid = 1
49 net.ipv4.tcp_syncookies = 1
50 kernel.msgmnb = 65536
51 kernel.msgmax = 65536
52 kernel.shmmax = 68719476736
53 kernel.shmall = 4294967296
54 net.ipv4.tcp_max_tw_buckets = 6000
55 net.ipv4.tcp_sack = 1
56 net.ipv4.tcp_window_scaling = 1
57 net.ipv4.tcp_rmem = 4096 87380 4194304
58 net.ipv4.tcp_wmem = 4096 16384 4194304
59 net.core.wmem_default = 8388608
60 net.core.rmem_default = 8388608
61 net.core.rmem_max = 16777216
62 net.core.wmem_max = 16777216
63 net.core.netdev_max_backlog = 262144
64 net.core.somaxconn = 262144
65 net.ipv4.tcp_max_orphans = 3276800
66 net.ipv4.tcp_max_syn_backlog = 262144
67 net.ipv4.tcp_timestamps = 0
68 net.ipv4.tcp_synack_retries = 1
69 net.ipv4.tcp_syn_retries = 1
70 net.ipv4.tcp_tw_recycle = 1
71 net.ipv4.tcp_tw_reuse = 1
72 net.ipv4.tcp_mem = 94500000 915000000 927000000
73 net.ipv4.tcp_fin_timeout = 1
74 net.ipv4.tcp_keepalive_time = 30
75 net.ipv4.ip_local_port_range = 1024 65000
76 net.ipv4.tcp_syncookies = 1
77 fs.file-max = 999999
78 net.ipv4.tcp_tw_reuse = 1
79 net.ipv4.tcp_keepalive_time = 600
80 net.ipv4.tcp_fin_timeout = 30
81 net.ipv4.tcp_max_tw_buckets = 5000
82 net.ipv4.ip_local_port_range = 1024 61000
83 net.ipv4.tcp_rmem = 10240 87380 12582912
84 net.ipv4.tcp_wmem = 10240 87380 12582912
85 net.core.netdev_max_backlog = 8096
86 net.core.rmem_default = 6291456
87 net.core.wmem_default = 6291456
88 net.core.rmem_max = 12582912
89 net.core.wmem_max = 12582912
90 net.ipv4.tcp_max_syn_backlog = 8192
91 EOF
92
93 if [ $? -ne 0 ]
94 then
95 echo "sysctl.conf install error"
96 exit 1
97 else
98 echo "11 sysctl.conf success" >> ${cur_dir}/tddh_install.log
99 fi
100
101 sysctl -p
102
103
104 echo " ${nginx_user} soft nproc 20480" >> /etc/security/limits.conf
105 echo " ${nginx_user} hard nproc 26384" >> /etc/security/limits.conf
106 echo " ${nginx_user} soft nofile 10240" >> /etc/security/limits.conf
107 echo " ${nginx_user} hard nofile 65536" >> /etc/security/limits.conf
108 echo " ${nginx_user} soft stack 10240" >> /etc/security/limits.conf
109
110 echo "session required pam_limits.so" >> /etc/pam.d/login
111 if [ $? -ne 0 ]
112 then
113 echo "limits.conf install error"
114 exit 1
115 else
116 echo "12 limits.conf success" >> ${cur_dir}/tddh_install.log
117 fi
118
119 echo "UseDNS no" >> /etc/ssh/sshd_config
120 echo "UseLogin yes" >> /etc/ssh/sshd_config
121 /etc/init.d/sshd restart
122 if [ $? -ne 0 ]
123 then
124 echo "sshd install error"
125 exit 1
126 else
127 echo "13 sshd success" >> ${cur_dir}/tddh_install.log
128 fi
129
130 #install nginx
131 cd ${cur_dir}/packages/
132 tar -zxvf ${zlib}
133 tar -zxvf ${openssl}
134 tar -zxvf ${pcre}
135 tar -zxvf ${nginx}
136 unzip ${module1}
137 unzip ${module2}
138
139 if [ $? -ne 0 ]
140 then
141 echo "tar nginx install error"
142 exit 1
143 else
144 echo "14 tar nginx success" >> ${cur_dir}/tddh_install.log
145 fi
146
147 cd ${nginx_version}/
148 ./configure --user=${nginx_user} --group=${nginx_user} --prefix=${cur_dir}/${nginx_version} --with-http_stub_status_module --with-http_ssl_module --add-module=${cur_dir}/packages/${module1_version} --add-module=${cur_dir}/packages/${module2_version} --with-http_realip_module --with-pcre=${cur_dir}/packages/${pcre_version} --with-zlib=${cur_dir}/packages/${zlib_version} --with-openssl=${cur_dir}/packages/${openssl_version}/ --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module
149
150 if [ $? -ne 0 ]
151 then
152 echo "nginx configure install error"
153 exit 1
154 else
155 echo "15 nginx configure success" >> ${cur_dir}/tddh_install.log
156 fi
157
158 make
159 if [ $? -ne 0 ]
160 then
161 echo "nginx make install error"
162 exit 1
163 else
164 echo "16 nginx make success" >> ${cur_dir}/tddh_install.log
165 fi
166
167 make install
168 if [ $? -ne 0 ]
169 then
170 echo "nginx make install install error"
171 exit 1
172 else
173 echo "17 nginx make install success" >> ${cur_dir}/tddh_install.log
