宝塔的防火墙是经典的lua防火墙,没啥特殊要求只要lua环境能跑就行
观察宝塔的安装逻辑和问题后,发现宝塔的lua环境版本太低,不兼容arm
《请支持正版,在官方没有修复前不建议部署到生产环境》搬运教程最好注明来源
查了查资料,支持arm版本的lua只能上openresty,其它的会有兼容性问题,说这么多,开始教程
1. 在宝塔面板点击安装nginx,任意版本都行,觉着宝塔把脚本文件下载完后立马点击关闭(不要让他安装)
一定要确认下载完毕再关,如果担心没有下载完毕就让他先跑一会再取消
2. 解压我修改好的脚本,并放到/www/server/nginx/install/ 目录下
3. 运行脚本,安装openresty
bash nginx.sh openresty,稍等片刻即可
4. 把lua的环境添加到系统目录中
ln -s /www/server/nginx/lualib/resty/ /usr/local/lib ln -s /www/server/nginx/lualib /usr/local/lib/lua
再安装防火墙即可
如果感觉帮助到你,能否给我来个特惠甲骨文套餐?命盘伦敦+悉尼 300打包收,求大佬把多余的出给我,左侧pm
有需要定制脚本也欢迎左侧pm
关于脚本修改的内容
1. 关闭宝塔lua环境的安装
2. openresty更换为官方最新版本,1.19.3.1
#!/bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin export PATH LANG=en_US.UTF-8 public_file=/www/server/panel/install/public.sh publicFileMd5=$(md5sum ${public_file} 2>/dev/null|awk '{print $1}') md5check="a70364b7ce521005e7023301e26143c5" if [ "${publicFileMd5}" != "${md5check}" ]; then wget -O Tpublic.sh http://download.bt.cn/install/public.sh -T 20; publicFileMd5=$(md5sum Tpublic.sh 2>/dev/null|awk '{print $1}') if [ "${publicFileMd5}" == "${md5check}" ]; then \cp -rpa Tpublic.sh $public_file fi rm -f Tpublic.sh fi . $public_file download_Url=$NODE_URL tengine='2.3.3' nginx_108='1.8.1' nginx_112='1.12.2' nginx_114='1.14.2' nginx_115='1.15.10' nginx_116='1.16.1' nginx_117='1.17.10' nginx_118='1.18.0' nginx_119='1.19.8' nginx_120='1.20.0' openresty='1.19.3.1' Root_Path=$(cat /var/bt_setupPath.conf) Setup_Path=$Root_Path/server/nginx run_path="/root" Is_64bit=$(getconf LONG_BIT) ARM_CHECK=$(uname -a|grep -E 'aarch64|arm|ARM') LUAJIT_VER="2.0.4" LUAJIT_INC_PATH="luajit-2.0" if [ "${ARM_CHECK}" ];then LUAJIT_VER="2.1.0-beta3" LUAJIT_INC_PATH="luajit-2.1" fi if [ -z "${cpuCore}" ]; then cpuCore="1" fi System_Lib(){ if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ] ; then Pack="gcc gcc-c++ curl curl-devel libtermcap-devel ncurses-devel libevent-devel readline-devel libuuid-devel" ${PM} install ${Pack} -y elif [ "${PM}" == "apt-get" ]; then Pack="gcc g++ libgd3 libgd-dev libevent-dev libncurses5-dev libreadline-dev uuid-dev" ${PM} install ${Pack} -y fi } Service_Add(){ if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ]; then chkconfig --add nginx chkconfig --level 2345 nginx on elif [ "${PM}" == "apt-get" ]; then update-rc.d nginx defaults fi } Service_Del(){ if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ]; then chkconfig --del nginx chkconfig --level 2345 nginx off elif [ "${PM}" == "apt-get" ]; then update-rc.d nginx remove fi } Set_Time(){ BASH_DATE=$(stat nginx.sh|grep Modify|awk '{print $2}'|tr -d '-') SYS_DATE=$(date +%Y%m%d) [ "${SYS_DATE}" -lt "${BASH_DATE}" ] && date -s "$(curl https://www.bt.cn//api/index/get_date)" } Install_Jemalloc(){ if [ ! -f '/usr/local/lib/libjemalloc.so' ]; then wget -O jemalloc-5.0.1.tar.bz2 ${download_Url}/src/jemalloc-5.0.1.tar.bz2 tar -xvf jemalloc-5.0.1.tar.bz2 cd jemalloc-5.0.1 ./configure make && make install ldconfig cd .. rm -rf jemalloc* fi } Install_LuaJIT() { if [ ! -f '/usr/local/lib/libluajit-5.1.so' ] || [ ! -f "/usr/local/include/${LUAJIT_INC_PATH}/luajit.h" ];then wget -c -O LuaJIT-${LUAJIT_VER}.tar.gz ${download_Url}/install/src/LuaJIT-${LUAJIT_VER}.tar.gz -T 10 tar xvf LuaJIT-${LUAJIT_VER}.tar.gz cd LuaJIT-${LUAJIT_VER} make linux