opensource/download
opensource/download
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
download/panel/php/install.sh
耗子 3446aa4db1
feat: first commit
2024-11-10 02:06:42 +08:00

255 lines
11 KiB (Stored with Git LFS)
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH
: '
Copyright (C) 2022 - now HaoZi Technology Co., Ltd.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
'
source <(curl -f -s --connect-timeout 10 --retry 3 https://dl.cdn.haozi.net/panel/public.sh)
if [ $? -ne 0 ]; then
echo "下载 public.sh 失败,请检查网络或稍后重试。"
echo "Download public.sh failed, please check the network or try again later."
exit 1
fi
channel=${1}
version=${2}
php_path="${setup_path}/server/php/${channel}"
j=$(calculate_j)
# 安装依赖
if [ ${OS} == "rhel" ]; then
dnf makecache
dnf groupinstall "Development Tools" -y
# openEuler 没有 libavif-devel单独安装防止报错
dnf install libavif-devel -y
dnf install autoconf glibc-headers gdbm-devel gd gd-devel re2c systemd-devel perl oniguruma-devel libsodium-devel libxml2-devel sqlite-devel libzip-devel bzip2-devel xz-devel libpng-devel libjpeg-devel libwebp-devel freetype-devel gmp-devel openssl-devel readline-devel libxslt-devel libcurl-devel pkgconfig libedit-devel zlib-devel pcre-devel crontabs libicu libicu-devel c-ares -y
elif [ ${OS} == "debian" ] || [ ${OS} == "ubuntu" ]; then
apt-get update
apt-get install build-essential autoconf libc6-dev libgdbm-dev libgd-tools libgd-dev re2c libsystemd-dev perl libonig-dev libsodium-dev libxml2-dev libsqlite3-dev libzip-dev libbz2-dev liblzma-dev libpng-dev libjpeg-dev libwebp-dev libavif-dev libfreetype6-dev libgmp-dev libssl-dev libreadline-dev libxslt1-dev libcurl4-openssl-dev pkg-config libedit-dev zlib1g-dev libpcre3-dev cron libicu-dev libc-ares2 libc-ares-dev -y
else
error "不支持的操作系统"
fi
if [ "$?" != "0" ]; then
error "安装依赖软件失败"
fi
# 准备安装目录
rm -rf ${php_path}
mkdir -p ${php_path}
cd ${php_path}
# 下载源码
wget -T 120 -t 3 -O ${php_path}/php-${version}.7z ${download_url}/php/php-${version}.7z
wget -T 20 -t 3 -O ${php_path}/php-${version}.7z.sha256 ${download_url}/php/php-${version}.7z.sha256
if ! sha256sum --status -c php-${version}.7z.sha256; then
rm -rf ${php_path}
error "PHP-${channel} 校验失败"
fi
7z x php-${version}.7z
rm -f php-${version}.7z
rm -f php-${version}.7z.sha256
mv php-* src
chmod -R 700 src
# 配置
cd src
# PHP <= 80 openssl3 补丁
if [ ${channel} -le "80" ]; then
wget -T 20 -t 3 -O php-${channel}-openssl3.patch ${download_url}/php/php-${channel}-openssl3.patch
wget -T 20 -t 3 -O php-${channel}-openssl3.patch.sha256 ${download_url}/php/php-${channel}-openssl3.patch.sha256
if ! sha256sum --status -c php-${channel}-openssl3.patch.sha256; then
rm -rf ${php_path}
error "PHP-${channel} openssl3 补丁校验失败"
fi
patch -p1 <php-${channel}-openssl3.patch
fi
# 个别系统可能没有libavif
WITH_AVIF=""
if pkg-config --exists libavif; then
WITH_AVIF="--with-avif"
fi
# EOL 补丁版本中没有附带 configure 文件
if [ ! -f "configure" ]; then
./buildconf --force
fi
# 配置
if [ ${channel} -ge "81" ]; then
./configure --prefix=${php_path} --with-config-file-path=${php_path}/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-fpm-systemd --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-freetype --with-jpeg --with-zlib --enable-xml --disable-rpath --enable-bcmath --enable-shmop --with-curl --enable-mbregex --enable-mbstring --enable-pcntl --enable-ftp --enable-gd --with-openssl --with-mhash --enable-pcntl --enable-sockets --enable-soap --disable-fileinfo --enable-opcache --with-sodium --with-webp ${WITH_AVIF}
