Skip to content

Instantly share code, notes, and snippets.

@western

western/nginx_builder

Last active August 5, 2020 05:33
Show Gist options
  • Save western/c04efe49745f24874c43 to your computer and use it in GitHub Desktop.
Save western/c04efe49745f24874c43 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nginx_builder
#!/bin/bash
# save and run
# . nginx_builder
CPUC=`cat /proc/cpuinfo | grep processor | wc -l`
CPUC=$((CPUC-1))
PARENTF=`pwd`
BUILDF="$PARENTF/build"
NGINXV='nginx-1.18.0'
IS_LOCAL=1
IS_PAUSED=0
IS_GET_ONLY=1
function main {
notice "builder for $NGINXV"
notice "from parent folder $PARENTF"
warn "IS_LOCAL $IS_LOCAL"
warn "IS_PAUSED $IS_PAUSED"
warn "IS_GET_ONLY $IS_GET_ONLY"
rm versions
#root_prepare
#postgres_get
#redis_get
etc_src
ngx_module
luajit2_prepare
lua_src
openssl_get
ngx_src
#make_configure
#make_nginx_service
#make_postgres_service
#make_nginx_tmpfile
prepare_for_archive
}
# ------------------------------------------------------------------------------
function prepare_for_archive {
notice "prepare_for_archive"
cd $PARENTF
find . -type d -name '.git' -not -path "./.git" | xargs rm -rf
find . -type d -name '.git' -not -path "./.git"
cd $PARENTF
}
# ------------------------------------------------------------------------------
function root_prepare {
notice "root_prepare"
if ! whoami | grep -q root; then
err 'root required. exit.'
fi
if ! grep -q "nginx" /etc/passwd; then
groupadd nginx
useradd -M -g nginx nginx
fi
if cat /etc/*release* | grep -q 'openSUSE Leap 15.1'; then
warn 'openSUSE Leap 15.1 detected.'
zypper in -t pattern -y devel_C_C++ devel_basis devel_perl console
zypper in -y pcre-devel libopenssl-devel gd-devel libGeoIP-devel libatomic_ops-devel dialog
fi
if cat /etc/*release* | grep -q 'VERSION="9 (stretch)"'; then
warn 'Debian 9 detected.'
apt-get install -y vim mc less mlocate git cmake build-essential curl gnupg aptitude
apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev
fi
if cat /etc/*release* | grep -q 'VERSION="10 (buster)"'; then
warn 'Debian 10 detected.'
apt-get install -y vim mc less mlocate git cmake build-essential curl gnupg aptitude
apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev
if [ -f /usr/bin/gcc-8 ] && [ -f /usr/bin/gcc-7 ] && [ `gcc -dumpversion` -gt 7 ] ; then
err 'gcc 7 required. update-alternatives --set gcc /usr/bin/gcc-7 and run builder again.'
fi
if [ -f /usr/bin/gcc-8 ] && [ ! -f /usr/bin/gcc-7 ]; then
aptitude install -y gcc-7
if [ -f /usr/bin/gcc-7 ]; then
update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-7 10
update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 20
update-alternatives --list gcc
update-alternatives --set gcc /usr/bin/gcc-7
warn 'set after install: update-alternatives --set gcc /usr/bin/gcc-8'
fi
err 'gcc 7 required. run builder again.'
fi
fi
if cat /etc/*release* | grep -q 'CentOS Linux release 7'; then
warn 'CentOS 7 detected.'
yum install dnf -y
dnf install wget -y
dnf groupinstall "Development Tools" -y
dnf install python2 -y
dnf install pcre-devel -y
dnf install zlib-devel -y
dnf install gd-devel -y
dnf install openssl-devel -y
dnf install epel-release -y
dnf install GeoIP-devel -y
dnf install libatomic_ops-devel -y
fi
if cat /etc/*release* | grep -q 'CentOS Linux release 8'; then
warn 'CentOS 8 detected.'
