├── Dockerfile ├── LICENSE ├── README.md ├── addcdn.sh ├── docker_nginx.sh ├── etc └── logrotate.d │ └── nginx ├── httpcdn.conf ├── nginx ├── nginx.conf ├── nginx.service ├── nginx.sh └── run.sh /Dockerfile: -------------------------------------------------------------------------------- 1 | #基于哪个镜像制作 2 | FROM debian:stable-slim 3 | #设置时区 4 | ENV TZ=Asia/Shanghai 5 | #工作目录 6 | WORKDIR /root 7 | #复制安装脚本 8 | COPY ./docker_nginx.sh /root 9 | #复制启动脚本 10 | COPY ./run.sh /usr/sbin 11 | #执行安装脚本 12 | RUN bash docker_nginx.sh 13 | #暴露站点文件夹 14 | VOLUME /data 15 | #暴露配置文件 16 | VOLUME /usr/local/nginx/conf/vhost 17 | VOLUME /usr/local/nginx/conf/cdn 18 | #暴露日志文件夹 19 | VOLUME /usr/local/nginx/logs 20 | #运行crontab和nginx 21 | CMD ["/usr/sbin/run.sh"] -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # XCDN 2 | CentOS一键安装Nginx 3 | 4 | ### 环境要求 5 | * CentOS 6/7 6 | 7 | ### 当前版本 8 | * nginx/1.18 9 | 10 | #### 已编译模块 11 | * --with-stream 12 | * --with-http_stub_status_module 13 | * --with-http_v2_module 14 | * --with-http_ssl_module 15 | * --with-http_gzip_static_module 16 | * --with-http_realip_module 17 | * --with-http_slice_module 18 | * --with-pcre-jit 19 | * pcre-8.39 20 | * zlib-1.2.11 21 | * openssl-1.1.1 22 | * ngx_http_substitutions_filter_module 23 | * ngx_cache_purge 24 | * ngx_brotli 25 | 26 | ### 安装 27 | ``` 28 | wget https://raw.githubusercontent.com/helloxz/nginx-cdn/master/nginx.sh && bash nginx.sh 29 | ``` 30 | 31 | * 如果是CentOS 6的系统,请选择编译安装。 32 | * CentOS 7可选择编译安装或二进制安装。 33 | * 编译安装通常10分钟左右,二进制安装通常2分钟左右。 34 | 35 | ### 常用命令 36 | 安装完成后执行命令 `source /etc/profile` 让环境变量立即生效,或重新打开终端。 37 | * 启动nginx:`nginx` 38 | * 停止nginx:`nginx -s stop` 39 | * 重载nginx:`nginx -s reload` 40 | * 语法检测:`nginx -t` 41 | 42 | ### 联系我 43 | * Blog: [https://www.xiaoz.me/](https://www.xiaoz.me/) 44 | * QQ: 337003006 -------------------------------------------------------------------------------- /addcdn.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | function http_cdn{ 5 | read -p "请输入域名(www.xiaoz.me):" domain 6 | read -p "请填写回源IP(192.168.0.1):" sourceip 7 | read -p "设置全局缓存时间(0-60min):" cache_time 8 | cache_name=${domain%%\.%%_} 9 | } 10 | 11 | read -p "请选择" mysite 12 | echo "1.HTTP" 13 | echo "2.HTTPS" 14 | echo "3.退出" 15 | 16 | case $mysite in 17 | 1) 18 | http_cdn 19 | echo "输入的域名:${domain}" 20 | echo "回源ip:${sourceip}" 21 | echo "缓存时间:${cache_time}" 22 | echo "缓存目录:/data/wwwroot/caches/${domain}" 23 | echo "缓存名字:${cache_name}" 24 | :: 25 | 2) echo '' 26 | :: 27 | *) echo '只能选择1-4' 28 | :: 29 | esac -------------------------------------------------------------------------------- /docker_nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ############### Debian一键安装Nginx脚本 ############### 3 | #Author:xiaoz.me 4 | #Update:2020-11-15 5 | #Github:https://github.com/helloxz/nginx-cdn 6 | ####################### END ####################### 7 | 8 | PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/sbin 9 | export PATH 10 | 11 | #安装依赖 12 | function depend(){ 13 | apt-get -y update 14 | apt-get -y install curl