Linux下安装配置Nginx
安装编译工具和库文件
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel
nginx下载地址:nginx: download
安装 PCRE
PCRE 作用是让 Nginx 支持 Rewrite 功能。
#先解压
tar -zxvf pcre-8.35.tar.gz
#进入解压后文件
cd pcre-8.35
#编译安装
./configure
make && make install
#查看安装版本
pcre-config --version
安装Nginx
#解压
tar -zxvf nginx-1.20.0.tar.gz
#进入解压的文件夹
cd nginx-1.20.0
#编译安装
./configure --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/src/pcre-8.35
#--prefix=安装路径
#--with-http_stub_status_module ###客户端模块
#--with-http_ssl_module ###ssl模块
#--with-pcre=/usr/local/src/pcre-8.35 ###pcre的路径
make
make install
编译命令执行成功后,在指定的编译路径(/usr/local/webserver/nginx)下,会有makefile文件
安装成功后,会生成sbin等文件夹
nginx.conf配置说明
#user nobody;
worker_processes 1; #工作进程:数目。根据硬件调整,通常等于cpu数量或者2倍cpu数量。
#错误日志存放路径
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid; # nginx进程pid存放路径
events {
worker_connections 1024; # 工作进程的最大连接数量
}
http {
include mime.types; #指定mime类型,由mime.type来定义
default_type application/octet-stream;
# 日志格式设置
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main; #用log_format指令设置日志格式后,需要用access_log来指定日志文件存放路径
sendfile on; #指定nginx是否调用sendfile函数来输出文件,对于普通应用,必须设置on。如果用来进行下载等应用磁盘io重负载应用,可设着off,以平衡磁盘与网络io处理速度,降低系统uptime。
#tcp_nopush on; #此选项允许或禁止使用socket的TCP_CORK的选项,此选项仅在sendfile的时候使用
#keepalive_timeout 0; #keepalive超时时间
keepalive_timeout 65;
#gzip on; #开启gzip压缩服务
#虚拟主机
########################################################################
server {
listen 80; #配置监听端口号
server_name localhost; #配置访问域名,域名可以有多个,用空格隔开
#charset koi8-r; #字符集设置
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#错误跳转页
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
#########################################################################
当确认nginx启用ssl模块后
创建cert文件夹后
修改server部分
# HTTPS server
#启用了ssl模块后使用
#server {
# listen 443 ssl; #监听端口
# server_name localhost; #域名
# ssl_certificate cert/cert.cer; #证书位置
# ssl_certificate_key cert/cert.key; #私钥位置
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m; #缓存有效期
# ssl_protocols TLSv1.2; #安全链接可选的加密协议
# ssl_ciphers HIGH:!aNULL:!MD5; #密码加密方式
# ssl_prefer_server_ciphers on; # ssl_prefer_server_ciphers on; #使用服务器端的首选算法
Nginx启停
启动服务:./nginx
退出服务:./nginx -s quit
强制关闭服务:./nginx -s stop
重载服务:./nginx -s reload
(重载服务配置文件,类似于重启,但服务不会中止)
验证配置文件:./nginx -t
指定配置文件:./nginx -c "配置文件路径"
查看nginx使用了哪些模块:./nginx -V
http自动跳转https
#自动跳转到 HTTPS
if ($server_port = 80) {
rewrite ^(.*)$ https://$host$1 permanent;
}
location / {
root /home/sslcity/;
index index.php;
}
一般nginx配置
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
gzip on;
gzip_static on;
gzip_min_length 1024;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
#http设置###########################################################################
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
########################################################################
#https设置########################################################################
server {
listen 443;
server_name mp.hanxing.store;
ssl on;
index index.html index.htm;
ssl_certificate cert/cert_mp.hanxing.store.crt;
ssl_certificate_key cert/cert_mp.hanxing.store.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /public/sell/app/dist;
index index.php index.html index.htm;
}
location /sell {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
########################################################################
}
升级nginx过程
tar -zxvf nginx-1.14.2.tar.gz -C /usr/local/ 解压安装包
cd /usr/local/nginx-1.14.2
pkill -9 nginx 杀死nginx进程
ps -ef|grep nginx
./configure --prefix=/usr/local/nginx 配置configure
make 编译
cd ../nginx/sbin/ 进入旧的nginx文件夹
mv nginx nginx-old 备份旧的nginx
cd ../../nginx-1.14.2/objs/
mv nginx /usr/local/nginx/sbin/ 拷贝新的nginx
cd nginx/sbin/
./nginx -v 查看nginx版本
./nginx -t 查看配置文件是否正确
rm -rf /usr/local/nginx-1.14.2/ 删除更新文件
./nginx 启动nginx