else
./configure --prefix=${php_path} --with-config-file-path=${php_path}/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-fpm-systemd --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-freetype --with-jpeg --with-zlib --enable-xml --disable-rpath --enable-bcmath --enable-shmop --with-curl --enable-mbregex --enable-mbstring --enable-pcntl --enable-ftp --enable-gd --with-openssl --with-mhash --enable-pcntl --enable-sockets --enable-soap --disable-fileinfo --enable-opcache --with-sodium --with-webp
fi
# RHEL 8 PHP 8.3+ 修复
# https://github.com/php/php-src/issues/12774
if [ ${OS} == "rhel" ] && [ $(rpm -E %{rhel}) == "8" ] && [ ${channel} -ge "83" ]; then
sed -i 's|^CC = cc|CC = cc -fPIE -pie|g' Makefile
sed -i 's|^BUILD_CC = cc|BUILD_CC = cc -fPIE -pie|g' Makefile
fi
# 编译安装
make "-j${j}"
make install
if [ ! -f "${php_path}/bin/php" ]; then
rm -rf ${php_path}
error "PHP-${channel} 安装失败"
fi
# 创建php配置
mkdir -p ${php_path}/etc
\cp php.ini-production ${php_path}/etc/php.ini
# 写入拓展标记位
echo ";下方面板标记位禁止删除否则将无法安装PHP拓展" >>${php_path}/etc/php.ini
echo ";The following panel flags are not allowed to be deleted, otherwise PHP extensions cannot be installed!" >>${php_path}/etc/php.ini
echo ";panel" >>${php_path}/etc/php.ini
# 安装 zip 拓展
cd ${php_path}/src/ext/zip
${php_path}/bin/phpize
./configure --with-php-config=${php_path}/bin/php-config
make "-j${j}"
make install
if [ "$?" != "0" ]; then
rm -rf ${php_path}
error "PHP-${channel} zip 拓展安装失败"
fi
echo "extension=zip" >>${php_path}/etc/php.ini
cd ${php_path}/src
# 设置软链接
ln -sf ${php_path}/bin/php /usr/bin/php
ln -sf ${php_path}/bin/php /usr/bin/php${channel}
ln -sf ${php_path}/bin/php /usr/bin/php-${channel}
ln -sf ${php_path}/bin/phpize /usr/bin/phpize
ln -sf ${php_path}/bin/pear /usr/bin/pear
ln -sf ${php_path}/bin/pecl /usr/bin/pecl
ln -sf ${php_path}/sbin/php-fpm /usr/bin/php-fpm-${channel}
# 设置fpm
cat >${php_path}/etc/php-fpm.conf <<EOF
[global]
pid = ${php_path}/var/run/php-fpm.pid
error_log = ${php_path}/var/log/php-fpm.log
log_level = notice
[www]
listen = /tmp/php-cgi-${channel}.sock
listen.backlog = -1
listen.allowed_clients = 127.0.0.1
listen.owner = www
listen.group = www
listen.mode = 0666
user = www
group = www
pm = dynamic
pm.max_children = 30
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.status_path = /phpfpm_status/${channel}
request_terminate_timeout = 100
request_slowlog_timeout = 30
slowlog = var/log/slow.log
EOF
# 设置PHP进程数
memTotal=$(free -m | grep Mem | awk '{print $2}')
if [[ ${memTotal} -gt 1024 && ${memTotal} -le 2048 ]]; then
sed -i "s#pm.max_children.*#pm.max_children = 50#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.start_servers.*#pm.start_servers = 5#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.min_spare_servers.*#pm.min_spare_servers = 5#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.max_spare_servers.*#pm.max_spare_servers = 10#" ${php_path}/etc/php-fpm.conf
elif [[ ${memTotal} -gt 2048 && ${memTotal} -le 4096 ]]; then
sed -i "s#pm.max_children.*#pm.max_children = 80#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.start_servers.*#pm.start_servers = 5#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.min_spare_servers.*#pm.min_spare_servers = 5#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.max_spare_servers.*#pm.max_spare_servers = 20#" ${php_path}/etc/php-fpm.conf
elif [[ ${memTotal} -gt 4096 && ${memTotal} -le 8192 ]]; then
sed -i "s#pm.max_children.*#pm.max_children = 150#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.start_servers.*#pm.start_servers = 10#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.min_spare_servers.*#pm.min_spare_servers = 10#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.max_spare_servers.*#pm.max_spare_servers = 30#" ${php_path}/etc/php-fpm.conf
elif [[ ${memTotal} -gt 8192 && ${memTotal} -le 16384 ]]; then
sed -i "s#pm.max_children.*#pm.max_children = 200#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.start_servers.*#pm.start_servers = 15#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.min_spare_servers.*#pm.min_spare_servers = 15#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.max_spare_servers.*#pm.max_spare_servers = 30#" ${php_path}/etc/php-fpm.conf
elif [[ ${memTotal} -gt 16384 ]]; then
sed -i "s#pm.max_children.*#pm.max_children = 300#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.start_servers.*#pm.start_servers = 20#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.min_spare_servers.*#pm.min_spare_servers = 20#" ${php_path}/etc/php-fpm.conf
sed -i "s#pm.max_spare_servers.*#pm.max_spare_servers = 50#" ${php_path}/etc/php-fpm.conf
fi
sed -i "s#listen.backlog.*#listen.backlog = 8192#" ${php_path}/etc/php-fpm.conf
# 最大上传限制100M
sed -i 's/post_max_size =.*/post_max_size = 100M/g' ${php_path}/etc/php.ini
sed -i 's/upload_max_filesize =.*/upload_max_filesize = 100M/g' ${php_path}/etc/php.ini
# 时区PRC
sed -i 's/;date.timezone =.*/date.timezone = PRC/g' ${php_path}/etc/php.ini
sed -i 's/short_open_tag =.*/short_open_tag = On/g' ${php_path}/etc/php.ini
sed -i 's/;cgi.fix_pathinfo=.*/cgi.fix_pathinfo=1/g' ${php_path}/etc/php.ini
# 最大运行时间
sed -i 's/max_execution_time =.*/max_execution_time = 86400/g' ${php_path}/etc/php.ini
sed -i 's/;sendmail_path =.*/sendmail_path = \/usr\/sbin\/sendmail -t -i/g' ${php_path}/etc/php.ini
# 禁用函数
sed -i 's/disable_functions =.*/disable_functions = passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv/g' ${php_path}/etc/php.ini
sed -i 's/display_errors = Off/display_errors = On/g' ${php_path}/etc/php.ini
sed -i 's/error_reporting =.*/error_reporting = E_ALL \& \~E_NOTICE/g' ${php_path}/etc/php.ini
# 设置SSL根证书
#sed -i "s#;openssl.cafile=#openssl.cafile=/etc/pki/tls/certs/ca-bundle.crt#" ${php_path}/etc/php.ini
#sed -i "s#;curl.cainfo =#curl.cainfo = /etc/pki/tls/certs/ca-bundle.crt#" ${php_path}/etc/php.ini
# 关闭php外显
sed -i 's/expose_php = On/expose_php = Off/g' ${php_path}/etc/php.ini
# 写入nginx调用php配置文件
cat >${setup_path}/server/nginx/conf/enable-php-${channel}.conf <<EOF
location ~ \.php$ {
try_files \$uri =404;
fastcgi_pass unix:/tmp/php-cgi-${channel}.sock;
fastcgi_index index.php;
include fastcgi.conf;
include pathinfo.conf;
}
EOF
# 添加php-fpm到服务
\cp ${php_path}/src/sapi/fpm/php-fpm.service /lib/systemd/system/php-fpm-${channel}.service
sed -i "/PrivateTmp/d" /lib/systemd/system/php-fpm-${channel}.service
systemctl daemon-reload
# 启动php
systemctl enable --now php-fpm-${channel}
if [ "$?" != "0" ]; then
error "PHP-${channel} 启动失败"
fi
panel-cli app write php${channel} ${channel} ${version}
echo -e $HR
echo "安装完成"
echo -e $HR
Reference in New Issue View Git Blame Copy Permalink