自动化部署达到以下几个目的:
1.编译
2.安装
3.生成HTTPS 证书
4.配置
5.设置Ubuntu 服务
首先将Nginx的压缩包解压并放在工程目录下,然后将要准备的的配置文件放在conf目录下,还有作为service需要的启动脚本文件nginx
目录结构如下:
# tree -L 2 tree -L 2 . ├── conf │ ├── agol.conf │ └── nginx.conf ├── install.sh ├── install.sh~ ├── nginx └── nginx-1.2.3 ├── auto ├── CHANGES ├── CHANGES.ru ├── conf ├── configure ├── contrib ├── html ├── LICENSE ├── man ├── README └── src 8 directories, 10 files
现在看一下install.sh脚本内容:#!/bin/bash source ../common/tool.sh installDpkg "libpcre3" installDpkg "libpcre3-dev" installDpkg "libssl-dev" installDpkg "openssl" cd ./nginx-1.2.3 ./configure --prefix=/usr/nginx --with-http_ssl_module make make install cd ../ cp ./nginx /etc/init.d/ update-rc.d nginx defaults cp -r ./conf/* /usr/nginx/conf/ #generate ssl certificate-begin cd /usr/nginx/conf openssl genrsa -des3 -out server.key -passout pass:freebird 1024 openssl req -new -key server.key -out server.csr -passin pass:freebird -batch cp server.key server.key.org openssl rsa -in server.key.org -out server.key -passin pass:freebird openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt cd - #generate ssl certificate-end service nginx start cd ./nginx-1.2.3 make clean
这里要关注的是生成证书的时候使用批处理方式openssl genrsa 命令用到 -passout pass:freebird 避免提示输入口令
openssl req 命令用到 -passin pass:freebird -batch 提供口令,避免输入一堆其他信息
openssl rsa 命令也用到 -passin pass:freebird 提供口令