Last active
April 25, 2024 05:39
-
-
Save western/6110a3e07897183c2d5d9bff38bfdaa7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # save and run | |
| # . nginx_builder2 | |
| CPUC=`cat /proc/cpuinfo | grep processor | wc -l` | |
| CPUC=$((CPUC-1)) | |
| PARENTF=`pwd` | |
| BUILDF="$PARENTF/build" | |
| NGINXV='nginx-1.26.0' | |
| IS_LOCAL=1 | |
| IS_PAUSED=0 | |
| IS_GET_ONLY=1 | |
| function main { | |
| notice "builder for $NGINXV" | |
| notice "from parent folder $PARENTF" | |
| warn "IS_LOCAL $IS_LOCAL" | |
| warn "IS_PAUSED $IS_PAUSED" | |
| warn "IS_GET_ONLY $IS_GET_ONLY" | |
| PS3='Please enter your choice: ' | |
| options=("dotinit" "root_prepare" "build" "nginx_tmpfile" "nginx_service" "quit") | |
| select opt in "${options[@]}" | |
| do | |
| case $opt in | |
| "dotinit") | |
| pushd /root/ | |
| wget https://raw.githubusercontent.com/western/nginx-builder/dev/.vimrc | |
| wget https://raw.githubusercontent.com/western/nginx-builder/dev/.alias | |
| echo "" >> .bashrc | |
| echo "source .alias" >> .bashrc | |
| source .alias | |
| popd | |
| ;; | |
| "root_prepare") | |
| root_prepare | |
| break | |
| ;; | |
| "build") | |
| rm versions | |
| if [ $IS_LOCAL == 1 ]; then | |
| mkdir -p $BUILDF/{tmp,proxy,fastcgi,uwsgi,scgi} | |
| fi | |
| #root_prepare | |
| ngx_module | |
| openssl_get | |
| ngx_src | |
| make_configure | |
| #make_nginx_tmpfile | |
| #make_nginx_service | |
| prepare_for_archive | |
| break | |
| ;; | |
| "nginx_tmpfile") | |
| make_nginx_tmpfile | |
| break | |
| ;; | |
| "nginx_service") | |
| make_nginx_service | |
| break | |
| ;; | |
| "quit") | |
| break | |
| ;; | |
| *) echo "invalid option $REPLY";; | |
| esac | |
| done | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function prepare_for_archive { | |
| notice "prepare_for_archive" | |
| pushd $PARENTF | |
| find . -type d -name '.git' -not -path "./.git" | xargs rm -rf | |
| find . -type d -name '.git' -not -path "./.git" | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function root_prepare { | |
| notice "root_prepare" | |
| if ! whoami | grep -q root; then | |
| err 'root required. exit.' | |
| fi | |
| if ! grep -q "nginx" /etc/passwd; then | |
| groupadd nginx | |
| useradd -M -g nginx nginx | |
| fi | |
| if cat /etc/*release* | grep -q 'openSUSE Leap 15.5'; then | |
| warn 'openSUSE Leap 15.5 detected.' | |
| zypper in -t pattern -y devel_C_C++ devel_basis devel_perl console | |
| zypper in -y pcre-devel libopenssl-devel gd-devel libGeoIP-devel libatomic_ops-devel dialog | |
| zypper in -y libxslt-devel libxml2-devel | |
| fi | |
| if cat /etc/*release* | grep -q 'VERSION="11 (bullseye)"'; then | |
| warn 'Debian 11 detected.' | |
| apt-get install -y vim mc less mlocate git cmake build-essential curl gnupg aptitude | |
| apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev libxslt-dev | |
| fi | |
| if cat /etc/*release* | grep -q 'VERSION="12 (bookworm)"'; then | |
| warn 'Debian 12 detected.' | |
| apt-get update && apt-get upgrade -u | |
| apt-get install -y vim mc less lsof mlocate git curl wget aptitude | |
| apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev libxslt-dev | |
| fi | |
| if cat /etc/*release* | grep -q 'CentOS Linux release 8'; then | |
| warn 'CentOS 8 detected.' | |
| dnf groupinstall "Development Tools" -y | |
| dnf config-manager --set-enabled PowerTools | |
| dnf install python2 -y | |
| dnf install pcre-devel -y | |
| dnf install zlib-devel -y | |
| dnf install gd-devel -y | |
| dnf install openssl-devel -y | |
| dnf install epel-release -y | |
| dnf install GeoIP-devel -y | |
| dnf install libatomic_ops-devel -y | |
| ln -s /usr/bin/python2 /usr/bin/python | |
| fi | |