wget libmaxminddb-dev libgd-dev cron 15 | } 16 | 17 | 18 | #二进制安装Nginx 19 | function BinaryInstall(){ 20 | #创建用户和用户组 21 | groupadd www 22 | useradd -M -g www www -s /sbin/nologin 23 | #创建数据目录,用于存储站点数据、缓存目录、ssl证书 24 | mkdir -p /data 25 | chown -R www:www /data 26 | 27 | #下载到指定目录 28 | wget http://soft.xiaoz.org/nginx/xcdn-binary-1.18-debian.tar.gz -O /usr/local/nginx.tar.gz 29 | 30 | #解压 31 | cd /usr/local && tar -zxvf nginx.tar.gz 32 | 33 | #日志自动分割 34 | wget --no-check-certificate https://raw.githubusercontent.com/helloxz/nginx-cdn/master/etc/logrotate.d/nginx -P /etc/logrotate.d/ 35 | #替换日志分割路径 36 | sed -i 's%/data/wwwlogs/*nginx.log%/usr/local/nginx/logs/*.log%g' /etc/logrotate.d/nginx 37 | 38 | #环境变量 39 | echo "export PATH=$PATH:/usr/local/nginx/sbin" >> /etc/profile 40 | export PATH=$PATH:'/usr/local/nginx/sbin' 41 | 42 | #启动 43 | #/usr/local/nginx/sbin/nginx 44 | #给docker启动脚本添加执行权限 45 | chmod +x /usr/sbin/run.sh 46 | #计划任务 47 | echo '*/1 * * * * /usr/sbin/run.sh autoreload >> /dev/null' >> /var/spool/cron/crontabs/root 48 | #开机自启 49 | #echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.d/rc.local 50 | #chmod +x /etc/rc.d/rc.local 51 | 52 | echo "------------------------------------------------" 53 | echo "XCDN installed successfully." 54 | echo "------------------------------------------------" 55 | } 56 | #收尾工作 57 | function finishing(){ 58 | #清理nginx二进制文件 59 | rm -rf /usr/local/nginx.tar.gz 60 | } 61 | #安装依赖 62 | depend 63 | #执行安装 64 | BinaryInstall 65 | finishing -------------------------------------------------------------------------------- /etc/logrotate.d/nginx: -------------------------------------------------------------------------------- 1 | /data/wwwlogs/*nginx.log { 2 | daily 3 | rotate 5 4 | missingok 5 | dateext 6 | compress 7 | notifempty 8 | sharedscripts 9 | postrotate 10 | [ -e /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` 11 | endscript 12 | } -------------------------------------------------------------------------------- /httpcdn.conf: -------------------------------------------------------------------------------- 1 | proxy_cache_path /data/wwwroot/cdn.xiaoz.me levels=1:2 keys_zone=xiaozcdn:50m inactive=30m max_size=50m; 2 | server 3 | { 4 | listen 80; 5 | server_name cdn.xiaoz.me; 6 | charset utf-8,gbk; 7 | location / { 8 | proxy_set_header Accept-Encoding ""; 9 | proxy_pass https://www.xiaoz.me; 10 | proxy_redirect off; 11 | proxy_set_header X-Real-IP $remote_addr; 12 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 13 | proxy_cache xiaozcdn; 14 | proxy_cache_valid 200 304 30m; 15 | proxy_cache_valid 301 24h; 16 | proxy_cache_valid 500 502 503 504 0s; 17 | proxy_cache_valid any 1s; 18 | proxy_cache_min_uses 1; 19 | expires 12h; 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /nginx: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # nginx - this script starts and stops the nginx daemon 4 | # 5 | # chkconfig: - 85 15 6 | # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ 7 | # proxy and IMAP/POP3 proxy server 8 | # processname: nginx 9 | # config: /usr/local/nginx/conf/nginx.conf 10 | # pidfile: /var/run/nginx.pid 11 | 12 | case $1 in 13 | 'start') 14 | /usr/local/nginx/sbin/nginx 15 | echo 'Nginx started successfully.' 16 | echo '----------------------------' 17 | ps -ef|grep 'nginx' 18 | echo '----------------------------' 19 | ;; 20 | 'reload') 21 | /usr/local/nginx/sbin/nginx -s quit 22 | /usr/local/nginx/sbin/nginx -s stop 23 | pkill nginx 24 | echo 'Nginx stopped succeeding.' 25 | ;; 26 | 3) echo '数字3' 27 | ;; 28 | 4) echo '数字4' 29 | ;; 30 | *) echo '不是1-4' 31 | esac -------------------------------------------------------------------------------- /nginx.conf: -------------------------------------------------------------------------------- 1 | user www www; 2 | worker_processes auto; 3 | worker_rlimit_nofile 50000; 4 | error_log logs/error.log; 5 | #error_log logs/error.log notice; 6 | #error_log logs/error.log info; 7 | 8 | pid /var/run/nginx.pid; 9 | 10 | 11 | events { 12 | use epoll; 13 | worker_connections 51200; 14 | #worker_connections 1024; 15 | multi_accept on; 16 | } 17 | 18 | 19 | http { 20 | include mime.types; 21 | default_type application/octet-stream; 22 | server_names_hash_bucket_size 128; 23 | client_header_buffer_size 32k; 24 | large_client_header_buffers 4 32k; 25 | client_max_body_size 1024m; 26 | client_body_buffer_size 10m; 27 | sendfile on; 28 | tcp_nopush on; 29 | keepalive_timeout 120; 30 | server_tokens off; 31 | tcp_nodelay on; 32 | proxy_headers_hash_max_size 51200; 33 | proxy_headers_hash_bucket_size 6400; 34 | #开启Brotli压缩 35 | brotli on; 36 | brotli_comp_level 6; 37 | #最小长度 38 | brotli_min_length 512; 39 | brotli_types text/plain text/javascript text/css text/xml text/x-component application/javascript application/x-javascript application/xml application/json application/xhtml+xml application/rss+xml application/atom+xml application/x-font-ttf application/vnd.ms-fontobject image/svg+xml image/x-icon font/opentype; 40 | brotli_static always; 41 | 42 | gzip on; 43 | gzip_buffers 16 8k; 44 | gzip_comp_level 6; 45 | gzip_http_version 1.1; 46 | gzip_min_length 256; 47 | gzip_proxied any; 48 | gzip_vary on; 49 | gzip_types 50 | text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml 51 | text/javascript application/javascript application/x-javascript 52 | text/x-json application/json application/x-web-app-manifest+json 53 | text/css text/plain text/x-component 54 | font/opentype application/x-font-ttf application/vnd.ms-fontobject 55 | image/x-icon; 56 | gzip_disable "MSIE [1-6]\.(?!.*SV1)"; 57 | 58 | #If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency. 59 | open_file_cache max=1000 inactive=20s; 60 | open_file_cache_valid 30s; 61 | open_file_cache_min_uses 2; 62 | open_file_cache_errors on; 63 | 64 | #limit connection 65 | limit_conn_zone $binary_remote_addr zone=addr:10m; 66 | 67 | 68 | server { 69 | listen 80; 70 | server_name localhost; 71 | 72 | #charset koi8-r; 73 | 74 | #access_log logs/host.access.log main; 75 | 76 | location / { 77 | root html; 78 | index index.html index.htm; 79 | } 80 | 81 | #error_page 404 /404.html; 82 | 83 | # redirect server error pages to the static page /50x.html 84 | # 85 | error_page 500 502 503 504 /50x.html; 86 | location = /50x.html { 87 | root html; 88 | } 89 | 90 | # proxy the PHP scripts to Apache listening on 127.0.0.1:80 91 | # 92 | #location ~ \.php$ { 93 | # proxy_pass http://127.0.0.1; 94 | #} 95 | 96 | # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 97 | # 98 | #location ~ \.php$ { 99 | # root html; 100 | # fastcgi_pass 127.0.0.1:9000; 101 | # fastcgi_index index.php; 102 | # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; 103 | # include fastcgi_params; 104 | #} 105 | 106 | # deny access to .htaccess files, if Apache's document root 107 | # concurs with nginx's one 108 | # 109 | #location ~ /\.ht { 110 | # deny all; 111 | #} 112 | } 113 | 114 | 115 | # another virtual host using mix of IP-, name-, and port-based configuration 116 | # 117 | #server { 118 | # listen 8000; 119 | # listen somename:8080; 120 | # server_name somename alias another.alias; 121 | 122 | # location / { 123 | # root html; 124 | # index index.html index.htm; 125 | # } 126 | #} 127 | 128 | 129 | # HTTPS server 130 | # 131 | #server { 132 | # listen 443 ssl; 133 | # server_name localhost; 134 | 135 | # ssl_certificate cert.pem; 136 | # ssl_certificate_key cert.key; 137 | 138 | # ssl_session_cache shared:SSL:1m; 139 | # ssl_session_timeout 5m; 140 | 141 | # ssl_ciphers HIGH:!aNULL:!MD5; 142 | # ssl_prefer_server_ciphers on; 143 | 144 | # location / { 145 | # root html; 146 | # index index.html index.htm; 147 | # } 148 | #} 149 | include cdn/*.conf; 150 | include vhost/*.conf; 151 | } 152 | -------------------------------------------------------------------------------- /nginx.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=nginx - high performance web server 3 | Documentation=http://nginx.org/en/docs/ 4 | After=network.target 5 | 6 | [Service] 7 | Type=forking 8 | PIDFile=/var/run/nginx.pid 9 | ExecStartPost=/bin/sleep 0.1 10 | ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf 11 | ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf 12 | ExecReload=/bin/kill -s HUP $MAINPID 13 | ExecStop=/bin/kill -s QUIT $MAINPID 14 | LimitNOFILE=1000000 15 | LimitNPROC=1000000 16 | LimitCORE=1000000 17 | 18 | [Install] 19 | WantedBy=multi-user.target 20 | -------------------------------------------------------------------------------- /nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ############### CentOS一键安装Nginx脚本 ############### 3 | #Author:xiaoz.me 4 | #Update:2020-11-15 5 | #Github:https://github.com/helloxz/nginx-cdn 6 | ####################### END ####################### 7 | 8 | PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/sbin 9 | export PATH 10 | 11 | 12 | dir='/usr/local/' 13 | #定义nginx版本 14 | nginx_version='1.18' 15 | #定义openssl版本 16 | openssl_version='1.1.1g' 17 | #定义pcre版本 18 | pcre_version='8.43' 19 | #对系统进行判断 20 | function check_os(){ 21 | #CentOS 22 | if test -e "/etc/redhat-release" 23 | then 24 | yum -y install gcc gcc-c++ perl unzip libmaxminddb-devel gd-devel 25 | #Debian 26 | elif test -e "/etc/debian_version" 27 | then 28 | apt-get -y update 29 | apt-get -y install curl wget perl unzip build-essential libmaxminddb-dev libgd-dev 30 | else 31 | echo "当前系统不支持!" 32 | fi 33 | } 34 | #获取服务器公网IP 35 | function get_ip(){ 36 | osip=$(curl -4s https://api.ip.sb/ip) 37 | echo $osip 38 | } 39 | #防火墙放行端口 40 | function chk_firewall(){ 41 | if [ -e "/etc/sysconfig/iptables" ] 42 | then 43 | iptables -I INPUT -p tcp --dport 80 -j ACCEPT 44 | iptables -I INPUT -p tcp --dport 443 -j ACCEPT 45 | service iptables save 46 | service iptables restart 47 | else 48 | firewall-cmd --zone=public --add-port=80/tcp --permanent 49 | firewall-cmd --zone=public --add-port=443/tcp --permanent 50 | firewall-cmd --reload 51 | fi 52 | } 53 | #防火墙删除端口 54 | function DelPort(){ 55 | if [ -e "/etc/sysconfig/iptables" ] 56 | then 57 | sed -i '/^.*80/d' /etc/sysconfig/iptables 58 | sed -i '/^.*443/d' /etc/sysconfig/iptables 59 | service iptables save 60 | service iptables restart 61 | else 62 | firewall-cmd --zone=public --remove-port=80/tcp --permanent 63 | firewall-cmd --zone=public --remove-port=443/tcp --permanent 64 | firewall-cmd --reload 65 | fi 66 | } 67 | #安装jemalloc优化内存管理 68 | function jemalloc(){ 69 | wget http://soft.xiaoz.org/linux/jemalloc-5.2.0.tgz 70 | tar -zxvf jemalloc-5.2.0.tgz 71 | cd jemalloc-5.2.0 72 | ./configure 73 | make && make install 74 | echo '/usr/local/lib' > /etc/ld.so.conf.d/local.conf 75 | ldconfig 76 | } 77 | 78 | #安装依赖环境 79 | function depend(){ 80 | #安装pcre 81 | cd ${dir} 82 | wget --no-check-certificate https://ftp.pcre.org/pub/pcre/pcre-${pcre_version}.tar.gz 83 | tar -zxvf pcre-${pcre_version}.tar.gz 84 | cd pcre-${pcre_version} 85 | ./configure 86 | make -j4 && make -j4 install 87 | #安装zlib 88 | cd ${dir} 89 | wget http://soft.xiaoz.org/linux/zlib-1.2.11.tar.gz 90 | tar -zxvf zlib-1.2.11.tar.gz 91 | cd zlib-1.2.11 92 | ./configure 93 | make -j4 && make -j4 install 94 | #安装openssl 95 | cd ${dir} 96 | wget --no-check-certificate -O openssl.tar.gz https://www.openssl.org/source/openssl-${openssl_version}.tar.gz 97 | tar -zxvf openssl.tar.gz 98 | cd openssl-${openssl_version} 99 | ./config 100 | make -j4 && make -j4 install 101 | #下载testcookie-nginx-module 102 | cd ${dir} 103 | wget http://soft.xiaoz.org/nginx/testcookie-nginx-module.zip 104 | unzip testcookie-nginx-module.zip 105 | #下载ngx_http_ipdb_module 106 | #cd ${dir} 107 | #wget http://soft.xiaoz.org/nginx/ngx_http_ipdb_module.zip 108 | #unzip ngx_http_ipdb_module.zip 109 | #下载ngx_http_geoip2_module 110 | cd ${dir} 111 | wget http://soft.xiaoz.org/nginx/ngx_http_geoip2_module.zip 112 | unzip ngx_http_geoip2_module.zip 113 | } 114 | 115 | #安装服务 116 | function install_service(){ 117 | if [ -d "/etc/systemd/system" ] 118 | then 119 | wget -P /etc/systemd/system https://raw.githubusercontent.com/helloxz/nginx-cdn/master/nginx.service 120 | systemctl daemon-reload 121 | systemctl enable nginx 122 | fi 123 | } 