This commit is contained in:
BoHung Chiu 2022-08-24 16:09:20 +08:00
parent 3b835dc1bd
commit fb3db4652e
4 changed files with 250 additions and 36 deletions

View File

@ -80,8 +80,14 @@ fi
if [[ "$install_modsecurity" == "1" ]]; then if [[ "$install_modsecurity" == "1" ]]; then
nginx_configure="$nginx_configure --add-dynamic-module=../ModSecurity-nginx" nginx_configure="$nginx_configure --add-dynamic-module=../ModSecurity-nginx"
fi fi
nginx_ver=""
if [[ ! -z "$(which nginx)" ]]; then
nginx_ver="$(nginx -v 2>&1|xargs|awk '{print $3}'|cut -d '/' -f 2)" nginx_ver="$(nginx -v 2>&1|xargs|awk '{print $3}'|cut -d '/' -f 2)"
fi
if [[ ! -f /etc/init.d/nginx ]]; then
sudo wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/nginx_service.sh -O /etc/init.d/nginx
sudo chmod 755 /etc/init.d/nginx
fi
nginx_target_ver="1.23.1" nginx_target_ver="1.23.1"
if [[ "$nginx_ver" < $nginx_target_ver ]] || [[ "$1" == '--force' ]] || [[ "$install_modsecurity" == "1" ]]; then if [[ "$nginx_ver" < $nginx_target_ver ]] || [[ "$1" == '--force' ]] || [[ "$install_modsecurity" == "1" ]]; then
if [ -f "/etc/nginx/nginx.conf" ]; then if [ -f "/etc/nginx/nginx.conf" ]; then

23
nginx4-5.conf Normal file
View File

@ -0,0 +1,23 @@
upstream {{ORBIT}}_sock {
server unix:{{ORBIT_SITES}}/{{ORBIT}}/tmp/unicorn.sock;
}
server {
listen {{PORT}};
root {{ORBIT_SITES}}/{{ORBIT}}/public;
server_name {{SERVER_NAME}};
client_max_body_size 500m;
location / {
try_files $uri $uri/index.html $uri.html @app;
}
location @app {
proxy_redirect off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_connect_timeout 360;
proxy_pass http://{{ORBIT}}_sock;
}
}

196
nginx_service.sh Normal file
View File

@ -0,0 +1,196 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network $syslog $named
# Required-Stop: $local_fs $remote_fs $network $syslog $named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts the nginx web server
# Description: starts nginx using start-stop-daemon
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/nginx
NAME=nginx
DESC=nginx
# Include nginx defaults if available
if [ -r /etc/default/nginx ]; then
. /etc/default/nginx
fi
STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"
test -x $DAEMON || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
# Try to extract nginx pidfile
PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
if [ -z "$PID" ]; then
PID=/run/nginx.pid
fi
if [ -n "$ULIMIT" ]; then
# Set ulimit if it is set in /etc/default/nginx
ulimit $ULIMIT
fi
start_nginx() {
# Start the daemon/service
#
# Returns:
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
$DAEMON_OPTS 2>/dev/null \
|| return 2
}
test_config() {
# Test the nginx configuration
$DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
}
stop_nginx() {
# Stops the daemon/service
#
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
RETVAL="$?"
sleep 1
return "$RETVAL"
}
reload_nginx() {
# Function that sends a SIGHUP to the daemon/service
start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
return 0
}
rotate_logs() {
# Rotate log files
start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
return 0
}
upgrade_nginx() {
# Online upgrade nginx executable
# http://nginx.org/en/docs/control.html
#
# Return
# 0 if nginx has been successfully upgraded
# 1 if nginx is not running
# 2 if the pid files were not created on time
# 3 if the old master could not be killed
if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
# Wait for both old and new master to write their pid file
while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
cnt=`expr $cnt + 1`
if [ $cnt -gt 10 ]; then
return 2
fi
sleep 1
done
# Everything is ready, gracefully stop the old master
if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
return 0
else
return 3
fi
else
return 1
fi
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
start_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
stop_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
# Check configuration before stopping nginx
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
stop_nginx
case "$?" in
0|1)
start_nginx
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
reload|force-reload)
log_daemon_msg "Reloading $DESC configuration" "$NAME"
# Check configuration before stopping nginx
#
# This is not entirely correct since the on-disk nginx binary
# may differ from the in-memory one, but that's not common.
# We prefer to check the configuration and return an error
# to the administrator.
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
reload_nginx
log_end_msg $?
;;
configtest|testconfig)
log_daemon_msg "Testing $DESC configuration"
test_config
log_end_msg $?
;;
status)
status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
;;
upgrade)
log_daemon_msg "Upgrading binary" "$NAME"
upgrade_nginx
log_end_msg $?
;;
rotate)
log_daemon_msg "Re-opening $DESC log files" "$NAME"
rotate_logs
log_end_msg $?
;;
*)
echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
exit 3
;;
esac

View File

@ -169,8 +169,13 @@ restart|reload)
exit 0; exit 0;
;; ;;
create) create)
test -s "$NGINX_ORBIT_SITES/$2" && echo "Site $2 already exist." && exit 0 d="$(dirname $2)"
test -s "$ORBIT_SITES/$2" && echo "File $ORBIT_SITES/$2 already exist." && exit 0 site_name="$(basename $2)"
if [[ $d != '.' ]]; then
ORBIT_SITES="$ORBIT_SITES/$d"
fi
test -s "$NGINX_ORBIT_SITES/$site_name" && echo "Site $site_name already exist." && exit 0
test -s "$ORBIT_SITES/$site_name" && echo "File $ORBIT_SITES/$site_name already exist." && exit 0
while true; do while true; do
read -p "nginx server name: " SERVER_NAME read -p "nginx server name: " SERVER_NAME
@ -188,13 +193,13 @@ create)
done done
echo "-----------------------------------------------------" echo "-----------------------------------------------------"
echo "Path: $ORBIT_SITES/$2" echo "Path: $ORBIT_SITES/$site_name"
echo "Database: $DATABASE" echo "Database: $DATABASE"
echo http://$SERVER_NAME:$PORT echo http://$SERVER_NAME:$PORT
echo "-----------------------------------------------------" echo "-----------------------------------------------------"
while true; do while true; do
read -p "Create Orbit $2? (y/n) " CONFIRM read -p "Create Orbit $site_name? (y/n) " CONFIRM
case "$CONFIRM" in case "$CONFIRM" in
y|Y ) break;; y|Y ) break;;
n|N ) exit 0;; n|N ) exit 0;;
@ -204,23 +209,23 @@ create)
cd ~ cd ~
sudo wget http://installer.tp.rulingcom.com/nginx4-5.conf sudo wget http://installer.tp.rulingcom.com/nginx4-5.conf
sudo cp nginx4-5.conf $NGINX_ORBIT_SITES/$2 sudo cp nginx4-5.conf $NGINX_ORBIT_SITES/$site_name
sudo rm nginx4-5.conf sudo rm nginx4-5.conf
sudo perl -pi -e "s/{{ORBIT}}/$2/g" $NGINX_ORBIT_SITES/$2 sudo perl -pi -e "s/{{ORBIT}}/$site_name/g" $NGINX_ORBIT_SITES/$site_name
sudo perl -pi -e "s#{{ORBIT_SITES}}#${ORBIT_SITES}#g" $NGINX_ORBIT_SITES/$2 sudo perl -pi -e "s#{{ORBIT_SITES}}#${ORBIT_SITES}#g" $NGINX_ORBIT_SITES/$site_name
sudo perl -pi -e "s/{{PORT}}/$PORT/g" $NGINX_ORBIT_SITES/$2 sudo perl -pi -e "s/{{PORT}}/$PORT/g" $NGINX_ORBIT_SITES/$site_name
sudo perl -pi -e "s/{{SERVER_NAME}}/$SERVER_NAME/g" $NGINX_ORBIT_SITES/$2 sudo perl -pi -e "s/{{SERVER_NAME}}/$SERVER_NAME/g" $NGINX_ORBIT_SITES/$site_name
sudo service nginx reload sudo service nginx reload
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES && git clone $ORBIT_GIT $2" sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES && git clone $ORBIT_GIT $site_name"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && wget $ORBIT_BUILT_IN_EXT && git clone $ORBIT_DEFAULT_THEME app/templates/default-theme && bundle install" sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$site_name && wget $ORBIT_BUILT_IN_EXT && git clone $ORBIT_DEFAULT_THEME app/templates/default-theme && bundle install"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && perl -pi -e \"s/orbit_4_5/$DATABASE/g\" config/mongoid.yml" sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$site_name && perl -pi -e \"s/orbit_4_5/$DATABASE/g\" config/mongoid.yml"
# sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && bundle exec rake assets:precompile RAILS_ENV=production" # sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$site_name && bundle exec rake assets:precompile RAILS_ENV=production"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && bundle exec unicorn_rails -c config/unicorn.rb -D -E $RAILS_ENV" sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$site_name && bundle exec unicorn_rails -c config/unicorn.rb -D -E $RAILS_ENV"
echo "-----------------------------------------------------" echo "-----------------------------------------------------"
echo "$2 is ready" echo "$site_name is ready"
echo "Path: $ORBIT_SITES/$2" echo "Path: $ORBIT_SITES/$site_name"
interface_name=`ip route get 8.8.8.8|xargs|awk '{print $5}'`; interface_name=`ip route get 8.8.8.8|xargs|awk '{print $5}'`;
local_ip=`ip a|grep "$interface_name" | grep -ohP '(?<=inet ).*(?=/24)'|sed 's/\s*$//g'|xargs|awk '{print $1}'` local_ip=`ip a|grep "$interface_name" | grep -ohP '(?<=inet ).*(?=/24)'|sed 's/\s*$//g'|xargs|awk '{print $1}'`
echo http://$local_ip:$PORT echo http://$local_ip:$PORT
@ -229,24 +234,8 @@ create)
exit 0 exit 0
;; ;;
setup) setup)
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10 wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_orbit_environment.sh -O install_orbit_environment.sh
sudo echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list source install_orbit_environment.sh
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-get install -y nginx git-core mongodb-org imagemagick curl openssh-server nano
sudo mkdir $NGINX_ORBIT_SITES
sudo perl -pi -e "s/sites-enabled/orbit_sites/g" /etc/nginx/nginx.conf
sudo rm -r /etc/nginx/sites-*
sudo apt-get --no-install-recommends --yes install gawk g++ gcc make libc6-dev libreadline6-dev zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config libffi-dev
sudo su -l $ORBIT_USER -c "\curl -sSL https://get.rvm.io | bash -s stable"
sudo su -l $ORBIT_USER -c "rvm install 2.1 --default"
echo "gem: --no-ri --no-rdoc" > /home/$ORBIT_USER/.gemrc
source /home/$ORBIT_USER/.rvm/scripts/rvm
echo "" echo ""
echo "-----------------------------------------------------" echo "-----------------------------------------------------"
echo "System is ready. You can start creating Orbit servers." echo "System is ready. You can start creating Orbit servers."