1. 常见Shell脚本与Nginx一键部署实战指南作为Linux系统管理员Shell脚本和Nginx几乎是我们每天都要打交道的工具。Shell脚本能帮我们自动化重复工作而Nginx则是现代Web服务的基石。今天我想分享一些实用的Shell编程技巧以及如何用脚本实现Nginx的一键部署——这些经验都来自我多年运维工作中的真实案例。Shell脚本本质上是用文本命令编写的程序它通过调用系统命令和工具来完成各种任务。相比其他编程语言Shell脚本更适合处理文件操作、系统管理和服务部署等场景。而Nginx作为高性能的Web服务器其配置和部署过程虽然不复杂但手动操作容易出错特别适合用Shell脚本实现自动化。2. Shell脚本编程核心要点2.1 Shell脚本基础结构每个Shell脚本都应该以shebang开头指定解释器路径。对于bash脚本典型结构如下#!/bin/bash # 注释这是一个示例脚本 # 定义变量 VARvalue # 主逻辑 function main() { echo Hello World } # 脚本入口 main $注意实际工作中建议为所有脚本添加set -euo pipefail这能让脚本在出错时立即退出避免隐藏错误#!/bin/bash set -euo pipefail2.2 变量与字符串处理Shell中的变量使用有一些特殊规则# 定义变量等号两边不能有空格 namenginx # 使用变量 echo $name echo ${name} # 推荐这种形式明确变量边界 # 字符串操作 path/usr/local/nginx echo ${path#/usr} # 删除最短匹配前缀/local/nginx echo ${path##*/} # 删除最长匹配前缀nginx echo ${path%nginx} # 删除最短匹配后缀/usr/local/我在实际工作中发现很多脚本错误都源于对变量引用的理解不足。特别是在文件名包含空格时一定要用双引号包裹变量# 错误示范 rm $filename # 如果filename包含空格会被拆分成多个参数 # 正确做法 rm $filename2.3 流程控制实战技巧条件判断和循环是Shell脚本的核心结构# if条件判断 if [ -f /etc/nginx/nginx.conf ]; then echo 配置文件存在 elif [ -d /etc/nginx ]; then echo 目录存在 else echo 未找到nginx配置 fi # for循环示例 for i in {1..5}; do echo 第$i次循环 done # while读取文件 while IFS read -r line; do echo 行内容: $line done /var/log/nginx/access.log避坑提示[ ]是test命令的另一种写法内部每个元素包括括号都需要空格分隔。新手常犯的错误是漏掉空格写成if [$var -eq 0]这会导致语法错误。2.4 函数与参数处理良好的Shell脚本应该模块化组织代码# 定义函数 install_nginx() { local version$1 # 局部变量 echo 正在安装nginx $version... # 实际安装逻辑 } # 调用函数 install_nginx 1.25.3 # 处理脚本参数 while getopts v:c opt; do case $opt in v) version$OPTARG ;; c) clean_installtrue ;; *) echo 无效参数; exit 1 ;; esac done我强烈建议为所有函数参数和脚本参数添加校验逻辑这能避免很多运行时错误validate_version() { if [[ ! $1 ~ ^[0-9]\.[0-9]\.[0-9]$ ]]; then echo 版本号格式错误应为x.y.z exit 1 fi }3. Nginx一键部署脚本实现3.1 环境检测与准备一个健壮的部署脚本应该先检查运行环境#!/bin/bash set -euo pipefail # 检查是否为root用户 if [ $(id -u) -ne 0 ]; then echo 请使用root用户运行此脚本 exit 1 fi # 检查操作系统 if [ -f /etc/os-release ]; then . /etc/os-release OS$ID OS_VERSION$VERSION_ID else echo 无法确定操作系统类型 exit 1 fi # 检查依赖工具 for cmd in curl wget tar gcc make; do if ! command -v $cmd /dev/null; then echo 缺少必要工具: $cmd exit 1 fi done3.2 自动安装Nginx根据不同Linux发行版使用对应的包管理工具install_nginx() { local version${1:-stable} # 默认安装稳定版 case $OS in ubuntu|debian) apt update apt install -y nginx ;; centos|rhel|fedora) yum install -y epel-release yum install -y nginx ;; *) # 源码编译安装 compile_nginx $version ;; esac # 验证安装 if ! nginx -v /dev/null; then echo Nginx安装失败 exit 1 fi } compile_nginx() { local version$1 local install_dir/usr/local/nginx-$version echo 开始从源码编译安装nginx $version # 下载源码 curl -OL http://nginx.org/download/nginx-$version.tar.gz tar -zxvf nginx-$version.tar.gz cd nginx-$version # 编译配置 ./configure \ --prefix$install_dir \ --with-http_ssl_module \ --with-http_v2_module \ --with-threads make -j$(nproc) make install # 创建符号链接 ln -sf $install_dir/sbin/nginx /usr/local/bin/nginx }3.3 配置优化与安全设置安装后的配置往往比安装本身更重要configure_nginx() { # 备份原始配置 cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak # 优化worker进程数 local cores$(grep -c ^processor /proc/cpuinfo) sed -i s/worker_processes.*/worker_processes $cores;/ /etc/nginx/nginx.conf # 设置连接限制 cat /etc/nginx/nginx.conf EOF events { worker_connections 10240; multi_accept on; } EOF # 禁用server_tokens sed -i s/server_tokens.*/server_tokens off;/ /etc/nginx/nginx.conf # 创建日志轮转 cat /etc/logrotate.d/nginx EOF /var/log/nginx/*.log { daily missingok rotate 30 compress delaycompress notifempty create 0640 www-data adm sharedscripts postrotate [ -f /var/run/nginx.pid ] kill -USR1 \$(cat /var/run/nginx.pid) endscript } EOF }3.4 服务管理与开机启动确保Nginx能正确启动并在系统重启后自动运行setup_service() { # 尝试systemd if systemctl --version /dev/null; then cat /etc/systemd/system/nginx.service EOF [Unit] Descriptionnginx - high performance web server Afternetwork.target [Service] Typeforking PIDFile/var/run/nginx.pid ExecStartPre/usr/sbin/nginx -t ExecStart/usr/sbin/nginx ExecReload/bin/kill -s HUP \$MAINPID ExecStop/bin/kill -s QUIT \$MAINPID PrivateTmptrue [Install] WantedBymulti-user.target EOF systemctl daemon-reload systemctl enable nginx systemctl start nginx else # 使用SysVinit /etc/init.d/nginx start chkconfig nginx on fi # 验证服务状态 if ! curl -I http://localhost /dev/null; then echo Nginx服务启动失败 exit 1 fi }4. 完整一键部署脚本示例结合上述所有模块下面是完整的Nginx一键部署脚本#!/bin/bash set -euo pipefail # 配置参数 NGINX_VERSION1.25.3 INSTALL_METHODpackage # package或source # 颜色定义 RED\033[0;31m GREEN\033[0;32m YELLOW\033[0;33m NC\033[0m # No Color # 日志函数 log() { local level$1 shift case $level in info) echo -e ${GREEN}[INFO]${NC} $* ;; warn) echo -e ${YELLOW}[WARN]${NC} $* 2 ;; error) echo -e ${RED}[ERROR]${NC} $* 2 ;; esac } # 检查环境 check_environment() { log info 检查系统环境... # 检查root权限 if [ $(id -u) -ne 0 ]; then log error 请使用root用户运行此脚本 exit 1 fi # 检查操作系统 if [ -f /etc/os-release ]; then . /etc/os-release OS$ID OS_VERSION$VERSION_ID log info 检测到操作系统: $OS $OS_VERSION else log error 无法确定操作系统类型 exit 1 fi # 检查必要工具 for cmd in curl wget tar; do if ! command -v $cmd /dev/null; then log warn 缺少工具: $cmd尝试安装... install_package $cmd fi done } # 安装软件包 install_package() { local pkg$1 case $OS in ubuntu|debian) apt install -y $pkg ;; centos|rhel|fedora) yum install -y $pkg ;; *) log error 不支持的包管理器 exit 1 ;; esac } # 安装Nginx(包管理器) install_nginx_package() { log info 通过包管理器安装Nginx... case $OS in ubuntu|debian) apt update apt install -y nginx ;; centos|rhel|fedora) yum install -y epel-release yum install -y nginx ;; *) log error 不支持的发行版 return 1 ;; esac # 验证安装 if nginx -v /dev/null; then log info Nginx安装成功 return 0 else log error Nginx安装失败 return 1 fi } # 安装Nginx(源码编译) install_nginx_source() { local version$1 local install_dir/usr/local/nginx-$version local source_dir/tmp/nginx-$version log info 开始从源码编译安装Nginx $version... # 安装编译依赖 log info 安装编译依赖... case $OS in ubuntu|debian) apt install -y build-essential libpcre3-dev zlib1g-dev libssl-dev ;; centos|rhel|fedora) yum install -y gcc make pcre-devel zlib-devel openssl-devel ;; esac # 下载源码 log info 下载Nginx源码... mkdir -p $source_dir cd $source_dir curl -OL http://nginx.org/download/nginx-$version.tar.gz || { log error 下载Nginx源码失败 return 1 } tar -zxvf nginx-$version.tar.gz || { log error 解压Nginx源码失败 return 1 } cd nginx-$version # 编译安装 log info 配置编译选项... ./configure \ --prefix$install_dir \ --with-http_ssl_module \ --with-http_v2_module \ --with-threads \ --with-http_realip_module \ --with-http_stub_status_module || { log error 配置失败 return 1 } log info 开始编译... make -j$(nproc) || { log error 编译失败 return 1 } log info 开始安装... make install || { log error 安装失败 return 1 } # 创建符号链接 ln -sf $install_dir/sbin/nginx /usr/local/bin/nginx # 验证安装 if nginx -v /dev/null; then log info Nginx编译安装成功 return 0 else log error Nginx编译安装失败 return 1 fi } # 配置Nginx configure_nginx() { log info 配置Nginx... # 创建配置目录结构 mkdir -p /etc/nginx/{sites-available,sites-enabled,conf.d,ssl} # 备份原始配置 cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak # 优化worker配置 local cores$(grep -c ^processor /proc/cpuinfo) sed -i s/worker_processes.*/worker_processes $cores;/ /etc/nginx/nginx.conf # 添加events块(如果不存在) if ! grep -q events { /etc/nginx/nginx.conf; then sed -i /worker_processes/a events {\n worker_connections 10240;\n multi_accept on;\n} /etc/nginx/nginx.conf fi # 安全设置 sed -i s/server_tokens.*/server_tokens off;/ /etc/nginx/nginx.conf # 创建默认站点配置 cat /etc/nginx/sites-available/default EOF server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /var/www/html; index index.html; location / { try_files \$uri \$uri/ 404; } location /status { stub_status; allow 127.0.0.1; deny all; } } EOF # 启用站点 ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/ # 创建测试页面 mkdir -p /var/www/html echo h1Nginx安装成功/h1p$(date)/p /var/www/html/index.html } # 设置服务管理 setup_service() { log info 设置Nginx服务... # systemd服务 if systemctl --version /dev/null; then cat /etc/systemd/system/nginx.service EOF [Unit] Descriptionnginx - high performance web server Documentationhttp://nginx.org/en/docs/ Afternetwork.target [Service] Typeforking PIDFile/var/run/nginx.pid ExecStartPre/usr/sbin/nginx -t ExecStart/usr/sbin/nginx ExecReload/bin/kill -s HUP \$MAINPID ExecStop/bin/kill -s QUIT \$MAINPID PrivateTmptrue [Install] WantedBymulti-user.target EOF systemctl daemon-reload systemctl enable nginx systemctl start nginx else # SysVinit脚本 cat /etc/init.d/nginx EOF #!/bin/sh ### BEGIN INIT INFO # Provides: nginx # Required-Start: \$local_fs \$network \$named \$time # Required-Stop: \$local_fs \$network \$named \$time # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: nginx web server # Description: nginx web server ### END INIT INFO PATH/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON/usr/sbin/nginx NAMEnginx DESCnginx test -x \$DAEMON || exit 0 set -e . /lib/lsb/init-functions case \$1 in start) echo -n Starting \$DESC: start-stop-daemon --start --quiet --pidfile /var/run/\$NAME.pid \ --exec \$DAEMON echo \$NAME. ;; stop) echo -n Stopping \$DESC: start-stop-daemon --stop --quiet --pidfile /var/run/\$NAME.pid \ --exec \$DAEMON echo \$NAME. ;; restart|force-reload) echo -n Restarting \$DESC: start-stop-daemon --stop --quiet --pidfile /var/run/\$NAME.pid \ --exec \$DAEMON sleep 1 start-stop-daemon --start --quiet --pidfile /var/run/\$NAME.pid \ --exec \$DAEMON echo \$NAME. ;; reload) echo -n Reloading \$DESC configuration: start-stop-daemon --stop --signal HUP --quiet --pidfile /var/run/\$NAME.pid \ --exec \$DAEMON echo \$NAME. ;; status) status_of_proc -p /var/run/\$NAME.pid \$DAEMON \$NAME exit 0 || exit \$? ;; *) echo Usage: /etc/init.d/\$NAME {start|stop|restart|reload|force-reload|status} 2 exit 1 ;; esac exit 0 EOF chmod x /etc/init.d/nginx /etc/init.d/nginx start update-rc.d nginx defaults fi # 验证服务状态 sleep 2 if curl -I http://localhost /dev/null; then log info Nginx服务启动成功 else log error Nginx服务启动失败 return 1 fi } # 主函数 main() { check_environment case $INSTALL_METHOD in package) if ! install_nginx_package; then log warn 包管理器安装失败尝试源码编译安装 INSTALL_METHODsource fi ;; esac if [ $INSTALL_METHOD source ]; then install_nginx_source $NGINX_VERSION || { log error Nginx安装失败 exit 1 } fi configure_nginx setup_service log info Nginx安装配置完成 log info 访问 http://$(hostname -I | awk {print $1}) 测试 } main $5. 常见问题与解决方案5.1 端口冲突处理如果80端口已被占用脚本会失败。我们可以添加端口检查逻辑check_ports() { local ports(80 443) for port in ${ports[]}; do if netstat -tuln | grep -q :$port ; then local service$(lsof -i :$port | awk NR2 {print $1}) log warn 端口 $port 已被 $service 占用 return 1 fi done return 0 } # 在主函数中调用 if ! check_ports; then log error 端口被占用请先停止相关服务 exit 1 fi5.2 依赖安装失败不同Linux发行版的包名可能不同我们可以增加兼容性处理install_dependencies() { case $OS in ubuntu|debian) apt update apt install -y build-essential libpcre3-dev zlib1g-dev libssl-dev ;; centos|rhel) yum install -y gcc make pcre-devel zlib-devel openssl-devel ;; fedora) dnf install -y gcc make pcre-devel zlib-devel openssl-devel ;; alpine) apk add --no-cache gcc make pcre-dev zlib-dev openssl-dev ;; *) log error 不支持的发行版: $OS return 1 ;; esac }5.3 SELinux导致的问题在启用了SELinux的系统上可能需要额外设置configure_selinux() { if command -v sestatus /dev/null \ [ $(sestatus | grep SELinux status | awk {print $3}) enabled ]; then log info 检测到SELinux已启用进行相关配置 # 安装SELinux工具 case $OS in centos|rhel|fedora) yum install -y policycoreutils-python-utils ;; esac # 设置Nginx相关SELinux策略 setsebool -P httpd_can_network_connect 1 semanage port -a -t http_port_t -p tcp 8080 # 如果需要非标准端口 log info SELinux配置完成 fi }5.4 防火墙配置自动配置防火墙规则允许HTTP/HTTPS流量configure_firewall() { # 检查防火墙状态 if systemctl is-active --quiet firewalld; then log info 配置firewalld... firewall-cmd --permanent --add-servicehttp firewall-cmd --permanent --add-servicehttps firewall-cmd --reload elif ufw status | grep -q Status: active; then log info 配置UFW... ufw allow Nginx Full elif iptables -L INPUT -n | grep -q Chain INPUT; then log info 配置iptables... iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables-save /etc/sysconfig/iptables fi }6. 脚本优化与高级功能6.1 参数化脚本让脚本支持命令行参数提高灵活性parse_arguments() { while getopts :v:m:c opt; do case $opt in v) NGINX_VERSION$OPTARG ;; m) INSTALL_METHOD$OPTARG ;; c) CLEAN_INSTALLtrue ;; \?) log error 无效选项: -$OPTARG 2; exit 1 ;; :) log error 选项 -$OPTARG 需要参数 2; exit 1 ;; esac done # 验证安装方法 if [[ ! $INSTALL_METHOD ~ ^(package|source)$ ]]; then log error 无效安装方法: $INSTALL_METHOD exit 1 fi }6.2 日志记录功能添加详细的日志记录功能setup_logging() { LOG_FILE/var/log/nginx-install.log exec (tee -a $LOG_FILE) 21 log info 安装日志记录到: $LOG_FILE log info 开始时间: $(date) log info 安装参数: 版本$NGINX_VERSION, 方法$INSTALL_METHOD }6.3 回滚功能安装失败时自动回滚rollback() { log error 安装失败执行回滚... # 停止并卸载Nginx if systemctl is-active --quiet nginx; then systemctl stop nginx fi case $OS in ubuntu|debian) apt remove --purge -y nginx ;; centos|rhel|fedora) yum remove -y nginx ;; esac # 删除源码目录 rm -rf /tmp/nginx-$NGINX_VERSION /usr/local/nginx-$NGINX_VERSION # 恢复备份配置 if [ -f /etc/nginx/nginx.conf.bak ]; then mv -f /etc/nginx/nginx.conf.bak /etc/nginx/nginx.conf fi log warn 回滚完成 exit 1 } # 设置trap捕获错误信号 trap rollback ERR SIGINT SIGTERM6.4 多版本管理支持安装多个Nginx版本并切换switch_nginx_version() { local version$1 local install_dir/usr/local/nginx-$version if [ ! -d $install_dir ]; then log error Nginx $version 未安装 return 1 fi # 更新符号链接 ln -sf $install_dir/sbin/nginx /usr/local/bin/nginx # 重启服务 if systemctl is-active --quiet nginx; then systemctl restart nginx fi log info 已切换到Nginx $version }7. 安全加固建议7.1 最小权限原则为Nginx创建专用用户create_nginx_user() { if ! id -u nginx /dev/null; then log info 创建nginx用户... useradd -r -s /sbin/nologin -d /var/cache/nginx -M nginx fi # 设置目录权限 chown -R nginx:nginx /var/log/nginx chown -R nginx:nginx /var/www chmod 750 /var/log/nginx }7.2 SSL配置自动生成自签名证书生产环境应使用正规CA证书generate_ssl_cert() { local domain${1:-localhost} local ssl_dir/etc/nginx/ssl mkdir -p $ssl_dir openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout $ssl_dir/$domain.key \ -out $ssl_dir/$domain.crt \ -subj /CN$domain # 设置严格权限 chmod 600 $ssl_dir/$domain.key chmod 644 $ssl_dir/$domain.crt chown nginx:nginx $ssl_dir/$domain.* }7.3 安全头设置在Nginx配置中添加安全相关的HTTP头add_security_headers() { local config_file/etc/nginx/conf.d/security.conf cat $config_file EOF # 安全相关HTTP头 add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection 1; modeblock; add_header Referrer-Policy strict-origin-when-cross-origin; add_header Content-Security-Policy default-src self; script-src self unsafe-inline unsafe-eval; style-src self unsafe-inline; img-src self data:; font-src self; connect-src self; frame-src self; object-src none; media-src self; EOF }8. 性能调优技巧8.1 调整Worker配置根据服务器资源优化Nginx worker参数optimize_worker() { local cores$(grep -c ^processor /proc/cpuinfo) local mem$(free -m | awk /Mem:/ {print $2}) # 计算合理的worker_processes和worker_connections local worker_processes$((cores 8 ? cores : 8)) local worker_connections$((mem * 1024 / worker_processes / 2)) worker_connections$((worker_connections 10240 ? worker_connections : 10240)) # 更新配置 sed -i s/worker_processes.*/worker_processes $worker_processes;/ /etc/nginx/nginx.conf sed -i s/worker_connections.*/worker_connections $worker_connections;/ /etc/nginx/nginx.conf # 调整内核参数 echo net.core.somaxconn 65535 /etc/sysctl.conf echo net.ipv4.tcp_max_syn_backlog 65535 /etc/sysctl.conf sysctl -p }8.2 启用Gzip压缩enable_gzip() { cat /etc/nginx/conf.d/gzip.conf EOF gzip on; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xmlrss text/javascript; gzip_min_length 1024; EOF }8.3 缓存优化配置静态资源缓存configure_caching() { cat /etc/nginx/conf.d/cache.conf EOF # 静态资源缓存 location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2)$ { expires 365d; add_header Cache-Control public, no-transform; access_log off; } EOF }9. 监控与维护9.1 状态监控启用Nginx状态页enable_status() { cat /etc/nginx/conf.d/status.conf EOF server { listen 127.0.0.1:8080; server_name localhost; location /nginx_status { stub_status; access_log off; allow 127.0.0.1; deny all; } } EOF }9.2 日志分析添加日志切割和分析脚本setup_logrotate() { cat /etc/logrotate.d/nginx EOF /var/log/nginx/*.log { daily missingok rotate 30 compress delaycompress notifempty create 0640 nginx adm sharedscripts postrotate [ -f /var/run/nginx.pid ] kill -USR1 \$(cat /var/run/nginx.pid) endscript } EOF }9.3 定期健康检查创建定期检查脚本create_healthcheck() { local script_path/usr/local/bin/check_nginx.sh cat $script_path EOF #!/bin/bash # Nginx健康检查脚本 STATUS$(systemctl is-active nginx) if [ $STATUS ! active ]; then echo Nginx服务未运行尝试重启... systemctl restart nginx sleep 5 if [ $(systemctl is-active nginx) ! active ]; then echo 重启失败发送警报 # 这里可以添加邮件或短信通知 fi fi # 检查端口监听 if ! netstat -tuln | grep -q :80 ; then echo 80端口未监听尝试重启Nginx... systemctl restart nginx fi # 检查HTTP响应 RESPONSE$(curl -Is http://localhost | head -n1 | cut -d -f2) if [ $RESPONSE ! 200 ]; then echo HTTP响应异常: $RESPONSE fi EOF chmod x $script_path # 添加到cron (crontab -l 2/dev/null; echo */5 * * * * $script_path) | crontab - }10. 扩展功能10.1 动态模块支持如果需要额外模块可以动态加载install_module() { local module_name$1 local version$NGINX_VERSION log info 安装模块: $module_name cd /tmp/nginx-$version # 下载模块源码 case $module_name in headers-more) git clone https://github.com/openresty/headers-more-nginx-module.git ;; lua) git clone https://github.com/openresty/lua-nginx-module.git export LUAJIT_LIB/usr/local/lib export LUAJIT_INC/usr/local/include/luajit-2.1 ;; *) log error 未知模块: $module_name return 1 ;; esac # 重新配置 ./configure --with-compat --add-dynamic-module../$module_name-nginx-module make modules # 复制模块文件 cp objs/ngx_http_${module_name}_module.so /etc/nginx/modules/ # 加载模块 echo load_module modules/ngx_http_${module_name}_module.so; /etc/nginx/nginx.conf }10.2 HTTP/3支持如果需要HTTP/3(QUIC)支持enable_http3() { log info 编译支持HTTP/3的Nginx... # 安装依赖 case $OS in ubuntu|debian) apt install -y mercurial cmake golang ;; centos|rhel|fedora) yum install -y mercurial cmake golang ;; esac # 下载并编译BoringSSL cd /tmp git clone https://github.com/google/boringssl.git cd boringssl mkdir build cd build cmake .. make cd .. # 下载并编译quiche git clone --recursive https://github.com/cloudflare/quiche cd quiche cargo build --release --features pkg-config-meta # 重新编译Nginx cd /tmp/nginx-$NGINX_VERSION ./configure \ --with-http_v3_module \ --with-http_ssl_module \