124 | 125 | #编译安装Nginx 126 | function CompileInstall(){ 127 | #创建用户和用户组 128 | groupadd www 129 | useradd -M -g www www -s /sbin/nologin 130 | 131 | #rm -rf /usr/local/pcre-8.39.tar.gz 132 | #rm -rf /usr/local/zlib-1.2.11.tar.gz 133 | #rm -rf /usr/local/openssl-1.1.0h.tar.gz 134 | 135 | #下载stub_status_module模块 136 | cd /usr/local 137 | 138 | ### 重新启用替换模块 139 | wget http://soft.xiaoz.org/nginx/ngx_http_substitutions_filter_module.zip 140 | unzip ngx_http_substitutions_filter_module.zip 141 | 142 | #下载purecache模块 143 | cd /usr/local && wget http://soft.xiaoz.org/nginx/ngx_cache_purge-2.3.tar.gz 144 | tar -zxvf ngx_cache_purge-2.3.tar.gz 145 | mv ngx_cache_purge-2.3 ngx_cache_purge 146 | 147 | #下载brotli 148 | wget http://soft.xiaoz.org/nginx/ngx_brotli.tar.gz 149 | tar -zxvf ngx_brotli.tar.gz 150 | 151 | #安装Nginx 152 | cd /usr/local 153 | wget https://wget.ovh/nginx/xcdn-${nginx_version}.tar.gz 154 | tar -zxvf xcdn-${nginx_version}.tar.gz 155 | cd xcdn-${nginx_version} 156 | ./configure --prefix=/usr/local/nginx --user=www --group=www \ 157 | --with-stream \ 158 | --with-http_stub_status_module \ 159 | --with-http_v2_module \ 160 | --with-http_ssl_module \ 161 | --with-http_gzip_static_module \ 162 | --with-http_realip_module \ 163 | --with-http_slice_module \ 164 | --with-http_image_filter_module=dynamic \ 165 | --with-pcre=../pcre-${pcre_version} \ 166 | --with-pcre-jit \ 167 | --with-zlib=../zlib-1.2.11 \ 168 | --with-openssl=../openssl-${openssl_version} \ 169 | --add-module=../ngx_http_substitutions_filter_module \ 170 | --add-module=../ngx_cache_purge \ 171 | --add-module=../ngx_brotli \ 172 | --add-dynamic-module=${dir}ngx_http_geoip2_module 173 | make -j4 && make -j4 install 174 | 175 | #一点点清理工作 176 | rm -rf ${dir}xcdn-1.* 177 | rm -rf ${dir}zlib-1.* 178 | rm -rf ${dir}pcre-8.* 179 | rm -rf ${dir}openssl* 180 | rm -rf ${dir}testcookie-nginx-module* 181 | rm -rf ${dir}ngx_http_geoip2_module* 182 | rm -rf ${dir}ngx_http_ipdb_module.zip 183 | rm -rf ${dir}ngx_http_substitutions_filter_module* 184 | rm -rf ${dir}ngx_cache_purge* 185 | rm -rf ${dir}ngx_brotli* 186 | rm -rf nginx.tar.gz 187 | rm -rf nginx.1 188 | cd 189 | rm -rf jemalloc* 190 | 191 | #复制配置文件 192 | mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak 193 | wget --no-check-certificate https://raw.githubusercontent.com/helloxz/nginx-cdn/master/nginx.conf -P /usr/local/nginx/conf/ 194 | #日志分割 195 | wget --no-check-certificate https://raw.githubusercontent.com/helloxz/nginx-cdn/master/etc/logrotate.d/nginx -P /etc/logrotate.d/ 196 | mkdir -p /usr/local/nginx/conf/vhost 197 | mkdir -p /usr/local/nginx/conf/cdn 198 | /usr/local/nginx/sbin/nginx 199 | 200 | #环境变量与服务 201 | echo "export PATH=$PATH:/usr/local/nginx/sbin" >> /etc/profile 202 | export PATH=$PATH:'/usr/local/nginx/sbin' 203 | 204 | #安装服务 205 | install_service 206 | #echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.d/rc.local 207 | #chmod +x /etc/rc.d/rc.local 208 | echo "------------------------------------------------" 209 | echo "XCDN installed