server conf updated

linux optim updated auto-server update improved
2018-07-06 19:40:47 -05:00 · 2018-07-06 19:40:47 -05:00 · eb805bd17c
parent d36c437cf0
commit eb805bd17c
2 changed files with 57 additions and 10 deletions
--- a/lib/install
+++ b/lib/install
@ -7,7 +7,7 @@ app_version() {
 	echo $app_ver
 }
 svr_version() { 
-	local ser_ver="1.1"
+	local ser_ver="1.2"
 	echo $ser_ver
 }

@ -76,15 +76,49 @@ LimitNOFILE=$nginxfd" | tee -a /etc/systemd/system/nginx.service.d/nofile_limit.
 	#echo "tmpfs    /var/run/nginx-cache   tmpfs   size=${cacheram}M,mode=0744,uid=www-data,gid=www-data   0   0" | sudo tee -a /etc/fstab
 	#sudo mount /var/run/nginx-cache
 	
-	# Linux Optimization - https://www.linode.com/docs/web-servers/nginx/configure-nginx-for-optimized-performance
 	sudo echo "# WebinolyStart - Don't delete
 fs.file-max = $newfd
+fs.nr_open=12000000
+vm.min_free_kbytes=65536
 net.core.somaxconn = 65536
+net.core.wmem_max=16777216
+net.core.rmem_max=16777216
+net.core.netdev_max_backlog=8192
+net.core.optmem_max=8192
+net.ipv4.ip_local_port_range=1024 65535
+net.ipv4.icmp_echo_ignore_broadcasts = 1
+net.ipv4.icmp_ignore_bogus_error_responses = 1
 net.ipv4.tcp_max_tw_buckets = 1440000
-net.ipv4.ip_local_port_range = 1024 65000
-net.ipv4.tcp_fin_timeout = 20
 net.ipv4.tcp_window_scaling = 1
 net.ipv4.tcp_max_syn_backlog = 3240000
+net.ipv4.tcp_rmem=8192 87380 16777216                                          
+net.ipv4.tcp_wmem=8192 65536 16777216
+net.ipv4.tcp_fin_timeout=10
+net.ipv4.tcp_keepalive_intvl=30
+net.ipv4.tcp_keepalive_probes=3
+net.ipv4.tcp_keepalive_time=240
+net.ipv4.tcp_sack=1
+net.ipv4.tcp_syn_retries=3
+net.ipv4.tcp_synack_retries = 2
+net.ipv4.tcp_tw_recycle = 0
+net.ipv4.tcp_tw_reuse = 0
+net.ipv4.tcp_slow_start_after_idle=0
+net.ipv4.tcp_rfc1337=1
+net.ipv4.tcp_challenge_ack_limit = 999999999
+net.ipv4.tcp_mtu_probing = 1
+net.ipv4.tcp_base_mss = 1024
+net.ipv4.conf.all.accept_redirects = 0
+net.ipv4.conf.all.accept_source_route = 0
+net.ipv4.conf.all.log_martians = 1
+net.ipv4.conf.all.rp_filter = 1
+net.ipv4.conf.all.secure_redirects = 0
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv4.conf.default.accept_source_route = 0
+net.ipv4.conf.default.log_martians = 1
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.default.secure_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
 # WebinolyEnd" | tee -a /etc/sysctl.conf
 	
 	# https://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/
@ -303,9 +337,6 @@ php_optim() {
 		local maxuploads="50"
 	fi
 	
-	# Not needed anymore! https://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm
-	#sudo sed -i '/cgi.fix_pathinfo=/c\cgi.fix_pathinfo=0' /etc/php/$ver/fpm/php.ini
-	
 	sudo sed -i '/memory_limit =/c\memory_limit = 128M' /etc/php/$ver/fpm/php.ini
 	sudo sed -i '/max_execution_time =/c\max_execution_time = 300' /etc/php/$ver/fpm/php.ini
 	sudo sed -i '/expose_php =/c\expose_php = Off' /etc/php/$ver/fpm/php.ini
--- a/lib/update
+++ b/lib/update
@ -40,12 +40,28 @@ must-staple = True" | tee -a /etc/letsencrypt/cli.ini
 	fi
 	
 	# Update nginx and php conf files
-	sudo webinoly -server-update
+	serupd=1
 	
 }

-# Version numbers without point
-[[ ${newver//.} -ge 11 ]] && onezero_to_oneone > /dev/null 2>&1 &

+oneone_to_onetwo() {
+	# Forgot doing it in 1.1 update
+	sudo apt-get -y install zip
+	
+	# Update nginx and php conf files
+	serupd=1
+}
+
+
+# Update-Server Flag
+serupd=0
+
+# Version numbers without point
+[[ ${oldver//.} -lt 11 ]] && onezero_to_oneone > /dev/null 2>&1 &
+[[ ${oldver//.} -lt 12 ]] && oneone_to_onetwo > /dev/null 2>&1 &
+
+
+[[ $serupd == 1 ]] && sudo webinoly -server-update

 echo "${gre}Your server-configuration has been successfully updated!${end}"