dnf groupinstall "Development Tools" -y
dnf config-manager --set-enabled PowerTools
dnf install python2 -y
dnf install pcre-devel -y
dnf install zlib-devel -y
dnf install gd-devel -y
dnf install openssl-devel -y
dnf install epel-release -y
dnf install GeoIP-devel -y
dnf install libatomic_ops-devel -y
ln -s /usr/bin/python2 /usr/bin/python
fi
if [ $IS_LOCAL == 0 ]; then
rm -rf /usr/local/$NGINXV
rm -rf /var/lib/nginx/
mkdir -p /var/lib/nginx/{fastcgi,proxy,scgi,tmp,uwsgi,cache}
chown -R nginx:nginx /var/lib/nginx/
mkdir -p /var/run/nginx
chown -R nginx:nginx /var/run/nginx
mkdir /var/log/nginx/
fi
}
# ------------------------------------------------------------------------------
function postgres_get {
notice "postgres_get"
local POSTGRESV="postgresql-12.2"
local PREFIX=""
local DATADIR=""
if [ $IS_LOCAL == 1 ]; then
PREFIX="$BUILDF/pgsql-12.2"
DATADIR="$BUILDF/pgsql-12.2/data"
rm -rf $PREFIX
else
PREFIX="/usr/local/pgsql-12.2"
DATADIR="/data/pgsql-12.2"
rm -rf $PREFIX
if ! grep -q "postgres" /etc/passwd; then
groupadd postgres
useradd -M -g postgres postgres
fi
mkdir -p $DATADIR
chown postgres:postgres $DATADIR
fi
get_arch "https://ftp.postgresql.org/pub/source/v12.2/$POSTGRESV.tar.gz" "$POSTGRESV.tar.gz" $POSTGRESV
pushd $POSTGRESV
./configure --prefix=$PREFIX && make install -j4
popd
notice "PREFIX" $PREFIX
notice "DATADIR" $DATADIR
if [ $IS_LOCAL == 1 ]; then
notice "$PREFIX/bin/initdb -D $DATADIR"
$PREFIX/bin/initdb -D $DATADIR
notice "$PREFIX/bin/pg_ctl -D $DATADIR -l logfile start"
$PREFIX/bin/pg_ctl -D $DATADIR -l logfile start
notice "$PREFIX/bin/createdb -E Unicode test"
$PREFIX/bin/createdb -E Unicode test
notice "$PREFIX/bin/createuser test"
$PREFIX/bin/createuser test
notice "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\""
$PREFIX/bin/psql -c "alter user test with encrypted password 'test';"
notice "$PREFIX/bin/pg_ctl -D $DATADIR -l logfile stop"
$PREFIX/bin/pg_ctl -D $DATADIR -l logfile stop
else
notice "$PREFIX/bin/initdb -D $DATADIR"
su postgres -c "$PREFIX/bin/initdb -D $DATADIR"
notice "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 start"
su postgres -c "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 start"
notice "$PREFIX/bin/createdb -E Unicode test"
su postgres -c "$PREFIX/bin/createdb -E Unicode test"
notice "$PREFIX/bin/createuser test"
su postgres -c "$PREFIX/bin/createuser test"
notice "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\""
su postgres -c "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\""
notice "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 stop"
su postgres -c "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 stop"
fi
}
# ------------------------------------------------------------------------------
function redis_get {
notice "redis_get"
mkdir etc_src ; cd etc_src
get_arch 'https://github.com/antirez/redis/archive/6.0.6.tar.gz' 'redis-6.0.6.tar.gz' 'redis-6.0.6'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'redis-6.0.6'
make BUILD_TLS=yes PREFIX=$BUILDF/redis-6.0.6 install -j$CPUC
popd
fi
cd $PARENTF
}
# ------------------------------------------------------------------------------
function etc_src {
notice "etc_src"
mkdir etc_src ; cd etc_src
get_github 'openresty' 'sregex.git'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'sregex.git'
make clean
rm -rf build ; mkdir build
if [ $IS_LOCAL == 1 ]; then
make -j4 PREFIX=$PARENTF/etc_src/sregex.git/build
make install PREFIX=$PARENTF/etc_src/sregex.git/build
else
make -j4
make install
fi
