-
-
Save AdamG100/aa96202a9dfa6e3d13537ea41ee78a8d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Written by: cPFence Team / https://cpfence.app/ | |
| # | |
| # Description: | |
| # This script automates OpenLiteSpeed configuration optimization. | |
| # It updates server settings, tuning, errorlog configurations, and ensures no duplicate sections. | |
| # Use with caution and test in a non-production environment first. | |
| # | |
| # License: Copyright (C) 2023 - 2024 Linkers Gate LLC. | |
| # Global Variables | |
| HTTPD_WORKERS="8" | |
| CPU_AFFINITY="1" | |
| ENABLE_LVE="0" | |
| IN_MEM_BUF_SIZE="256M" | |
| MAX_CONNECTIONS="10000" | |
| MAX_SSL_CONNECTIONS="10000" | |
| SND_BUF_SIZE="256k" | |
| RCV_BUF_SIZE="256k" | |
| TOTAL_IN_MEM_CACHE_SIZE="256M" | |
| MAX_MMAP_FILE_SIZE="32M" | |
| TOTAL_MMAP_CACHE_SIZE="256M" | |
| USE_AIO="3" | |
| AIO_BLOCK_SIZE="3" | |
| PHP_LSAPI_CHILDREN="250" | |
| LSAPI_AVOID_FORK="0" | |
| LSPHP_MAX_CONNS="250" | |
| LSPHP_AUTOSTART="2" | |
| # Log Configuration Variables | |
| LOG_LEVEL="ERROR" | |
| DEBUG_LEVEL="0" | |
| ROLLING_SIZE="10M" | |
| KEEP_DAYS="1" | |
| COMPRESS_ARCHIVE="1" | |
| # Using Enhance v12 option (set to 'on' if running directly on the host) | |
| Using_Enhance_v12="on" # Options: "on" or "off" | |
| ### DO NOT EDIT BELOW THIS LINE ### | |
| CONTAINER_NAME="openlitespeed" | |
| CONFIG_PATH="/usr/local/lsws/conf/httpd_config.conf" | |
| BACKUP_DIR="/usr/local/lsws/conf/" | |
| BACKUP_FILE="httpd_config_backup-$(date +"%d%m%y-%H%M%S").conf" | |
| MD5_FILE="/usr/local/src/ols_config_md5sum.txt" | |
| # Check if Using_Enhance_v12 is on or off and adjust the docker command accordingly | |
| if [ "$Using_Enhance_v12" = "on" ]; then | |
| docker_cmd="" | |
| else | |
| docker_cmd="docker exec $CONTAINER_NAME " | |
| fi | |
| # welcome message | |
| display_welcome() | |
| { | |
| echo "**********************************************************************************************" | |
| echo "* cPFence Web Security *" | |
| echo "* OpenLiteSpeed Optimization Script *" | |
| echo "* Copyright (C) 2023 - 2024 Linkers Gate LLC. *" | |
| echo "**********************************************************************************************" | |
| } | |
| display_welcome | |
| # Step 1: Calculate the current MD5 hash of the config file | |
| CURRENT_MD5=$(${docker_cmd}md5sum $CONFIG_PATH | awk '{print $1}') | |
| # Step 2: Check if the MD5 file exists and compare hashes | |
| # Also check if log configuration needs to be applied | |
| LOG_CONFIG_NEEDED=0 | |
| # Check if errorlog block exists and has our settings | |
| ${docker_cmd}grep -q "errorlog logs/error.log {" $CONFIG_PATH | |
| if [ $? -eq 0 ]; then | |
| # Check if our log settings exist within the errorlog block | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "logLevel.*$LOG_LEVEL" | |
| if [ $? -ne 0 ]; then | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "debugLevel.*$DEBUG_LEVEL" | |
