CentOS7.9 nginx部署脚本

努力搬砖的峰子

已于 2024-07-13 20:54:55 修改

阅读量108

点赞数 1

分类专栏： linux运维文章标签： nginx 服务器 linux 网络运维

于 2024-07-13 18:24:32 首次发布

本文链接：https://blog.csdn.net/weixin_45327647/article/details/140404131

版权

linux运维专栏收录该内容

9 篇文章 0 订阅

订阅专栏

Nginx 1.24.0 部署脚本

安装包存储目录：/opt/source
nginx部署目录：/opt/nginx
目录结构如下：
/opt/nginx
├── client_body_temp
├── conf
├── fastcgi_temp
├── html
├── logs
├── proxy_temp
├── sbin
├── scgi_temp
└── uwsgi_temp

安装脚本如下

#！ /bin/bash

echo "安装相关依赖"
yum install gcc gcc-c++ make libtool zlib zlib-devel openssl openssl-devel pcre pcre-devel -y

if [ ! -d /opt/source ];then
    mkdir -p /opt/source
fi

echo "下载最新稳定版nginx"
wget -P /opt/source https://nginx.org/download/nginx-1.24.0.tar.gz

echo "解压nginx压缩包"
tar -xzvf /opt/source/nginx-1.24.0.tar.gz -C /opt/source
if [ ! $? -eq 0 ];then
   echo "解压出现异常"
   exit 1
fi
echo "开始编译安装nginx"
cd /opt/source/nginx-1.24.0
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module && make && make install

if [ ! $? -eq 0 ];then
   echo "nginx安装出现异常"
   exit 1
fi

cat > /opt/nginx/conf/nginx.conf << EOF


worker_processes  auto;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
   log_format my_log '\$remote_addr - \$remote_user [\$time_local] "\$request" '
     '\$status \$body_bytes_sent "\$http_referer" '
     '"\$http_user_agent" "\$http_x_forwarded_for"';
     
    sendfile        on;
    keepalive_timeout  300;
    client_body_buffer_size 10M;
    client_max_body_size 10M;
    # 开启gzip
    gzip on;
    gzip_buffers 32 4K;
    gzip_comp_level 6;
    gzip_min_length 100;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
    gzip_vary on;
    # 隐藏NGINX 版本
    server_tokens off;
    # 安全标头
    add_header X-Content-Type-Options "nosniff" always; 
    add_header X-XSS-Protection "1; mode=block" always; 
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Permitted-Cross-Domain-Policies value;
    add_header X-Download-Options "noopen" always; 
    add_header 'Referrer-Policy' 'origin';
    add_header X-Frame-Options SAMEORIGIN;
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
    add_header X-XSS-Protection "1; mode=block";
    # 开启websocket
    map \$http_upgrade \$connection_upgrade {
    default upgrade;
    '' close;
   }
 
    include ./vhosts/*.conf;
}
EOF

mkdir -p /opt/nginx/conf/vhosts

cat > /opt/nginx/conf/vhosts/nginx.conf << EOF
    server {
        listen    80;
        server_name  localhost;
        
        access_log /opt/nginx/logs/access.log my_log;
        error_log  /opt/nginx/logs/error.log;
        
        location ~* \.(zip|rar|tar|jar)\$ {
             deny all;
        }
        location / {
            root  html;
            index  index.html index.htm;
        }
        
        location ~* /(swagger|api-docs|actuator){
            deny all;
            return 404;
        }
        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
     }
EOF
  
/opt/nginx/sbin/nginx -t
if [ ! $? -eq 0 ];then
   echo "请检查nginx配置文件"
   exit 1
fi
  
echo "将nignx 配置成服务"
cat > /usr/lib/systemd/system/nginx.service << EOF
[Unit] 
Description=nginx 
After=network.target 
[Service]
Type=forking 
ExecStart=/opt/nginx/sbin/nginx -c /opt/nginx/conf/nginx.conf
ExecReload=/opt/nginx/sbin/nginx -s reload 
ExecStop=/opt/nginx/sbin/nginx -s stop 
PrivateTmp=true 
[Install] 
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl start nginx
sleep 5
ss -ntaulp |grep 80
if [ ! $? -eq 0 ];then
  echo "请检查nginx 服务配置"
  exit 0
else
  echo " nginx 部署已完成"
fi
systemctl enable nginx