899 lines
23 KiB
Bash
Executable File
899 lines
23 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
|
|
## Title: nginx_setup.sh
|
|
## Description: Deploy base nginx configurations
|
|
## Authors: Matt Burchett (2015-03-28)
|
|
## Version: 0.8
|
|
##
|
|
|
|
# These functions allow for OS detection later on in the script. They also contain basic configuration that is OS specific.
|
|
|
|
# RHEL 5
|
|
function redhatlinuxfive {
|
|
|
|
#checking if epel repo is installed and enabled
|
|
|
|
if [ -z "`yum repolist | grep nginx`" ]; then
|
|
echo -n "Nginx repo not installed, would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Enabling the nginx repo"
|
|
cd /tmp
|
|
rpm -Uvh http://nginx.org/packages/rhel/5/noarch/RPMS/nginx-release-rhel-5-0.el5.ngx.noarch.rpm
|
|
else
|
|
echo "Nginx repo has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "Nginx repo enabled. All good!"
|
|
fi
|
|
if [ -z "`yum repolist | grep epel`" ]; then
|
|
echo -n "EPEL repo not installed, would you like to install it now? (y/N) "
|
|
read epelinstall
|
|
if [ "$epelinstall" = "y" ]; then
|
|
echo "Enabling the EPEL repo"
|
|
cd /tmp
|
|
rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm
|
|
cd
|
|
else
|
|
echo "EPEL has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "EPEL repo enabled. All good!"
|
|
fi
|
|
|
|
if [ -z "`yum --enablerepo=remi,remi-php56 repolist | grep remi`" ]; then
|
|
echo -n "Remi repo not installed, would you like to install it now? (y/N) "
|
|
read remiinstall
|
|
if [ "$remiinstall" = "y" ]; then
|
|
echo "Enabling the Remi repo"
|
|
cd /tmp
|
|
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
|
|
cd
|
|
else
|
|
echo "Remi has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "Remi repo enabled. All good!"
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#checking if nginx is installed
|
|
|
|
if [ -z "`rpm -qi nginx | grep URL`" ]; then
|
|
echo -n "nginx is not installed. Would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Okay, installing nginx."
|
|
yum --enablerepo=remi,remi-php56 install nginx php-fpm php-common
|
|
echo "Nginx installed. Enabling services by default."
|
|
chkconfig nginx on
|
|
chkconfig php-fpm on
|
|
echo "Services enabled."
|
|
else
|
|
echo "Wrong answer given. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "nginx is already installed, moving on."
|
|
fi
|
|
|
|
#start PHP-FPM configuration
|
|
|
|
echo "Starting php-fpm configuration..."
|
|
|
|
echo
|
|
|
|
# change how it listens
|
|
echo "Changing php-fpm to listen on socket (unix:/var/run/php5-fpm.sock)..."
|
|
|
|
sed -i 's,listen = 127.0.0.1:9000, listen = /var/run/php5-fpm.sock,g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and change listen = 127.0.0.1:9000 to listen = /var/run/php5-fpm.sock."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# change who it listens as
|
|
echo "Changing listen.owner to = apache..."
|
|
|
|
sed -i 's:;listen.owner = nobody:listen.owner = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.owner and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# group too
|
|
echo "Changing listen.group to = apache..."
|
|
|
|
sed -i 's:;listen.group = nobody:listen.group = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.group and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
echo "Configuration of php-fpm complete."
|
|
#end php-fpm configuration
|
|
|
|
#chkconfig
|
|
|
|
echo -n "Would you like to chkconfig nginx on? (y/N) "
|
|
read nginxchk
|
|
if [ "$nginxchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig nginx on'"
|
|
chkconfig nginx on
|
|
else
|
|
echo "Not issuing 'chkconfig nginx on'"
|
|
fi
|
|
|
|
echo -n "Would you like to chkconfig php-fpm on? (y/N) "
|
|
read phpfpmchk
|
|
if [ "$phpfpmchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig php-fpm on'"
|
|
chkconfig php-fpm on
|
|
else
|
|
echo "Not issuing 'chkconfig php-fpm on'"
|
|
fi
|
|
}
|
|
|
|
# RHEL 6
|
|
function redhatlinuxsix {
|
|
|
|
#checking if epel repo is installed and enabled
|
|
|
|
if [ -z "`yum repolist | grep nginx`" ]; then
|
|
echo -n "Nginx repo not installed, would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Enabling the nginx repo"
|
|
yum localinstall http://nginx.org/packages/rhel/6/noarch/RPMS/nginx-release-rhel-6-0.el6.ngx.noarch.rpm
|
|
else
|
|
echo "Nginx repo has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "Nginx repo enabled. All good!"
|
|
fi
|
|
if [ -z "`yum repolist | grep epel`" ]; then
|
|
echo -n "EPEL repo not installed, would you like to install it now? (y/N) "
|
|
read epelinstall
|
|
if [ "$epelinstall" = "y" ]; then
|
|
echo "Enabling the EPEL repo"
|
|
yum localinstall https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
|
|
cd
|
|
else
|
|
echo "EPEL has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "EPEL repo enabled. All good!"
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#checking if nginx is installed
|
|
|
|
if [ -z "`rpm -qi nginx | grep URL`" ]; then
|
|
echo -n "nginx is not installed. Would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Okay, installing nginx."
|
|
yum install nginx php-fpm
|
|
echo "Nginx installed. Enabling services by default."
|
|
chkconfig nginx on
|
|
chkconfig php-fpm on
|
|
echo "Services enabled."
|
|
else
|
|
echo "Wrong answer given. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "nginx is already installed, moving on."
|
|
fi
|
|
|
|
#start PHP-FPM configuration
|
|
|
|
echo "Starting php-fpm configuration..."
|
|
|
|
echo
|
|
|
|
# change how it listens
|
|
echo "Changing php-fpm to listen on socket (unix:/var/run/php5-fpm.sock)..."
|
|
|
|
sed -i 's,listen = 127.0.0.1:9000, listen = /var/run/php5-fpm.sock,g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and change listen = 127.0.0.1:9000 to listen = /var/run/php5-fpm.sock."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# change who it listens as
|
|
echo "Changing listen.owner to = apache..."
|
|
|
|
sed -i 's:;listen.owner = nobody:listen.owner = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.owner and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# group too
|
|
echo "Changing listen.group to = apache..."
|
|
|
|
sed -i 's:;listen.group = nobody:listen.group = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.group and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
echo "Configuration of php-fpm complete."
|
|
#end php-fpm configuration
|
|
|
|
#chkconfig
|
|
|
|
echo -n "Would you like to chkconfig nginx on? (y/N) "
|
|
read nginxchk
|
|
if [ "$nginxchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig nginx on'"
|
|
chkconfig nginx on
|
|
else
|
|
echo "Not issuing 'chkconfig nginx on'"
|
|
fi
|
|
|
|
echo -n "Would you like to chkconfig php-fpm on? (y/N) "
|
|
read phpfpmchk
|
|
if [ "$phpfpmchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig php-fpm on'"
|
|
chkconfig php-fpm on
|
|
else
|
|
echo "Not issuing 'chkconfig php-fpm on'"
|
|
fi
|
|
}
|
|
|
|
# RHEL 7
|
|
function redhatlinuxseven {
|
|
|
|
#checking if epel repo is installed and enabled
|
|
|
|
if [ -z "`yum repolist | grep nginx`" ]; then
|
|
echo -n "Nginx repo not installed, would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Enabling the nginx repo"
|
|
yum localinstall http://nginx.org/packages/rhel/7/noarch/RPMS/nginx-release-rhel-7-0.el7.ngx.noarch.rpm
|
|
else
|
|
echo "Nginx repo has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "Nginx repo enabled. All good!"
|
|
fi
|
|
if [ -z "`yum repolist | grep epel`" ]; then
|
|
echo -n "EPEL repo not installed, would you like to install it now? (y/N) "
|
|
read epelinstall
|
|
if [ "$epelinstall" = "y" ]; then
|
|
echo "Enabling the EPEL repo"
|
|
yum localinstall https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
|
|
cd
|
|
else
|
|
echo "EPEL has to be enabled to install and setup nginx. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "EPEL repo enabled. All good!"
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#checking if nginx is installed
|
|
|
|
if [ -z "`rpm -qi nginx | grep URL`" ]; then
|
|
echo -n "nginx is not installed. Would you like to install it now? (y/N) "
|
|
read nginxinstall
|
|
if [ "$nginxinstall" = "y" ]; then
|
|
echo "Okay, installing nginx."
|
|
yum install nginx php-fpm
|
|
echo "Nginx installed. Enabling services by default."
|
|
chkconfig nginx on
|
|
chkconfig php-fpm on
|
|
echo "Services enabled."
|
|
else
|
|
echo "Wrong answer given. Exiting."
|
|
exit
|
|
fi
|
|
else
|
|
echo "nginx is already installed, moving on."
|
|
fi
|
|
|
|
#start PHP-FPM configuration
|
|
|
|
echo "Starting php-fpm configuration..."
|
|
|
|
echo
|
|
|
|
# change how it listens
|
|
echo "Changing php-fpm to listen on socket (unix:/var/run/php5-fpm.sock)..."
|
|
|
|
sed -i 's,listen = 127.0.0.1:9000, listen = /var/run/php5-fpm.sock,g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'var/run/php5-fpm.sock'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and change listen = 127.0.0.1:9000 to listen = /var/run/php5-fpm.sock."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# change who it listens as
|
|
echo "Changing listen.owner to = apache..."
|
|
|
|
sed -i 's:;listen.owner = nobody:listen.owner = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.owner = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.owner and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# group too
|
|
echo "Changing listen.group to = apache..."
|
|
|
|
sed -i 's:;listen.group = nobody:listen.group = apache:g' /etc/php-fpm.d/www.conf
|
|
|
|
if [ "`cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'`" ]; then
|
|
echo "Change successfully made."
|
|
cat /etc/php-fpm.d/www.conf | grep 'listen.group = apache'
|
|
|
|
else
|
|
echo "Change not made. Please edit the file manually and uncomment listen.group and set it's ownership to apache."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
echo "Configuration of php-fpm complete."
|
|
#end php-fpm configuration
|
|
|
|
#chkconfig
|
|
|
|
echo -n "Would you like to chkconfig nginx on? (y/N) "
|
|
read nginxchk
|
|
if [ "$nginxchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig nginx on'"
|
|
chkconfig nginx on
|
|
else
|
|
echo "Not issuing 'chkconfig nginx on'"
|
|
fi
|
|
|
|
echo -n "Would you like to chkconfig php-fpm on? (y/N) "
|
|
read phpfpmchk
|
|
if [ "$phpfpmchk" = "y" ]; then
|
|
echo "Issuing 'chkconfig php-fpm on'"
|
|
chkconfig php-fpm on
|
|
else
|
|
echo "Not issuing 'chkconfig php-fpm on'"
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
#NON-OS Specific Configuration
|
|
|
|
function tuning {
|
|
|
|
echo "Creating $FILE ..."
|
|
|
|
cat << EOF > $FILE
|
|
server_names_hash_bucket_size 64;
|
|
EOF
|
|
|
|
if [ -f $FILE ]; then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
function vhosts {
|
|
|
|
echo "Creating $FILE ..."
|
|
|
|
cat << EOF > $FILE
|
|
include /etc/nginx/vhosts.d/*.conf;
|
|
EOF
|
|
|
|
if [ -f $FILE ]; then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
function restrictions {
|
|
|
|
echo "Creating $FILE..."
|
|
|
|
cat << EOF > $FILE
|
|
location = /favicon.ico {
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
location ~ /\. {
|
|
deny all;
|
|
}
|
|
location ~* /(?:uploads|files)/.*\.php$ {
|
|
|
|
deny all;
|
|
}
|
|
EOF
|
|
|
|
if [ -f $FILE ];then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
function wordpress {
|
|
|
|
echo "Creating $FILE..."
|
|
|
|
cat << EOF > $FILE
|
|
# Add trailing slash to */wp-admin requests.
|
|
|
|
rewrite /wp-admin\$ \$scheme://\$host\$uri/ permanent;
|
|
|
|
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)\$ {
|
|
|
|
access_log off; log_not_found off; expires max;
|
|
|
|
}
|
|
EOF
|
|
|
|
if [ -f $FILE ];then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
function status {
|
|
|
|
echo "Creating $FILE..."
|
|
|
|
cat << EOF > $FILE
|
|
# Add trailing slash to */wp-admin requests.
|
|
|
|
server {
|
|
include vhosts.d/includes/status.conf;
|
|
}
|
|
|
|
EOF
|
|
|
|
if [ -f $FILE ];then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
function statusinc {
|
|
|
|
echo "Creating $FILE..."
|
|
|
|
cat << EOF > $FILE
|
|
# Add trailing slash to */wp-admin requests.
|
|
|
|
listen 127.127.127.127:10127;
|
|
server_name nginx_status;
|
|
location /nginx_status {
|
|
stub_status on;
|
|
}
|
|
allow 127.127.127.127;
|
|
deny all;
|
|
access_log off;
|
|
|
|
location ~ ^/php-fpm_(status|ping)$ {
|
|
access_log off;
|
|
allow 127.0.0.1;
|
|
allow 127.127.127.127;
|
|
deny all;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
|
fastcgi_pass unix:/var/run/php5-fpm.sock;
|
|
}
|
|
|
|
|
|
EOF
|
|
|
|
if [ -f $FILE ];then
|
|
echo "$FILE created."
|
|
else
|
|
echo "Creation of $FILE failed, please create manually."
|
|
fi
|
|
|
|
}
|
|
|
|
#end functions
|
|
|
|
#this bit is bad, but valid for now to make sure we don't screw up another OS
|
|
|
|
|
|
echo "Beginning OS Detection..."
|
|
DETECTED=0
|
|
|
|
# check for RHEL5
|
|
|
|
if [ "`cat /etc/redhat-release | grep 'release 5'`" ]; then
|
|
echo "RedHat 5 (or variant) detected. Installing..."
|
|
DETECTED=1
|
|
redhatlinuxfive
|
|
fi
|
|
|
|
# check for RHEL6
|
|
|
|
if [ "`cat /etc/redhat-release | grep 'release 6'`" ]; then
|
|
echo "RedHat 6 (or variant) detected. Installing..."
|
|
DETECTED=1
|
|
redhatlinuxsix
|
|
fi
|
|
|
|
# check for RHEL7
|
|
|
|
if [ "`cat /etc/redhat-release | grep 'release 7'`" ]; then
|
|
echo "RedHat 7 (or variant) detected. Installing..."
|
|
DETECTED=1
|
|
redhatlinuxseven
|
|
fi
|
|
|
|
if [ $DETECTED = "0" ]; then
|
|
echo "No supported operating system found. Exiting."
|
|
exit 1
|
|
fi
|
|
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
echo "Copying configuration files in place..."
|
|
|
|
#make the directories needed
|
|
mkdir -p /etc/nginx/{conf.d,vhosts.d/includes,templates.d/conf.d,templates.d/vhosts.d/includes}
|
|
|
|
echo
|
|
|
|
#create the tuning.conf and creating templates
|
|
|
|
if [ -f /etc/nginx/conf.d/tuning.conf ]; then
|
|
echo "Previous tuning.conf detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/conf.d/tuning.conf
|
|
tuning
|
|
else
|
|
echo "No previous tuning.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/conf.d/tuning.conf
|
|
FILE=/etc/nginx/conf.d/tuning.conf
|
|
tuning
|
|
|
|
#/etc/nginx/templates.d/conf.d/tuning.conf
|
|
FILE=/etc/nginx/templates.d/conf.d/tuning.conf
|
|
tuning
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#create the vhost conf and creating templates
|
|
|
|
if [ -f /etc/nginx/conf.d/vhosts.conf ]; then
|
|
echo "Previous vhosts.conf detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/conf.d/vhosts.conf
|
|
vhosts
|
|
else
|
|
echo "No previous vhosts.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/conf.d/vhosts.conf
|
|
FILE=/etc/nginx/conf.d/vhosts.conf
|
|
vhosts
|
|
|
|
#/etc/nginx/templates.d/conf.d/vhosts.conf
|
|
FILE=/etc/nginx/templates.d/conf.d/vhosts.conf
|
|
vhosts
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# create includes/restrictions.conf and creating templates
|
|
|
|
if [ -f /etc/nginx/vhosts.d/includes/restrictions.conf ]; then
|
|
echo "Previous restrictions detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/restrictions.conf
|
|
restrictions
|
|
else
|
|
echo "No previous restrictions.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/vhosts.d/includes/restrictions.conf
|
|
FILE=/etc/nginx/vhosts.d/includes/restrictions.conf
|
|
restrictions
|
|
|
|
#/etc/nginx/templates.d/vhosts.d/includes/restrictions.conf
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/restrictions.conf
|
|
restrictions
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
# create includes/wordpress.conf and creating templates
|
|
if [ -f /etc/nginx/vhosts.d/includes/wordpress.conf ]; then
|
|
echo "Previous wordpress.conf detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/wordpress.conf
|
|
wordpress
|
|
else
|
|
echo "No previous wordpress.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/vhosts.d/includes/wordpress.conf
|
|
FILE=/etc/nginx/vhosts.d/includes/wordpress.conf
|
|
wordpress
|
|
|
|
#/etc/nginx/templates.d/vhosts.d/includes/wordpress.conf
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/wordpress.conf
|
|
wordpress
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
if [ -f /etc/nginx/vhosts.d/status.conf ]; then
|
|
echo "Previous status.conf detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/vhosts.d/status.conf
|
|
status
|
|
else
|
|
echo "No previous status.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/vhosts.d/status.conf
|
|
FILE=/etc/nginx/vhosts.d/status.conf
|
|
status
|
|
|
|
#/etc/nginx/templates.d/vhosts.d/status.conf
|
|
FILE=/etc/nginx/templates.d/vhosts.d/status.conf
|
|
status
|
|
fi
|
|
echo
|
|
sleep 1
|
|
|
|
if [ -f /etc/nginx/vhosts.d/includes/status.conf ]; then
|
|
echo "Previous includes/status.conf detected, not overwriting. Updating template..."
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/status.conf
|
|
statusinc
|
|
else
|
|
echo "No previous includes/status.conf detected, creating and making template..."
|
|
|
|
#/etc/nginx/vhosts.d/includes/status.conf
|
|
FILE=/etc/nginx/vhosts.d/includes/status.conf
|
|
statusinc
|
|
|
|
#/etc/nginx/templates.d/vhosts.d/includes/status.conf
|
|
FILE=/etc/nginx/templates.d/vhosts.d/includes/status.conf
|
|
statusinc
|
|
fi
|
|
echo
|
|
sleep 1
|
|
|
|
#start creation of the vhost templates
|
|
echo "Configuration of nginx complete. Creating template files..."
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#main vhost template (not include)
|
|
echo "Creating vhost-template.conf..."
|
|
|
|
cat << EOF > /etc/nginx/templates.d/vhosts.d/vhost-template.conf
|
|
server {
|
|
#IPv4
|
|
listen IP_ADDRESS:80;
|
|
|
|
#IPv6 - Uncomment line below to enable ipv6 support
|
|
#listen [::]:80;
|
|
|
|
server_name HOST_NAME.DOMAIN_NAME;
|
|
|
|
#To enable HTTPS, uncomment this line.
|
|
#rewrite ^(.*) https://\$server_name\$1 permanent;
|
|
|
|
include /etc/nginx/vhosts.d/includes/HOST_NAME.DOMAIN_NAME.conf;
|
|
|
|
}
|
|
EOF
|
|
|
|
if [ -f /etc/nginx/templates.d/vhosts.d/vhost-template.conf ];then
|
|
echo "vhost-template.conf created."
|
|
else
|
|
echo "Creation of vhost-template.conf failed, please create manually."
|
|
fi
|
|
|
|
echo
|
|
sleep 1
|
|
|
|
#ssl vhost template (not include)
|
|
echo "Creating vhost-template-ssl.conf..."
|
|
|
|
cat << EOF > /etc/nginx/templates.d/vhosts.d/vhost-template-ssl.conf
|
|
server {
|
|
#IPv4
|
|
listen IP_ADDRESS:443 ssl;
|
|
|
|
#IPv6 - Uncomment line below to enable IPv6
|
|
#listen [::]:443 ssl;
|
|
|
|
|
|
server_name HOST_NAME.DOMAIN_NAME;
|
|
|
|
ssl on;
|
|
ssl_certificate /var/www/domains/DOMAIN_NAME/HOST_NAME/ssl/HOST_NAME.DOMAIN_NAME.crt;
|
|
ssl_certificate_key /var/www/domains/DOMAIN_NAME/HOST_NAME/ssl/HOST_NAME.DOMAIN_NAME.key;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
|
|
|
|
include /etc/nginx/vhosts.d/includes/HOST_NAME.DOMAIN_NAME.conf;
|
|
}
|
|
EOF
|
|
|
|
if [ -f /etc/nginx/templates.d/vhosts.d/vhost-template-ssl.conf ];then
|
|
echo "vhost-template-ssl.conf created."
|
|
else
|
|
echo "Creation of vhost-template-ssl.conf failed, please create manually."
|
|
fi
|
|
echo
|
|
sleep 1
|
|
|
|
#main vhost template (include) (SSL too)
|
|
echo "Creating includes/vhost-template.conf..."
|
|
|
|
cat << EOF > /etc/nginx/templates.d/vhosts.d/includes/vhost-template.conf
|
|
root /var/www/domains/DOMAIN_NAME/HOST_NAME/htdocs;
|
|
index index.html index.htm index.php;
|
|
access_log /var/www/domains/DOMAIN_NAME/HOST_NAME/logs/access_log;
|
|
error_log /var/www/domains/DOMAIN_NAME/HOST_NAME/logs/error_log;
|
|
|
|
#custom maintenance message
|
|
location @sorry502 {
|
|
return 502 "This site is currently undergoing maintenance. We apologize for the inconvenience.";
|
|
}
|
|
|
|
location @sorry503 {
|
|
return 503 "This site is currently undergoing maintenance. We apologize for the inconvenience.";
|
|
}
|
|
|
|
|
|
error_page 500 504 /50x.html;
|
|
error_page 502 @sorry502;
|
|
error_page 503 @sorry503;
|
|
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
|
|
include /etc/nginx/vhosts.d/includes/restrictions.conf;
|
|
#If this is a Wordpress vhost, uncomment this line
|
|
#include /etc/nginx/vhosts.d/includes/wordpress.conf;
|
|
|
|
|
|
location ~ \.php$ {
|
|
try_files \$uri =404;
|
|
fastcgi_pass unix:/var/run/php5-fpm.sock;
|
|
fastcgi_index index.php;
|
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
|
include fastcgi_params;
|
|
}
|
|
|
|
location / {
|
|
|
|
#enable for wordpress pretty URLs
|
|
#try_files $uri $uri/ /index.php?$args;
|
|
|
|
|
|
#enable for proxy to Atlassian or J2EE applications
|
|
# proxy_read_timeout 300;
|
|
# proxy_connect_timeout 300;
|
|
# proxy_redirect off;
|
|
|
|
# proxy_set_header X-Forwarded-Proto \$scheme;
|
|
# proxy_set_header Host \$http_host;
|
|
# proxy_set_header X-Real-IP \$remote_addr;
|
|
|
|
# proxy_pass http://j2ee.HOST_NAME.DOMAIN_NAME:8009;
|
|
}
|
|
|
|
|
|
EOF
|
|
|
|
if [ -f /etc/nginx/templates.d/vhosts.d/includes/vhost-template.conf ];then
|
|
echo "includes/vhost-template.conf created."
|
|
else
|
|
echo "Creation of includes/vhost-template.conf failed, please create manually."
|
|
fi
|
|
|
|
echo
|
|
|
|
sleep 1
|
|
|
|
#Check for problems.
|
|
echo "Checking nginx for errors."
|
|
nginx -t
|
|
|
|
echo "nginx configuration complete."
|
|
|
|
echo
|
|
|
|
#exit
|
|
echo "Complete."
|
|
exit
|