make install cd .. rm -rf LuaJIT-* export LUAJIT_LIB=/usr/local/lib export LUAJIT_INC=/usr/local/include/${LUAJIT_INC_PATH}/ ln -sf /usr/local/lib/libluajit-5.1.so.2 /usr/local/lib64/libluajit-5.1.so.2 echo "/usr/local/lib" >> /etc/ld.so.conf ldconfig fi } Install_cjson() { if [ ! -f /usr/local/lib/lua/5.1/cjson.so ];then wget -O lua-cjson-2.1.0.tar.gz $download_Url/install/src/lua-cjson-2.1.0.tar.gz -T 20 tar xvf lua-cjson-2.1.0.tar.gz rm -f lua-cjson-2.1.0.tar.gz cd lua-cjson-2.1.0 make make install cd .. rm -rf lua-cjson-2.1.0 fi } Download_Src(){ mkdir -p ${Setup_Path} cd ${Setup_Path} rm -rf ${Setup_Path}/src if [ "${version}" == "tengine" ] || [ "${version}" == "openresty" ]; then wget -O ${Setup_Path}/src.tar.gz https://openresty.org/download/openresty-1.19.3.1.tar.gz -T20 tar -xvf src.tar.gz mv ${version}-${nginxVersion} src else wget -O ${Setup_Path}/src.tar.gz ${download_Url}/src/nginx-${nginxVersion}.tar.gz -T20 tar -xvf src.tar.gz tar -xvf src.tar.gz mv nginx-${nginxVersion} src fi cd src if [ -z "${GMSSL}" ];then TLSv13_NGINX=$(echo ${nginxVersion}|tr -d '.'|cut -c 1-3) if [ "${TLSv13_NGINX}" -ge "115" ] && [ "${TLSv13_NGINX}" != "181" ];then opensslVer="1.1.1k" else opensslVer="1.0.2u" fi wget -O openssl.tar.gz ${download_Url}/src/openssl-${opensslVer}.tar.gz tar -xvf openssl.tar.gz mv openssl-${opensslVer} openssl rm -f openssl.tar.gz else wget -O GmSSL-master.zip ${download_Url}/src/GmSSL-master.zip unzip GmSSL-master.zip mv GmSSL-master openssl rm -f GmSSL-master.zip fi pcre_version="8.43" wget -O pcre-$pcre_version.tar.gz ${download_Url}/src/pcre-$pcre_version.tar.gz tar zxf pcre-$pcre_version.tar.gz wget -O ngx_cache_purge.tar.gz ${download_Url}/src/ngx_cache_purge-2.3.tar.gz tar -zxvf ngx_cache_purge.tar.gz mv ngx_cache_purge-2.3 ngx_cache_purge rm -f ngx_cache_purge.tar.gz wget -O nginx-sticky-module.zip ${download_Url}/src/nginx-sticky-module.zip unzip -o nginx-sticky-module.zip rm -f nginx-sticky-module.zip wget -O nginx-http-concat.zip ${download_Url}/src/nginx-http-concat-1.2.2.zip unzip -o nginx-http-concat.zip mv nginx-http-concat-1.2.2 nginx-http-concat rm -f nginx-http-concat.zip #lua_nginx_module LuaModVer="0.10.13" wget -c -O lua-nginx-module-${LuaModVer}.zip ${download_Url}/src/lua-nginx-module-${LuaModVer}.zip unzip -o lua-nginx-module-${LuaModVer}.zip mv lua-nginx-module-${LuaModVer} lua_nginx_module rm -f lua-nginx-module-${LuaModVer}.zip #ngx_devel_kit NgxDevelKitVer="0.3.1" wget -c -O ngx_devel_kit-${NgxDevelKitVer}.zip ${download_Url}/src/ngx_devel_kit-${NgxDevelKitVer}.zip unzip -o ngx_devel_kit-${NgxDevelKitVer}.zip mv ngx_devel_kit-${NgxDevelKitVer} ngx_devel_kit rm -f ngx_devel_kit-${NgxDevelKitVer}.zip #nginx-dav-ext-module NgxDavVer="3.0.0" wget -c -O nginx-dav-ext-module-${NgxDavVer}.tar.gz ${download_Url}/src/nginx-dav-ext-module-${NgxDavVer}.tar.gz tar -xvf nginx-dav-ext-module-${NgxDavVer}.tar.gz mv nginx-dav-ext-module-${NgxDavVer} nginx-dav-ext-module rm -f nginx-dav-ext-module-${NgxDavVer}.tar.gz if [ "${Is_64bit}" = "64" ]; then if [ "${version}" == "1.15" ] || [ "${version}" == "1.17" ] || [ "${version}" == "tengine" ];then NGX_PAGESPEED_VAR="1.13.35.2" wget -O ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz ${download_Url}/src/ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz tar -xvf ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz mv ngx-pagespeed-${NGX_PAGESPEED_VAR} ngx-pagespeed rm -f ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz fi fi } Install_Configure(){ Run_User="www" wwwUser=$(cat /etc/passwd|grep www) if [ "${wwwUser}" == "" ];then groupadd ${Run_User} useradd -s /sbin/nologin -g ${Run_User} ${Run_User} fi [ -f "/www/server/panel/install/nginx_prepare.sh" ] && . /www/server/panel/install/nginx_prepare.sh [ -f "/www/server/panel/install/nginx_configure.pl" ] && ADD_EXTENSION=$(cat /www/server/panel/install/nginx_configure.pl) if [ -f "/usr/local/lib/libjemalloc.so" ] && [ -z "${ARM_CHECK}" ];then jemallocLD="--with-ld-opt="-ljemalloc"" fi if [ "${version}" == "1.8" ];then ENABLE_HTTP2="--with-http_spdy_module" else ENABLE_HTTP2="--with-http_v2_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module" fi WebDav_NGINX=$(echo ${nginxVersion}|tr -d '.'|cut -c 1-3) if [ "${WebDav_NGINX}" -ge "114" ] && [ "${WebDav_NGINX}" != "181" ];then ENABLE_WEBDAV="--with-http_dav_module --add-module=${Setup_Path}/src/nginx-dav-ext-module" fi # # if [ "${version}" == "openresty" ];then ENABLE_LUA="--with-luajit" # elif [ -z "${ARM_CHECK}" ] && [ -f "/usr/local/include/${LUAJIT_INC_PATH}/luajit.h" ];then # ENABLE_LUA="--add-module=${Setup_Path}/src/ngx_devel_kit --add-module=${Setup_Path}/src/lua_nginx_module" # fi name=nginx i_path=/www/server/panel/install/$name i_args=$(cat $i_path/config.pl|xargs) i_make_args="" for i_name in $i_args do init_file=$i_path/$i_name/init.sh if [ -f $init_file ];then bash $init_file fi args_file=$i_path/$i_name/args.pl if [ -f $args_file ];then args_string=$(cat $args_file) i_make_args="$i_make_args $args_string" fi done cd ${Setup_Path}/src # if [ "${GMSSL}" ];then # sed -i "s/$OPENSSL\/.openssl\//$OPENSSL\//g" auto/lib/openssl/conf # fi export LUAJIT_LIB=/usr/local/lib export LUAJIT_INC=/usr/local/include/${LUAJIT_INC_PATH}/ export LD_LIBRARY_PATH=/usr/local/lib/:$LD_LIBRARY_PATH ./configure --user=www --group=www --prefix=${Setup_Path} ${ENABLE_LUA} --add-module=${Setup_Path}/src/ngx_cache_purge --add-module=${Setup_Path}/src/nginx-sticky-module --with-openssl=${Setup_Path}/src/openssl --with-pcre=pcre-${pcre_version} ${ENABLE_HTTP2} --with-http_stub_status_module --with-http_ssl_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_gunzip_module --with-ipv6 --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4_module --with-ld-opt="-Wl,-E" --with-cc-opt="-Wno-error" ${jemallocLD} ${ENABLE_WEBDAV} ${ENABLE_NGX_PAGESPEED} ${ADD_EXTENSION} ${i_make_args} make -j${cpuCore} } Install_Nginx(){ make install if [ "${version}" == "openresty" ];then ln -sf /www/server/nginx/nginx/html /www/server/nginx/html ln -sf /www/server/nginx/nginx/conf /www/server/nginx/conf ln -sf /www/server/nginx/nginx/logs /www/server/nginx/logs ln -sf /www/server/nginx/nginx/sbin /www/server/nginx/sbin fi if [ ! -f "${Setup_Path}/sbin/nginx" ];then echo '========================================================' GetSysInfo echo -e "ERROR: nginx-${nginxVersion} installation failed."; echo -e "安装失败,请截图以上报错信息发帖至论坛www.bt.cn/bbs求助" rm -rf ${Setup_Path} exit 1; fi ln -sf ${Setup_Path}/sbin/nginx /usr/bin/nginx