174 fi
175
176
177
178 #配置
179
180 [ -d ${cur_dir}/${nginx_version}/lock ] || mkdir ${cur_dir}/${nginx_version}/lock
181 [ -d ${cur_dir}/${nginx_version}/run ] || mkdir ${cur_dir}/${nginx_version}/run
182 [ -d ${cur_dir}/${nginx_version}/script ] || mkdir ${cur_dir}/${nginx_version}/script
183
184 #nginx configure
185
186 cat <<EOF> ${cur_dir}/${nginx_version}/conf/proxy.conf
187 fs.file-max = 999999
188 net.ipv4.tcp_tw_reuse = 1
189 net.ipv4.tcp_max_tw_buckets = 5000
190 net.ipv4.ip_local_port_range = 1024 61000
191 net.ipv4.tcp_rmem = 4096 32768 262142
192 net.ipv4.tcp_wmem = 4096 32768 262142
193 net.ipv4.tcp_syncookies = 1
194 net.core.netdev_max_backlog = 8096
195 net.core.rmem_default = 262144
196 net.core.wmem_default = 262144
197 net.core.rmem_max = 2097152
198 net.core.wmem_max = 2097152
199 net.ipv4.tcp_max_syn.backlog = 1024
200 EOF
201
202 if [ $? -ne 0 ]
203 then
204 echo "nginx proxy.conf install error"
205 exit 1
206 else
207 echo "18 nginx proxy.conf success" >> ${cur_dir}/tddh_install.log
208 fi
209
210
211
212 cpu_number=`cat /proc/cpuinfo | grep process | awk '{print $3}' | wc -l`
213
214
215 cat <<EOF> ${cur_dir}/${nginx_version}/conf/nginx.conf
216 user ${nginx_user};
217 worker_processes ${cpu_number};
218
219 error_log logs/error.log;
220 error_log logs/error.log notice;
221 error_log logs/error.log info;
222
223 pid run/nginx.pid;
224
225
226 events {
227 worker_connections 1024;
228 }
229
230
231 http {
232 include mime.types;
233 default_type application/octet-stream;
234
235 #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
236 # '$status $body_bytes_sent "$http_referer" '
237 # '"$http_user_agent" "$http_x_forwarded_for"';
238
239 access_log logs/access.log main;
240
241 sendfile on;
242 #tcp_nopush on;
243
244 #keepalive_timeout 0;
245 keepalive_timeout 65;
246
247 gzip on;
248
249 server {
250 listen 80;
251 server_name localhost;
252
253 #charset koi8-r;
254
255 #access_log logs/host.access.log main;
256
257 location / {
258 root html;
259 index index.html index.htm;
260 }
261
262 #error_page 404 /404.html;
263
264 # redirect server error pages to the static page /50x.html
265 #
266 error_page 500 502 503 504 /50x.html;
267 location = /50x.html {
268 root html;
269 }
270
271 # proxy the PHP scripts to Apache listening on 127.0.0.1:80
272 #
273 #location ~ \.php$ {
274 # proxy_pass http://127.0.0.1;
275 #}
276
277 # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
278 #
279 #location ~ \.php$ {
280 # root html;
281 # fastcgi_pass 127.0.0.1:9000;
282 # fastcgi_index index.php;
283 # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
284 # include fastcgi_params;
285 #}
286
287 # deny access to .htaccess files, if Apache's document root
288 # concurs with nginx's one
289 #
290 #location ~ /\.ht {
291 # deny all;
292 #}
293 }
294
295
296 # another virtual host using mix of IP-, name-, and port-based configuration
297 #
298 #server {
299 # listen 8000;
300 # listen somename:8080;
301 # server_name somename alias another.alias;
302
303 # location / {
304 # root html;
305 # index index.html index.htm;
306 # }
307 #}
308
309
310 # HTTPS server
311 #
312 #server {
313 # listen 443 ssl;
314 # server_name localhost;
315
316 # ssl_certificate cert.pem;
317 # ssl_certificate_key cert.key;
318
319 # ssl_session_cache shared:SSL:1m;
320 # ssl_session_timeout 5m;
321
322 # ssl_ciphers HIGH:!aNULL:!MD5;
323 # ssl_prefer_server_ciphers on;
324
325 # location / {
326 # root html;
327 # index index.html index.htm;
328 # }
329 #}
330
331 }
332 EOF
333
334 if [ $? -ne 0 ]
335 then
336 echo "nginx nginx.conf install error"
337 exit 1
338 else
339 echo "19 nginx nginx.conf success" >> ${cur_dir}/tddh_install.log
340 fi
341
342
343 cat <<EOF> ${cur_dir}/${nginx_version}/script/nginx.sh
344 #!/bin/bash
345 # nginx Startup script for the Nginx HTTP Server
346 # description: Nginx is a high-performance web and proxy server.
