前言:
Nginx是一个异步框架的Web服务器,也可以用作反向代理,负载平衡器 和 HTTP缓存。该软件由Igor Sysoev 创建,并于2004年首次公开发布。 同名公司成立于2011年,以提供支持。 Nginx是一款免费的开源软件,根据类BSD许可证的条款发布。
安装编译工具、依赖包
- [root@Mike-VM-Node-172_31_225_214 ~]# yum -y install gcc gcc-c++ autoconf automake make zlib zlib-devel openssl openssl-devel pcre pcre-devel wget vim tar curl gd-devel
以上安装的是一些主要的依赖包,具体可根据自己情况或者报错信息提示安装或修改
创建用户和组
- [root@Mike-VM-Node-172_31_225_214 ~]# useradd -M -s /sbin/nologin nginx
新建的用户组和用户主要是在编译配置的时候指定nginx运行的用户和用户组,这样指定后以后配置使用也方便
下载解压nginx
- [root@Mike-VM-Node-172_31_225_214 ~]# cd /usr/local/
- [root@Mike-VM-Node-172_31_225_214 /usr/local]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
- [root@Mike-VM-Node-172_31_225_214 /usr/local]# tar zxvf nginx-1.18.0.tar.gz
- [root@Mike-VM-Node-172_31_225_214 /usr/local]# rm -rf nginx-1.18.0.tar.gz
编译安装
- [root@Mike-VM-Node-172_31_225_214 /usr/local]# cd nginx-1.18.0/
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-http_realip_module --with-http_image_filter_module --with-stream
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# make && make install
添加环境变量
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# ln -sv /usr/local/nginx/sbin/nginx /usr/local/sbin
设置 systemctl 脚本启动
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# cd
- [root@Mike-VM-Node-172_31_225_214 ~]# vim /usr/lib/systemd/system/nginx.service
-
- [Unit]
- Description=nginx
- After=network.target
- [Service]
- Type=forking
- PIDFile=/usr/local/nginx/logs/nginx.pid
- ExecStart=/usr/local/nginx/sbin/nginx
- ExecReload=/usr/local/nginx/sbin/nginx -s reload
- ExecStop=/usr/local/nginx/sbin/nginx -s stop
- PrivateTmp=true
- [Install]
- WantedBy=multi-user.target
-
- [root@Mike-VM-Node-172_31_225_214 ~]#
启动 NGINX和添加防火墙 80 443 端口
- [root@Mike-VM-Node-172_31_225_214 ~]# systemctl start nginx
- [root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
- [root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --zone=public --add-port=443/tcp --permanent
- [root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --reload
-
- 如果iptables防火墙
- [root@Mike-VM-Node-172_31_225_214 ~]# vim /etc/sysconfig/iptables
-
- -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
- -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-
- [root@Mike-VM-Node-172_31_225_214 ~]# systemctl restart iptables
修改nginx默认主配置文件
- [root@Mike-VM-Node-172_31_225_214 ~]#
- [root@Mike-VM-Node-172_31_225_214 ~]# cd /usr/local/nginx/conf/
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# cat nginx.conf
-
- user nginx nginx;
- worker_processes auto;
-
- error_log logs/error.log ;
- worker_rlimit_nofile 65535;
- pid logs/nginx.pid;
-
- events {
- use epoll;
- worker_connections 65535;
- }
-
-
- http {
- include mime.types;
- default_type application/octet-stream;
- log_format upstream2 '$proxy_add_x_forwarded_for $remote_user [$time_local] "$request" $http_host'
- '$body_bytes_sent "$http_referer" "$http_user_agent" $ssl_protocol $ssl_cipher'
- '$request_time [$status] [$upstream_status] [$upstream_response_time] "$upstream_addr"';
-
- access_log logs/access.log;
-
- server_names_hash_bucket_size 128;
- server_names_hash_max_size 1024;
- client_header_buffer_size 32k;
- large_client_header_buffers 4 32k;
- client_max_body_size 50m;
-
- sendfile on;
- tcp_nopush on;
- server_tokens off;
- tcp_nodelay on;
- keepalive_timeout 120;
-
- proxy_connect_timeout 1000s;
- proxy_read_timeout 2000;
- proxy_send_timeout 2000;
- proxy_buffer_size 128k;
- proxy_buffers 4 256k;
- proxy_busy_buffers_size 256k;
- proxy_redirect off;
- proxy_hide_header Vary;
- proxy_set_header Accept-Encoding '';
- proxy_set_header Host $host;
- proxy_set_header Referer $http_referer;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-
- fastcgi_connect_timeout 300;
- fastcgi_send_timeout 300;
- fastcgi_read_timeout 300;
- fastcgi_buffer_size 64k;
- fastcgi_buffers 4 64k;
- fastcgi_busy_buffers_size 128k;
- fastcgi_temp_file_write_size 128k;
-
- gzip on;
- gzip_buffers 16 8k;
- gzip_comp_level 6;
- gzip_http_version 1.1;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
- text/javascript application/javascript application/x-javascript
- text/x-json application/json application/x-web-app-manifest+json
- text/css text/plain text/x-component
- font/opentype application/x-font-ttf application/vnd.ms-fontobject
- image/x-icon image/jpeg image/gif image/png;
- gzip_disable "msie6";
-
-
- #If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
- #open_file_cache max=1000 inactive=20s;
- #open_file_cache_valid 30s;
- #open_file_cache_min_uses 2;
- #open_file_cache_errors on;
-
-
-
- server {
- listen 80;
- server_name _;
- rewrite ^(.*) https://www.baidu.com/$1 permanent;
-
- ####跨域问题##################################
- location ~* \.(eot|ttf|woff|svg|otf)$ {
- add_header Access-Control-Allow-Origin *;
- }
-
- ####PHP虚拟配置###############################
- #location ~ [^/]\.php(/|$) {
- # root html;
- # fastcgi_pass 127.0.0.1:9000;
- # fastcgi_index index.php;
- # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- # include fastcgi.conf;
- #}
- }
-
- ####默认配置SSL证书#############################
- #server {
- #
- # listen 443 default_server;
- # server_name _;
- # ssl on;
- # ssl_certificate ssl/test.com/chao.crt;
- # ssl_certificate_key ssl/test.com/chao.key;
- # ssl_session_timeout 1d;
- # ssl_session_cache shared:SSL:50m;
- # ssl_session_tickets off;
- # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- # rewrite ^(.*) https://www.baidu.com/$1 permanent;
- #}
-
- ##########################vhost#####################################
- include conf.d/*.conf;
- }
-
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]#
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# nginx -t
- nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
- nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# nginx -s reload
默认80端口已经被我重定向到百度首页,创建网站站点需要新建虚拟文件如下
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# mkdir conf.d
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# cd conf.d/
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# vim test.conf
-
- server
- {
- listen 80;
- server_name test.com;
- index index.html index.php index.htm default.html default.htm default.php;
- root /www/nginx/html;
-
- error_log /data/logs/nginx_log/test.com/error.log;
- access_log /data/logs/nginx_logs/test.com/access.log;
-
-
- location ~* \.(eot|otf|ttf|woff|woff2|svg)$ {
- add_header Access-Control-Allow-Origin *;
- }
-
-
- location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
- {
- expires 30d;
- }
-
- location ~ .*\.(js|css)?$
- {
- expires 12h;
- }
-
- location ~ /.well-known {
- allow all;
- }
-
- location ~ /\.
- {
- deny all;
- }
-
-
- }
-
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -t
- nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
- nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -s reload
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
如果有使用PHP代码是这样配置,如下
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# vim php.conf
-
- server
- {
- listen 80;
- server_name php.com;
- index index.html index.php index.htm default.html default.htm default.php;
- root /www/nginx/html;
-
- error_log /data/logs/nginx_log/php.com/error.log;
- access_log /data/logs/nginx_logs/php.com/access.log;
-
-
- location ~ [^/]\.php(/|$)
- {
- try_files $uri =404;
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_index index.php;
- include fastcgi.conf;
- set $real_script_name $fastcgi_script_name;
- if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
- set $real_script_name $1;
- set $path_info $2;
- }
- fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
- fastcgi_param SCRIPT_NAME $real_script_name;
- fastcgi_param PATH_INFO $path_info;
- }
-
- location ~* \.(eot|otf|ttf|woff|woff2|svg)$ {
- add_header Access-Control-Allow-Origin *;
- }
-
-
- location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
- {
- expires 30d;
- }
-
- location ~ .*\.(js|css)?$
- {
- expires 12h;
- }
-
- location ~ /.well-known {
- allow all;
- }
-
- location ~ /\.
- {
- deny all;
- }
-
-
- }
-
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -t
- nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
- nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -s reload
- [root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
主配置文件下要把PHP虚拟配置注释打开(nginx.conf)不然不生效哦!!!!
本文分享完毕,感谢支持点赞~~