tengine一键安装脚本

~~~~

#!/usr/bin/env bash

set -e 
set -u

# 包存放目录
SRC="/usr/local/src"

# Tengine安装目录
TENGINE_DIR="/usr/local/nginx"

#Tengine安装需要的依赖包
TENGINE_URL="http://tengine.taobao.org/download/tengine-2.3.3.tar.gz"
PCRE_URL="https://udomain.dl.sourceforge.net/project/pcre/pcre/8.45/pcre-8.45.tar.gz"

# 获取Tengine版本号
TENGINE_VERSION="$(echo ${TENGINE_URL##*/}|sed -e 's/.tar.gz//')"
PCRE_VERSION="$(echo ${PCRE_URL##*/}|sed -e 's/.tar.gz//')"

# 添加nginx地区模块和缓存模块
NGX_GEOIP2="https://github.com/leev/ngx_http_geoip2_module.git"
NGX_CACHE="https://github.com/FRiCKLE/ngx_cache_purge.git"

# 下载包
[ ! -d $SRC/ngx_http_geoip2_module ] && sudo git clone $NGX_GEOIP2 $SRC/ngx_http_geoip2_module
[ ! -d $SRC/ngx_cache_purge ] && sudo git clone $NGX_CACHE $SRC/ngx_cache_purge
[ ! -f "$SRC/$TENGINE_VERSION.tar.gz" ] && sudo wget -P $SRC $TENGINE_URL
#[ ! -f "$SRC/$PCRE_VERSION.tar.gz" ] && sudo wget -P $SRC $PCRE_URL

# 解压源码包
for Tars in $(ls $SRC/*.tar.gz|xargs);do tar xf $Tars -C $SRC;done

# 安装依赖
PACKAGES="libmaxminddb-dev libssl-dev libgoogle-perftools-dev libzip-dev libxslt-dev libjemalloc-dev g++ make"
for Package in $PACKAGES;do [ -z $(dpkg --list|grep $Package) ] && sudo apt -y install $Package;done 

# 添加nginx启动用户
[ -z $(sudo egrep -i nginx /etc/passwd) ] && sudo useradd -M -s /usr/sbin/nologin nginx

# 安装Tengine
[ ! -d /usr/local/${PCRE_VERSION} ] && sudo mv $SRC/$PCRE_VERSION /usr/local/

cd $SRC/${TENGINE_VERSION}

sudo ./configure --prefix=$TENGINE_DIR --user=nginx --group=nginx --with-select_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_degradation_module --with-google_perftools_module --with-jemalloc --with-pcre=/usr/local/$PCRE_VERSION --add-module=$SRC/ngx_http_geoip2_module --add-module=$SRC/ngx_cache_purge

# 由于系统的openssl跟tengine对应的有点不匹配会 -Werror错误，为了解决就按如下修改(ubuntu中出现的问题)
sudo sed -i 's/CFLAGS =  -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g/CFLAGS =  -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter/' objs/Makefile

sudo make && sudo make install

# 修改nginx的主配置文件
cat << eof | sudo tee /usr/local/nginx/conf/nginx.conf
user nginx nginx;

worker_processes auto;
worker_cpu_affinity auto;

error_log logs/error.log info;
pid logs/nginx.pid;

worker_rlimit_nofile 65535;


events {
    use epoll;
    worker_connections 51200;
}

http {
    server_tokens off;
    server_tag off;
    include mime.types;
    default_type application/octet-stream;

    autoindex off;
    charset utf-8;
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 60;
    tcp_nodelay on;

    #日志格式配置
    log_format  main '\$remote_addr - \$remote_user [\$time_local] "\$request_method \$scheme://\$host\$request_uri \$server_protocol" '
                '"\$upstream_addr" "\$upstream_cache_status"'
                '\$status \$body_bytes_sent "\$http_referer" '
                '"\$http_user_agent" "\$http_x_forwarded_for" \$request_time \$upstream_response_time \$geoip2_data_city_names \$geoip2_data_country_code';

    #访问日志：
    access_log /usr/local/nginx/logs/access.log main;

   # 访问控制模块，根据需要开启
    limit_req_zone \$binary_remote_addr zone=one:50m rate=60r/s;
    limit_req_zone \$binary_remote_addr \$request_uri zone=two:50m rate=60r/s;
    limit_req_status 444;
    limit_conn_zone \$server_name zone=perserver:50m;
    limit_conn_zone \$binary_remote_addr zone=addr:50m;
    limit_conn_status 513;

    server_names_hash_bucket_size 1024;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 10m;
    client_body_buffer_size 256k;

    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_comp_level 2;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css application/xml image/gif image/jpeg image/png;
    gzip_proxied      any;
    gzip_vary         on;
    gzip_disable "MSIE [1-6].";

    proxy_connect_timeout 600;
    proxy_read_timeout 600;
    proxy_send_timeout 600;
    proxy_buffer_size 128k;
    proxy_buffers 4 128k;
    proxy_busy_buffers_size 256k;
    proxy_temp_file_write_size 256k;
    proxy_headers_hash_max_size 1024;
    proxy_headers_hash_bucket_size 128;

    proxy_redirect off;
    proxy_set_header Host \$host;
    proxy_set_header X-Real-IP \$remote_addr;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;

    proxy_temp_path /dev/shm/temp;
    proxy_cache_path /dev/shm/cache levels=1:2 keys_zone=cache_one:100m inactive=30m max_size=60g;


    #GEOIP2 国家：
    geoip2 /usr/local/src/GeoLite2-Country.mmdb {
        \$geoip2_data_continent_code default=AS continent cod6;
        \$geoip2_data_continent_names  continent names en;
        \$geoip2_data_country_code default=CN country iso_code;
        \$geoip2_data_country_name country names en;
    }
    fastcgi_param CONTINENT_CODE \$geoip2_data_continent_code;
    fastcgi_param CONTINENT_NAMES \$geoip2_data_continent_names;
    fastcgi_param COUNTRY_CODE \$geoip2_data_country_code;
    fastcgi_param COUNTRY_NAME \$geoip2_data_country_name;

    #GEOIP2 城市：
    geoip2 /usr/local/src/GeoLite2-City.mmdb {
        \$geoip2_data_subdivisions_names subdivisions names en;
        \$geoip2_data_city_names default=Xiamen city names en;
    }
    fastcgi_param SUBDIVISIONS_NAMES \$geoip2_data_subdivisions_names;
    fastcgi_param CITY_NAMES \$geoip2_data_city_names;

    include /usr/local/nginx/conf.d/*.conf;
}
eof

sudo mkdir $TENGINE_DIR/conf.d

# 将nginx服务添加到系统服务中
cat <<eof | sudo tee /usr/lib/systemd/system/nginx.service
[Unit]
Description=Nginx
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit

[Install]
WantedBy=multi-user.target
eof

# 启动nginx服务并开机启动
sudo systemctl enable --now nginx

# Nginx使用系统日志切割
cat << eof | sudo tee /etc/logrotate.d/nginx
#日志文件，可以是一组 ，用空格隔开
/usr/local/nginx/logs/*.log {
    #daily：日志文件将按天轮循。其它可用值为‘weekly’，‘monthly’或者‘yearly’
    daily
    #一次将存储15个归档日志。对于第16个归档，时间最久的归档将被删除
    rotate 15
    #在日志轮循期间，任何错误将被忽略，例如“文件无法找到”之类的错误。
    missingok
    #如果日志文件为空，轮循不会进行。
    notifempty
    #使用日期作为命名格式
    dateext
    #在轮循任务完成后，已轮循的归档将使用gzip进行压缩。
    compress
    #总是与compress选项一起用，delaycompress选项指示logrotate不要将最近的归档压缩，压缩将在下一次轮循周期进行。
    #这在你或任何软件仍然需要读取最新归档时很有用
    delaycompress
    #指定的权限创建全新的日志文件，同时logrotate也会重命名原始日志文件
    create 600 nginx nginx
    #只为整个日志组运行一次的脚本
    sharedscripts
    #在截断转储以后需要执行的命令
    postrotate
        if [ -f /usr/local/nginx/logs/nginx.pid ]; then
            /bin/kill -USR1 \$(sudo cat /usr/local/nginx/logs/nginx.pid)
        fi
    endscript
}
eof