-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnginx-php-stack.sh
113 lines (91 loc) · 2.95 KB
/
nginx-php-stack.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#!/usr/bin/env bash
# Script that installs nginx and php stack on current system.
ENABLE_SERVICES=1
SERVER_TOKENS_OFF=1
SET_CGI_FIX_PATHINFO_TO_0=1
EXPOSE_PHP_OFF=1
# You need root permissions to run this script.
if [[ "${UID}" != '0' ]]; then
echo '> You need to become root to run this script.'
echo '> Aborting.'
exit 1
fi
# Function that checks if required binary exists and installs it if necessary.
ENSURE_PACKAGE () {
REQUIRED_BINARY=$(basename "${1}")
REPO_PACKAGES="${*:2}"
if [[ "${REQUIRED_BINARY}" != '-' ]]; then
[[ -n "${REPO_PACKAGES}" ]] || REPO_PACKAGES="${REQUIRED_BINARY}"
if command -v "${REQUIRED_BINARY}" 1> /dev/null; then
REPO_PACKAGES=''
fi
fi
[[ -n "${REPO_PACKAGES}" ]] || return
if [[ "${REPO_REFRESHED}" == '0' ]]; then
echo '> Refreshing package repository.'
dnf check-update 1> /dev/null
REPO_REFRESHED=1
fi
for REPO_PACKAGE in ${REPO_PACKAGES}
do
dnf install -y "${REPO_PACKAGE}"
done
}
# Variable that keeps track if repository is already refreshed.
REPO_REFRESHED=0
# Install packages and dependencies if necessary.
ENSURE_PACKAGE 'sed'
ENSURE_PACKAGE 'grep'
ENSURE_PACKAGE 'nginx'
ENSURE_PACKAGE 'php-fpm'
ENSURE_PACKAGE 'composer'
ENSURE_PACKAGE '-' \
'php-cli' 'php-gd' 'php-intl' 'php-json' 'php-jsonlint' 'php-mbstring' 'php-mysqlnd' \
'php-opcache' 'php-pdo' 'php-pecl-apcu' 'php-pecl-apcu-bc' 'php-pecl-imagick' 'php-pecl-memcache' \
'php-pgsql' 'php-process' 'php-xml'
# Fix configuration.
sed -i 's/^user = .*$/user = nginx/g' /etc/php-fpm.d/www.conf
sed -i 's/^group = .*$/group = nginx/g' /etc/php-fpm.d/www.conf
if [[ "${SERVER_TOKENS_OFF}" == '1' ]]; then
[[ -d /etc/nginx/conf.d ]] || mkdir -p /etc/nginx/conf.d
echo 'server_tokens off;' > /etc/nginx/conf.d/server-tokens-off.conf
fi
if [[ "${SET_CGI_FIX_PATHINFO_TO_0}" == '1' ]]; then
if ! grep -Fq 'cgi.fix_pathinfo=' /etc/php.ini; then
echo 'cgi.fix_pathinfo=0' >> /etc/php.ini
else
sed -i -E 's/^;?cgi.fix_pathinfo=.*$/cgi.fix_pathinfo=0/g' /etc/php.ini
fi
fi
if [[ "${EXPOSE_PHP_OFF}" == '1' ]]; then
if ! grep -Fq 'expose_php =' /etc/php.ini; then
echo 'expose_php = Off' >> /etc/php.ini
else
sed -i -E 's/^;?expose_php\s?=\s?.*$/expose_php = Off/g' /etc/php.ini
fi
fi
# Fix ownerships.
chown -R nginx:nginx \
/var/lib/php/opcache \
/var/lib/php/session \
/var/lib/php/wsdlcache
chown root \
/var/lib/php/opcache \
/var/lib/php/session \
/var/lib/php/wsdlcache
usermod -G apache nginx
usermod -G nginx apache
# Configuring services.
if [[ "${ENABLE_SERVICES}" == '1' ]]; then
systemctl enable nginx
systemctl start nginx
systemctl enable php-fpm
systemctl start php-fpm
else
systemctl disable nginx
systemctl stop nginx
systemctl disable php-fpm
systemctl stop php-fpm
fi
# Let user know that script has finished its job.
echo '> Finished.'