successfully. Please visit the http://${osip}" 210 | } 211 | 212 | #二进制安装Nginx 213 | function BinaryInstall(){ 214 | #创建用户和用户组 215 | groupadd www 216 | useradd -M -g www www -s /sbin/nologin 217 | 218 | #下载到指定目录 219 | wget http://soft.xiaoz.org/nginx/xcdn-binary-${nginx_version}.tar.gz -O /usr/local/nginx.tar.gz 220 | 221 | #解压 222 | cd /usr/local && tar -zxvf nginx.tar.gz 223 | 224 | #日志自动分割 225 | wget --no-check-certificate https://raw.githubusercontent.com/helloxz/nginx-cdn/master/etc/logrotate.d/nginx -P /etc/logrotate.d/ 226 | 227 | #环境变量 228 | echo "export PATH=$PATH:/usr/local/nginx/sbin" >> /etc/profile 229 | export PATH=$PATH:'/usr/local/nginx/sbin' 230 | 231 | #启动 232 | /usr/local/nginx/sbin/nginx 233 | #安装服务 234 | install_service 235 | #开机自启 236 | #echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.d/rc.local 237 | #chmod +x /etc/rc.d/rc.local 238 | 239 | echo "------------------------------------------------" 240 | echo "XCDN installed successfully. Please visit the http://${osip}" 241 | } 242 | 243 | #卸载Nginx 244 | function uninstall(){ 245 | # 杀掉nginx进程 246 | pkill nginx 247 | #删除www用户 248 | userdel www && groupdel www 249 | #备份一下配置 250 | cp -a /usr/local/nginx/conf/vhost /home/vhost_bak 251 | #删除目录 252 | rm -rf /usr/local/nginx 253 | sed -i "s%:/usr/local/nginx/sbin%%g" /etc/profile 254 | #删除自启 255 | sed -i '/^.*nginx/d' /etc/rc.d/rc.local 256 | #删除日志分割 257 | rm -rf /etc/logrotate.d/nginx 258 | } 259 | 260 | #选择安装方式 261 | echo "------------------------------------------------" 262 | echo "欢迎使用Nginx一键安装脚本^_^,请先选择安装方式:" 263 | echo "1) 编译安装,支持CentOS 6/7" 264 | echo "2) 二进制安装,支持CentOS 7" 265 | echo "3) 卸载Nginx" 266 | echo "q) 退出!" 267 | read -p ":" istype 268 | 269 | case $istype in 270 | 1) 271 | check_os 272 | get_ip 273 | chk_firewall 274 | #安装jemalloc 275 | #jemalloc,2020/11/09暂时去掉jemalloc 276 | #安装依赖 277 | depend 278 | #安装nginx 279 | CompileInstall 280 | ;; 281 | 2) 282 | check_os 283 | get_ip 284 | chk_firewall 285 | #安装jemalloc 286 | #jemalloc,2020/11/09暂时去掉jemalloc 287 | BinaryInstall 288 | ;; 289 | 3) 290 | #执行卸载函数 291 | uninstall 292 | #删除端口 293 | DelPort 294 | echo 'Uninstall complete.' 295 | ;; 296 | q) 297 | exit 298 | ;; 299 | *) echo '参数错误!' 300 | esac -------------------------------------------------------------------------------- /run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | #自动重载 5 | if [ ${1}x == 'autoreload'x ] 6 | then 7 | find /usr/local/nginx/conf -name '*.conf' -mmin -2 -exec /usr/sbin/run.sh reload \; 8 | elif [ ${1}x == 'reload'x ] 9 | then 10 | /usr/local/nginx/sbin/nginx -t && /usr/local/nginx/sbin/nginx -s reload 11 | elif [ ${1}x == 'stop'x ] 12 | then 13 | /usr/local/nginx/sbin/nginx -t && /usr/local/nginx/sbin/nginx -s stop 14 | elif [ ${1}x == 'start'x ] 15 | then 16 | /usr/local/nginx/sbin/nginx 17 | elif [ -z $1 ] 18 | then 19 | #启动nginx 20 | /usr/local/nginx/sbin/nginx 21 | #启动cron 22 | cron -n 23 | tail -f /usr/local/nginx/logs/error.log 24 | fi --------------------------------------------------------------------------------