Nginx快速安装自动配置脚本(Tengine)

快速安装脚本

1、该脚本可快速一键安装Nginx(适用于CentOS，其他环境可自行调整脚本)
2、脚本内容请自行下载文件并查看
3、Nginx使用淘宝Tengine版本，下载链接，如果安装时有新版本，可以尝试替换下载链接为新版本
4、脚本安装临时目录在/data0/temp/目录，安装完成后可直接删除

wget -qO- http://cdn.laohand.com/sh/install_nginx.sh | sh

安装基础软件

一下为linux下常用的一些库文件，建议安装操作系统时安装以下库

yum -y install pcre
yum -y install pcre-devel
yum -y install gcc gcc-c++
yum -y install autoconf
yum -y install libjpeg
yum -y install libjpeg-devel
yum -y install freetype
yum -y install freetype-devel
yum -y install libxml2
yum -y install libxml2-devel
yum -y install zlib
yum -y install zlib-devel
yum -y install glibc
yum -y install glibc-devel
yum -y install glib2
yum -y install glib2-devel
yum -y install bzip2
yum -y install bzip2-devel
yum -y install curl
yum -y install curl-devel
yum -y install make
yum -y install gd
yum -y install gd-devel
yum -y install gd2
yum -y install gd2-devel
yum -y install git
yum -y install unzip
yum -y install git
yum -y install cmake
yum -y install patch
yum -y install lrzsz
yum -y install iftop
yum -y install openssl-devel
yum -y install openssl
yum -y nss

安装脚本文件解析

注意：以下步骤为帮助读者理解脚本内容，因脚本里面会适用一些前后关联的变量，不能直接运行脚本，完整内容请下载
http://cdn.laohand.com/sh/install_nginx.sh

创建用户、获取系统内存信息

1、downloadFile函数用于下载文件，该方法在文件存在时不会重复下载文件，对于调试脚本多次运行时有帮助，另外在下载文件失败时终止程序
2、注意downloadFile下载文件不完整时，该方法无法检测并且不会重新下载，需要手动清理不完整文件(网络差时可能遇到)

#!/bin/bash
tempPath="/data0/temp/"
mkdir ${tempPath}
cpuNum=$(cat /proc/cpuinfo | grep processor | wc -l)
function downloadFile(){
    saveFilename=$1
    downloadUrl=$2
    if [ ! -f ${saveFilename} ];then
        wget -O ${saveFilename} "${downloadUrl}"
        if [ ! -f ${saveFilename} ];then
            echo "${saveFilename} download fail url=>${saveFilename}"
            exit
        fi
    fi
}
groupadd -f www
useradd -g www www

安装openssl

如果已经安装openssl，可忽略该步骤，使用https时需要openssl库，强烈建议安装

cd ${tempPath}
downloadFile openssl-1.0.2p.tar.gz https://www.openssl.org/source/openssl-1.0.2p.tar.gz
tar xzf openssl-1.0.2p.tar.gz
opensslDir=${tempPath}/openssl-1.0.2p
cd openssl-1.0.2p
./config --prefix=/usr && make -j ${cpuNum} && make install

安装jemalloc

该步骤可选，建议安装jemalloc优化nginx内存分配，如已安装可直接跳过

cd ${tempPath}
downloadFile  jemalloc-5.1.0.tar.bz2  https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2
tar jxf jemalloc-5.1.0.tar.bz2
jemallocDir=${tempPath}/jemalloc-5.1.0

安装Nginx

cd ${tempPath}
downloadFile tengine-2.2.3.tar.gz http://tengine.taobao.org/download/tengine-2.2.3.tar.gz
tar xzf tengine-2.2.3.tar.gz && cd tengine-2.2.3
./configure --prefix=/usr/local/nginx \
--user=www --group=www \
--with-jemalloc \
--with-ld-opt=-lrt \
--with-openssl=${opensslDir} \
--with-jemalloc=${jemallocDir} \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-pcre
make -j ${cpuNum} && make install

配置nginx主配置文件

该配置文件适用于比较通用的场景，如需要特殊配置，请自行修改配置文件

(cat << EOF
user  www www;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile    102400;
error_log   /data0/logs/nginx_error.log;
pid         logs/nginx.pid;

events {
        use epoll;
        worker_connections  20480;
        multi_accept on;
}

http {
        include                         mime.types;
        default_type                    application/octet-stream;
        charset                         utf-8;
        server_names_hash_bucket_size   256;
        client_header_buffer_size       256k;
        large_client_header_buffers     4 256k;
        client_header_timeout           300s;
        client_body_timeout             300s;
        client_max_body_size            100m;
        server_name_in_redirect         off;
        log_format main '\$remote_addr - \$remote_user [\$time_local] \$request \$status \$body_bytes_sent \$host \$upstream_addr \$upstream_response_time \$http_user_agent \$http_referer \$gzip_ratio';
        access_log                      off;
        sendfile                        on;
        tcp_nopush                      on;
        tcp_nodelay                     on;
        server_tokens                   off;
        keepalive_timeout               300;
        fastcgi_connect_timeout         300;
        fastcgi_send_timeout            300;
        fastcgi_read_timeout            300;
        fastcgi_buffer_size             128k;
        fastcgi_buffers                 256 64k;
        fastcgi_busy_buffers_size       128k;
        fastcgi_temp_file_write_size    128k;

        gzip                            on;
        gzip_min_length                 5k;
        gzip_buffers                    96 8k;
        gzip_comp_level                 5;
        gzip_vary                       on;
        gzip_static                     on;
        gzip_http_version               1.1;
        gzip_disable                    "MSIE [1-6]\." "Mozilla/4\.0[678]";
        gzip_types                      text/xml text/plain text/css application/javascript application/x-javascript  application/rss+xml image/jpeg image/gif image/png application/json;

        open_file_cache                 max=200000 inactive=20s;
        open_file_cache_valid           30s;
        open_file_cache_min_uses        2;
        open_file_cache_errors          on;

        upstream unix_tmp_php_cgi_sock {
                server unix:/dev/shm/php_fpm_1.sock;
                server unix:/dev/shm/php_fpm_2.sock;
        }
        include vhost/*.conf;
}

EOF
) > /usr/local/nginx/conf/nginx.conf

生成默认的虚拟主机配置文件

在生成的默认虚拟主机文件中包含了常见场景的配置，可直接修改并用于生产环境，不用的配置文件直接删除即可

mkdir -p /usr/local/nginx/conf/vhost
(cat << EOF
server {
        listen 80;
        server_name api.laohand.com;
        root  /data0/dk/api/;
        access_log /data0/logs/api.access.log  main buffer=64k flush=15s;
	    location / {
                index  index.php index.html;
        }
	    location ~ \.php\$ {
                fastcgi_pass  unix_tmp_php_cgi_sock;
                fastcgi_index  index.php;
                include        fastcgi.conf;
        }
}
EOF
) > /usr/local/nginx/conf/vhost/default_api.conf

(cat << EOF
server {
        listen 80;
        server_name cms.laohand.com;
        root  /data0/dk/cms;

        access_log  /data0/logs/cms.access.log  main buffer=64k flush=15s;

        location / {
                index  index.php index.html;
        }

        location ~ \.php\$ {
                fastcgi_pass  unix_tmp_php_cgi_sock;
                fastcgi_index  index.php;
                include        fastcgi.conf;
        }

        location /cms/{
                index index.php;
                if (!-e \$request_filename) {
                    rewrite ^/(.*)$ /cms/index.php?\$1 last;
                    break;
                }
        }
}
EOF
) > /usr/local/nginx/conf/vhost/default_cms.conf

(cat << EOF
server {
        listen 80;
        server_name cdn.laohand.com;
        root  /data0/dk/cdn;
	    access_log  /data0/logs/cdn.access.log  main buffer=64k flush=15s;
        add_header 'Access-Control-Allow-Origin' '*';

        location / {
                index index.html;
        }

        location ~* ^.+.(gif|jpg|jpeg|png|mp4|flv|mov|avi|mp3|ts)\$ {
        	  expires 300s;
        }

        location ~* ^.+.(html|js|css|m3u8)\$ {
              expires  30s;
        }
}
EOF
) > /usr/local/nginx/conf/vhost/default_cdn.conf

启动、重启Nginx

建议直接用命令维护nginx，以便更能掌握nginx，而且在所有操作系统中都适用

# 启动Nginx
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx/conf
# 检测Nginx配置文件
/usr/local/nginx/sbin/nginx -t
# 重启Nignx
/usr/local/nginx/sbin/nginx -s