fix bug

conf/default.conf

@@ -30,7 +30,7 @@ server {
     location ~ \.php$ {
         root            /usr/share/nginx/html;
         try_files       $uri =404;
-        fastcgi_pass    127.0.0.1:9000;
+        fastcgi_pass    unix:/var/run/php-fpm.sock;
         fastcgi_index   index.php;
         fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include         fastcgi_params;

lemp.sh

@@ -1,177 +1,89 @@
 #!/bin/bash
  
-# Install script for LEMP Web Server base on CentOS 6/7 by xiaosong
-cd `pwd`
+# Install script for LEMP Web Server base on CentOS 7 by xiaosong
+
+SCRIPT_ROOT=`pwd`
+cd $SCRIPT_ROOT
+
 # Checking
 echo "Checking..."
 if [ -n "`grep 'Aliyun Linux release' /etc/issue`" -o -e /etc/redhat-release ];then
     OS=CentOS
     [ -n "`grep ' 7\.' /etc/redhat-release`" ] && CentOS_RHEL_version=7
-    [ -n "`grep ' 6\.' /etc/redhat-release`" -o -n "`grep 'Aliyun Linux release6 15' /etc/issue`" ] && CentOS_RHEL_version=6
 fi
 
-if [ "$OS" != 'CentOS' ] || [ "$CentOS_RHEL_version" != '6' -a "$CentOS_RHEL_version" != '7' ];then
-    echo "${CFAILURE}Error: This script only support CentOS 6 & CentOS 7${CEND}";
+if [ $OS != 'CentOS' ] || [ $CentOS_RHEL_version != '7' ];then
+    echo "${CFAILURE}Error: This script only support CentOS 7${CEND}";
     kill -9 $$
 fi
 
-if [ `getconf WORD_BIT` == 32 ] && [ `getconf LONG_BIT` == 64 ];then
-    BIT=64
-else
-    echo "${CFAILURE}Error: This script only support 64 bit CentOS${CEND}";
-    kill -9 $$
+while :; do echo
+  read -p "Do you want to init your CentOS? [y/n]:(Default y press Enter) " init_yn
+  [ -z "$init_yn" ] && init_yn=y
+  if [[ ! $init_yn =~ ^[y,n]$ ]]; then
+    echo "${CWARNING}input error! Please only input 'y' or 'n'${CEND}"
+  else
+    break
+  fi
+done
+
+while :; do echo
+  read -p "Do you want to install nginx? [y/n]:(Default y press Enter) " nginx_yn
+  [ -z "$nginx_yn" ] && nginx_yn=y
+  if [[ ! $nginx_yn =~ ^[y,n]$ ]]; then
+    echo "${CWARNING}input error! Please only input 'y' or 'n'${CEND}"
+  else
+    break
+  fi
+done
+
+while :; do echo
+  read -p "Do you want to install PHP? [y/n]:(Default y press Enter) " php_yn
+  [ -z "$php_yn" ] && php_yn=y
+  if [[ ! $php_yn =~ ^[y,n]$ ]]; then
+    echo "${CWARNING}input error! Please only input 'y' or 'n'${CEND}"
+  else
+    break
+  fi
+done
+
+while :; do echo
+  read -p "Do you want to install MariaDB? [y/n]:(Default y press Enter) " mariadb_yn
+  [ -z "$mariadb_yn" ] && mariadb_yn=y
+  if [[ ! $mariadb_yn =~ ^[y,n]$ ]]; then
+    echo "${CWARNING}input error! Please only input 'y' or 'n'${CEND}"
+  else
+    if [ "$mariadb_yn" == 'y' ]; then
+        while :; do echo
+            read -p "Please type MariaDB root password:(Default lemp.sh press Enter) " MariaDB_ROOT_PWD
+            [ -z "$MariaDB_ROOT_PWD" ] && MariaDB_ROOT_PWD="lemp.sh"
+            [ -n "`echo $MariaDB_ROOT_PWD | grep '[+|&]'`" ] && { echo "${CWARNING}input error,not contain a plus sign (+) and & ${CEND}"; continue; }
+            break
+        done
+    else
+        break
+    fi
+    break
+  fi
+done
+
+if [ "$init_yn" == 'y' ]; then
+. ./utils/init.sh
 fi
 
-# Close SELINUX
-setenforce 0
-sed -i 's/^SELINUX=.*$/SELINUX=disabled/' /etc/selinux/config
-
-# /etc/security/limits.conf
-[ -e /etc/security/limits.d/*nproc.conf ] && rename nproc.conf nproc.conf_bk /etc/security/limits.d/*nproc.conf
-sed -i '/^# End of file/,$d' /etc/security/limits.conf
-cat >> /etc/security/limits.conf <<EOF
-# End of file
-* soft nproc 65535
-* hard nproc 65535
-* soft nofile 65535
-* hard nofile 65535
-EOF
-
-# Set timezone
-rm -rf /etc/localtime
-ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
-
-# /etc/sysctl.conf
-sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf
-[ -z "`grep 'fs.file-max' /etc/sysctl.conf`" ] && cat >> /etc/sysctl.conf << EOF
-fs.file-max=65535
-net.ipv4.tcp_fin_timeout = 30
-net.ipv4.tcp_tw_reuse = 1
-net.ipv4.tcp_tw_recycle = 1
-net.ipv4.ip_local_port_range = 1024 65000
-net.ipv4.tcp_max_syn_backlog = 65536
-net.ipv4.tcp_max_tw_buckets = 20000
-net.ipv4.route.gc_timeout = 100
-net.ipv4.tcp_syn_retries = 1
-net.ipv4.tcp_synack_retries = 1
-net.core.somaxconn = 65535
-net.core.netdev_max_backlog = 262144
-net.ipv4.tcp_timestamps = 0
-net.ipv4.tcp_max_orphans = 262144
-
-net.core.rmem_max = 67108864
-net.core.wmem_max = 67108864
-net.core.rmem_default = 65536
-net.core.wmem_default = 65536
-net.ipv4.tcp_rmem = 4096 87380 67108864
-net.ipv4.tcp_wmem = 4096 65536 67108864
-net.ipv4.tcp_mtu_probing = 1
-#net.ipv4.tcp_congestion_control = hybla
-#net.ipv4.tcp_fastopen = 3
-net.nf_conntrack_max = 6553500
-net.netfilter.nf_conntrack_max = 6553500
-net.netfilter.nf_conntrack_tcp_timeout_established = 180
-EOF
-sysctl -p /etc/sysctl.conf
-
-# Init
-echo "Initializing..."
+# Install base packages
+echo "Installing base packages..."
 sudo yum -y update
-sudo yum -y install vim wget epel-release unzip git
+sudo yum -y install sudo vim wget epel-release unzip git
 
-# Install the Required Repositories
-echo "Installing the Required Repositories..."
-sudo rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-${CentOS_RHEL_version}.rpm
-
-echo "[nginx]
-name=nginx repo
-baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
-gpgcheck=0
-enabled=1" > /etc/yum.repos.d/nginx.repo
-
-echo "[mariadb]
-name = MariaDB
-baseurl = http://yum.mariadb.org/10.1/centos\$releasever-amd64
-gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
-gpgcheck=1" > /etc/yum.repos.d/mariadb.repo
-
-# Install MariaDB
-echo "Installing MariaDB..."
-sudo yum install -y MariaDB-server MariaDB-client
-
-# Install Nginx
-echo "Installing Nginx..."
-sudo yum install -y nginx
-
-# Install PHP
-echo "Installing PHP..."
-sudo yum install -y --enablerepo=remi,remi-php70 php-gd php-fpm php-cli php-pdo php-xml php-json php-soap php-common php-mcrypt php-mysqlnd php-mbstring php-pecl-zip php-opcache php-xmlrpc
-
-# Install Composer
-echo "Installing Composer globally..."
-curl -sS https://getcomposer.org/installer | php
-sudo mv composer.phar /usr/bin/composer
-
-# Configure Nginx for PHP
-echo "Configuring Nginx for PHP..."
-IP=`curl ip.llm.me`
-sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
-sudo cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak
-sudo cp ./nginx.conf /etc/nginx/nginx.conf
-sudo cp ./default.conf /etc/nginx/conf.d/default.conf
-sudo sed -i "s/localhost/$IP/g" /etc/nginx/conf.d/default.conf
-
-# Configure PHP
-echo "Configuring PHP..."
-sudo chown root:nginx /var/lib/php -R
-sudo sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo = 0/g' /etc/php.ini
-sudo sed -i 's/pdo_mysql.default_socket=/pdo_mysql.default_socket = \/var\/lib\/mysql\/mysql.sock/g' /etc/php.ini
-sudo sed -i 's/mysqli.default_socket =/mysqli.default_socket = \/var\/lib\/mysql\/mysql.sock/g' /etc/php.ini
-sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 20M/g' /etc/php.ini
-sudo sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php.ini
-sudo sed -i 's/;date.timezone =/date.timezone = "Asia\/Shanghai"/g' /etc/php.ini
-sudo sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf
-sudo sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
-
-# Write PHP test file
-echo "Write PHP test file..."
-cat >> /usr/share/nginx/html/i.php <<EOF
-<?php
-phpinfo();
-
-EOF
-
-# Configure MariaDB
-echo "Configuring MariaDB..."
-sudo cp ./my.cnf /etc/my.cnf
-sudo cp ./server.cnf /etc/my.cnf.d/server.cnf
-
-# Restarting Services
-echo "Restarting Services..."
-if [ "$CentOS_RHEL_version" == 6 ];then
-    sudo service mysql restart
-    sudo service php-fpm restart
-    sudo service nginx restart
-else
-    sudo systemctl restart mariadb.service
-    sudo systemctl restart nginx.service
-    sudo systemctl restart php-fpm.service
+if [ "$nginx_yn" == 'y' ]; then
+. ./utils/nginx.sh
 fi
 
-# Set Up Autostart
-echo "Setting Autostart..."
-
-if [ "$CentOS_RHEL_version" == 6 ];then
-    sudo chkconfig --levels 235 mysql on
-    sudo chkconfig --levels 235 nginx on
-    sudo chkconfig --levels 235 php-fpm on
-else
-    sudo systemctl enable mariadb.service
-    sudo systemctl enable nginx.service
-    sudo systemctl enable php-fpm.service
+if [ "$php_yn" == 'y' ]; then
+. ./utils/php.sh
 fi
 
-# Done
-echo "Configuring MariaDB..."
-sudo mysql_secure_installation
-
+if [ "$mariadb_yn" == 'y' ]; then
+. ./utils/mariadb.sh
+fi

utils/bbr.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+
+# Install script for BBR base on CentOS 7 by xiaosong
+CentOS_Version=`cat /etc/redhat-release | grep -oE '[0-9]+\.[0-9]+' | cut -d'.' -f1`
+KVersion=4.13.0-1
+
+if [ -z ${CentOS_Version} ]
+then
+	CentOS_Version=0
+fi
+
+if [ ${CentOS_Version} -lt 6 ]
+then
+	echo "Sorry, I can only support CentOS 6/7 yet."
+	exit
+fi
+
+if [[ `getconf WORD_BIT` = '32' && `getconf LONG_BIT` = '64' ]] ; then
+	BIT_VER=x64
+else
+	BIT_VER=x86
+fi
+
+if [ ${BIT_VER} != 'x64' ]
+then
+	echo "Sorry, I can only support x64 yet."
+	exit
+fi
+
+function modifySysctl() {
+	if [ ! `cat /etc/sysctl.conf | grep -i -E "net.core.default_qdisc = fq"` ]; then
+		echo "net.core.default_qdisc = fq" >> /etc/sysctl.conf
+	fi
+	if [ ! `cat /etc/sysctl.conf | grep -i -E "net.ipv4.tcp_congestion_control = bbr"` ]; then
+		echo "net.ipv4.tcp_congestion_control = bbr" >> /etc/sysctl.conf
+	fi
+}
+
+echo "Now I will replace the system kernel to ${KVersion}..."
+echo "Start installing"
+rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
+if [ ${CentOS_Version} -eq 7 ]
+then
+	rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
+else
+	rpm -Uvh http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
+fi
+yum --enablerepo=elrepo-kernel install -y kernel-ml
+echo "Checking if the installtion is ok"
+KGRUB2=`ls /etc/grub2.cfg|wc -l`
+if [ ${KGRUB2} -eq 1 ]
+then
+	INS_OK=`awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg | grep ${KVersion} | grep -i -v debug | grep -i -v rescue | cut -d' ' -f1`
+	if [ -z ${INS_OK} ]
+	then
+		echo "Sorry, install failed, please contact the author"
+		exit
+	fi
+	yum install -y grub2-tools
+	grub2-set-default ${INS_OK}
+	modifySysctl
+else
+	KGRUB=`ls /boot/grub/grub.conf|wc -l`
+	if [ ${KGRUB} -eq 1 ]
+	then
+		INS_OK=`grep '^title ' /boot/grub/grub.conf | awk -F'title ' '{print i++ " : " $2}' | grep ${KVersion} | grep -i -v debug | grep -i -v rescue | cut -d' ' -f1`
+		if [ -z ${INS_OK} ]
+		then
+			echo "Sorry, install failed, please contact the author"
+			exit
+		fi
+		sed -i "s/^default.*/default=${INS_OK}/" /boot/grub/grub.conf
+		modifySysctl
+	fi
+fi
+
+echo " "
+echo "Installation is completed, now you can reboot the system. "
+echo "You should check BBR after the rebooting using command: "
+echo " "
+echo "     sysctl -a|grep congestion_control"

utils/init.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# Close SELINUX
+setenforce 0
+sed -i 's/^SELINUX=.*$/SELINUX=disabled/' /etc/selinux/config
+
+# /etc/security/limits.conf
+[ -e /etc/security/limits.d/*nproc.conf ] && rename nproc.conf nproc.conf_bk /etc/security/limits.d/*nproc.conf
+sed -i '/^# End of file/,$d' /etc/security/limits.conf
+cat >> /etc/security/limits.conf <<EOF
+# End of file
+* soft nproc 65535
+* hard nproc 65535
+* soft nofile 65535
+* hard nofile 65535
+EOF
+
+# Set timezone
+rm -rf /etc/localtime
+ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
+
+# /etc/sysctl.conf
+sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf
+[ -z "`grep 'fs.file-max' /etc/sysctl.conf`" ] && cat >> /etc/sysctl.conf << EOF
+fs.file-max = 65535
+net.ipv4.tcp_fin_timeout = 30
+net.ipv4.tcp_tw_reuse = 1
+net.ipv4.tcp_tw_recycle = 0
+net.ipv4.ip_local_port_range = 1024 65000
+net.ipv4.tcp_max_syn_backlog = 65536
+net.ipv4.tcp_max_tw_buckets = 20000
+net.ipv4.route.gc_timeout = 100
+net.ipv4.tcp_syn_retries = 1
+net.ipv4.tcp_synack_retries = 1
+net.ipv4.tcp_syncookies = 1
+net.core.somaxconn = 65535
+net.core.netdev_max_backlog = 262144
+net.ipv4.tcp_timestamps = 0
+net.ipv4.tcp_max_orphans = 262144
+
+net.core.rmem_max = 67108864
+net.core.wmem_max = 67108864
+net.core.rmem_default = 65536
+net.core.wmem_default = 65536
+net.ipv4.tcp_rmem = 4096 87380 67108864
+net.ipv4.tcp_wmem = 4096 65536 67108864
+net.ipv4.tcp_mtu_probing = 1
+#net.ipv4.tcp_congestion_control = hybla
+net.ipv4.tcp_fastopen = 3
+EOF
+sysctl -p /etc/sysctl.conf
+
+echo "Configuring Firewall..."
+sudo systemctl stop firewalld
+sudo systemctl mask firewalld
+sudo yum install iptables iptables-services -y
+
+sudo /sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
+sudo /sbin/service iptables save
+
+sudo systemctl restart iptables
+sudo systemctl enable iptables.service

utils/mariadb.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+# Install MariaDB
+echo "Installing MariaDB..."
+sudo yum install -y mariadb-server
+
+# Configure MariaDB
+echo "Configuring MariaDB..."
+sudo cp ${SCRIPT_ROOT}/conf/my.cnf /etc/my.cnf
+sudo cp ${SCRIPT_ROOT}/conf/server.cnf /etc/my.cnf.d/server.cnf
+
+echo "Install and start service..."
+sudo systemctl restart mariadb.service
+sudo systemctl enable mariadb.service
+
+# Configure MariaDB
+echo "Configuring MariaDB..."
+sudo mysql_secure_installation <<EOF
+
+y
+${MariaDB_ROOT_PWD}
+${MariaDB_ROOT_PWD}
+y
+y
+y
+y
+EOF

utils/nginx.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Install Nginx
+echo "Installing Nginx..."
+
+echo "[nginx]
+name=nginx repo
+baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
+gpgcheck=0
+enabled=1" > /etc/yum.repos.d/nginx.repo
+
+sudo yum install -y nginx
+
+# Configure Nginx for PHP
+echo "Configuring Nginx for PHP..."
+IP=`curl -4 ip.llm.me`
+sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
+sudo cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak
+sudo cp ${SCRIPT_ROOT}/conf/nginx.conf /etc/nginx/nginx.conf
+sudo cp ${SCRIPT_ROOT}/conf/default.conf /etc/nginx/conf.d/default.conf
+sudo sed -i "s/localhost/$IP `hostname`/g" /etc/nginx/conf.d/default.conf
+
+echo "Configuring Firewall..."
+sudo /sbin/iptables -I INPUT -p tcp --dport 443 -j ACCEPT
+sudo /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
+sudo /sbin/service iptables save
+sudo systemctl restart iptables
+
+echo "Install and start service..."
+sudo systemctl restart nginx.service
+sudo systemctl enable nginx.service

utils/php.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+# Install PHP
+echo "Installing PHP..."
+
+sudo rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-${CentOS_RHEL_version}.rpm
+
+sudo yum install -y --enablerepo=remi,remi-php71 php-gd php-fpm php-cli php-pdo php-xml php-json php-common php-mcrypt php-mysqlnd php-mbstring php-zip php-opcache php-xmlrpc
+
+# Install Composer
+echo "Installing Composer globally..."
+curl -sS https://getcomposer.org/installer | php
+sudo mv composer.phar /usr/bin/composer
+
+# Configure PHP
+echo "Configuring PHP..."
+sudo chown root:nginx /var/lib/php -R
+sudo sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo = 0/g' /etc/php.ini
+sudo sed -i 's/pdo_mysql.default_socket=/pdo_mysql.default_socket = \/var\/lib\/mysql\/mysql.sock/g' /etc/php.ini
+sudo sed -i 's/mysqli.default_socket =/mysqli.default_socket = \/var\/lib\/mysql\/mysql.sock/g' /etc/php.ini
+sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 20M/g' /etc/php.ini
+sudo sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php.ini
+sudo sed -i 's/;date.timezone =/date.timezone = "Asia\/Shanghai"/g' /etc/php.ini
+sudo sed -i 's/expose_php = On/expose_php = Off/g' /etc/php.ini
+sudo sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf
+sudo sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
+sudo sed -i 's/listen = 127.0.0.1:9000/listen = \/var\/run\/php-fpm.sock/g' /etc/php-fpm.d/www.conf
+sudo sed -i 's/;listen.owner = nobody/listen.owner = nginx/g' /etc/php-fpm.d/www.conf
+sudo sed -i 's/;listen.group = nobody/listen.group = nginx/g' /etc/php-fpm.d/www.conf
+sudo sed -i 's/;listen.mode = 0660/listen.mode = 0660/g' /etc/php-fpm.d/www.conf
+
+# Write PHP test file
+echo "Write PHP test file..."
+cat >> /usr/share/nginx/html/i.php <<EOF
+<?php
+phpinfo();
+
+EOF
+
+echo "Install and start service..."
+sudo systemctl restart php-fpm.service
+sudo systemctl enable php-fpm.service