From 9f85ca8f78d6be3ac19ecf344231a5272310a7e2 Mon Sep 17 00:00:00 2001 From: Matt Burchett Date: Thu, 9 Jul 2015 03:59:26 -0500 Subject: [PATCH] Updating scripts with their latest version --- web-manage/nginx/setup/nginx_setup.sh | 497 ++++++++++++++++++++++++-- 1 file changed, 461 insertions(+), 36 deletions(-) diff --git a/web-manage/nginx/setup/nginx_setup.sh b/web-manage/nginx/setup/nginx_setup.sh index eb93511..eeb04df 100755 --- a/web-manage/nginx/setup/nginx_setup.sh +++ b/web-manage/nginx/setup/nginx_setup.sh @@ -4,23 +4,187 @@ ## Title: nginx_setup.sh ## Description: Deploy base nginx configurations ## Authors: Matt Burchett (2015-03-28) -## Version: 0.6 +## Version: 0.8 ## -# I've placed all the installation in a function called "redhat" just in case this gets developed for compatiblity with another distribution. -function redhatlinux { +# These functions allow for OS detection later on in the script. They also contain basic configuration that is OS specific. + +# RHEL 5 +function redhatlinuxfive { #checking if epel repo is installed and enabled +if [ -z "`yum repolist | grep nginx`" ]; then + echo -n "Nginx repo not installed, would you like to install it now? (y/N) " + read nginxinstall + if [ "$nginxinstall" = "y" ]; then + echo "Enabling the nginx repo" + cd /tmp + rpm -Uvh http://nginx.org/packages/rhel/5/noarch/RPMS/nginx-release-rhel-5-0.el5.ngx.noarch.rpm + else + echo "Nginx repo has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "Nginx repo enabled. All good!" +fi if [ -z "`yum repolist | grep epel`" ]; then - echo "EPEL repo not installed, would you like to install it now? (y/N)" + echo -n "EPEL repo not installed, would you like to install it now? (y/N) " read epelinstall if [ "$epelinstall" = "y" ]; then + echo "Enabling the EPEL repo" cd /tmp - echo "Downloading epel package." - wget http://mirror.pnl.gov/epel/6/i386/epel-release-6-8.noarch.rpm - echo "Installing Package." - yum localinstall epel-release-6-8.noarch.rpm + rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm + cd + else + echo "EPEL has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "EPEL repo enabled. All good!" +fi + +if [ -z "`yum --enablerepo=remi,remi-php56 repolist | grep remi`" ]; then + echo -n "Remi repo not installed, would you like to install it now? (y/N) " + read remiinstall + if [ "$remiinstall" = "y" ]; then + echo "Enabling the Remi repo" + cd /tmp + rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm + cd + else + echo "Remi has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "Remi repo enabled. All good!" +fi + +echo +sleep 1 + +#checking if nginx is installed + +if [ -z "`rpm -qi nginx | grep URL`" ]; then + echo -n "nginx is not installed. Would you like to install it now? (y/N) " + read nginxinstall + if [ "$nginxinstall" = "y" ]; then + echo "Okay, installing nginx." + yum --enablerepo=remi,remi-php56 install nginx php-fpm php-common + echo "Nginx installed. Enabling services by default." + chkconfig nginx on + chkconfig php-fpm on + echo "Services enabled." + else + echo "Wrong answer given. Exiting." + exit + fi +else + echo "nginx is already installed, moving on." +fi + + #start PHP-FPM configuration + +echo "Starting php-fpm configuration..." + +echo + +# change how it listens +echo "Changing php-fpm to listen on socket (unix:/var/run/php5-fpm.sock)..." + +sed -i 's,listen = 127.0.0.1:9000, listen = /var/run/php5-fpm.sock,g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock' + +else + echo "Change not made. Please edit the file manually and change listen = 127.0.0.1:9000 to listen = /var/run/php5-fpm.sock." +fi + +echo +sleep 1 + +# change who it listens as +echo "Changing listen.owner to = apache..." + +sed -i 's:;listen.owner = nobody:listen.owner = apache:g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache' + +else + echo "Change not made. Please edit the file manually and uncomment listen.owner and set it's ownership to apache." +fi + +echo +sleep 1 + +# group too +echo "Changing listen.group to = apache..." + +sed -i 's:;listen.group = nobody:listen.group = apache:g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache' + +else + echo "Change not made. Please edit the file manually and uncomment listen.group and set it's ownership to apache." +fi + +echo +sleep 1 + +echo "Configuration of php-fpm complete." +#end php-fpm configuration + +#chkconfig + +echo -n "Would you like to chkconfig nginx on? (y/N) " +read nginxchk +if [ "$nginxchk" = "y" ]; then + echo "Issuing 'chkconfig nginx on'" + chkconfig nginx on +else + echo "Not issuing 'chkconfig nginx on'" +fi + +echo -n "Would you like to chkconfig php-fpm on? (y/N) " +read phpfpmchk +if [ "$phpfpmchk" = "y" ]; then + echo "Issuing 'chkconfig php-fpm on'" + chkconfig php-fpm on +else + echo "Not issuing 'chkconfig php-fpm on'" +fi +} + +# RHEL 6 +function redhatlinuxsix { + + #checking if epel repo is installed and enabled + +if [ -z "`yum repolist | grep nginx`" ]; then + echo -n "Nginx repo not installed, would you like to install it now? (y/N) " + read nginxinstall + if [ "$nginxinstall" = "y" ]; then + echo "Enabling the nginx repo" + yum localinstall http://nginx.org/packages/rhel/6/noarch/RPMS/nginx-release-rhel-6-0.el6.ngx.noarch.rpm + else + echo "Nginx repo has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "Nginx repo enabled. All good!" +fi +if [ -z "`yum repolist | grep epel`" ]; then + echo -n "EPEL repo not installed, would you like to install it now? (y/N) " + read epelinstall + if [ "$epelinstall" = "y" ]; then + echo "Enabling the EPEL repo" + yum localinstall https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm cd else echo "EPEL has to be enabled to install and setup nginx. Exiting." @@ -36,7 +200,7 @@ sleep 1 #checking if nginx is installed if [ -z "`rpm -qi nginx | grep URL`" ]; then - echo "nginx is not installed. Would you like to install it now? (y/N)" + echo -n "nginx is not installed. Would you like to install it now? (y/N) " read nginxinstall if [ "$nginxinstall" = "y" ]; then echo "Okay, installing nginx." @@ -109,8 +273,166 @@ sleep 1 echo "Configuration of php-fpm complete." #end php-fpm configuration + +#chkconfig + +echo -n "Would you like to chkconfig nginx on? (y/N) " +read nginxchk +if [ "$nginxchk" = "y" ]; then + echo "Issuing 'chkconfig nginx on'" + chkconfig nginx on +else + echo "Not issuing 'chkconfig nginx on'" +fi + +echo -n "Would you like to chkconfig php-fpm on? (y/N) " +read phpfpmchk +if [ "$phpfpmchk" = "y" ]; then + echo "Issuing 'chkconfig php-fpm on'" + chkconfig php-fpm on +else + echo "Not issuing 'chkconfig php-fpm on'" +fi } +# RHEL 7 +function redhatlinuxseven { + + #checking if epel repo is installed and enabled + +if [ -z "`yum repolist | grep nginx`" ]; then + echo -n "Nginx repo not installed, would you like to install it now? (y/N) " + read nginxinstall + if [ "$nginxinstall" = "y" ]; then + echo "Enabling the nginx repo" + yum localinstall http://nginx.org/packages/rhel/7/noarch/RPMS/nginx-release-rhel-7-0.el7.ngx.noarch.rpm + else + echo "Nginx repo has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "Nginx repo enabled. All good!" +fi + if [ -z "`yum repolist | grep epel`" ]; then + echo -n "EPEL repo not installed, would you like to install it now? (y/N) " + read