Last active
May 9, 2021 11:01
-
-
Save eapdob/b61bbe0a99cbf1a21ea95d578ac9a003 to your computer and use it in GitHub Desktop.
nginx-bash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# ssh | |
sudo apt-get update; | |
sudo apt-get install openssh-server; | |
sudo service ssh start; | |
sudo update-rc.d ssh defaults; | |
# nginx | |
sudo apt-get install nginx; | |
sudo nginx -v; | |
# mysql | |
sudo wget https://repo.percona.com/apt/percona-release_latest.generic_all.deb; | |
sudo dpkg -i percona-release_latest.generic_all.deb; | |
sudo apt-get update; | |
sudo apt-get install percona-server-server-5.7; | |
# php-fpm | |
sudo apt-get install php-fpm php-cli php-mysqli php-gd; | |
sudo php -v; | |
sudo update-rc.d php7.2-fpm defaults; | |
# myproject root | |
sudo mkdir /data/myproject.com; | |
sudo mkdir /data/myproject.com/docs; | |
sudo mkdir /data/myproject.com/logs; | |
sudo chown -R www-data:www-data /data/myproject.com; | |
sudo chmod -R 0755 /data/myproject.com; | |
# nginx config | |
cd /etc/nginx; | |
# cat /proc/cpuinfo | grep processor | wc -l | |
# nginx worker_processes - value | |
sudo sh; | |
cat > nginx.conf; | |
cat << EOF >> nginx.conf | |
user www-data; | |
worker_processes 4; | |
pid /run/nginx.pid; | |
include /etc/nginx/modules-enabled/*.conf; | |
events { | |
worker_connections 768; | |
# multi_accept on; | |
} | |
http { | |
## | |
# Basic Settings | |
## | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
# server_tokens off; | |
server_names_hash_bucket_size 64; | |
# server_name_in_redirect off; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
## | |
# SSL Settings | |
## | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE | |
ssl_prefer_server_ciphers on; | |
## | |
# Logging Settings | |
## | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
## | |
# Gzip Settings | |
## | |
gzip on; | |
# gzip_vary on; | |
# gzip_proxied any; | |
# gzip_comp_level 6; | |
# gzip_buffers 16 8k; | |
# gzip_http_version 1.1; | |
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
## | |
# Virtual Host Configs | |
## | |
include /etc/nginx/conf.d/*.conf; | |
include /etc/nginx/sites-enabled/*; | |
} | |
#mail { | |
# # See sample authentication script at: | |
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript | |
# | |
# # auth_http localhost/auth.php; | |
# # pop3_capabilities "TOP" "USER"; | |
# # imap_capabilities "IMAP4rev1" "UIDPLUS"; | |
# | |
# server { | |
# listen localhost:110; | |
# protocol pop3; | |
# proxy on; | |
# } | |
# | |
# server { | |
# listen localhost:143; | |
# protocol imap; | |
# proxy on; | |
# } | |
#} | |
EOF; | |
exit; | |
cd sites-available; | |
sudo sh; | |
touch myproject.com; | |
cat << EOF >> myproject.com | |
server { | |
# слушаем стандартный порт HTTP | |
listen 80; | |
# здесь нужно указать наш домен | |
server_name myproject.com www.myproject.com; | |
# кодировка по умолчанию | |
charset utf-8; | |
# для разработки потребуются логи | |
access_log /data/myproject.com/logs/access.log combined; | |
error_log /data/myproject.com/logs/error.log; | |
# корневая директория логики | |
root /data/myproject.com/docs; | |
# установим сжатие данных | |
gzip on; | |
gzip_disable "msie6"; | |
gzip_comp_level 6; | |
gzip_min_length 1100; | |
gzip_buffers 16 8k; | |
gzip_proxied any; | |
gzip_types text/plain application/xml | |
application/javascript | |
text/css | |
text/js | |
text/xml | |
application/x-javascript | |
text/javascript | |
application/json | |
application/xml+rss; | |
# настройки размеров и таймаутов | |
client_max_body_size 100m; | |
client_body_buffer_size 128k; | |
client_header_timeout 3m; | |
client_body_timeout 3m; | |
send_timeout 3m; | |
client_header_buffer_size 1k; | |
large_client_header_buffers 4 16k; | |
# правила обработки запросов к домену | |
location / { | |
# корневая директория | |
root /data/myproject.com/docs; | |
# стартовый скрипт | |
index index.php; | |
# правило автозагрузки в порядке следования: файл, папка, скрипт | |
try_files $uri $uri/ @fallback; | |
} | |
# правило для того, чтобы отдавать статические файлы | |
location ~* \.(jpeg|ico|jpg|gif|png|css|js|pdf|txt|tar|gz|wof|csv|zip|xml|yml) { | |
access_log off; | |
try_files $uri @statics; | |
expires 14d; | |