| if [ $IS_LOCAL == 0 ]; then | |
| rm -rf /usr/local/$NGINXV | |
| rm -rf /var/lib/nginx/ | |
| mkdir -p /var/lib/nginx/{fastcgi,proxy,scgi,tmp,uwsgi,cache} | |
| chown -R nginx:nginx /var/lib/nginx/ | |
| mkdir -p /var/run/nginx | |
| chown -R nginx:nginx /var/run/nginx | |
| mkdir /var/log/nginx/ | |
| fi | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # ------------------------------------------------------------------------------ | |
| function ngx_module { | |
| notice "ngx_module" | |
| mkdir ngx_module ; | |
| pushd ngx_module | |
| #get_github 'openresty' 'memc-nginx-module.git' | |
| #get_github 'openresty' 'lua-nginx-module.git' 'v0.10.17' | |
| get_github 'simplresty' 'ngx_devel_kit.git' | |
| #get_github 'openresty' 'redis2-nginx-module.git' | |
| get_github 'openresty' 'echo-nginx-module.git' | |
| get_github 'calio' 'form-input-nginx-module.git' | |
| get_github 'openresty' 'set-misc-nginx-module.git' | |
| get_github 'Austinb' 'nginx-upload-module.git' | |
| get_github 'FRiCKLE' 'ngx_cache_purge.git' | |
| get_github 'openresty' 'headers-more-nginx-module.git' | |
| #get_github 'nbs-system' 'naxsi.git' | |
| #get_github 'SpiderLabs' 'ModSecurity-nginx.git' | |
| #get_github 'openresty' 'replace-filter-nginx-module.git' | |
| #get_github 'openresty' 'rds-json-nginx-module.git' | |
| #get_github 'openresty' 'rds-csv-nginx-module.git' | |
| #get_github 'openresty' 'drizzle-nginx-module.git' | |
| #get_github 'openresty' 'ngx_postgres.git' | |
| get_github 'nginx' 'njs.git' | |
| #get_github 'openresty' 'stream-lua-nginx-module.git' 'v0.0.8' | |
| #get_github 'openresty' 'xss-nginx-module.git' | |
| #get_github 'arut' 'nginx-rtmp-module.git' | |
| #get_github 'arut' 'nginx-ts-module.git' | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # ------------------------------------------------------------------------------ | |
| function openssl_get { | |
| notice "openssl_get" | |
| mkdir etc_src ; | |
| pushd etc_src | |
| get_arch 'https://github.com/openssl/openssl/releases/download/openssl-3.2.1/openssl-3.2.1.tar.gz' 'openssl-3.2.1.tar.gz' 'openssl-3.2.1' | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function openssl_generate_localhost { | |
| notice "openssl_generate_localhost" | |
| if [ ! -f "/etc/$NGINXV/ssl/localhost.crt" ]; then | |
| pushd "/etc/$NGINXV/" | |
| mkdir ssl ; cd ssl | |
| openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt | |
| openssl dhparam -out dhparam.pem 4096 | |
| cd .. | |
| popd | |
| fi | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function ngx_src { | |
| notice "ngx_src" | |
| mkdir ngx_src ; | |
| pushd ngx_src | |
| get_arch "https://nginx.org/download/$NGINXV.tar.gz" "$NGINXV.tar.gz" $NGINXV | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function make_configure { | |
| notice "make_configure" | |
| local PREFIX="" | |
| local CONF_PATH="" | |
| local PID_PATH="" | |
| local ERROR_LOG="" | |
| local HTTP_LOG="" | |
| local CLIENT_BODY_TEMP="" | |
| local PROXY_TEMP_PATH="" | |
| local FASTCGI_TEMP_PATH="" | |
| local UWSGI_TEMP_PATH="" | |
| local SCGI_TEMP_PATH="" | |
| if [ $IS_LOCAL == 1 ]; then | |
| PREFIX="$BUILDF/" | |
| CONF_PATH="$PREFIX/conf/nginx.conf" | |
| PID_PATH="$PREFIX/logs/nginx124.pid" | |
| ERROR_LOG="$PREFIX/logs/error.log" | |
| HTTP_LOG="$PREFIX/logs/access.log" | |
| CLIENT_BODY_TEMP="$PREFIX/tmp/" | |
| PROXY_TEMP_PATH="$PREFIX/proxy/" | |
| FASTCGI_TEMP_PATH="$PREFIX/fastcgi/" | |
| UWSGI_TEMP_PATH="$PREFIX/uwsgi/" | |
| SCGI_TEMP_PATH="$PREFIX/scgi/" | |
| else | |
| PREFIX="/usr/local/$NGINXV" | |
| CONF_PATH="/etc/$NGINXV/nginx.conf" | |
| PID_PATH="/var/run/nginx/nginx124.pid" | |
| ERROR_LOG="/var/log/nginx/error.log" | |