rm -f ${Setup_Path}/conf/nginx.conf cd ${Setup_Path} rm -f src.tar.gz } Update_Nginx(){ if [ "${nginxVersion}" = "openresty" ]; then make install echo -e "done" nginx -v echo "${nginxVersion}" > ${Setup_Path}/version.pl rm -f ${Setup_Path}/version_check.pl exit; fi if [ ! -f ${Setup_Path}/src/objs/nginx ]; then echo '========================================================' GetSysInfo echo -e "ERROR: nginx-${nginxVersion} installation failed."; echo -e "升级失败,请截图以上报错信息发帖至论坛www.bt.cn/bbs求助" exit 1; fi sleep 1 /etc/init.d/nginx stop mv -f ${Setup_Path}/sbin/nginx ${Setup_Path}/sbin/nginxBak \cp -rfp ${Setup_Path}/src/objs/nginx ${Setup_Path}/sbin/ sleep 1 /etc/init.d/nginx start rm -rf ${Setup_Path}/src nginx -v echo "${nginxVersion}" > ${Setup_Path}/version.pl rm -f ${Setup_Path}/version_check.pl if [ "${version}" == "tengine" ]; then echo "2.2.4(${tengine})" > ${Setup_Path}/version_check.pl fi exit } Set_Conf(){ Default_Website_Dir=$Root_Path'/wwwroot/default' mkdir -p ${Default_Website_Dir} mkdir -p ${Root_Path}/wwwlogs mkdir -p ${Setup_Path}/conf/vhost mkdir -p /usr/local/nginx/logs mkdir -p ${Setup_Path}/conf/rewrite wget -O ${Setup_Path}/conf/nginx.conf ${download_Url}/conf/nginx.conf -T20 wget -O ${Setup_Path}/conf/pathinfo.conf ${download_Url}/conf/pathinfo.conf -T20 wget -O ${Setup_Path}/conf/enable-php.conf ${download_Url}/conf/enable-php.conf -T20 wget -O ${Setup_Path}/html/index.html ${download_Url}/error/index.html -T 5 cat > ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf<<EOF server { listen 80; server_name 127.0.0.1; allow 127.0.0.1; location /nginx_status { stub_status on; access_log off; } EOF echo > /www/server/nginx/conf/enable-php-00.conf for phpV in 52 53 54 55 56 70 71 72 73 74 75 80 do cat > ${Setup_Path}/conf/enable-php-${phpV}.conf<<EOF location ~ [^/]\.php(/|$) { try_files \$uri =404; fastcgi_pass unix:/tmp/php-cgi-${phpV}.sock; fastcgi_index index.php; include fastcgi.conf; include pathinfo.conf; } EOF cat >> ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf<<EOF location /phpfpm_${phpV}_status { fastcgi_pass unix:/tmp/php-cgi-${phpV}.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME \$fastcgi_script_name; } EOF done echo \} >> ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf cat > ${Setup_Path}/conf/proxy.conf<<EOF proxy_temp_path ${Setup_Path}/proxy_temp_dir; proxy_cache_path ${Setup_Path}/proxy_cache_dir levels=1:2 keys_zone=cache_one:20m inactive=1d max_size=5g; client_body_buffer_size 512k; proxy_connect_timeout 60; proxy_read_timeout 60; proxy_send_timeout 60; proxy_buffer_size 32k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; proxy_cache cache_one; EOF cat > ${Setup_Path}/conf/luawaf.conf<<EOF lua_shared_dict limit 10m; lua_package_path "/www/server/nginx/waf/?.lua"; init_by_lua_file /www/server/nginx/waf/init.lua; access_by_lua_file /www/server/nginx/waf/waf.lua; EOF mkdir -p /www/wwwlogs/waf chown www.www /www/wwwlogs/waf chmod 744 /www/wwwlogs/waf mkdir -p /www/server/panel/vhost wget -O waf.zip ${download_Url}/install/waf/waf.zip unzip -o waf.zip -d $Setup_Path/ > /dev/null if [ ! -d "/www/server/panel/vhost/wafconf" ];then mv $Setup_Path/waf/wafconf /www/server/panel/vhost/wafconf fi sed -i "s#include vhost/\*.conf;#include /www/server/panel/vhost/nginx/\*.conf;#" ${Setup_Path}/conf/nginx.conf sed -i "s#/www/wwwroot/default#/www/server/phpmyadmin#" ${Setup_Path}/conf/nginx.conf sed -i "/pathinfo/d" ${Setup_Path}/conf/enable-php.conf sed -i "s/#limit_conn_zone.*/limit_conn_zone \$binary_remote_addr zone=perip:10m;\n\tlimit_conn_zone \$server_name zone=perserver:10m;/" ${Setup_Path}/conf/nginx.conf sed -i "s/mime.types;/mime.types;\n\t\tinclude proxy.conf;\n/" ${Setup_Path}/conf/nginx.conf #if [ "${nginx_version}" == "1.12.2" ] || [ "${nginx_version}" == "openresty" ] || [ "${nginx_version}" == "1.14.2" ];then sed -i "s/mime.types;/mime.types;\n\t\t#include luawaf.conf;\n/" ${Setup_Path}/conf/nginx.conf #fi PHPVersion="" for phpVer in 52 53 54 55 56 70 71 72 73 74 80; do if [ -d "/www/server/php/${phpVer}/bin" ]; then PHPVersion=${phpVer} fi done if [ "${PHPVersion}" ];then \cp -r -a ${Setup_Path}/conf/enable-php-${PHPVersion}.conf ${Setup_Path}/conf/enable-php.conf fi AA_PANEL_CHECK=$(cat /www/server/panel/config/config.json|grep "English") if [ "${AA_PANEL_CHECK}" ];then \cp -rf /www/server/panel/data/empty.html /www/server/nginx/html/index.html chmod 644 /www/server/nginx/html/index.html wget -O /www/server/panel/vhost/nginx/0.default.conf ${download_Url}/conf/nginx/en.0.default.conf fi wget -O /etc/init.d/nginx ${download_Url}/init/nginx.init -T 5 chmod +x /etc/init.d/nginx } Bt_Check(){ checkFile="/www/server/panel/install/check.sh" wget -O ${checkFile} ${download_Url}/tools/check.sh . ${checkFile} } Set_Version(){ if [ "${version}" == "tengine" ]; then echo "-Tengine2.2.3" > ${Setup_Path}/version.pl echo "2.2.4(${tengine})" > ${Setup_Path}/version_check.pl elif [ "${version}" == "openresty" ]; then echo "openresty" > ${Setup_Path}/version.pl else echo "${nginxVersion}" > ${Setup_Path}/version.pl fi if [ "${GMSSL}" ];then echo "1.18国密版" > ${Setup_Path}/version_check.pl fi } Uninstall_Nginx() { if [ -f "/etc/init.d/nginx" ];then Service_Del /etc/init.d/nginx stop rm -f /etc/init.d/nginx fi [ -f "${Setup_Path}/rpm.pl" ] && yum remove bt-$(cat ${Setup_Path}/rpm.pl) -y [ -f "${Setup_Path}/deb.pl" ] && apt-get remove bt-$(cat ${Setup_Path}/deb.pl) -y pkill -9 nginx rm -rf ${Setup_Path} } actionType=$1 version=$2 if [ "${actionType}" == "uninstall" ]; then Service_Del Uninstall_Nginx else case "${version}" in '1.10') nginxVersion=${nginx_112} ;; '1.12') nginxVersion=${nginx_112} ;; '1.14') nginxVersion=${nginx_114} ;; '1.15') nginxVersion=${nginx_115} ;; '1.16') nginxVersion=${nginx_116} ;; '1.17') nginxVersion=${nginx_117} ;; '1.18') nginxVersion=${nginx_118} ;; '1.18.gmssl') nginxVersion=${nginx_118} GMSSL="True" ;; '1.19') nginxVersion=${nginx_119} ;; '1.20') nginxVersion=${nginx_120} ;; '1.8') nginxVersion=${nginx_108} ;; 'openresty') nginxVersion=${openresty} ;; *) nginxVersion=${tengine} version="tengine" ;; esac if [ "${actionType}" == "install" ];then if [ -f "/www/server/nginx/sbin/nginx" ]; then Uninstall_Nginx fi System_Lib # if [ -z "${ARM_CHECK}" ];then # Install_Jemalloc # Install_LuaJIT # Install_cjson # fi Download_Src Install_Configure Install_Nginx Set_Conf Set_Version Service_Add Bt_Check /etc/init.d/nginx start elif [ "${actionType}" == "update" ];then Download_Src Install_Configure Update_Nginx fi fi