Browse Source

adding nginx:install

release/0.1
Björn 4 years ago
parent
commit
fe79f038c3
6 changed files with 137 additions and 16 deletions
  1. +29
    -16
      app/Commands/NginxInstallCommand.php
  2. +108
    -0
      resources/nginx/nginx.blade.php
  3. +0
    -0
      resources/nginx/snippets/deny.conf
  4. +0
    -0
      resources/nginx/snippets/expires.conf
  5. +0
    -0
      resources/nginx/snippets/secure-headers.conf
  6. +0
    -0
      resources/nginx/snippets/ssl-params.conf

+ 29
- 16
app/Commands/NginxInstallCommand.php View File

@ -5,8 +5,10 @@ namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule; use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
use Illuminate\Support\Facades\File; use Illuminate\Support\Facades\File;
use Illuminate\Support\Facades\App;
use App\Facades\Install; use App\Facades\Install;
use App\BladeFile;
use Log; use Log;
@ -17,7 +19,7 @@ class NginxInstallCommand extends Command
* *
* @var string * @var string
*/ */
protected $signature = 'nginx:install';
protected $signature = 'nginx:install {--user=www-data}';
/** /**
* The description of the command. * The description of the command.
@ -33,28 +35,39 @@ class NginxInstallCommand extends Command
*/ */
public function handle() public function handle()
{ {
//$option = $this->menu('Install')
// ->addOption('nginx', 'Nginx')
// ->open();
//File::put('/etc/kkk', '/etc/kkk');
//$workers = exec('echo $(grep ^processor /proc/cpuinfo | wc -l)');
//$
//$
$this->info('Nginx install...');
$this->info('Nginx installing...');
exec('apt update 2>&1'); exec('apt update 2>&1');
exec('apt install -y nginx 2>&1'); exec('apt install -y nginx 2>&1');
// copy snippets
exec('cp '.base_path().'/resources/nginx/snippets/*.conf /etc/nginx/snippets');
$configuration = [
'user' => $this->option('user'),
'env' => App::environment()
];
// get workers
exec('echo $(grep ^processor /proc/cpuinfo | wc -l)', $output);
$configuration['processes'] = $output[0];
// get connections
exec('echo $(ulimit -n)', $output);
$configuration['connections'] = $output[1];
$bladeFile = new BladeFile('/resources/nginx');
$bladeFile->put('nginx', '/etc/nginx/nginx.conf', $configuration);
// check if nginx is ready and installed
if (Install::isReady('nginx')) { if (Install::isReady('nginx')) {
// get status of nginx
exec('nginx -v 2>&1', $output);
$status = "$output[0] installed";
// adding ufw to nginx
exec('ufw allow "Nginx Full"');
$this->info($status);
Log::info($status);
$this->info("Success!");
} else {
$this->error("failed");
} }
} }
} }

+ 108
- 0
resources/nginx/nginx.blade.php View File

@ -0,0 +1,108 @@
# set user for nginx
user {{ $user }};
# you must set worker processes based on your CPU cores
worker_processes {{ $processes }};
# number of file descriptors used for nginx
# the limit for the maximum FDs on the server is usually set by the OS.
# if you don't set FD's then OS settings will be used which is by default 2000
worker_rlimit_nofile 100000;
pid /run/nginx.pid;
events {
# determines how much clients will be served per worker
worker_connections {{ $connections }};
# optimized to serve many clients with each thread, essential for linux
use epoll;
# accept as many connections as possible
multi_accept on;
}
http {
server_tokens off;
@if ($env === 'development')
# error log will be only write from debug
error_log /var/log/nginx.error_log debug;
@else
# error log will be only write from warn-level
error_log /var/log/nginx.error_log warn;
# no logging for 3XX
map \$status \$loggable {
~^[3] 0;
default 1;
}
# send headers in one piece, it is better than sending them one by one
tcp_nopush on;
# don't buffer data sent, good for small data bursts in real time
tcp_nodelay on;
# caching
# optimizes serving static files from the file system
sendfile on;
# assets file, 1000 files for 30 seconds
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
@endif
#buffer
client_body_buffer_size 128k;
client_max_body_size 250m;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
output_buffers 1 32k;
postpone_output 1460;
# allow the server to close connection on non responding client, this will free up memory
reset_timedout_connection on;
# server will close connection after this time -- default 75
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 10m;
send_timeout 3m;
# compress files, but not on older version of IE
gzip on;
gzip_min_length 1000;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
gzip_types
application/x-javascript
text/css
application/javascript
text/javascript
text/plain
text/xml
application/json
application/vnd.ms-fontobject
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/xml
font/eot
font/opentype
font/otf
image/svg+xml
image/vnd.microsoft.icon;
# includes
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
include /etc/nginx/mime.types;
}

resources/nginx/snippts/deny.conf → resources/nginx/snippets/deny.conf View File


resources/nginx/snippts/expires.conf → resources/nginx/snippets/expires.conf View File


resources/nginx/snippts/secure-headers.conf → resources/nginx/snippets/secure-headers.conf View File


resources/nginx/snippts/ssl-params.conf → resources/nginx/snippets/ssl-params.conf View File


Loading…
Cancel
Save