ldconfig
popd
fi
get_arch 'https://openresty.org/download/drizzle7-2011.07.21.tar.gz' 'drizzle7-2011.07.21.tar.gz' 'drizzle7-2011.07.21'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'drizzle7-2011.07.21'
rm -rf build ; mkdir build
if [ $IS_LOCAL == 1 ]; then
./configure --without-server --prefix=$PARENTF/etc_src/drizzle7-2011.07.21/build
else
./configure --without-server
fi
make libdrizzle-1.0 -j4
make install-libdrizzle-1.0 -j4
ldconfig
popd
fi
get_arch 'https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.4/modsecurity-v3.0.4.tar.gz' 'modsecurity-v3.0.4.tar.gz' 'modsecurity-v3.0.4'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'modsecurity-v3.0.4'
rm .gitignore
make clean
if [ $IS_LOCAL == 1 ]; then
./configure --prefix=$BUILDF/modsecurity
else
# /usr/local/modsecurity
./configure
fi
make install -j$CPUC
popd
fi
get_github 'giltene' 'wrk2.git'
cd $PARENTF
}
# ------------------------------------------------------------------------------
function ngx_module {
notice "ngx_module"
mkdir ngx_module ; cd ngx_module
get_github 'openresty' 'memc-nginx-module.git'
get_github 'openresty' 'lua-nginx-module.git' 'v0.10.17'
get_github 'simplresty' 'ngx_devel_kit.git'
get_github 'openresty' 'redis2-nginx-module.git'
get_github 'openresty' 'echo-nginx-module.git'
get_github 'calio' 'form-input-nginx-module.git'
get_github 'openresty' 'set-misc-nginx-module.git'
get_github 'Austinb' 'nginx-upload-module.git'
get_github 'FRiCKLE' 'ngx_cache_purge.git'
get_github 'openresty' 'headers-more-nginx-module.git'
get_github 'nbs-system' 'naxsi.git'
get_github 'SpiderLabs' 'ModSecurity-nginx.git'
get_github 'openresty' 'replace-filter-nginx-module.git'
get_github 'openresty' 'rds-json-nginx-module.git'
get_github 'openresty' 'rds-csv-nginx-module.git'
get_github 'openresty' 'drizzle-nginx-module.git'
get_github 'openresty' 'ngx_postgres.git'
get_github 'nginx' 'njs.git'
get_github 'openresty' 'stream-lua-nginx-module.git' 'v0.0.8'
get_github 'openresty' 'xss-nginx-module.git'
get_github 'arut' 'nginx-rtmp-module.git'
get_github 'arut' 'nginx-ts-module.git'
cd $PARENTF
}
# ------------------------------------------------------------------------------
function luajit2_prepare {
notice "luajit2_prepare"
if [ $IS_LOCAL == 1 ]; then
mkdir lua_src ; cd lua_src
else
mkdir -p /opt/lua_src ; cd /opt/lua_src
fi
get_github 'openresty' 'luajit2.git'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'luajit2.git'
make clean
mkdir build
if [ $IS_LOCAL == 1 ]; then
make -j4 PREFIX=$PARENTF/lua_src/luajit2.git/build
make install PREFIX=$PARENTF/lua_src/luajit2.git/build
else
make -j4 PREFIX=/opt/lua_src/luajit2.git/build
make install PREFIX=/opt/lua_src/luajit2.git/build
fi
popd
fi
cd $PARENTF
}
# ------------------------------------------------------------------------------
function lua_src {
notice "lua_src"
if [ $IS_LOCAL == 1 ]; then
mkdir lua_src ; cd lua_src
else
mkdir -p /opt/lua_src ; cd /opt/lua_src
fi
get_github 'openresty' 'lua-resty-core.git' 'v0.1.19'
get_github 'openresty' 'lua-resty-lrucache.git' 'v0.10'
get_github 'openresty' 'lua-cjson.git' '2.1.0.8'
if [ $IS_GET_ONLY == 0 ]; then
local LUAJIT2_SRC=""
if [ $IS_LOCAL == 1 ]; then
LUAJIT2_SRC="$PARENTF/lua_src/luajit2.git/src"
else
LUAJIT2_SRC="/opt/lua_src/luajit2.git/src"
fi
pushd 'lua-cjson.git'
echo
echo "export LUA_INCLUDE_DIR=\"$LUAJIT2_SRC\" && make -j4"
echo
export LUA_INCLUDE_DIR="$LUAJIT2_SRC" && make -j4
if [ $IS_PAUSED == 1 ]; then
read -p "Press [Enter] key to continue..."