| HTTP_LOG="/var/log/nginx/access.log" | |
| CLIENT_BODY_TEMP="/var/lib/nginx/tmp/" | |
| PROXY_TEMP_PATH="/var/lib/nginx/proxy/" | |
| FASTCGI_TEMP_PATH="/var/lib/nginx/fastcgi/" | |
| UWSGI_TEMP_PATH="/var/lib/nginx/uwsgi/" | |
| SCGI_TEMP_PATH="/var/lib/nginx/scgi/" | |
| fi | |
| WITH_OPENSSL="" | |
| if [ -d $PARENTF/etc_src/openssl-3.2.1 ]; then | |
| WITH_OPENSSL="--with-openssl=$PARENTF/etc_src/openssl-3.2.1 --with-openssl-opt='enable-tls1_3'" | |
| fi | |
| pushd ngx_src/$NGINXV | |
| /bin/bash configure \ | |
| --with-ld-opt="-Wl,-rpath,$LUAJIT2_BUILD_LIB" \ | |
| --prefix=$PREFIX \ | |
| --conf-path=$CONF_PATH \ | |
| --pid-path=$PID_PATH \ | |
| --error-log-path=$ERROR_LOG \ | |
| --http-log-path=$HTTP_LOG \ | |
| --http-client-body-temp-path=$CLIENT_BODY_TEMP \ | |
| --http-proxy-temp-path=$PROXY_TEMP_PATH \ | |
| --http-fastcgi-temp-path=$FASTCGI_TEMP_PATH \ | |
| --http-uwsgi-temp-path=$UWSGI_TEMP_PATH \ | |
| --http-scgi-temp-path=$SCGI_TEMP_PATH \ | |
| --user=nginx \ | |
| --group=nginx \ | |
| --with-debug \ | |
| --with-stream \ | |
| --with-stream_ssl_module \ | |
| --with-stream_realip_module \ | |
| --with-stream_geoip_module \ | |
| --with-stream_ssl_preread_module \ | |
| --with-threads \ | |
| --with-file-aio \ | |
| --with-http_ssl_module $WITH_OPENSSL \ | |
| --with-http_v2_module \ | |
| --with-http_v3_module \ | |
| --with-http_realip_module \ | |
| --with-http_addition_module \ | |
| --with-http_image_filter_module \ | |
| --with-http_geoip_module \ | |
| --with-http_sub_module \ | |
| --with-http_mp4_module \ | |
| --with-http_gunzip_module \ | |
| --with-http_gzip_static_module \ | |
| --with-http_random_index_module \ | |
| --with-http_secure_link_module \ | |
| --with-http_stub_status_module \ | |
| --with-pcre \ | |
| --with-pcre-jit \ | |
| --with-libatomic \ | |
| --add-module=../../ngx_module/ngx_devel_kit.git/ \ | |
| --add-module=../../ngx_module/echo-nginx-module.git/ \ | |
| --add-module=../../ngx_module/form-input-nginx-module.git/ \ | |
| --add-module=../../ngx_module/set-misc-nginx-module.git/ \ | |
| --add-module=../../ngx_module/nginx-upload-module.git/ \ | |
| --add-module=../../ngx_module/ngx_cache_purge.git/ \ | |
| --add-module=../../ngx_module/headers-more-nginx-module.git/ \ | |
| --add-module=../../ngx_module/njs.git/nginx/ \ | |
| make install -j4 | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function make_nginx_service { | |
| notice "make_nginx_service" | |
| if ! whoami | grep -q root; then | |
| echo 'root required. exit.' | |
| exit 1 | |
| fi | |
| cat << L11HEREDOC > /etc/systemd/system/nginx124.service | |
| [Unit] | |
| Description=$NGINXV | |
| Wants=network.target nss-lookup.target | |
| After=syslog.target network.target remote-fs.target nss-lookup.target | |
| [email protected] plymouth-quit.service xdm.service | |
| [Service] | |
| Type=forking | |
| PIDFile=/var/run/nginx/nginx124.pid | |
| ExecStartPre=/usr/local/$NGINXV/sbin/nginx -t | |
| ExecStart=/usr/local/$NGINXV/sbin/nginx | |
| ExecReload=/bin/kill -s HUP \$MAINPID | |
| ExecStop=/bin/kill -s QUIT \$MAINPID | |
| #PrivateTmp=true | |
| [Install] | |
| WantedBy=multi-user.target runlevel3.target | |
| L11HEREDOC | |
| systemctl daemon-reload | |
| #systemctl status nginx124.service | |
| #systemctl enable nginx124.service | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # ------------------------------------------------------------------------------ | |
| function make_nginx_tmpfile { | |
| notice "make_nginx_tmpfile" | |
| if ! whoami | grep -q root; then | |
| echo 'root required. exit.' | |
| exit 1 | |
| fi | |
| cat << L12HEREDOC > /usr/lib/tmpfiles.d/nginx.conf | |