| if [ $? -ne 0 ]; then | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "rollingSize.*$ROLLING_SIZE" | |
| if [ $? -ne 0 ]; then | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "keepDays.*$KEEP_DAYS" | |
| if [ $? -ne 0 ]; then | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "compressArchive.*$COMPRESS_ARCHIVE" | |
| if [ $? -ne 0 ]; then | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| else | |
| LOG_CONFIG_NEEDED=1 | |
| fi | |
| if test -f "$MD5_FILE"; then | |
| STORED_MD5=$(cat $MD5_FILE) | |
| if [ "$CURRENT_MD5" == "$STORED_MD5" ] && [ "$LOG_CONFIG_NEEDED" -eq 0 ]; then | |
| echo "No changes detected in the configuration and log settings are already applied. Exiting..." | |
| exit 0 | |
| else | |
| if [ "$CURRENT_MD5" != "$STORED_MD5" ]; then | |
| echo "Configuration has changed, applying updates..." | |
| fi | |
| if [ "$LOG_CONFIG_NEEDED" -eq 1 ]; then | |
| echo "Log configuration needs to be applied..." | |
| fi | |
| fi | |
| else | |
| echo "No MD5 file found, applying updates..." | |
| fi | |
| # Step 3: Backup the current configuration | |
| ${docker_cmd}cp -a $CONFIG_PATH $BACKUP_DIR$BACKUP_FILE | |
| echo "Backup created: $BACKUP_DIR$BACKUP_FILE" | |
| # Step 4: Function to add or replace config values in specific sections | |
| update_or_add_config() { | |
| SECTION=$1 | |
| PARAMETER=$2 | |
| VALUE=$3 | |
| # Find the section first, then add or replace the parameter in that section | |
| ${docker_cmd}grep -q "$SECTION" $CONFIG_PATH | |
| if [ $? -eq 0 ]; then | |
| # Check if the parameter exists within the section | |
| ${docker_cmd}sed -n "/$SECTION/,/^[^ ]/p" $CONFIG_PATH | grep -q "$PARAMETER" | |
| if [ $? -eq 0 ]; then | |
| # Parameter exists, replace it within the section | |
| ${docker_cmd}sed -i "/$SECTION/,/^[^ ]/ s/\($PARAMETER\s*\).*/\1$VALUE/" $CONFIG_PATH | |
| echo "Updated $PARAMETER to $VALUE in $SECTION" | |
| else | |
| # Parameter doesn't exist, append it to the section | |
| ${docker_cmd}sed -i "/$SECTION/a\\ $PARAMETER $VALUE" $CONFIG_PATH | |
| echo "Added $PARAMETER with value $VALUE to $SECTION" | |
| fi | |
| else | |
| echo "Section $SECTION not found." | |
| fi | |
| } | |
| # Function to update nested errorlog parameters within serverName section | |
| update_errorlog_config() { | |
| PARAMETER=$1 | |
| VALUE=$2 | |
| # Check if the parameter exists within the errorlog block | |
| ${docker_cmd}sed -n "/errorlog logs\/error.log {/,/}/p" $CONFIG_PATH | grep -q "$PARAMETER" | |
| if [ $? -eq 0 ]; then | |
| # Parameter exists, replace it within the errorlog block | |
| ${docker_cmd}sed -i "/errorlog logs\/error.log {/,/}/ s/\($PARAMETER\s*\).*/\1$VALUE/" $CONFIG_PATH | |
| echo "Updated $PARAMETER to $VALUE in errorlog block" | |
| else | |
| # Parameter doesn't exist, append it before the closing brace of errorlog block | |
| ${docker_cmd}sed -i "/errorlog logs\/error.log {/,/}/ { | |
| /enableStderrLog.*1/ a\\ $PARAMETER $VALUE | |
| }" $CONFIG_PATH | |
| echo "Added $PARAMETER with value $VALUE to errorlog block" | |
| fi | |
| } | |
| # Step 5: Handle serverName and related settings if missing | |
| ${docker_cmd}grep -q "serverName" $CONFIG_PATH | |
| if [ $? -ne 0 ]; then | |
| ${docker_cmd}sed -i "1i serverName\n" $CONFIG_PATH | |
| echo "Added serverName block at the top of the file." | |
| fi | |
| # Add missing httpdWorkers, cpuAffinity, and enableLVE | |
| update_or_add_config "serverName" "httpdWorkers" "$HTTPD_WORKERS" | |
| update_or_add_config "serverName" "cpuAffinity" "$CPU_AFFINITY" | |
| update_or_add_config "serverName" "enableLVE" "$ENABLE_LVE" | |
| update_or_add_config "serverName" "inMemBufSize" "$IN_MEM_BUF_SIZE" | |
| # Step 6: Update tuning settings | |
| update_or_add_config "tuning" "maxConnections" "$MAX_CONNECTIONS" | |
| update_or_add_config "tuning" "maxSSLConnections" "$MAX_SSL_CONNECTIONS" | |
| update_or_add_config "tuning" "sndBufSize" "$SND_BUF_SIZE" | |
| update_or_add_config "tuning" "rcvBufSize" "$RCV_BUF_SIZE" | |
| update_or_add_config "tuning" "totalInMemCacheSize" "$TOTAL_IN_MEM_CACHE_SIZE" | |
| update_or_add_config "tuning" "maxMMapFileSize" "$MAX_MMAP_FILE_SIZE" | |
| update_or_add_config "tuning" "totalMMapCacheSize" "$TOTAL_MMAP_CACHE_SIZE" | |
| # Correct useAIO and AIOBlockSize mappings to 3 | |
| update_or_add_config "tuning" "useAIO" "$USE_AIO" | |
| update_or_add_config "tuning" "AIOBlockSize" "$AIO_BLOCK_SIZE" | |
| # Step 7: Update errorlog settings | |
| echo "Configuring error log settings..." | |
| # Check if errorlog block exists within serverName | |
| ${docker_cmd}grep -q "errorlog logs/error.log {" $CONFIG_PATH | |
| if [ $? -eq 0 ]; then | |
| # Update existing errorlog block | |
| update_errorlog_config "keepDays" "$KEEP_DAYS" | |
| update_errorlog_config "compressArchive" "$COMPRESS_ARCHIVE" | |
| # Also update the other settings if needed | |
| update_errorlog_config "logLevel" "$LOG_LEVEL" | |
| update_errorlog_config "debugLevel" "$DEBUG_LEVEL" | |
| update_errorlog_config "rollingSize" "$ROLLING_SIZE" | |
| else | |
| echo "Errorlog block not found in expected format" | |
| fi | |
| # Step 8: Update external processor settings for lsphp (Correct env values) | |
| ${docker_cmd}sed -i "s/env\s*PHP_LSAPI_CHILDREN=.*/env PHP_LSAPI_CHILDREN=$PHP_LSAPI_CHILDREN/" $CONFIG_PATH | |
| ${docker_cmd}sed -i "s/env\s*LSAPI_AVOID_FORK=.*/env LSAPI_AVOID_FORK=$LSAPI_AVOID_FORK/" $CONFIG_PATH | |
| # Step 9: Correctly target maxConns in extprocessor lsphp only | |
| ${docker_cmd}sed -i "/extprocessor lsphp {/,/}/ s/maxConns\s*.*/maxConns $LSPHP_MAX_CONNS/" $CONFIG_PATH | |
| # Update autoStart for lsphp | |
| update_or_add_config "extprocessor lsphp" "autoStart" "$LSPHP_AUTOSTART" | |
| # Step 10: Save the new MD5 hash of the config file | |
| ${docker_cmd}md5sum $CONFIG_PATH | awk '{print $1}' > $MD5_FILE | |
| # Step 11: Restart OpenLiteSpeed to apply the changes | |
| ${docker_cmd}/usr/local/lsws/bin/lswsctrl restart | |
| echo "OpenLiteSpeed restarted with updated configuration." | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment