Skip to content

Instantly share code, notes, and snippets.

@duan-li

duan-li/initial_lnhp.sh

Last active August 29, 2015 14:22
Show Gist options
  • Save duan-li/cbda74e4819e4d6116c5 to your computer and use it in GitHub Desktop.
Save duan-li/cbda74e4819e4d6116c5 to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu 14.04 LTS nginx HHVM and php-fpm fallback setup
Raw
initial_lnhp.sh
#!/bin/bash
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
CURRENT_USER=$(id -u -n)
CURRENT_GROUP=$(id -g -n)
CURRENT_USER_HOME=$(eval echo ~${SUDO_USER})
if [ -n "${SUDO_USER}" ]; then
CURRENT_USER=$(sudo -u ${SUDO_USER} id -u -n)
CURRENT_GROUP=$(sudo -u ${SUDO_USER} id -g -n)
fi
if [ "${CURRENT_USER}" == "root" ]; then
echo "Type a new username:"
read CURRENT_USER
CURRENT_GROUP=$CURRENT_USER
adduser --disabled-login --gecos "${CURRENT_USER}" ${CURRENT_USER}
CURRENT_USER_HOME="/home/${CURRENT_USER}"
fi
sudo -u ${CURRENT_USER} mkdir -p ${CURRENT_USER_HOME}/htdocs/default
sudo -u ${CURRENT_USER} cat >> ${CURRENT_USER_HOME}/htdocs/default/index.php <<EOF
<?php
phpinfo();
EOF
sudo -u ${CURRENT_USER} cat >> ${CURRENT_USER_HOME}/htdocs/default/index.html <<EOF
<h1>heading</h1>
EOF
# echo "Type your Mysql root pasword:"
# read MYSQL_PASSWORD
apt-get install -y unzip vim git-core curl wget build-essential python-software-properties
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449
add-apt-repository 'deb http://dl.hhvm.com/ubuntu trusty main'
apt-get update -y;
apt-get upgrade -y;
apt-get clean -y;
apt-get autoclean -y;
apt-get autoremove -y;
apt-get install -y nginx hhvm php5-fpm ps-watcher
sed -i -- "s/www-data/$CURRENT_USER/g" /etc/init.d/hhvm
sed -i -- "s/www-data/$CURRENT_USER/g" /etc/nginx/nginx.conf
cat >> /etc/php5/fpm/pool.d/www.conf <<EOF
user = $CURRENT_USER
group = $CURRENT_GROUP
listen.owner = $CURRENT_USER
listen.group = $CURRENT_GROUP
listen.mode = 0660
listen = 127.0.0.1:9001
listen.allowed_clients = 127.0.0.1
EOF
cat > /etc/nginx/sites-available/default <<EOF
# You may add here your
# server {
# ...
# }
# statements for each of your virtual hosts to this file
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /home/$CURRENT_USER/htdocs/default;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files \$uri \$uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location ~ \.(hh|php)$ {
proxy_intercept_errors on;
error_page 502 = @fallback;
try_files \$uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
fastcgi_param SERVER_NAME \$host;
fastcgi_pass 127.0.0.1:9000;
}
location @fallback {
try_files \$uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include fastcgi_params;
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
# fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_index index.php;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# index index.html index.htm;
#
# location / {
# try_files \$uri \$uri/ =404;
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
#
# root html;
# index index.html index.htm;
#
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
#
# ssl_session_timeout 5m;
#
# ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
# ssl_prefer_server_ciphers on;
#
# location / {
# try_files \$uri \$uri/ =404;
# }
#}
EOF
service hhvm restart
service php5-fpm restart
service nginx restart
cat > /usr/bin/nginx_modsite <<EOF
#!/bin/bash
