Fix install_nginx.sh
This commit is contained in:
parent
224705bae7
commit
a1dc79f11f
|
@ -90,6 +90,8 @@ if [ -z "$cpu_cores" ]; then
|
||||||
cpu_cores="1";
|
cpu_cores="1";
|
||||||
fi
|
fi
|
||||||
if [[ $(vercomp "$ubuntu_ver" "16") == "<" ]]; then #Need update ca-certificates manual
|
if [[ $(vercomp "$ubuntu_ver" "16") == "<" ]]; then #Need update ca-certificates manual
|
||||||
|
sudo apt-get install -y apt-transport-https ca-certificates
|
||||||
|
sudo update-ca-certificates
|
||||||
sudo bash -l -c "
|
sudo bash -l -c "
|
||||||
cd /root &&
|
cd /root &&
|
||||||
wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/ca-certificates/20210119~20.04.2/ca-certificates_20210119~20.04.2.tar.xz --no-check-certificate -O ca-certificates_20210119~20.04.2.tar.xz &&
|
wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/ca-certificates/20210119~20.04.2/ca-certificates_20210119~20.04.2.tar.xz --no-check-certificate -O ca-certificates_20210119~20.04.2.tar.xz &&
|
||||||
|
@ -241,7 +243,7 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") == "<" ]] || [[ "$1" == '--fo
|
||||||
cp -f objs/ngx_http_modsecurity_module.so /etc/nginx/modules/. && \
|
cp -f objs/ngx_http_modsecurity_module.so /etc/nginx/modules/. && \
|
||||||
echo 'load_module modules/ngx_http_modsecurity_module.so;' > /etc/nginx/modules-enabled/50-mod-modsecurity.conf && \
|
echo 'load_module modules/ngx_http_modsecurity_module.so;' > /etc/nginx/modules-enabled/50-mod-modsecurity.conf && \
|
||||||
mkdir -p /etc/nginx/modsec && \
|
mkdir -p /etc/nginx/modsec && \
|
||||||
wget --no-check-certificate -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended -O modsecurity.conf && \
|
wget --no-check-certificate -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended -O /etc/nginx/modsec/modsecurity.conf && \
|
||||||
cd .. && \
|
cd .. && \
|
||||||
cp -f ModSecurity/unicode.mapping /etc/nginx/modsec && \
|
cp -f ModSecurity/unicode.mapping /etc/nginx/modsec && \
|
||||||
sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf && \
|
sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf && \
|
||||||
|
@ -284,6 +286,13 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") == "<" ]] || [[ "$1" == '--fo
|
||||||
http_block_end=$((http_block_end + 1))
|
http_block_end=$((http_block_end + 1))
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
fi
|
||||||
|
if [[ -z "$(grep -E 'include\s+\/etc\/nginx\/modules-enabled\/\*\.conf;' /etc/nginx/nginx.conf)" ]]; then
|
||||||
|
nginx_conf_path="/etc/nginx/nginx.conf"
|
||||||
|
nginx_conf_contents=`echo "$(echo 'include /etc/nginx/modules-enabled/*.conf;'; cat $nginx_conf_path)"`
|
||||||
|
sudo bash -l -c "echo '$nginx_conf_contents' > $nginx_conf_path"
|
||||||
|
sudo service nginx restart
|
||||||
|
fi
|
||||||
if [[ "$install_modsecurity" == "1" ]]; then
|
if [[ "$install_modsecurity" == "1" ]]; then
|
||||||
echo "Please modify your nginx conf file by yourself!"
|
echo "Please modify your nginx conf file by yourself!"
|
||||||
echo "
|
echo "
|
||||||
|
@ -294,12 +303,5 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") == "<" ]] || [[ "$1" == '--fo
|
||||||
}
|
}
|
||||||
"
|
"
|
||||||
fi
|
fi
|
||||||
fi
|
|
||||||
if [[ -z "$(grep -E 'include\s+\/etc\/nginx\/modules-enabled\/\*\.conf;' /etc/nginx/nginx.conf)" ]]; then
|
|
||||||
nginx_conf_path="/etc/nginx/nginx.conf"
|
|
||||||
nginx_conf_contents=`echo "$(echo 'include /etc/nginx/modules-enabled/*.conf;'; cat $nginx_conf_path)"`
|
|
||||||
sudo bash -l -c "echo '$nginx_conf_contents' > $nginx_conf_path"
|
|
||||||
sudo service nginx restart
|
|
||||||
fi
|
|
||||||
cd "$org_pwd"
|
cd "$org_pwd"
|
||||||
fi
|
fi
|
Loading…
Reference in New Issue