347 # It has a lot of features, but it's not for everyone.
348 # processname: nginx
349 # pidfile: /var/run/nginx.pid
350 # config: /usr/local/nginx/conf/nginx.conf
351
352 #nginx启动文件
353 nginxd=${cur_dir}/${nginx_version}/sbin/nginx
354
355 #nginx配置文件
356 nginx_config=${cur_dir}/${nginx_version}/conf/nginx.conf
357
358 #nginx的pid文件
359 nginx_pid=${cur_dir}/${nginx_version}/sbin/nginx.pid
360 RETVAL=0
361 prog="nginx"
362 # Source function library.
363 . /etc/rc.d/init.d/functions
364 # Source networking configuration.
365 . /etc/sysconfig/network
366 # Check that networking is up.
367 [ \${NETWORKING} = "no" ] && exit 0
368 [ -x \$nginxd ] || exit 0
369 # Start nginx daemons functions.
370 start() {
371 if [ -e \$nginx_pid ];then
372 echo "nginx already running...."
373 exit 1
374 fi
375 echo -n \$"Starting \$prog: "
376 daemon \$nginxd -c \${nginx_config}
377 RETVAL=\$?
378 echo
379 [ \$RETVAL = 0 ] && touch ${cur_dir}/${nginx_version}/lock/nginx
380 return $RETVAL
381 }
382 # Stop nginx daemons functions.
383 stop() {
384 echo -n \$"Stopping \$prog: "
385 killproc \$nginxd
386 RETVAL=\$?
387 echo
388 [ \$RETVAL = 0 ] && rm -f ${cur_dir}/${nginx_version}/lock/nginx ${cur_dir}/${nginx_version}/run/nginx.pid
389 }
390 # reload nginx service functions.
391 reload() {
392 echo -n \$"Reloading \$prog: "
393 #kill -HUP \`cat \${nginx_pid}\`
394 killproc \$nginxd -HUP
395 RETVAL=\$?
396 echo
397 }
398 # See how we were called.
399 case "\$1" in
400 start)
401 start
402 ;;
403 stop)
404 stop
405 ;;
406 reload)
407 reload
408 ;;
409 restart)
410 stop
411 start
412 ;;
413 status)
414 status \$prog
415 RETVAL=\$?
416 ;;
417 *)
418 echo \$"Usage: \$prog {start|stop|restart|reload|status|help}"
419 exit 1
420 esac
421 exit \$RETVAL
422 EOF
423
424
425 if [ $? -ne 0 ]
426 then
427 echo "nginx nginx.sh install error"
428 exit 1
429 else
430 echo "20 nginx nginx.sh success" >> ${cur_dir}/tddh_install.log
431 fi
432
433 chmod +x ${cur_dir}${nginx_version}/script/nginx.sh
434 chown ${nginx_user}.${nginx_user} -R ${cur_dir}/nginx
435
436 if [ $? -ne 0 ]
437 then
438 echo "nginx ${nginx_user} install error"
439 exit 1
440 else
441 echo "21 nginx ${nginx_user} success" >> ${cur_dir}/tddh_install.log
442 echo #########################End##############################
443 exit 1
444 fi