##
# File:
# nginx_modsite
# Description:
# Provides a basic script to automate enabling and disabling websites found
# in the default configuration directories:
# /etc/nginx/sites-available and /etc/nginx/sites-enabled
# For easy access to this script, copy it into the directory:
# /usr/local/sbin
# Run this script without any arguments or with -h or --help to see a basic
# help dialog displaying all options.
##
# Copyright (C) 2010 Michael Lustfield <mtecknology@ubuntu.com>
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
##
# Default Settings
##
NGINX_CONF_FILE="\$(awk -F= -v RS=' ' '/conf-path/ {print \$2}' <<< \$(nginx -V 2>&1))"
NGINX_CONF_DIR="\${NGINX_CONF_FILE%/*}"
NGINX_SITES_AVAILABLE="\$NGINX_CONF_DIR/sites-available"
NGINX_SITES_ENABLED="\$NGINX_CONF_DIR/sites-enabled"
SELECTED_SITE="\$2"
##
# Script Functions
##
ngx_enable_site() {
[[ ! "\$SELECTED_SITE" ]] &&
ngx_select_site "not_enabled"
[[ ! -e "\$NGINX_SITES_AVAILABLE/\$SELECTED_SITE" ]] &&
ngx_error "Site does not appear to exist."
[[ -e "\$NGINX_SITES_ENABLED/\$SELECTED_SITE" ]] &&
ngx_error "Site appears to already be enabled"
ln -sf "\$NGINX_SITES_AVAILABLE/\$SELECTED_SITE" -T "\$NGINX_SITES_ENABLED/\$SELECTED_SITE"
ngx_reload
}
ngx_disable_site() {
[[ ! "\$SELECTED_SITE" ]] &&
ngx_select_site "is_enabled"
[[ ! -e "\$NGINX_SITES_AVAILABLE/\$SELECTED_SITE" ]] &&
ngx_error "Site does not appear to be \'available\'. - Not Removing"
[[ ! -e "\$NGINX_SITES_ENABLED/\$SELECTED_SITE" ]] &&
ngx_error "Site does not appear to be enabled."
rm -f "\$NGINX_SITES_ENABLED/\$SELECTED_SITE"
ngx_reload
}
ngx_list_site() {
echo "Available sites:"
ngx_sites "available"
echo "Enabled Sites"
ngx_sites "enabled"
}
##
# Helper Functions
##
ngx_select_site() {
sites_avail=(\$NGINX_SITES_AVAILABLE/*)
sa="\${sites_avail[@]##*/}"
sites_en=(\$NGINX_SITES_ENABLED/*)
se="\${sites_en[@]##*/}"
case "\$1" in
not_enabled) sites=\$(comm -13 <(printf "%s\n" \$se) <(printf "%s\n" \$sa));;
is_enabled) sites=\$(comm -12 <(printf "%s\n" \$se) <(printf "%s\n" \$sa));;
esac
ngx_prompt "\$sites"
}
ngx_prompt() {
sites=(\$1)
i=0
echo "SELECT A WEBSITE:"
for site in \${sites[@]}; do
echo -e "\$i:\t\${sites[\$i]}"
((i++))
done
read -p "Enter number for website: " i
SELECTED_SITE="\${sites[\$i]}"
}
ngx_sites() {
case "\$1" in
available) dir="\$NGINX_SITES_AVAILABLE";;
enabled) dir="\$NGINX_SITES_ENABLED";;
esac
for file in \$dir/*; do
echo -e "\t\${file#*\$dir/}"
done
}
ngx_reload() {
read -p "Would you like to reload the Nginx configuration now? (Y/n) " reload
[[ "\$reload" != "n" && "\$reload" != "N" ]] && invoke-rc.d nginx reload
}
ngx_error() {
echo -e "\${0##*/}: ERROR: \$1"
[[ "\$2" ]] && ngx_help
exit 1
}
ngx_help() {
echo "Usage: \${0##*/} [options]"
echo "Options:"
echo -e "\t<-e|--enable> <site>\tEnable site"
echo -e "\t<-d|--disable> <site>\tDisable site"
echo -e "\t<-l|--list>\t\tList sites"
echo -e "\t<-h|--help>\t\tDisplay help"
echo -e "\n\tIf <site> is left out a selection of options will be presented."
echo -e "\tIt is assumed you are using the default sites-enabled and"
echo -e "\tsites-disabled located at \$NGINX_CONF_DIR."
}
##
# Core Piece
##
case "\$1" in
-e|--enable) ngx_enable_site;;
-d|--disable) ngx_disable_site;;
-l|--list) ngx_list_site;;
-h|--help) ngx_help;;
*) ngx_error "No Options Selected" 1; ngx_help;;
esac
EOF
chmod +x /usr/bin/nginx_modsite
cat > /etc/ps-watcher.conf <<EOF
[hhvm]
occurs = none
action = service hhvm restart
EOF
sed -i -e 's/# startup=1/startup=1/g' /etc/default/ps-watcher
service ps-watcher start
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment