#!/bin/bash # save and run # . nginx_builder CPUC=`cat /proc/cpuinfo | grep processor | wc -l` CPUC=$((CPUC-1)) PARENTF=`pwd` BUILDF="$PARENTF/build" NGINXV='nginx-1.18.0' IS_LOCAL=1 IS_PAUSED=0 IS_GET_ONLY=1 function main { notice "builder for $NGINXV" notice "from parent folder $PARENTF" warn "IS_LOCAL $IS_LOCAL" warn "IS_PAUSED $IS_PAUSED" warn "IS_GET_ONLY $IS_GET_ONLY" rm versions #root_prepare #postgres_get #redis_get etc_src ngx_module luajit2_prepare lua_src openssl_get ngx_src #make_configure #make_nginx_service #make_postgres_service #make_nginx_tmpfile prepare_for_archive } # ------------------------------------------------------------------------------ function prepare_for_archive { notice "prepare_for_archive" cd $PARENTF find . -type d -name '.git' -not -path "./.git" | xargs rm -rf find . -type d -name '.git' -not -path "./.git" cd $PARENTF } # ------------------------------------------------------------------------------ function root_prepare { notice "root_prepare" if ! whoami | grep -q root; then err 'root required. exit.' fi if ! grep -q "nginx" /etc/passwd; then groupadd nginx useradd -M -g nginx nginx fi if cat /etc/*release* | grep -q 'openSUSE Leap 15.1'; then warn 'openSUSE Leap 15.1 detected.' zypper in -t pattern -y devel_C_C++ devel_basis devel_perl console zypper in -y pcre-devel libopenssl-devel gd-devel libGeoIP-devel libatomic_ops-devel dialog fi if cat /etc/*release* | grep -q 'VERSION="9 (stretch)"'; then warn 'Debian 9 detected.' apt-get install -y vim mc less mlocate git cmake build-essential curl gnupg aptitude apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev fi if cat /etc/*release* | grep -q 'VERSION="10 (buster)"'; then warn 'Debian 10 detected.' apt-get install -y vim mc less mlocate git cmake build-essential curl gnupg aptitude apt-get install -y libpq-dev libpcre3-dev zlib1g-dev libgd-dev libgeoip-dev libatomic-ops-dev if [ -f /usr/bin/gcc-8 ] && [ -f /usr/bin/gcc-7 ] && [ `gcc -dumpversion` -gt 7 ] ; then err 'gcc 7 required. update-alternatives --set gcc /usr/bin/gcc-7 and run builder again.' fi if [ -f /usr/bin/gcc-8 ] && [ ! -f /usr/bin/gcc-7 ]; then aptitude install -y gcc-7 if [ -f /usr/bin/gcc-7 ]; then update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-7 10 update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 20 update-alternatives --list gcc update-alternatives --set gcc /usr/bin/gcc-7 warn 'set after install: update-alternatives --set gcc /usr/bin/gcc-8' fi err 'gcc 7 required. run builder again.' fi fi if cat /etc/*release* | grep -q 'CentOS Linux release 7'; then warn 'CentOS 7 detected.' yum install dnf -y dnf install wget -y dnf groupinstall "Development Tools" -y dnf install python2 -y dnf install pcre-devel -y dnf install zlib-devel -y dnf install gd-devel -y dnf install openssl-devel -y dnf install epel-release -y dnf install GeoIP-devel -y dnf install libatomic_ops-devel -y fi if cat /etc/*release* | grep -q 'CentOS Linux release 8'; then warn 'CentOS 8 detected.' dnf groupinstall "Development Tools" -y dnf config-manager --set-enabled PowerTools dnf install python2 -y dnf install pcre-devel -y dnf install zlib-devel -y dnf install gd-devel -y dnf install openssl-devel -y dnf install epel-release -y dnf install GeoIP-devel -y dnf install libatomic_ops-devel -y ln -s /usr/bin/python2 /usr/bin/python fi if [ $IS_LOCAL == 0 ]; then rm -rf /usr/local/$NGINXV rm -rf /var/lib/nginx/ mkdir -p /var/lib/nginx/{fastcgi,proxy,scgi,tmp,uwsgi,cache} chown -R nginx:nginx /var/lib/nginx/ mkdir -p /var/run/nginx chown -R nginx:nginx /var/run/nginx mkdir /var/log/nginx/ fi } # ------------------------------------------------------------------------------ function postgres_get { notice "postgres_get" local POSTGRESV="postgresql-12.2" local PREFIX="" local DATADIR="" if [ $IS_LOCAL == 1 ]; then PREFIX="$BUILDF/pgsql-12.2" DATADIR="$BUILDF/pgsql-12.2/data" rm -rf $PREFIX else PREFIX="/usr/local/pgsql-12.2" DATADIR="/data/pgsql-12.2" rm -rf $PREFIX if ! grep -q "postgres" /etc/passwd; then groupadd postgres useradd -M -g postgres postgres fi mkdir -p $DATADIR chown postgres:postgres $DATADIR fi get_arch "https://ftp.postgresql.org/pub/source/v12.2/$POSTGRESV.tar.gz" "$POSTGRESV.tar.gz" $POSTGRESV pushd $POSTGRESV ./configure --prefix=$PREFIX && make install -j4 popd notice "PREFIX" $PREFIX notice "DATADIR" $DATADIR if [ $IS_LOCAL == 1 ]; then notice "$PREFIX/bin/initdb -D $DATADIR" $PREFIX/bin/initdb -D $DATADIR notice "$PREFIX/bin/pg_ctl -D $DATADIR -l logfile start" $PREFIX/bin/pg_ctl -D $DATADIR -l logfile start notice "$PREFIX/bin/createdb -E Unicode test" $PREFIX/bin/createdb -E Unicode test notice "$PREFIX/bin/createuser test" $PREFIX/bin/createuser test notice "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\"" $PREFIX/bin/psql -c "alter user test with encrypted password 'test';" notice "$PREFIX/bin/pg_ctl -D $DATADIR -l logfile stop" $PREFIX/bin/pg_ctl -D $DATADIR -l logfile stop else notice "$PREFIX/bin/initdb -D $DATADIR" su postgres -c "$PREFIX/bin/initdb -D $DATADIR" notice "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 start" su postgres -c "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 start" notice "$PREFIX/bin/createdb -E Unicode test" su postgres -c "$PREFIX/bin/createdb -E Unicode test" notice "$PREFIX/bin/createuser test" su postgres -c "$PREFIX/bin/createuser test" notice "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\"" su postgres -c "$PREFIX/bin/psql -c \"alter user test with encrypted password 'test';\"" notice "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 stop" su postgres -c "$PREFIX/bin/pg_ctl -D $DATADIR -l /tmp/logfile1 stop" fi } # ------------------------------------------------------------------------------ function redis_get { notice "redis_get" mkdir etc_src ; cd etc_src get_arch 'https://github.com/antirez/redis/archive/6.0.1.tar.gz' 'redis-6.0.1.tar.gz' 'redis-6.0.1' pushd 'redis-6.0.1' #make BUILD_TLS=yes -j$CPUC make BUILD_TLS=yes PREFIX=$BUILDF/redis-6.0.1 install -j$CPUC popd cd $PARENTF } # ------------------------------------------------------------------------------ function etc_src { notice "etc_src" mkdir etc_src ; cd etc_src get_github 'openresty' 'sregex.git' if [ $IS_GET_ONLY == 0 ]; then pushd 'sregex.git' make clean rm -rf build ; mkdir build if [ $IS_LOCAL == 1 ]; then make -j4 PREFIX=$PARENTF/etc_src/sregex.git/build make install PREFIX=$PARENTF/etc_src/sregex.git/build else make -j4 make install fi ldconfig popd fi get_arch 'https://openresty.org/download/drizzle7-2011.07.21.tar.gz' 'drizzle7-2011.07.21.tar.gz' 'drizzle7-2011.07.21' if [ $IS_GET_ONLY == 0 ]; then pushd 'drizzle7-2011.07.21' rm -rf build ; mkdir build if [ $IS_LOCAL == 1 ]; then ./configure --without-server --prefix=$PARENTF/etc_src/drizzle7-2011.07.21/build else ./configure --without-server fi make libdrizzle-1.0 -j4 make install-libdrizzle-1.0 -j4 ldconfig popd fi get_arch 'https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.4/modsecurity-v3.0.4.tar.gz' 'modsecurity-v3.0.4.tar.gz' 'modsecurity-v3.0.4' if [ $IS_GET_ONLY == 0 ]; then pushd 'modsecurity-v3.0.4' rm .gitignore make clean if [ $IS_LOCAL == 1 ]; then ./configure --prefix=$BUILDF/modsecurity else # /usr/local/modsecurity ./configure fi make install -j$CPUC popd fi get_github 'giltene' 'wrk2.git' cd $PARENTF } # ------------------------------------------------------------------------------ function ngx_module { notice "ngx_module" mkdir ngx_module ; cd ngx_module get_github 'openresty' 'memc-nginx-module.git' get_github 'openresty' 'lua-nginx-module.git' 'v0.10.16rc5' get_github 'simplresty' 'ngx_devel_kit.git' get_github 'openresty' 'redis2-nginx-module.git' get_github 'openresty' 'echo-nginx-module.git' get_github 'calio' 'form-input-nginx-module.git' get_github 'openresty' 'set-misc-nginx-module.git' get_github 'Austinb' 'nginx-upload-module.git' get_github 'FRiCKLE' 'ngx_cache_purge.git' get_github 'openresty' 'headers-more-nginx-module.git' get_github 'nbs-system' 'naxsi.git' get_github 'SpiderLabs' 'ModSecurity-nginx.git' get_github 'openresty' 'replace-filter-nginx-module.git' get_github 'openresty' 'rds-json-nginx-module.git' get_github 'openresty' 'rds-csv-nginx-module.git' get_github 'openresty' 'drizzle-nginx-module.git' get_github 'openresty' 'ngx_postgres.git' get_github 'nginx' 'njs.git' get_github 'openresty' 'stream-lua-nginx-module.git' 'v0.0.7' get_github 'openresty' 'xss-nginx-module.git' get_github 'arut' 'nginx-rtmp-module.git' get_github 'arut' 'nginx-ts-module.git' cd $PARENTF } # ------------------------------------------------------------------------------ function luajit2_prepare { notice "luajit2_prepare" if [ $IS_LOCAL == 1 ]; then mkdir lua_src ; cd lua_src else mkdir -p /opt/lua_src ; cd /opt/lua_src fi get_github 'openresty' 'luajit2.git' if [ $IS_GET_ONLY == 0 ]; then pushd 'luajit2.git' make clean mkdir build if [ $IS_LOCAL == 1 ]; then make -j4 PREFIX=$PARENTF/lua_src/luajit2.git/build make install PREFIX=$PARENTF/lua_src/luajit2.git/build else make -j4 PREFIX=/opt/lua_src/luajit2.git/build make install PREFIX=/opt/lua_src/luajit2.git/build fi popd fi cd $PARENTF } # ------------------------------------------------------------------------------ function lua_src { notice "lua_src" if [ $IS_LOCAL == 1 ]; then mkdir lua_src ; cd lua_src else mkdir -p /opt/lua_src ; cd /opt/lua_src fi get_github 'openresty' 'lua-resty-core.git' 'v0.1.17' get_github 'openresty' 'lua-resty-lrucache.git' 'v0.09' get_github 'openresty' 'lua-cjson.git' '2.1.0.7' if [ $IS_GET_ONLY == 0 ]; then local LUAJIT2_SRC="" if [ $IS_LOCAL == 1 ]; then LUAJIT2_SRC="$PARENTF/lua_src/luajit2.git/src" else LUAJIT2_SRC="/opt/lua_src/luajit2.git/src" fi pushd 'lua-cjson.git' echo echo "export LUA_INCLUDE_DIR=\"$LUAJIT2_SRC\" && make -j4" echo export LUA_INCLUDE_DIR="$LUAJIT2_SRC" && make -j4 if [ $IS_PAUSED == 1 ]; then read -p "Press [Enter] key to continue..." fi popd fi get_github 'openresty' 'lua-resty-redis.git' get_github 'cloudflare' 'lua-resty-cookie.git' get_github 'openresty' 'lua-resty-mysql.git' get_github 'openresty' 'lua-ssl-nginx-module.git' get_github 'openresty' 'lua-resty-signal.git' 'v0.02' if [ $IS_GET_ONLY == 0 ]; then pushd 'lua-resty-signal.git' make clean make popd fi get_github 'openresty' 'lua-tablepool.git' 'v0.01' get_github 'openresty' 'lua-resty-shell.git' 'v0.02' get_github 'openresty' 'lua-resty-limit-traffic.git' get_github 'openresty' 'lua-resty-lock.git' get_github 'openresty' 'lua-resty-string.git' get_github 'openresty' 'lua-resty-upload.git' get_github 'openresty' 'lua-resty-websocket.git' get_github 'openresty' 'lua-resty-upstream-healthcheck.git' echo notice "save these strings:" if [ $IS_LOCAL == 1 ]; then local LB="$PARENTF/lua_src/lua-resty-core.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-resty-lrucache.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-resty-redis.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-resty-mysql.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-ssl-nginx-module.git/lualib/?.lua;" LB="$LB$PARENTF/lua_src/lua-resty-signal.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-tablepool.git/lib/?.lua;" LB="$LB$PARENTF/lua_src/lua-resty-shell.git/lib/?.lua;" local CLB="$PARENTF/lua_src/lua-cjson.git/?.so;" CLB="$CLB$PARENTF/lua_src/lua-resty-signal.git/?.so;" echo "lua_package_path \"$LB;\";" echo "lua_package_cpath \"$CLB;\";" echo "lua_package_path \"$LB;\";" > "$PARENTF/lua_package_path" echo "lua_package_cpath \"$CLB;\";" >> "$PARENTF/lua_package_path" else local LB="/opt/lua_src/lua-resty-core.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-resty-lrucache.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-resty-redis.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-resty-mysql.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-ssl-nginx-module.git/lualib/?.lua;" LB="$LB/opt/lua_src/lua-resty-signal.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-tablepool.git/lib/?.lua;" LB="$LB/opt/lua_src/lua-resty-shell.git/lib/?.lua;" local CLB="/opt/lua_src/lua-cjson.git/?.so;" CLB="$CLB/opt/lua_src/lua-resty-signal.git/?.so;" echo "lua_package_path \"$LB;\";" echo "lua_package_cpath \"$CLB;\";" echo "lua_package_path \"$LB;\";" > "$PARENTF/lua_package_path" echo "lua_package_cpath \"$CLB;\";" >> "$PARENTF/lua_package_path" fi echo if [ $IS_PAUSED == 1 ]; then read -p "Press [Enter] key to continue..." fi cd $PARENTF } # ------------------------------------------------------------------------------ function openssl_get { notice "openssl_get" mkdir etc_src ; cd etc_src get_arch 'https://github.com/openssl/openssl/archive/OpenSSL_1_1_1g.tar.gz' 'OpenSSL_1_1_1g.tar.gz' 'openssl-OpenSSL_1_1_1g' cd $PARENTF } # ------------------------------------------------------------------------------ function openssl_generate_localhost { notice "openssl_generate_localhost" if [ ! -f "/etc/$NGINXV/ssl/localhost.crt" ]; then pushd "/etc/$NGINXV/" mkdir ssl ; cd ssl openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt openssl dhparam -out dhparam.pem 4096 cd .. popd fi } # ------------------------------------------------------------------------------ function ngx_src { notice "ngx_src" mkdir ngx_src ; cd ngx_src get_arch "https://nginx.org/download/nginx-1.16.1.tar.gz" "nginx-1.16.1.tar.gz" "nginx-1.16.1" get_arch "https://nginx.org/download/$NGINXV.tar.gz" "$NGINXV.tar.gz" $NGINXV cd $PARENTF } # ------------------------------------------------------------------------------ function make_configure { notice "make_configure" local PREFIX="" local CONF_PATH="" local PID_PATH="" local ERROR_LOG="" local HTTP_LOG="" local CLIENT_BODY_TEMP="" local PROXY_TEMP_PATH="" local FASTCGI_TEMP_PATH="" local UWSGI_TEMP_PATH="" local SCGI_TEMP_PATH="" local LUAJIT2_BUILD_LIB="" local LUAJIT2_SRC="" local LUA_SSL_NGINX_MODULE="" if [ $IS_LOCAL == 1 ]; then mkdir -p $BUILDF/{tmp,proxy,fastcgi,uwsgi,scgi} PREFIX="$BUILDF/" CONF_PATH="$PREFIX/conf/nginx.conf" PID_PATH="$PREFIX/logs/nginx.pid" ERROR_LOG="$PREFIX/logs/error.log" HTTP_LOG="$PREFIX/logs/access.log" CLIENT_BODY_TEMP="$PREFIX/tmp/" PROXY_TEMP_PATH="$PREFIX/proxy/" FASTCGI_TEMP_PATH="$PREFIX/fastcgi/" UWSGI_TEMP_PATH="$PREFIX/uwsgi/" SCGI_TEMP_PATH="$PREFIX/scgi/" LUAJIT2_BUILD_LIB="$PARENTF/lua_src/luajit2.git/build/lib" LUAJIT2_SRC="$PARENTF/lua_src/luajit2.git/src" LUA_SSL_NGINX_MODULE="$PARENTF/lua_src/lua-ssl-nginx-module.git/" else PREFIX="/usr/local/$NGINXV" CONF_PATH="/etc/$NGINXV/nginx.conf" PID_PATH="/var/run/nginx/nginx.pid" ERROR_LOG="/var/log/nginx/error.log" HTTP_LOG="/var/log/nginx/access.log" CLIENT_BODY_TEMP="/var/lib/nginx/tmp/" PROXY_TEMP_PATH="/var/lib/nginx/proxy/" FASTCGI_TEMP_PATH="/var/lib/nginx/fastcgi/" UWSGI_TEMP_PATH="/var/lib/nginx/uwsgi/" SCGI_TEMP_PATH="/var/lib/nginx/scgi/" LUAJIT2_BUILD_LIB="/opt/lua_src/luajit2.git/build/lib" LUAJIT2_SRC="/opt/lua_src/luajit2.git/src" LUA_SSL_NGINX_MODULE="/opt/lua_src/lua-ssl-nginx-module.git/" fi WITH_OPENSSL="" if [ -d openssl-OpenSSL_1_1_1g ]; then WITH_OPENSSL="--with-openssl=$PARENTF/etc_src/openssl-OpenSSL_1_1_1g --with-openssl-opt='enable-tls1_3'" fi cat << L10HEREDOC > ngx_src/$NGINXV/nginx_configuration #!/bin/bash ./configure \\ --with-cc-opt="-Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion -Wno-c++11-compat-deprecated-writable-strings -Wno-write-strings" \\ --with-ld-opt="-Wl,-rpath,$LUAJIT2_BUILD_LIB" \\ --prefix=$PREFIX \\ --conf-path=$CONF_PATH \\ --pid-path=$PID_PATH \\ --error-log-path=$ERROR_LOG \\ --http-log-path=$HTTP_LOG \\ --http-client-body-temp-path=$CLIENT_BODY_TEMP \\ --http-proxy-temp-path=$PROXY_TEMP_PATH \\ --http-fastcgi-temp-path=$FASTCGI_TEMP_PATH \\ --http-uwsgi-temp-path=$UWSGI_TEMP_PATH \\ --http-scgi-temp-path=$SCGI_TEMP_PATH \\ --user=nginx \\ --group=nginx \\ --with-debug \\ --with-stream \\ --with-stream_ssl_module \\ --with-stream_ssl_preread_module \\ --with-threads \\ --with-file-aio \\ --with-http_ssl_module $WITH_OPENSSL \\ --with-http_v2_module \\ --with-http_realip_module \\ --with-http_addition_module \\ --with-http_image_filter_module \\ --with-http_geoip_module \\ --with-http_sub_module \\ --with-http_mp4_module \\ --with-http_gunzip_module \\ --with-http_gzip_static_module \\ --with-http_random_index_module \\ --with-http_secure_link_module \\ --with-http_stub_status_module \\ --with-pcre \\ --with-pcre-jit \\ --with-libatomic \\ --add-module=../../ngx_module/memc-nginx-module.git/ \\ --add-module=../../ngx_module/lua-nginx-module.git/ \\ --add-module=../../ngx_module/ngx_devel_kit.git/ \\ --add-module=../../ngx_module/redis2-nginx-module.git/ \\ --add-module=../../ngx_module/echo-nginx-module.git/ \\ --add-module=../../ngx_module/form-input-nginx-module.git/ \\ --add-module=../../ngx_module/set-misc-nginx-module.git/ \\ --add-module=../../ngx_module/nginx-upload-module.git/ \\ --add-module=../../ngx_module/ngx_cache_purge.git/ \\ --add-module=../../ngx_module/headers-more-nginx-module.git/ \\ --add-module=../../ngx_module/naxsi.git/naxsi_src/ \\ --add-module=../../ngx_module/ModSecurity-nginx.git/ \\ --add-module=../../ngx_module/replace-filter-nginx-module.git/ \\ --add-module=../../ngx_module/rds-json-nginx-module.git/ \\ --add-module=../../ngx_module/rds-csv-nginx-module.git/ \\ --add-module=../../ngx_module/drizzle-nginx-module.git/ \\ --add-module=../../ngx_module/ngx_postgres.git/ \\ --add-module=../../ngx_module/njs.git/nginx/ \\ --add-module=../../ngx_module/stream-lua-nginx-module.git/ \\ --add-module=../../ngx_module/xss-nginx-module.git/ \\ --add-module=../../ngx_module/nginx-rtmp-module.git/ \\ --add-module=../../ngx_module/nginx-ts-module.git/ \\ --add-module=$LUA_SSL_NGINX_MODULE \\ L10HEREDOC chmod +x "ngx_src/$NGINXV/nginx_configuration" notice "export these environment:" echo "unset LUAJIT_LIB && unset LUAJIT_INC" echo "unset SREGEX_LIB && unset SREGEX_INC" echo "unset LIBDRIZZLE_INC && unset LIBDRIZZLE_LIB" echo "unset MODSECURITY_INC && unset MODSECURITY_LIB" echo echo "export LUAJIT_LIB=$LUAJIT2_BUILD_LIB && export LUAJIT_INC=$LUAJIT2_SRC" if [ $IS_LOCAL == 1 ]; then echo "export SREGEX_LIB=$PARENTF/etc_src/sregex.git/build/lib && export SREGEX_INC=$PARENTF/etc_src/sregex.git/src" echo "export LIBDRIZZLE_INC=$PARENTF/etc_src/drizzle7-2011.07.21/build/include/libdrizzle-1.0 && export LIBDRIZZLE_LIB=$PARENTF/etc_src/drizzle7-2011.07.21/build/lib64/" echo "export MODSECURITY_INC=$BUILDF/modsecurity/include/" echo "export MODSECURITY_LIB=$BUILDF/modsecurity/lib64/" fi echo notice 'run ./nginx_configuration' notice 'make install -j4' cd ngx_src/$NGINXV && exec bash } # ------------------------------------------------------------------------------ function make_nginx_service { notice "make_nginx_service" if ! whoami | grep -q root; then echo 'root required. exit.' exit 1 fi cat << L11HEREDOC > /etc/systemd/system/nginx.service [Unit] Description=$NGINXV Wants=network.target nss-lookup.target After=syslog.target network.target remote-fs.target nss-lookup.target Before=getty@tty1.service plymouth-quit.service xdm.service [Service] Type=forking PIDFile=/var/run/nginx/nginx.pid ExecStartPre=/usr/local/$NGINXV/sbin/nginx -t ExecStart=/usr/local/$NGINXV/sbin/nginx ExecReload=/bin/kill -s HUP \$MAINPID ExecStop=/bin/kill -s QUIT \$MAINPID PrivateTmp=true [Install] WantedBy=multi-user.target runlevel3.target L11HEREDOC systemctl daemon-reload systemctl status nginx.service systemctl enable nginx.service } # ------------------------------------------------------------------------------ function make_postgres_service { notice "make_postgres_service" if ! whoami | grep -q root; then echo 'root required. exit.' exit 1 fi local PREFIX="" local DATADIR="" if [ $IS_LOCAL == 1 ]; then PREFIX="$PARENTF/pgsql-12.2" DATADIR="$PARENTF/pgsql-12.2/data" else PREFIX="/usr/local/pgsql-12.2" DATADIR="/data/pgsql-12.2" fi cat << L13HEREDOC > /usr/lib/systemd/system/postgresql122.service [Unit] Description=PostgreSQL 12.2 database server After=network.target [Service] Type=forking User=postgres Group=postgres # Where to send early-startup messages from the server (before the logging # options of postgresql.conf take effect) # This is normally controlled by the global default set by systemd # StandardOutput=syslog # Disable OOM kill on the postmaster OOMScoreAdjust=-1000 # ... but allow it still to be effective for child processes # (note that these settings are ignored by Postgres releases before 9.5) Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj Environment=PG_OOM_ADJUST_VALUE=0 # Maximum number of seconds pg_ctl will wait for postgres to start. Note that # PGSTARTTIMEOUT should be less than TimeoutSec value. Environment=PGSTARTTIMEOUT=270 Environment=PGDATA=$DATADIR ExecStart=$PREFIX/bin/pg_ctl start -D \${PGDATA} -s -w -t \${PGSTARTTIMEOUT} ExecStop=$PREFIX/bin/pg_ctl stop -D \${PGDATA} -s -m fast ExecReload=$PREFIX/bin/pg_ctl reload -D \${PGDATA} -s # Give a reasonable amount of time for the server to start up/shut down. # Ideally, the timeout for starting PostgreSQL server should be handled more # nicely by pg_ctl in ExecStart, so keep its timeout smaller than this value. TimeoutSec=300 [Install] WantedBy=multi-user.target L13HEREDOC systemctl daemon-reload systemctl status postgresql122.service systemctl enable postgresql122.service } # ------------------------------------------------------------------------------ function make_nginx_tmpfile { notice "make_nginx_tmpfile" if ! whoami | grep -q root; then echo 'root required. exit.' exit 1 fi cat << L12HEREDOC > /usr/lib/tmpfiles.d/nginx.conf d /run/nginx 0755 nginx nginx - - L12HEREDOC } # ------------------------------------------------------------------------------ # get_arch 'https://domain.tld/archive.tar.gz' 'archive.tar.gz' 'folder' function get_arch { notice "get_arch [$1] FILE [$2] FOLD [$3]" local getUrl=$1 local fileName=$2 local folderName=$3 if [ ! -f $fileName ]; then notice "wget $getUrl -O $fileName" wget $getUrl -O $fileName fi #if [ -d $folderName ]; then # notice "rm rf $folderName" # rm -rf $folderName #fi if [ ! -d $folderName ] && [[ $fileName =~ ".zip" ]]; then notice "unzip" unzip $fileName fi if [[ ! -d $folderName ]] && [[ $fileName =~ ".tar." ]]; then notice "tar xf" tar xf $fileName fi if [ ! -f $fileName ]; then err "get_arch: file $fileName is not exists" fi if [ ! -d $folderName ]; then err "get_arch: folder $folderName is not exists" fi } # ------------------------------------------------------------------------------ # get_github 'user' 'project.git' # get_github 'user' 'project.git' 'branch' # # project 'project.git' save to similar folder 'project.git' function get_github { notice "get_github https://github.com/$1/$2" local folderName=$2 local branch=$3 if [ -d $folderName ]; then cd $folderName pwd git pull cd .. else if [ "$branch" == "" ]; then git clone https://github.com/$1/$folderName $folderName else warn "branch $branch" git clone -b $branch https://github.com/$1/$folderName $folderName fi fi if [ ! -d $folderName ]; then err "get_github: folder $folderName is not exists" fi echo "https://github.com/$1/$folderName" >> "$PARENTF/versions" pushd $folderName git describe --tags --abbrev=0 echo `git describe --tags --abbrev=0` >> "$PARENTF/versions" popd } # ------------------------------------------------------------------------------ # get_gitany 'https://domain.tld/anypath' 'folder.git' # get_gitany 'https://domain.tld/anypath' 'folder.git' 'branch' function get_gitany { notice "get_gitany $1 to $2" local folderName=$2 local branch=$3 if [ -d $folderName ]; then pushd $folderName pwd git pull popd else if [ "$branch" == "" ]; then git clone $1 $folderName else warn "branch $branch" git clone -b $branch $1 $folderName fi fi if [ ! -d $folderName ]; then err "get_gitany: folder $folderName is not exists" fi echo "$1" >> "$PARENTF/versions" pushd $folderName git describe --tags --abbrev=0 echo `git describe --tags --abbrev=0` >> "$PARENTF/versions" popd } # ------------------------------------------------------------------------------ function notice { builtin echo -en "\033[1m" echo "NOTICE: $@" builtin echo -en "\033[0m" } function success { builtin echo -en "\033[1;32m" echo "SUCCESS: $@" builtin echo -en "\033[0m" } function warn { builtin echo -en "\033[1;33m" echo "WARN: $@" builtin echo -en "\033[0m" } function err { builtin echo -en "\033[1;31m" echo "ERR: $@" builtin echo -en "\033[0m" exit 1 } function fatal { builtin echo -en "\033[1;31m" echo "FATAL: $@" builtin echo -en "\033[0m" exit 1 } # ------------------------------------------------------------------------------ main