epelinstall + if [ "$epelinstall" = "y" ]; then + echo "Enabling the EPEL repo" + yum localinstall https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm + cd + else + echo "EPEL has to be enabled to install and setup nginx. Exiting." + exit + fi +else + echo "EPEL repo enabled. All good!" +fi + +echo +sleep 1 + +#checking if nginx is installed + +if [ -z "`rpm -qi nginx | grep URL`" ]; then + echo -n "nginx is not installed. Would you like to install it now? (y/N) " + read nginxinstall + if [ "$nginxinstall" = "y" ]; then + echo "Okay, installing nginx." + yum install nginx php-fpm + echo "Nginx installed. Enabling services by default." + chkconfig nginx on + chkconfig php-fpm on + echo "Services enabled." + else + echo "Wrong answer given. Exiting." + exit + fi +else + echo "nginx is already installed, moving on." +fi + + #start PHP-FPM configuration + +echo "Starting php-fpm configuration..." + +echo + +# change how it listens +echo "Changing php-fpm to listen on socket (unix:/var/run/php5-fpm.sock)..." + +sed -i 's,listen = 127.0.0.1:9000, listen = /var/run/php5-fpm.sock,g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock' + +else + echo "Change not made. Please edit the file manually and change listen = 127.0.0.1:9000 to listen = /var/run/php5-fpm.sock." +fi + +echo +sleep 1 + +# change who it listens as +echo "Changing listen.owner to = apache..." + +sed -i 's:;listen.owner = nobody:listen.owner = apache:g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache' + +else + echo "Change not made. Please edit the file manually and uncomment listen.owner and set it's ownership to apache." +fi + +echo +sleep 1 + +# group too +echo "Changing listen.group to = apache..." + +sed -i 's:;listen.group = nobody:listen.group = apache:g' /etc/php-fpm.d/www.conf + +if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'`" ]; then + echo "Change successfully made." + cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache' + +else + echo "Change not made. Please edit the file manually and uncomment listen.group and set it's ownership to apache." +fi + +echo +sleep 1 + +echo "Configuration of php-fpm complete." +#end php-fpm configuration + +#chkconfig + +echo -n "Would you like to chkconfig nginx on? (y/N) " +read nginxchk +if [ "$nginxchk" = "y" ]; then + echo "Issuing 'chkconfig nginx on'" + chkconfig nginx on +else + echo "Not issuing 'chkconfig nginx on'" +fi + +echo -n "Would you like to chkconfig php-fpm on? (y/N) " +read phpfpmchk +if [ "$phpfpmchk" = "y" ]; then + echo "Issuing 'chkconfig php-fpm on'" + chkconfig php-fpm on +else + echo "Not issuing 'chkconfig php-fpm on'" +fi + +} + + +#NON-OS Specific Configuration + function tuning { echo "Creating $FILE ..." @@ -198,17 +520,102 @@ fi } +function status { + +echo "Creating $FILE..." + +cat << EOF > $FILE +# Add trailing slash to */wp-admin requests. + +server { + include vhosts.d/includes/status.conf; +} + +EOF + +if [ -f $FILE ];then + echo "$FILE created." +else + echo "Creation of $FILE failed, please create manually." +fi + +} + +function statusinc { + +echo "Creating $FILE..." + +cat << EOF > $FILE +# Add trailing slash to */wp-admin requests. + + listen 127.127.127.127:10127; + server_name nginx_status; + location /nginx_status { + stub_status on; + } + allow 127.127.127.127; + deny all; + access_log off; + + location ~ ^/php-fpm_(status|ping)$ { + access_log off; + allow 127.0.0.1; + allow 127.127.127.127; + deny all; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; + fastcgi_pass unix:/var/run/php5-fpm.sock; + } + + +EOF + +if [ -f $FILE ];then + echo "$FILE created." +else + echo "Creation of $FILE failed, please create manually." +fi + +} + #end functions #this bit is bad, but valid for now to make sure we don't screw up another OS -if [ -f "/etc/redhat-release" ]; then - echo "RedHat (or variant) detected. Installing..." - redhatlinux -else - echo "Unsupported operating system, exiting..." - # exit + + +echo "Beginning OS Detection..." +DETECTED=0 + +# check for RHEL5 + +if [ "`cat /etc/redhat-release | grep 'release 5'`" ]; then + echo "RedHat 5 (or variant) detected. Installing..." + DETECTED=1 + redhatlinuxfive fi +# check for RHEL6 + +if [ "`cat /etc/redhat-release | grep 'release 6'`" ]; then + echo "RedHat 6 (or variant) detected. Installing..." + DETECTED=1 + redhatlinuxsix +fi + +# check for RHEL7 + +if [ "`cat /etc/redhat-release | grep 'release 7'`" ]; then + echo "RedHat 7 (or variant) detected. Installing..." + DETECTED=1 + redhatlinuxseven +fi + +if [ $DETECTED = "0" ]; then + echo "No supported operating system found. Exiting." + exit 1 +fi + + echo sleep 1 @@ -302,6 +709,42 @@ fi echo sleep 1 +if [ -f /etc/nginx/vhosts.d/status.conf ]; then + echo "Previous status.conf detected, not overwriting. Updating template..." + FILE=/etc/nginx/templates.d/vhosts.d/status.conf + status +else + echo "No previous status.conf detected, creating and making template..." + + #/etc/nginx/vhosts.d/status.conf + FILE=/etc/nginx/vhosts.d/status.conf + status + + #/etc/nginx/templates.d/vhosts.d/status.conf + FILE=/etc/nginx/templates.d/vhosts.d/status.conf + status +fi +echo +sleep 1 + +if [ -f /etc/nginx/vhosts.d/includes/status.conf ]; then + echo "Previous includes/status.conf detected, not overwriting. Updating template..." + FILE=/etc/nginx/templates.d/vhosts.d/includes/status.conf + statusinc +else + echo "No previous includes/status.conf detected, creating and making template..." + + #/etc/nginx/vhosts.d/includes/status.conf + FILE=/etc/nginx/vhosts.d/includes/status.conf + statusinc + + #/etc/nginx/templates.d/vhosts.d/includes/status.conf + FILE=/etc/nginx/templates.d/vhosts.d/includes/status.conf + statusinc +fi +echo +sleep 1 + #start creation of the vhost templates echo "Configuration of nginx complete. Creating template files..." @@ -313,7 +756,7 @@ echo "Creating vhost-template.conf..." cat << EOF > /etc/nginx/templates.d/vhosts.d/vhost-template.conf server { - listen 80; + listen IP_ADDRESS:80; server_name HOST_NAME.DOMAIN_NAME; #To enable HTTPS, uncomment this line. @@ -338,7 +781,7 @@ echo "Creating vhost-template-ssl.conf..." cat << EOF > /etc/nginx/templates.d/vhosts.d/vhost-template-ssl.conf server { - listen 443 ssl; + listen IP_ADDRESS:443 ssl; server_name HOST_NAME.DOMAIN_NAME; ssl on; @@ -400,24 +843,6 @@ cat << EOF > /etc/nginx/templates.d/vhosts.d/includes/vhost-template.conf include fastcgi_params; } - - # These are placeholders until I figure out how to make them work specifically. - # ScriptAlias /cgi-bin "/var/www/domains/DOMAIN_NAME/HOST_NAME/cgi-bin" - - # - # AllowOverride None - # Options None - # Order allow,deny - # Allow from all - # - - - ## If you will be installing any j2ee apps, e.g. Atlassian Jira, Confluence, Crowd, Fisheye, Bamboo, Stash, etc. you will need - ## To uncomment the following Proxy* Lines and change appropriately. - ## If this is a plain vhost, say for wordpress, you can leave them commented out. - ## Currently, nginx does not have support out-of-the-box for AJP connectors, nginx would have to be custom compiled for support. - ## HTTP connectors MUST be used. - # location / { # proxy_read_timeout 300; # proxy_connect_timeout 300; @@ -453,4 +878,4 @@ echo #exit echo "Complete." -exit \ No newline at end of file +exit