function build($OnlySingle = false) { if (isset($GLOBALS[__FILE__ . __FUNCTION__])) { return; } $GLOBALS[__FILE__ . __FUNCTION__] = true; $unix = new unix(); $php5 = $unix->LOCATE_PHP5_BIN(); shell_exec("/etc/init.d/mysql start"); build_progress("{building_main_settings}", 10); if ($unix->SQUID_GET_LISTEN_PORT() == 80) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n"; } shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n"; } shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__)); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n"; } } if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n"; } shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n"; } shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__)); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n"; } } $reconfigured = false; if ($unix->APACHE_GET_LISTEN_PORT() == 80) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n"; } shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force"); shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force"); shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force"); $reconfigured = true; } if (!$reconfigured) { if ($unix->APACHE_GET_LISTEN_PORT() == 443) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n"; } shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force"); } } $APACHE_USER = $unix->APACHE_SRC_ACCOUNT(); $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP(); $NginxProxyStorePath = "/home/nginx"; @mkdir("/etc/nginx/sites-enabled", 0755, true); @mkdir("/etc/nginx/local-sites", 0755, true); @mkdir("/etc/nginx/local-sslsites", 0755, true); @mkdir($NginxProxyStorePath, 0755, true); @mkdir($NginxProxyStorePath . "/tmp", 0755, true); @mkdir($NginxProxyStorePath . "/disk", 0755, true); @mkdir("/var/lib/nginx/fastcgi", 0755, true); @mkdir("/home/nginx/tmp", 0755, true); $Tempdir = $unix->TEMP_DIR() . "/nginx"; @mkdir($Tempdir, 0755, true); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled"); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp"); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk"); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi"); $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir); nginx_ulimit(); $workers = $unix->CPU_NUMBER(); build_progress("Building configuration", 15); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n"; } if (is_file("/etc/nginx/sites-enabled/default")) { @unlink("/etc/nginx/sites-enabled/default"); } if (is_link("/etc/nginx/sites-enabled/default")) { @unlink("/etc/nginx/sites-enabled/default"); } if (is_link("/etc/nginx/conf.d/example_ssl.conf")) { @unlink("/etc/nginx/conf.d/example_ssl.conf"); } $limit = 4096 * $workers; if ($limit > 65535) { $limit = 65535; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n"; } $L = explode("\n", @file_get_contents("/etc/security/limits.conf")); $FOUNDL = false; $T = array(); while (list($index, $line) = each($L)) { $line = trim($line); if (trim($line) == null) { continue; } if (substr($line, 0, 1) == "#") { continue; } if (preg_match("#^{$APACHE_USER}#", $line)) { continue; } $T[] = $line; } if (!$FOUNDL) { $T[] = "{$APACHE_USER} soft nofile {$limit}"; $T[] = "{$APACHE_USER} hard nofile {$limit}"; } @file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n"); $L = array(); $T = array(); $MEMORY = $unix->MEM_TOTAL_INSTALLEE(); $server_names_hash_bucket_size = 128; $worker_connections = 8192; if ($MEMORY < 624288) { $server_names_hash_bucket_size = 64; $worker_connections = 1024; $workers = 4; } $mail_protocols = mail_protocols(); // $f[] = "# Builded on " . date("Y-m-d H:i:s"); $f[] = "user {$APACHE_USER};"; $f[] = "worker_processes {$workers};"; $nginx_version = nginx_version(); preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re); $re[1] = intval($re[1]); $re[2] = intval($re[2]); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n"; } $syslog = false; $f[] = "worker_rlimit_nofile 16384;"; $f[] = "timer_resolution 1ms;"; $f[] = ""; if ($re[1] > 0) { if ($re[2] > 6) { $f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;"; $syslog = true; } } $syslog = false; if (!$syslog) { $f[] = "error_log /var/log/nginx/error.log warn;"; } $f[] = "pid /var/run/nginx.pid;"; $f[] = ""; $f[] = ""; $f[] = "events {"; $f[] = " worker_connections {$worker_connections};"; $f[] = " multi_accept on;"; $f[] = " use epoll;"; $f[] = "\t accept_mutex_delay 1ms;"; $f[] = "}"; $upstream = new nginx_upstream(); $upstreams_servers = $upstream->build(); $f[] = ""; $f[] = ""; $f[] = "http {"; $f[] = "\tinclude /etc/nginx/mime.types;"; $f[] = "\tlog_format awc_log"; $f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '"; $f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '"; $f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';"; $f[] = ""; $f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;"; $q = new mysql_squid_builder(); $results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0"); while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) { $servername = $ligne["servername"]; $ZoneName = str_replace(".", "", $servername); $ZoneName = str_replace("-", "", $servername); $ZoneName = str_replace("_", "", $servername); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n"; } $f[] = "\tlimit_req_zone \$binary_remote_addr zone={$ZoneName}:10m rate={$ligne["LimitReqs"]}r/s;"; } $nginxClass = new nginx(); if ($nginxClass->IsSubstitutions()) { //$f[]="\tsubs_filter_types text/html text/css text/xml;"; } @mkdir($Tempdir, 0775, true); @mkdir("/home/nginx/tmp", 0755, true); $f[] = "\tlimit_conn_log_level info;"; $f[] = "\tclient_body_temp_path {$Tempdir} 1 2;"; $f[] = "\tclient_header_timeout 5s;"; $f[] = "\tclient_body_timeout 5s;"; $f[] = "\tsend_timeout 10m;"; $f[] = "\tconnection_pool_size 128k;"; $f[] = "\tclient_header_buffer_size 16k;"; $f[] = "\tlarge_client_header_buffers 1024 128k;"; $f[] = "\trequest_pool_size 128k;"; $f[] = "\tkeepalive_requests 1000;"; $f[] = "\tkeepalive_timeout 10;"; $f[] = "\tclient_max_body_size 10g;"; $f[] = "\tclient_body_buffer_size 1m;"; $f[] = "\tclient_body_in_single_buffer on;"; $f[] = "\topen_file_cache max=10000 inactive=300s;"; $f[] = "\treset_timedout_connection on;"; $f[] = "\ttypes_hash_max_size 8192;"; $f[] = "\tserver_names_hash_bucket_size 128;"; $f[] = "\tserver_names_hash_max_size 512;"; $f[] = "\tvariables_hash_max_size 512;"; $f[] = "\tvariables_hash_bucket_size 128;"; $f[] = "\tfastcgi_buffers 8 16k;"; $f[] = "\tfastcgi_buffer_size 32k;"; $f[] = "\tfastcgi_connect_timeout 300;"; $f[] = "\tfastcgi_send_timeout 300;"; $f[] = "\tfastcgi_read_timeout 300;"; $f[] = "map \$scheme \$server_https {"; $f[] = "default off;"; $f[] = "https on;"; $f[] = "}\t"; $f[] = "\tgzip on;"; $f[] = "\tgzip_disable msie6;"; $f[] = "\tgzip_static on;"; $f[] = "\tgzip_min_length 1100;"; $f[] = "\tgzip_buffers 16 8k;"; $f[] = "\tgzip_comp_level 9;"; $f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;"; $f[] = "\tgzip_vary on;"; $f[] = "\tgzip_proxied any;"; $f[] = "\toutput_buffers 1000 128k;"; $f[] = "\tpostpone_output 1460;"; $f[] = "\tsendfile on;"; $f[] = "\tsendfile_max_chunk 256k;"; $f[] = "\ttcp_nopush on;"; $f[] = "\ttcp_nodelay on;"; $f[] = "\tserver_tokens off;"; $dns = new resolv_conf(); $sock = new sockets(); if ($sock->dnsmasq_enabled()) { $resolver[] = "127.0.0.1"; } if ($dns->MainArray["DNS1"] != null) { $resolver[] = $dns->MainArray["DNS1"]; } if ($dns->MainArray["DNS2"] != null) { $resolver[] = $dns->MainArray["DNS2"]; } if ($dns->MainArray["DNS3"] != null) { $resolver[] = $dns->MainArray["DNS3"]; } $f[] = "\tresolver " . @implode(" ", $resolver) . ";"; $f[] = "\tignore_invalid_headers on;"; $f[] = "\tindex index.html;"; $f[] = "\tadd_header X-CDN \"Served by myself\";"; $q = new mysql_squid_builder(); $sql = "SELECT * FROM nginx_caches ORDER BY directory"; $results = $q->QUERY_SQL($sql); while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) { $directory = $ligne["directory"]; @mkdir($directory, 0755, true); $unix->chown_func("www-data", "www-data", $directory); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n"; } $f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};"; } $f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;"; $f[] = "\tproxy_cache_valid 404 10m;"; $f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;"; $f[] = "\tproxy_cache_valid any 4320m;"; $f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;"; $f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;"; $f[] = "\tproxy_redirect off;"; $f[] = "\tproxy_set_header Host \$http_host;"; $f[] = "\tproxy_set_header Server Apache;"; $f[] = "\tproxy_set_header Connection Close;"; $f[] = "\tproxy_pass_header Set-Cookie;"; $f[] = "\tproxy_pass_header User-Agent;"; $f[] = "\tproxy_set_header X-Accel-Buffering on;"; $f[] = "\tproxy_hide_header X-CDN;"; $f[] = "\tproxy_hide_header X-Server;"; $f[] = "\tproxy_intercept_errors off;"; $f[] = "\tproxy_ignore_client_abort on;"; $f[] = "\tproxy_connect_timeout 60s;"; $f[] = "\tproxy_send_timeout 60s;"; $f[] = "\tproxy_read_timeout 150s;"; $f[] = "\tproxy_buffer_size 64k;"; $f[] = "\tproxy_buffers 16384 128k;"; $f[] = "\tproxy_busy_buffers_size 256k;"; $f[] = "\tproxy_temp_file_write_size 128k;"; $f[] = "\tproxy_headers_hash_bucket_size 128;"; $f[] = "\tproxy_cache_min_uses 0;"; $f[] = ""; $f[] = "{$upstreams_servers}"; $f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;"; $f[] = "\tinclude /etc/nginx/local-sites/*.conf;"; $f[] = "\tinclude /etc/nginx/conf.d/*.conf;"; $f[] = "\t}"; $f[] = $mail_protocols; $f[] = ""; @copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak"); @file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f)); if (!$OnlySingle) { if ($GLOBALS["VERBOSE"]) { echo __FUNCTION__ . "." . __LINE__ . ": OK...\n"; } build_progress("Building default configuration", 10); build_default(true); build_localhosts(); if ($GLOBALS["VERBOSE"]) { echo __FUNCTION__ . "." . __LINE__ . ": OK...\n"; } } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n"; } } if ($GLOBALS["RECONFIGURE"]) { $pid = PID_NUM(); if (is_numeric($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n"; } $kill = $unix->find_program("kill"); unix_system_HUP($pid); } else { start(true); } } build_progress("Building configuration done", 10); }