| d /run/nginx 0755 nginx nginx - - | |
| L12HEREDOC | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # get_arch 'https://domain.tld/archive.tar.gz' 'archive.tar.gz' 'folder' | |
| function get_arch { | |
| notice "get_arch [$1] FILE [$2] FOLD [$3]" | |
| local getUrl=$1 | |
| local fileName=$2 | |
| local folderName=$3 | |
| if [ ! -f $fileName ]; then | |
| notice "wget $getUrl -O $fileName" | |
| wget $getUrl -O $fileName | |
| fi | |
| #if [ -d $folderName ]; then | |
| # notice "rm rf $folderName" | |
| # rm -rf $folderName | |
| #fi | |
| if [ ! -d $folderName ] && [[ $fileName =~ ".zip" ]]; then | |
| notice "unzip" | |
| unzip $fileName | |
| fi | |
| if [[ ! -d $folderName ]] && [[ $fileName =~ ".tar." ]]; then | |
| notice "tar xf" | |
| tar xf $fileName | |
| fi | |
| if [ ! -f $fileName ]; then | |
| err "get_arch: file $fileName is not exists" | |
| fi | |
| if [ ! -d $folderName ]; then | |
| err "get_arch: folder $folderName is not exists" | |
| fi | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # get_github 'user' 'project.git' | |
| # get_github 'user' 'project.git' 'branch' | |
| # | |
| # project 'project.git' save to similar folder 'project.git' | |
| function get_github { | |
| notice "get_github https://github.com/$1/$2" | |
| local folderName=$2 | |
| local branch=$3 | |
| if [ -d $folderName ]; then | |
| cd $folderName | |
| pwd | |
| git pull | |
| cd .. | |
| else | |
| if [ "$branch" == "" ]; then | |
| git clone https://github.com/$1/$folderName $folderName | |
| else | |
| warn "branch $branch" | |
| git clone -b $branch https://github.com/$1/$folderName $folderName | |
| fi | |
| fi | |
| if [ ! -d $folderName ]; then | |
| err "get_github: folder $folderName is not exists" | |
| fi | |
| echo "https://github.com/$1/$folderName" >> "$PARENTF/versions" | |
| pushd $folderName | |
| git describe --tags --abbrev=0 | |
| echo `git describe --tags --abbrev=0` >> "$PARENTF/versions" | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| # get_gitany 'https://domain.tld/anypath' 'folder.git' | |
| # get_gitany 'https://domain.tld/anypath' 'folder.git' 'branch' | |
| function get_gitany { | |
| notice "get_gitany $1 to $2" | |
| local folderName=$2 | |
| local branch=$3 | |
| if [ -d $folderName ]; then | |
| pushd $folderName | |
| pwd | |
| git pull | |
| popd | |
| else | |
| if [ "$branch" == "" ]; then | |
| git clone $1 $folderName | |
| else | |
| warn "branch $branch" | |
| git clone -b $branch $1 $folderName | |
| fi | |
| fi | |
| if [ ! -d $folderName ]; then | |
| err "get_gitany: folder $folderName is not exists" | |
| fi | |
| echo "$1" >> "$PARENTF/versions" | |
| pushd $folderName | |
| git describe --tags --abbrev=0 | |
| echo `git describe --tags --abbrev=0` >> "$PARENTF/versions" | |
| popd | |
| } | |
| # ------------------------------------------------------------------------------ | |
| function notice { | |
| builtin echo -en "\033[1m" | |
| echo "NOTICE: $@" | |
| builtin echo -en "\033[0m" | |
| } | |
| function success { | |
| builtin echo -en "\033[1;32m" | |
| echo "SUCCESS: $@" | |
| builtin echo -en "\033[0m" | |
| } | |
| function warn { | |
| builtin echo -en "\033[1;33m" | |
| echo "WARN: $@" | |
| builtin echo -en "\033[0m" | |
| } | |
| function err { | |
| builtin echo -en "\033[1;31m" | |
| echo "ERR: $@" | |
| builtin echo -en "\033[0m" | |
| exit 1 | |
| } | |
| function fatal { | |
| builtin echo -en "\033[1;31m" | |
| echo "FATAL: $@" | |
| builtin echo -en "\033[0m" | |
| exit 1 | |
| } | |
| # ------------------------------------------------------------------------------ | |
| main |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment