WEB服务之 Nginx 服务脚本安装 - 窝窝头-学技术

Nginx 介绍：

Nginx (engine x) 是一个高性能的HTTP和反向代理web服务器，同时也提供了IMAP/POP3/SMTP服务。其将源代码以类BSD许可证的形式发布，因它的稳定性、丰富的功能集、简单的配置文件和低系统资源的消耗而闻名。因些许多企业都在使用。

目的：

1、一键安装
2、修改源码改变nginx的名称和版本【安全】

脚本内容：

#!/bin/bash
#
#********************************************************************
#Author:            wwtou
#Date:                 2025-04-18
#FileName：            Nginx_install.sh
#Description：        The test script for OS Version greater than 8.0
#Copyright (C):     2020 All rights reserved
#********************************************************************
# 修改nginx名称和版本
# vim src/core/nginx.h
# #define NGINX_VERSION "1.66.88"
# #define NGINX_VER "websrv" NGINX_VERSION
#
# vim src/http/ngx_http_header_filter_module.c
# static char ngx_http_server_string[] = "Server: websrv" CRLF
#**********************************************************************
NGINX_VER=1.26.3
CUSTOM_VER=66.88.0
SERVER_NAME=Websrv
NGINX_FILE=nginx-${NGINX_VER}.tar.gz
NGINX_URL=http://nginx.org/download/
HOST_IP=$(hostname -I | awk '{print $1}')
SRC_DIR=/tools
NGINX_INSTALL_DIR=/apps/nginx
NGINX_TMP_DIR=/var/tmp/nginx
CONFILE=/etc/nginx/nginx.conf
NGINX_COMMAND_FILE=/etc/profile.d/nginx.sh
USER=nginx
GROUP=nginx
CPUS=$(lscpu |awk '/^CPU\(s\)/{print $2}')
. /etc/os-release
color() {
    local text="$1"
    local status="$2"
    local RES_COL=60
    local GREEN="\033[1;32m"
    local RED="\033[1;31m"
    local YELLOW="\033[1;33m"
    local NORMAL="\033[0m"
    # 左侧文本 + 对齐
    printf "%-${RES_COL}s" "$text"
    # 移动光标到第 RES_COL 列
    echo -en "\033[${RES_COL}G"
    echo -n "["
    case "$status" in
        success|0)
            echo -en "${GREEN}  OK  ${NORMAL}"
            ;;
        failure|1)
            echo -en "${RED}FAILED${NORMAL}"
            ;;
        *)
            echo -en "${YELLOW}WARNING${NORMAL}"
            ;;
    esac
    echo "]"
}
check () {
    [ -e ${NGINX_INSTALL_DIR} ] && { color "nginx 已安装,请卸载后再安装" 1; exit; }
    [ ! -d ${NGINX_TMP_DIR} ] && mkdir -p ${NGINX_TMP_DIR}/{client,proxy,fcgi,uwsgi,scgi}
    color "检查操作系统和系统版本" 0
    # Detect OS
    # $os_version variables aren't always in use, but are kept here for convenience
    if grep -qs "ubuntu" /etc/os-release; then
        os="ubuntu"
        os_version=$(grep 'VERSION_ID' /etc/os-release | cut -d '"' -f 2 | tr -d '.')
    elif [[ -e /etc/debian_version ]]; then
        os="debian"
        os_version=$(grep -oE '[0-9]+' /etc/debian_version | head -1)
    elif egrep -i "openeuler|rocky|almalinux|Anolis|centos|kylin" /etc/os-release &> /dev/null; then
        os="centos"
        os_version=$(grep  "VERSION_ID" /etc/os-release | awk -F'"' '{print $2}' | cut -d'.' -f1)
    elif [[ -e /etc/fedora-release ]]; then
        os="fedora"
        os_version=$(grep -oE '[0-9]+' /etc/fedora-release | head -1)
    else
        color "This installer seems to be running on an unsupported distribution.Supported distros are Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora." 1
        exit
    fi
    if [[ "$os" == "ubuntu" && "$os_version" -lt 2204 ]]; then
        color "Ubuntu 22.04 or higher is required to use this installer.This version of Ubuntu is too old and unsupported." 1
        exit
    fi
    if [[ "$os" == "debian" ]]; then
        if grep -q '/sid' /etc/debian_version; then
            color "Debian Testing and Debian Unstable are unsupported by this installer." 1
            exit
        fi
        if [[ "$os_version" -lt 11 ]]; then
            color "Debian 11 or higher is required to use this installer.This version of Debian is too old and unsupported." 1
            exit
        fi
    fi
    if [[ "$os" == "centos" && "$os_version" -lt 9 ]]; then
        os_name=$(grep  "^NAME" /etc/os-release | awk -F'"' '{print $2}')
        echo "$os_name 9 or higher is required to use this installer.This version of $os_name is too old and unsupported." 0
        exit
    fi
   color "安装工具包,检查防火墙" 0
   if ! hash ufw 2>/dev/null && ! hash firewall-cmd 2>/dev/null && ! hash iptables 2>/dev/null; then
        if [[ "$os" == "ubuntu" && "$os" == "debinn" ]]; then
            apt -y update && apt install -y ufw
            [ $? -ne 0 ] && { color "Install UFW Failed" 1 ; exit; }
            ufw disable
            color 'ufw is closed' 0
        else
            dnf install -y firewalld
            [ $? -ne 0 ] && { color "Install Firewalld Failed" 1; exit; }
            setenforce 0
            sed -i '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config
            color 'Selinux has been disabled, and Permanent After Restarting' 0
            systemctl disable --now  firewalld.service &>/dev/null
            color 'firewalld is complete closed' 0
        fi
    fi
    if [[ "$os" == "ubuntu" && "$os" == "debinn" ]]; then
            apt -y update && apt install -y tar wget vim bash-completion gcc make libpcre3 libpcre3-dev openssl libssl-dev zlib-dev
            [ $? -ne 0 ] && { color "Install Tools Failed" 1 ; exit; }
    else
            dnf install -y wget tar vim-enhanced bash-completion gcc make openssl-devel pcre-devel zlib-devel perl-ExtUtils-Embed
            [ $? -ne 0 ] && { color "Install Tools Failed" 1; exit; }
    fi
    [ ! -d ${SRC_DIR} ] && mkdir ${SRC_DIR}
    cd  ${SRC_DIR}
    if [  -e ${SRC_DIR}/${NGINX_FILE} ];then
        color "相关文件已准备好" 0
    else
        color '开始下载 nginx 源码包' 0
        wget  ${NGINX_URL}${NGINX_FILE}
        [ $? -ne 0 ] && { color "下载 ${NGINX_FILE}文件失败" 1; exit; } 
    fi
} 
install () {
    color "开始安装 nginx" 0
    if id $USER  &>/dev/null; then
        color "$USER 用户已存在" 1 
    else
        groupadd $GROUP
        useradd -r -g $GROUP -s /sbin/nologin $USER
        color "创建 $USER 用户" 0 
    fi
    color "开始安装 nginx 依赖包" 0
    cd $SRC_DIR
    tar xf ${NGINX_FILE}
    NGINX_DIR=`echo ${NGINX_FILE} | sed -nr 's/^(.*[0-9]).*/\1/p'`
    cd ${NGINX_DIR}
    sed -i "s|${NGINX_VER}|${CUSTOM_VER}|"  src/core/nginx.h
    sed -i "s|nginx/|${SERVER_NAME}/|"      src/core/nginx.h
    sed -i "s| nginx| ${SERVER_NAME}|"      src/http/ngx_http_header_filter_module.c
    [ $? -eq 0 ] && color "nginx 修改源码版本成功" 0 ||  { color "nginx 修改源码版本失败,退出!" 1 ; exit; }
    ./configure \
     --prefix=${NGINX_INSTALL_DIR} \
     --sbin-path=${NGINX_INSTALL_DIR}/sbin/nginx \
     --conf-path=$CONFILE \
     --pid-path=/var/run/nginx.pid  \
     --lock-path=/var/lock/nginx.lock \
     --user=$USER \
     --group=$GROUP \
     --with-pcre \
     --with-stream \
     --with-http_ssl_module \
     --with-http_flv_module \
     --with-http_stub_status_module \
     --with-http_gzip_static_module \
     --with-http_realip_module \
     --with-http_v2_module \
     --with-http_dav_module \
     --http-client-body-temp-path=/var/tmp/nginx/client \
     --http-proxy-temp-path=/var/tmp/nginx/proxy \
     --http-fastcgi-temp-path=/var/tmp/nginx/fcgi \
     --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
     --http-scgi-temp-path=/var/tmp/nginx/scgi \
     --without-mail_pop3_module \
     --without-mail_imap_module \
     --without-mail_smtp_module
     # --with-openssl=/root/openssl-1.1.1w
    make -j $CPUS && make install
    [ $? -eq 0 ] && color "nginx 编译安装成功" 0 ||  { color "nginx 编译安装失败,退出!" 1 ;exit; }
    chown -R $USER:$GROUP  ${NGINX_INSTALL_DIR}
    echo "export PATH=${NGINX_INSTALL_DIR}/sbin:${PATH}" > ${NGINX_COMMAND_FILE}
    cat > /etc/security/limits.d/nginx.conf <<EOF
* soft nofile 65535
* hard nofile 65535
EOF
    cat > /usr/lib/systemd/system/nginx.service <<EOF
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=${NGINX_INSTALL_DIR}/sbin/nginx -c $CONFILE
ExecReload=${NGINX_INSTALL_DIR}/sbin/nginx -s reload
ExecStop=${NGINX_INSTALL_DIR}/sbin/nginx -s stop
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
#PrivateTmp=true
LimitNOFILE=100000
[Install]
WantedBy=multi-user.target
EOF
    systemctl daemon-reload
    systemctl enable --now nginx.service &> /dev/null 
    systemctl is-active nginx &> /dev/null ||  { color "nginx 启动失败,退出!" 1 ; exit; }
    color "nginx 安装完成" 0
    echo
    echo "请先运行: source ${NGINX_COMMAND_FILE}"
    echo "访问链接: http://${HOST_IP}"
    echo
}
check
install

运行脚本：

# bash nginx_install.sh

通过执行脚本实现一键安装 ~~