fi
popd
fi
get_github 'openresty' 'lua-resty-redis.git'
get_github 'cloudflare' 'lua-resty-cookie.git'
get_github 'openresty' 'lua-resty-mysql.git'
get_github 'openresty' 'lua-ssl-nginx-module.git'
get_github 'openresty' 'lua-resty-signal.git' 'v0.02'
if [ $IS_GET_ONLY == 0 ]; then
pushd 'lua-resty-signal.git'
make clean
make
popd
fi
get_github 'openresty' 'lua-tablepool.git' 'v0.01'
get_github 'openresty' 'lua-resty-shell.git' 'v0.03'
get_github 'openresty' 'lua-resty-limit-traffic.git'
get_github 'openresty' 'lua-resty-lock.git'
get_github 'openresty' 'lua-resty-string.git'
get_github 'openresty' 'lua-resty-upload.git'
get_github 'openresty' 'lua-resty-websocket.git'
get_github 'openresty' 'lua-resty-upstream-healthcheck.git'
echo
notice "save these strings:"
if [ $IS_LOCAL == 1 ]; then
local LB="$PARENTF/lua_src/lua-resty-core.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-resty-lrucache.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-resty-redis.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-resty-mysql.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-ssl-nginx-module.git/lualib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-resty-signal.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-tablepool.git/lib/?.lua;"
LB="$LB$PARENTF/lua_src/lua-resty-shell.git/lib/?.lua;"
local CLB="$PARENTF/lua_src/lua-cjson.git/?.so;"
CLB="$CLB$PARENTF/lua_src/lua-resty-signal.git/?.so;"
echo "lua_package_path \"$LB;\";"
echo "lua_package_cpath \"$CLB;\";"
echo "lua_package_path \"$LB;\";" > "$PARENTF/lua_package_path"
echo "lua_package_cpath \"$CLB;\";" >> "$PARENTF/lua_package_path"
else
local LB="/opt/lua_src/lua-resty-core.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-resty-lrucache.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-resty-redis.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-resty-mysql.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-ssl-nginx-module.git/lualib/?.lua;"
LB="$LB/opt/lua_src/lua-resty-signal.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-tablepool.git/lib/?.lua;"
LB="$LB/opt/lua_src/lua-resty-shell.git/lib/?.lua;"
local CLB="/opt/lua_src/lua-cjson.git/?.so;"
CLB="$CLB/opt/lua_src/lua-resty-signal.git/?.so;"
echo "lua_package_path \"$LB;\";"
echo "lua_package_cpath \"$CLB;\";"
echo "lua_package_path \"$LB;\";" > "$PARENTF/lua_package_path"
echo "lua_package_cpath \"$CLB;\";" >> "$PARENTF/lua_package_path"
fi
echo
if [ $IS_PAUSED == 1 ]; then
read -p "Press [Enter] key to continue..."
fi
cd $PARENTF
}
# ------------------------------------------------------------------------------
function openssl_get {
notice "openssl_get"
mkdir etc_src ; cd etc_src
get_arch 'https://github.com/openssl/openssl/archive/OpenSSL_1_1_1g.tar.gz' 'OpenSSL_1_1_1g.tar.gz' 'openssl-OpenSSL_1_1_1g'
cd $PARENTF
}
# ------------------------------------------------------------------------------
function openssl_generate_localhost {
notice "openssl_generate_localhost"
if [ ! -f "/etc/$NGINXV/ssl/localhost.crt" ]; then
pushd "/etc/$NGINXV/"
mkdir ssl ; cd ssl
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt
openssl dhparam -out dhparam.pem 4096
cd ..
popd
fi
}
# ------------------------------------------------------------------------------
function ngx_src {
notice "ngx_src"
mkdir ngx_src ; cd ngx_src
get_arch "https://nginx.org/download/nginx-1.16.1.tar.gz" "nginx-1.16.1.tar.gz" "nginx-1.16.1"
get_arch "https://nginx.org/download/$NGINXV.tar.gz" "$NGINXV.tar.gz" $NGINXV
cd $PARENTF
}
# ------------------------------------------------------------------------------
function make_configure {
notice "make_configure"
local PREFIX=""
local CONF_PATH=""
local PID_PATH=""
local ERROR_LOG=""
local HTTP_LOG=""
local CLIENT_BODY_TEMP=""
local PROXY_TEMP_PATH=""
local FASTCGI_TEMP_PATH=""
local UWSGI_TEMP_PATH=""
local SCGI_TEMP_PATH=""
local LUAJIT2_BUILD_LIB=""
local LUAJIT2_SRC=""
local LUA_SSL_NGINX_MODULE=""
if [ $IS_LOCAL == 1 ]; then
mkdir -p $BUILDF/{tmp,proxy,fastcgi,uwsgi,scgi}
PREFIX="$BUILDF/"
CONF_PATH="$PREFIX/conf/nginx.conf"
PID_PATH="$PREFIX/logs/nginx.pid"
ERROR_LOG="$PREFIX/logs/error.log"
HTTP_LOG="$PREFIX/logs/access.log"
CLIENT_BODY_TEMP="$PREFIX/tmp/"
PROXY_TEMP_PATH="$PREFIX/proxy/"
FASTCGI_TEMP_PATH="$PREFIX/fastcgi/"
UWSGI_TEMP_PATH="$PREFIX/uwsgi/"
SCGI_TEMP_PATH="$PREFIX/scgi/"
LUAJIT2_BUILD_LIB="$PARENTF/lua_src/luajit2.git/build/lib"
LUAJIT2_SRC="$PARENTF/lua_src/luajit2.git/src"
LUA_SSL_NGINX_MODULE="$PARENTF/lua_src/lua-ssl-nginx-module.git/"
else
PREFIX="/usr/local/$NGINXV"
CONF_PATH="/etc/$NGINXV/nginx.conf"
PID_PATH="/var/run/nginx/nginx.pid"
ERROR_LOG="/var/log/nginx/error.log"
HTTP_LOG="/var/log/nginx/access.log"
CLIENT_BODY_TEMP="/var/lib/nginx/tmp/"
PROXY_TEMP_PATH="/var/lib/nginx/proxy/"
FASTCGI_TEMP_PATH="/var/lib/nginx/fastcgi/"
UWSGI_TEMP_PATH="/var/lib/nginx/uwsgi/"
SCGI_TEMP_PATH="/var/lib/nginx/scgi/"
LUAJIT2_BUILD_LIB="/opt/lua_src/luajit2.git/build/lib"
LUAJIT2_SRC="/opt/lua_src/luajit2.git/src"
LUA_SSL_NGINX_MODULE="/opt/lua_src/lua-ssl-nginx-module.git/"
fi
WITH_OPENSSL=""
if [ -d openssl-OpenSSL_1_1_1g ]; then
WITH_OPENSSL="--with-openssl=$PARENTF/etc_src/openssl-OpenSSL_1_1_1g --with-openssl-opt='enable-tls1_3'"
fi
cat << L10HEREDOC > ngx_src/$NGINXV/nginx_configuration
#!/bin/bash
./configure \\
--with-cc-opt="-Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion -Wno-c++11-compat-deprecated-writable-strings -Wno-write-strings" \\
--with-ld-opt="-Wl,-rpath,$LUAJIT2_BUILD_LIB" \\
--prefix=$PREFIX \\
--conf-path=$CONF_PATH \\
--pid-path=$PID_PATH \\
--error-log-path=$ERROR_LOG \\
--http-log-path=$HTTP_LOG \\
--http-client-body-temp-path=$CLIENT_BODY_TEMP \\
--http-proxy-temp-path=$PROXY_TEMP_PATH \\