add_header Access-Control-Allow-Origin *; | |
add_header Cache-Control public; | |
root /data/myproject.com/docs; | |
} | |
location @statics { | |
rewrite ^/(\w+)/(.*)$ /$2 break; | |
access_log off; | |
rewrite_log off; | |
expires 14d; | |
add_header Cache-Control public; | |
add_header Access-Control-Allow-Origin *; | |
root /data/myproject.com/docs; | |
} | |
# правила обработки PHP-скриптов | |
location ~ \.php$ { | |
root /data/myproject.com/docs; | |
proxy_read_timeout 120; | |
fastcgi_read_timeout 120; | |
try_files $uri $uri/ =404; | |
# внимательно смотрите на то, какое имя задано у сокета | |
# это можно узнать в настройках php-fpm | |
#fastcgi_pass unix:/var/run/php-fpm.sock; | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
include fastcgi_params; | |
} | |
} | |
EOF; | |
exit; | |
sudo ln -s /etc/nginx/sites-available/myproject.com /etc/nginx/sites-enabled/; | |
# if user nginx exists | |
#sudo usermod -a -G www-data nginx; | |
sudo systemctl restart nginx; | |
# mysql config | |
cd /etc; | |
sudo sh; | |
touch my.cnf; | |
cat << EOL >> my.cnf | |
[client] | |
# порт и сокет для клиента | |
port = 3306 | |
socket = /var/run/mysqld/mysqld.sock | |
[mysqld] | |
user = mysql | |
pid-file = /var/run/mysqld/mysqld.pid | |
socket = /var/run/mysqld/mysqld.sock | |
port = 3306 | |
datadir = /var/lib/mysql | |
# Отдадим под innodb четверть памяти. Настройка эта зависит от объёма данных в формате innodb | |
# Но в идеале нужно всегда устанавливать значение больше, чем полный объём данных в innodb | |
innodb_buffer_pool_size = 512M | |
# У нас один процессор, поэтому будет только 1 поток кэша | |
innodb_buffer_pool_instances = 1 | |
# Чтобы innodb работал быстрее, отключаем запись резервных данных на жёсткий диск | |
innodb_flush_log_at_trx_commit = 2 | |
innodb_flush_method = 'O_DIRECT' | |
EOL; | |
exit; | |
#mypassword - this actual password | |
sudo mysql -uroot -pmypassword; | |
USE mysql; | |
SELECT * FROM user; | |
DROP user 'root'@'ubuntudev'; | |
DROP user 'root'@'127.0.0.1'; | |
DROP user 'root'@'::1'; | |
DROP user ''@'localhost'; | |
DROP user ''@'ubuntudev'; | |
FLUSH PRIVILEGES; | |
CREATE DATABASE application_db; | |
CREATE USER 'connect'@'localhost' IDENTIFIED BY 'mydefinedpassword'; | |
GRANT SELECT, INSERT, UPDATE, DELETE on application_db.* to 'connect'@'localhost'; | |
FLUSH PRIVILEGES; | |
sudo systemctl restart mysql; | |
# php config | |
cd /etc/php/7.2/fpm; | |
sudo cp /etc/php/7.2/fpm/php.ini /etc/php/7.2/fpm/php.ini.bak; | |
sudo mv /etc/php/7.2/fpm/php.ini ../; | |
sudo cp /etc/php/7.2/cli/php.ini /etc/php/7.2/cli/php.ini.bak; | |
sudo rm /etc/php/7.2/cli/php.ini; | |
cd /etc/php/7.2/fpm; | |
sudo ln -s /etc/php/7.2/php.ini; | |
sudo cd /etc/php/7.2/cli; | |
sudo ln -s /etc/php/7.2/php.ini; | |
cd /etc/php/7.2; | |
sudo sed -i 's/short_open_tag = Off/short_open_tag = On/g' php.ini; | |
sudo sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' php.ini; | |
sudo sed -i 's/;date.timezone =/;date.timezone = Europe/Kiev/g' php.ini; | |
cd /etc/php/7.2/fpm/pool.d; | |
sudo sed -i 's/listen = /run/php/php7.2-fpm.sock/;listen = /run/php/php7.2-fpm.sock\nlisten = 127.0.0.1:9000;/g' www.conf; | |
sudo systemctl restart php7.2-fpm; | |
# myproject | |
cd /data/myproject.com/docs; | |
sudo sh; | |
touch index.php; | |
cat << EOF >> index.php | |
<?php | |
echo "Hello, World!"; | |
?> | |
EOF; | |
touch index.php; | |
cat << EOF >> phpinfo.php | |
<?php | |
phpinfo(); | |
?> | |
EOF; | |
exit; | |
cd /data/myproject/docs; | |
sudo find . -type f -exec chown www-data:www-data {} \; | |
sudo find . -type f -exec chmod 0644 {} \; | |
# hosts | |
#cd /etc; | |
#sudo echo '127.0.0.1 myproject.com' >> hosts; | |
# samba | |
#sudo apt-get install samba; | |
#cd ~; | |
#cd ../../; | |
#cd /etc/samba; | |
#sudo echo '[my-projects] | |
#comment = My projects | |
#path = /data/ | |
#valid users = developer | |
#create mask = 0775 | |
#force create mode = 0775 | |
#directory mask = 0775 | |
#writable = yes | |
#force group = www-data' >> smb.conf; | |
#sudo smbpasswd -a developer; | |
#sudo service smbd restart; | |
#sudo service nmbd restart; | |
sudo apt-get upgrade -y; | |
sudo apt-get autoremove; | |
sudo apt-get autoclean; | |
exit 0; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment