.htaccess — это конфигурационный файл веб сервера Apache, позволяющий управлять работой веб сервера и настройками сайта без изменения основного конфигурационного файла веб сервера.
Обработкой статического контента будет заниматься NGINX, а обработкой динамического *.php контента будет Apache c PHP-FPM.
Также настроим модуль remoteip для того, чтобы в логах Apache записывались реальные адреса клиентов.
#!/bin/bash
echo "Update the package lists..."
dnf check-update
echo "Install the prerequisites..."
dnf install dnf-utils -y
echo "Adding nginx official repos..."
cat <<'EOT' > /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOT
echo "Installing NGINX, Apache, PHP-FPM..."
dnf install nginx httpd php-fpm php-cli -y
echo "Renaming nginx.conf to nginx.conf.bak"
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak
echo "Renaming httpd.conf to httpd.conf.bak"
mv /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
echo "Renaming php-fpm.d/www.conf to php-fpm.d/www.conf.bak"
mv /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.conf.bak
echo "Make directories..."
mkdir -p /etc/{nginx,httpd}/{sites-available,sites-enabled}
echo "Creating new nginx.conf..."
cat <<'EOT' > /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
server_tokens off;
#gzip on;
server {
listen 0.0.0.0:80 default_server;
server_name localhost;
root /usr/share/nginx/html;
location / {
deny all;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
}
EOT
echo "Creating new httpd.conf..."
cat <<'EOT' > /etc/httpd/conf/httpd.conf
ServerRoot "/etc/httpd"
Listen 127.0.0.1:8080
Include conf.modules.d/*.conf
User nginx
Group nginx
ServerAdmin root@localhost
ServerName localhost
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/*/web">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "/var/log/httpd/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
#CustomLog "/var/log/httpd/access_log" common
CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule remoteip_module>
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1
RemoteIPTrustedProxy 127.0.0.1
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
#EnableMMAP off
EnableSendfile on
IncludeOptional conf.d/*.conf
IncludeOptional sites-enabled/*.conf
EOT
echo "Creating new www.conf..."
cat <<'EOT' > /etc/php-fpm.d/www.conf
[www]
user = nginx
group = nginx
listen = /run/php-fpm/www.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
EOT
echo "Enabling and starting services..."
systemctl enable --now nginx
systemctl enable --now httpd
systemctl enable --now php-fpm
echo "Opening http and https ports..."
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-port=443/tcp
firewall-cmd --runtime-to-permanent
firewall-cmd --reload
Скрипт позволяющий автоматизировать процесс добавления сайтов:
#!/bin/bash
read -p "Please enter your domain: " domain
echo "Make directories..."
if [ -e /etc/nginx/sites-available -a -e /etc/httpd/sites-available ];
then
echo "Directory /etc/nginx/sites-available and /etc/httpd/sites-available exist..."
else
mkdir -p /etc/{nginx,httpd}/{sites-available,sites-enabled}
fi
mkdir -p /var/www/$domain/{bak,log,ssl,web}
echo "Creating NGINX virtual host file for $domain"
cat <<EOT > /etc/nginx/sites-available/$domain.conf
server {
listen 80;
server_name $domain www.$domain;
root /var/www/$domain/web;
index index.php index.html;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_intercept_errors on;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
error_log /var/www/$domain/log/nginx_error.log error;
access_log /var/www/$domain/log/nginx_access.log;
}
EOT
echo "Creating Apache virtual host file for $domain"
cat <<EOT > /etc/httpd/sites-available/$domain.conf
<VirtualHost 127.0.0.1:8080>
ServerName $domain
ServerAlias www.$domain
DocumentRoot /var/www/$domain/web
LogLevel error
ErrorLog /var/www/$domain/log/apache_error.log
CustomLog /var/www/$domain/log/apache_access.log combined
</VirtualHost>
EOT
echo "Creating symbolic links..."
ln -s /etc/nginx/sites-available/$domain.conf /etc/nginx/sites-enabled/
ln -s /etc/httpd/sites-available/$domain.conf /etc/httpd/sites-enabled/
echo "Restarting web services..."
systemctl restart nginx
systemctl restart httpd