--http-fastcgi-temp-path=$FASTCGI_TEMP_PATH \\
--http-uwsgi-temp-path=$UWSGI_TEMP_PATH \\
--http-scgi-temp-path=$SCGI_TEMP_PATH \\
--user=nginx \\
--group=nginx \\
--with-debug \\
--with-stream \\
--with-stream_ssl_module \\
--with-stream_ssl_preread_module \\
--with-threads \\
--with-file-aio \\
--with-http_ssl_module $WITH_OPENSSL \\
--with-http_v2_module \\
--with-http_realip_module \\
--with-http_addition_module \\
--with-http_image_filter_module \\
--with-http_geoip_module \\
--with-http_sub_module \\
--with-http_mp4_module \\
--with-http_gunzip_module \\
--with-http_gzip_static_module \\
--with-http_random_index_module \\
--with-http_secure_link_module \\
--with-http_stub_status_module \\
--with-pcre \\
--with-pcre-jit \\
--with-libatomic \\
--add-module=../../ngx_module/memc-nginx-module.git/ \\
--add-module=../../ngx_module/lua-nginx-module.git/ \\
--add-module=../../ngx_module/ngx_devel_kit.git/ \\
--add-module=../../ngx_module/redis2-nginx-module.git/ \\
--add-module=../../ngx_module/echo-nginx-module.git/ \\
--add-module=../../ngx_module/form-input-nginx-module.git/ \\
--add-module=../../ngx_module/set-misc-nginx-module.git/ \\
--add-module=../../ngx_module/nginx-upload-module.git/ \\
--add-module=../../ngx_module/ngx_cache_purge.git/ \\
--add-module=../../ngx_module/headers-more-nginx-module.git/ \\
--add-module=../../ngx_module/naxsi.git/naxsi_src/ \\
--add-module=../../ngx_module/ModSecurity-nginx.git/ \\
--add-module=../../ngx_module/replace-filter-nginx-module.git/ \\
--add-module=../../ngx_module/rds-json-nginx-module.git/ \\
--add-module=../../ngx_module/rds-csv-nginx-module.git/ \\
--add-module=../../ngx_module/drizzle-nginx-module.git/ \\
--add-module=../../ngx_module/ngx_postgres.git/ \\
--add-module=../../ngx_module/njs.git/nginx/ \\
--add-module=../../ngx_module/stream-lua-nginx-module.git/ \\
--add-module=../../ngx_module/xss-nginx-module.git/ \\
--add-module=../../ngx_module/nginx-rtmp-module.git/ \\
--add-module=../../ngx_module/nginx-ts-module.git/ \\
--add-module=$LUA_SSL_NGINX_MODULE \\
L10HEREDOC
chmod +x "ngx_src/$NGINXV/nginx_configuration"
notice "export these environment:"
echo "unset LUAJIT_LIB && unset LUAJIT_INC"
echo "unset SREGEX_LIB && unset SREGEX_INC"
echo "unset LIBDRIZZLE_INC && unset LIBDRIZZLE_LIB"
echo "unset MODSECURITY_INC && unset MODSECURITY_LIB"
echo
echo "export LUAJIT_LIB=$LUAJIT2_BUILD_LIB && export LUAJIT_INC=$LUAJIT2_SRC"
if [ $IS_LOCAL == 1 ]; then
echo "export SREGEX_LIB=$PARENTF/etc_src/sregex.git/build/lib && export SREGEX_INC=$PARENTF/etc_src/sregex.git/src"
echo "export LIBDRIZZLE_INC=$PARENTF/etc_src/drizzle7-2011.07.21/build/include/libdrizzle-1.0 && export LIBDRIZZLE_LIB=$PARENTF/etc_src/drizzle7-2011.07.21/build/lib64/"
echo "export MODSECURITY_INC=$BUILDF/modsecurity/include/"
echo "export MODSECURITY_LIB=$BUILDF/modsecurity/lib64/"
fi
echo
notice 'run ./nginx_configuration'
notice 'make install -j4'
cd ngx_src/$NGINXV && exec bash
}
# ------------------------------------------------------------------------------
function make_nginx_service {
notice "make_nginx_service"
if ! whoami | grep -q root; then
echo 'root required. exit.'
