Saltstack state安装nignx:修订间差异
跳转到导航
跳转到搜索
(没有差异)
|
2021年8月12日 (四) 12:37的最新版本
ins
注意 这个版本只是一个例子 还要优化才行 ip 192.168.88.60 ubuntu18.04
前提 已安装好 master minion
创建目录 mkdir -p /srv/salt/prod/pcre/files/ mkdir -p /srv/salt/prod/nginx/files/ 下载pcre和nginx源码包保存到各自的files目录下 root@myxps:/srv/salt/prod# ls nginx/files/ nginx-1.20.1.tar.gz openssl-1.1.1k.tar.gz wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.bz2 root@myxps:/srv/salt/prod# ls pcre/files/ pcre-8.42.tar.bz2
编写pcre安装文件
vi /srv/salt/prod/pcre/install.sls
pcre-source-install:
file.managed:
- name: /usr/local/src/pcre-8.42.tar.bz2
- source: salt://pcre/files/pcre-8.42.tar.bz2
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install
编写nginx安装文件
vi /srv/salt/prod/pcre/install.sls
pcre-source-install:
file.managed:
- name: /usr/local/src/pcre-8.42.tar.bz2
- source: salt://pcre/files/pcre-8.42.tar.bz2
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install
root@myxps:/srv/salt/prod# cat /srv/salt/prod/nginx/install.sls
include:
- pcre.install
- user.www
nginx-source-install:
file.managed:
- name: /usr/local/src/nginx-1.20.1.tar.gz
- source: salt://nginx/files/nginx-1.20.1.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf nginx-1.20.1.tar.gz && cd nginx-1.20.1 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.42 --without-http_gzip_module && make && make install && chown -R www:www /usr/local/nginx
- unless: test -d /usr/local/nginx
- require:
- user: www-user-group
- file: nginx-source-install
- cmd: pcre-source-install
编写nginx.conf
cat /srv/salt/prod/nginx/files/nginx.conf
user www;
worker_processes 16;
error_log logs/error.log error;
worker_rlimit_nofile 30000;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
underscores_in_headers on;
keepalive_timeout 10;
send_timeout 60;
include /usr/local/nginx/conf/vhost/*.conf;
server {
listen 80;
server_name 127.0.0.1;
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}
编写Nginx的service.sls启动服务
cat /srv/salt/prod/nginx/service.sls
include:
- nginx.install
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx-init
- mode: 755
- user: root
- group: root
cmd.run:
- name: systemctl enable nginx
- unless: systemctl list-unit-files | grep nginx
- require:
- file: nginx-init
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
- user: www
- group: www
- mode: 644
nginx-service:
file.directory:
- name: /usr/local/nginx/conf/vhost
- require:
- cmd: nginx-source-install
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- cmd: nginx-init
- watch:
- file: /usr/local/nginx/conf/nginx.conf
创建www用户
# 其实debian派的 有个 www-data用户的
这里我手工操作了一下
adduser www
/sbin/nologin
cat /srv/salt/prod/user/www.sls
www-user-group:
group.present:
- name: www
- gid: 1001
user.present:
- name: www
- fullname: www
- shell: /sbin/nologin
- uid: 1001
- gid: 1001
修改top.sls
cat /srv/salt/base/top.sls
prod:
'ubuntu18':
- nginx.install
如果是ubuntu ,centos的话 得改一下
cat /srv/salt/prod/pkg/pkg-init.sls
pkg-init:
pkg.installed:
- names:
- build-essential
- libtool
- libpcre3
- libpcre3-dev
- openssl
- libssl-dev
测试并运行
[root@localhost salt]# salt '*' state.highstate test=True [root@localhost salt]# salt '*' state.highstate
see also
优化
https://github.com/tjkt/saltstack-nginx/tree/master/salt