Compile Nginx/Openresty
#!/bin/bash
################################################
# INIT
######Check to make sure script is being run as root######
if [ `whoami` != root ]; then
echo "This script must be run as root"
exit 1
fi
if ! $(uname -a | grep -q Ubuntu); then
OS="notubuntu"
fi
INITDIR=$(pwd)
echo $INITDIR
if [ -z ${OS+x} ]; then
apt -y update && apt -y upgrade && apt -y autoremove && apt -y autoclean
else
yum update && yum upgrade
fi
mkdir -p /srv/proxy/{conf,log,ssl,web,include,site}
ls -la /srv/proxy/
mkdir -p /etc/resty-auto-ssl/storage/file/
chown -R www-data: /etc/resty-auto-ssl/
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
-subj '/CN=sni-support-required-for-valid-ssl' \
-keyout /etc/ssl/resty-auto-ssl-fallback.key \
-out /etc/ssl/resty-auto-ssl-fallback.crt
# /INIT
echo "next cleanup"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# CLEANUP
rm -rf src
# /CLEANUP
echo "next vars"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# VARS
OPENRESTY_VERSION="1.13.6.2"
PAGESPEED_VERSION="1.13.35.2"
RESTY_OPENSSL_VERSION="1.1.0j"
if [ -z ${OS+x} ]; then
# UBUNTU
BUILD_DEPS="build-essential curl libreadline-dev libncurses5-dev libpcre3-dev libgeoip-dev zlib1g-dev ca-certificates curl git uuid-dev net-tools vim unzip lua5.2 liblua5.2-dev"
else
# CENTOS
BUILD_DEPS="rpm-build redhat-rpm-config rpmdevtools openssl-devel zlib-devel pcre-devel gcc make perl perl-Data-Dumper libtool ElectricFence systemtap-sdt-devel valgrind-devel uuid-devel libuuid-devel gcc-c++ GeoIP-devel perl-Digest-MD5 openssl net-tools"
fi
RESTY_CONFIG_OPTIONS="\
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_secure_link_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_sub_module \
--with-http_v2_module \
--with-http_geoip_module=dynamic \
--with-file-aio \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module \
--with-threads \
--without-http_autoindex_module \
--without-http_browser_module \
--without-http_userid_module \
--without-mail_pop3_module \
--without-mail_imap_module \
--without-mail_smtp_module \
--without-http_split_clients_module \
--without-http_uwsgi_module \
--without-http_scgi_module \
--without-http_referer_module \
--user=www-data \
--group=www-data \
--conf-path=/srv/proxy/conf/nginx.conf \
--http-log-path=/srv/proxy/log/access.log \
--error-log-path=/srv/proxy/log/error.log \
--pid-path=/run/nginx.pid \
--lock-path=/run/nginx.lock \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--add-module=../incubator-pagespeed-ngx-${PAGESPEED_VERSION}-stable \
--add-module=../ngx_cache_purge-2.3 \
--add-module=../ngx_brotli \
--with-openssl=../openssl-${RESTY_OPENSSL_VERSION} \
\
"
# /VARS
echo "next download"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# PREPAIR
if [ -z ${OS+x} ]; then
apt -y install ${BUILD_DEPS}
else
yum -y install ${BUILD_DEPS}
fi
mkdir src && cd src
#https://openresty.org/en/download.html
#curl -L https://openresty.org/download/openresty-1.13.6.2.tar.gz | tar -zx
curl -L https://openresty.org/download/openresty-${OPENRESTY_VERSION}.tar.gz | tar -zx
#http://labs.frickle.com/nginx_ngx_cache_purge/
#curl -L http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz | tar -zx
curl -L http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz | tar -zx
#https://www.openssl.org/source/
#curl -L https://www.openssl.org/source/openssl-1.1.0h.tar.gz | tar -zx
curl -L https://www.openssl.org/source/openssl-${RESTY_OPENSSL_VERSION}.tar.gz | tar -zx
#https://github.com/apache/incubator-pagespeed-mod/releases
#curl -L https://github.com/apache/incubator-pagespeed-ngx/archive/v1.13.35.2-stable.tar.gz | tar -zx
curl -L https://github.com/apache/incubator-pagespeed-ngx/archive/v${PAGESPEED_VERSION}-stable.tar.gz | tar -zx
# no source ... url gets displayed when compiling
#cd incubator-pagespeed* && curl -L https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz | tar -zx
cd incubator-pagespeed* && curl -L https://dl.google.com/dl/page-speed/psol/${PAGESPEED_VERSION}-x64.tar.gz | tar -zx
cd -
# https://www.weyand.biz/2017/07/04/brotli-und-pagespeed-modul-in-nginx-unter-ubuntu-plesk-101.html
git clone https://github.com/google/ngx_brotli.git
cd ngx_brotli/
git submodule update --init --recursive
# /PREPAIR
echo "next build"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# BUILD
readonly NPROC=$(grep -c ^processor /proc/cpuinfo 2>/dev/null || 1) && echo "using up to $NPROC threads"
echo ${PAGESPEED_VERSION}
cd src/openrest*
./configure -j${NPROC} ${_RESTY_CONFIG_DEPS} ${RESTY_CONFIG_OPTIONS}
make -j${NPROC}
# /BUILD
echo "next install"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# INSTALL
cd src/openrest*
make install -j${NPROC}
# /INSTALL
echo "next postinstall"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# LUAROCKS
#http://luarocks.github.io/luarocks/releases/
LUAROCKS_VERSION='3.0.4'
LUAROCKS_BUILD="
--prefix=/usr/local/openresty/luajit \
--with-lua=/usr/local/openresty/luajit/ \
--lua-suffix=jit \
--with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1
"
readonly NPROC=$(grep -c ^processor /proc/cpuinfo 2>/dev/null || 1) && echo "using up to $NPROC threads"
mkdir -p src && cd src
curl -L http://luarocks.github.io/luarocks/releases/luarocks-${LUAROCKS_VERSION}.tar.gz | tar -xz
cd luarock*
./configure ${LUAROCKS_BUILD}
make -j${NPROC} build
make -j${NPROC} install
# /LUAROCKS
echo "next end"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# POSTINSTALL
if [ -z ${OS+x} ]; then
echo "www-data should already exist"
else
useradd www-data
groupadd www-data
usermod -a -G www-data www-data
fi
mkdir /var/lib/nginx/
echo "export PATH=/usr/local/openresty/bin:/usr/local/openresty/luajit/bin:$PATH" >> /etc/environment
cp ./nginx.conf /etc/nginx/
cp ./nginx.service /lib/systemd/system/
systemctl enable nginx
systemctl start nginx
systemctl status nginx
/usr/local/openresty/bin/openresty -t
netstat -tulpn | grep ngin
# /INSTALL
echo "next exit"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# Install PHP 7.x
yum -y install epel-release
yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install yum-utils
yum-config-manager --enable remi-php72
yum -y update
yum -y install php72 php72-php-fpm php72-php-gd php72-php-json php72-php-mbstring php72-php-mysqlnd php72-php-xml php72-php-xmlrpc php72-php-opcache
cp ./www.conf /etc/opt/remi/php72/php-fpm.d/www.conf
# /INSTALL
echo "next exit"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
################################################
# Install Redis
yum install epel-release
yum install redis -y
systemctl start redis.service
systemctl enable redis
systemctl status redis.service
redis-cli ping
#sed -i -e 's//127.0.0.1/g' /etc/redis.conf
# /INSTALL
echo "next exit"
read -p "Coninue: " CONTINUE
if [ $CONTINUE != "y" ]; then
echo "end"
exit 0
fi
cd $INITDIR
################################################
exit 0