exit 1
fi
cat << L11HEREDOC > /etc/systemd/system/nginx.service
[Unit]
Description=$NGINXV
Wants=network.target nss-lookup.target
After=syslog.target network.target remote-fs.target nss-lookup.target
Before=getty@tty1.service plymouth-quit.service xdm.service
[Service]
Type=forking
PIDFile=/var/run/nginx/nginx.pid
ExecStartPre=/usr/local/$NGINXV/sbin/nginx -t
ExecStart=/usr/local/$NGINXV/sbin/nginx
ExecReload=/bin/kill -s HUP \$MAINPID
ExecStop=/bin/kill -s QUIT \$MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target runlevel3.target
L11HEREDOC
systemctl daemon-reload
systemctl status nginx.service
systemctl enable nginx.service
}
# ------------------------------------------------------------------------------
function make_postgres_service {
notice "make_postgres_service"
if ! whoami | grep -q root; then
echo 'root required. exit.'
exit 1
fi
local PREFIX=""
local DATADIR=""
if [ $IS_LOCAL == 1 ]; then
PREFIX="$PARENTF/pgsql-12.2"
DATADIR="$PARENTF/pgsql-12.2/data"
else
PREFIX="/usr/local/pgsql-12.2"
DATADIR="/data/pgsql-12.2"
fi
cat << L13HEREDOC > /usr/lib/systemd/system/postgresql122.service
[Unit]
Description=PostgreSQL 12.2 database server
After=network.target
[Service]
Type=forking
User=postgres
Group=postgres
# Where to send early-startup messages from the server (before the logging
# options of postgresql.conf take effect)
# This is normally controlled by the global default set by systemd
# StandardOutput=syslog
# Disable OOM kill on the postmaster
OOMScoreAdjust=-1000
# ... but allow it still to be effective for child processes
# (note that these settings are ignored by Postgres releases before 9.5)
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0
# Maximum number of seconds pg_ctl will wait for postgres to start. Note that
# PGSTARTTIMEOUT should be less than TimeoutSec value.
Environment=PGSTARTTIMEOUT=270
Environment=PGDATA=$DATADIR
ExecStart=$PREFIX/bin/pg_ctl start -D \${PGDATA} -s -w -t \${PGSTARTTIMEOUT}
ExecStop=$PREFIX/bin/pg_ctl stop -D \${PGDATA} -s -m fast
ExecReload=$PREFIX/bin/pg_ctl reload -D \${PGDATA} -s
# Give a reasonable amount of time for the server to start up/shut down.
# Ideally, the timeout for starting PostgreSQL server should be handled more
# nicely by pg_ctl in ExecStart, so keep its timeout smaller than this value.
TimeoutSec=300
[Install]
WantedBy=multi-user.target
L13HEREDOC
systemctl daemon-reload
systemctl status postgresql122.service
systemctl enable postgresql122.service
}
# ------------------------------------------------------------------------------
function make_nginx_tmpfile {
notice "make_nginx_tmpfile"
if ! whoami | grep -q root; then
echo 'root required. exit.'
exit 1
fi
cat << L12HEREDOC > /usr/lib/tmpfiles.d/nginx.conf
d /run/nginx 0755 nginx nginx - -
L12HEREDOC
}
# ------------------------------------------------------------------------------
# get_arch 'https://domain.tld/archive.tar.gz' 'archive.tar.gz' 'folder'
function get_arch {
notice "get_arch [$1] FILE [$2] FOLD [$3]"
local getUrl=$1
local fileName=$2
local folderName=$3
if [ ! -f $fileName ]; then
notice "wget $getUrl -O $fileName"
wget $getUrl -O $fileName
fi
#if [ -d $folderName ]; then
# notice "rm rf $folderName"
# rm -rf $folderName
#fi
if [ ! -d $folderName ] && [[ $fileName =~ ".zip" ]]; then
notice "unzip"
unzip $fileName
fi
if [[ ! -d $folderName ]] && [[ $fileName =~ ".tar." ]]; then
notice "tar xf"
tar xf $fileName
fi
if [ ! -f $fileName ]; then
err "get_arch: file $fileName is not exists"
fi
if [ ! -d $folderName ]; then
err "get_arch: folder $folderName is not exists"
fi
}
# ------------------------------------------------------------------------------
# get_github 'user' 'project.git'
# get_github 'user' 'project.git' 'branch'
#
# project 'project.git' save to similar folder 'project.git'
function get_github {
notice "get_github https://github.com/$1/$2"
local folderName=$2
local branch=$3
if [ -d $folderName ]; then
cd $folderName
pwd
git pull
cd ..
else
if [ "$branch" == "" ]; then
git clone https://github.com/$1/$folderName $folderName
else
warn "branch $branch"
git clone -b $branch https://github.com/$1/$folderName $folderName
fi
fi
if [ ! -d $folderName ]; then
err "get_github: folder $folderName is not exists"
fi
echo "https://github.com/$1/$folderName" >> "$PARENTF/versions"
pushd $folderName
git describe --tags --abbrev=0
echo `git describe --tags --abbrev=0` >> "$PARENTF/versions"
popd
}
# ------------------------------------------------------------------------------
# get_gitany 'https://domain.tld/anypath' 'folder.git'
# get_gitany 'https://domain.tld/anypath' 'folder.git' 'branch'
function get_gitany {
notice "get_gitany $1 to $2"
local folderName=$2
local branch=$3
if [ -d $folderName ]; then
pushd $folderName
pwd
git pull
popd
else
if [ "$branch" == "" ]; then
git clone $1 $folderName
else
warn "branch $branch"
git clone -b $branch $1 $folderName
fi
fi
if [ ! -d $folderName ]; then
err "get_gitany: folder $folderName is not exists"
fi
echo "$1" >> "$PARENTF/versions"
pushd $folderName
git describe --tags --abbrev=0
echo `git describe --tags --abbrev=0` >> "$PARENTF/versions"
popd
}
# ------------------------------------------------------------------------------
function notice {
builtin echo -en "\033[1m"
echo "NOTICE: $@"
builtin echo -en "\033[0m"
}
function success {
builtin echo -en "\033[1;32m"
echo "SUCCESS: $@"
builtin echo -en "\033[0m"
}
function warn {
builtin echo -en "\033[1;33m"
echo "WARN: $@"
builtin echo -en "\033[0m"
}
function err {
builtin echo -en "\033[1;31m"
echo "ERR: $@"
builtin echo -en "\033[0m"
exit 1
}
function fatal {
builtin echo -en "\033[1;31m"
echo "FATAL: $@"
builtin echo -en "\033[0m"
exit 1
}
# ------------------------------------------------------------------------------
main
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment