linux学习lesson49



1 nginx安装

下载nginx包:

[root@linux01 ~]# cd /usr/local/src
[root@linux01 src]# wget http://nginx.org/download/nginx-1.15.5.tar.gz

解压nginx包

[root@linux01 src]# tar zxf nginx-1.15.5.tar.gz

configure编译:

[root@linux01 src]# cd nginx-1.15.5
[root@linux01 nginx-1.15.5]# ./configure --prefix=/usr/local/nginx
[root@linux01 nginx-1.15.5]# echo $?
0

编译成功

makemake install编译

[root@linux01 nginx-1.15.5]# make -j2 && make install
[root@linux01 nginx-1.15.5]# echo $?
0

编译成功

编辑启动脚本:

[root@linux01 nginx-1.15.5]# vim /etc/init.d/nginx //复制如下内容(参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/etc_init.d_nginx )
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings

NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"

start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}

stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}

reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}

restart()
{
stop
start
}

configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}

case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL

设置启动权限:

[root@linux01 nginx-1.15.5]# chmod 755 /etc/init.d/nginx

添加到系统服务管理:

[root@linux01 nginx-1.15.5]# chkconfig --add nginx

开启开机启动:

[root@linux01 nginx-1.15.5]# chkconfig nginx on

修改配置文件:

[root@linux01 nginx-1.15.5]# cd /usr/local/nginx/conf/; mv nginx.conf nginx.conf.bak
[root@linux01 nginx]# vim nginx.conf //写入如下内容(参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/nginx.conf)
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;

events
{
use epoll;
worker_connections 6000;
}

http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;

server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;

location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock; //方式1:监听sock
#fastcgi_pass 127.0.0.1:9000; //方式2:监听ip
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}

检查配置文件语法:

[root@linux01 conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

启动nginx的服务:

[root@linux01 conf]# /etc/init.d/nginx start
Starting nginx (via systemctl):                            [  OK  ]

查看nginx的服务端口:

[root@linux01 conf]# netstat -lntp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      60930/ngin: master

查看nginx的进程:

[root@linux01 conf]# ps aux | grep nginx
root     60930  0.0  0.0  20552   624 ?        Ss   22:25   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody   60931  0.0  0.1  23040  3212 ?        S    22:25   0:00 nginx: worker process
nobody   60932  0.0  0.1  23040  3212 ?        S    22:25   0:00 nginx: worker process
root     60937  0.0  0.0 112704   972 pts/0    S+   22:27   0:00 grep --color=auto nginx

curl测试:

[root@linux01 conf]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

测试php网页:

[root@linux01 conf]# vim /usr/local/nginx/html/index.php
<?php
echo hello;
?>
[root@linux01 conf]# curl localhost/index.php
hello

出现问题:
编译./configure --prefix=/usr/local/nginx
./configure: error: the HTTP rewrite module requires the PCRE library.
解决办法:

yum install -y pcre-devel




2 默认虚拟主机

修改配置文件:

[root@linux01 ~]# vim /usr/local/nginx/conf/nginx.conf //增加
include vhost/*.conf;
同时去掉
server
{
   listen 80;
   server_name localhost;
   index index.html index.htm index.php;
   root /usr/local/nginx/html;

   location ~ \.php$
   {
      include fastcgi_params;
      fastcgi_pass unix:/tmp/php-fcgi.sock;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
   }
}
这一部分配置

然后创建vhost目录:

[root@linux01 ~]# mkdir /usr/local/nginx/conf/vhost
[root@linux01 ~]# cd /usr/local/nginx/conf/vhost/
[root@linux01 vhost]# vim default.conf //加入如下内容
server
{
listen 80 default_server; // 有这个标记的就是默认虚拟主机
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}

创建访问目录(注意创建的目录要和配置文件一致)

[root@linux01 vhost]# mkdir -p /data/wwwroot/default/
[root@linux01 vhost]# echo “This is a default site.”>/data/wwwroot/default/index.html

检查配置文件语法:

[root@linux01 vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

重新加载配置文件:

[root@linux01 vhost]# /usr/local/nginx/sbin/nginx -s reload

curl测试:

[root@linux01 data]# curl localhost
this is a default site.
[root@linux01 data]# curl -x127.0.0.1:80 aaa.com
this is a default site.




3 nginx用户认证

创建配置文件:

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf//写入如下内容
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location /
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}

安装生成密码的工具:

[root@linux01 ~]# yum install -y httpd

生成密码

[root@linux01 wwwroot]# htpasswd -c /usr/local/nginx/conf/htpasswd aming
New password:
Re-type new password:
Adding password for user aming

重新加载-t && -s reload

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload

创建访问目录:

[root@linux01 ~]# mkdir /data/wwwroot/test.com
[root@linux01 ~]# echo “test.com”>/data/wwwroot/test.com/index.html

curl测试:

[root@linux01 ~]# curl -x127.0.0.1:80 test.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:13:54 GMT
Content-Type: text/html
Content-Length: 179
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"

返回状态码401,访问权限受限

加上用户和密码访问:

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com -I
HTTP/1.1 200 OK
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:16:03 GMT
Content-Type: text/html
Content-Length: 15
Last-Modified: Sun, 18 Nov 2018 16:14:17 GMT
Connection: keep-alive
ETag: "5bf18fd9-f"
Accept-Ranges: bytes

返回状态码200,访问成功

修改配置文件:

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
针对目录的用户认证
location /admin/
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}

匹配目录认证:
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location /admin/
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}

重新加载配置文件:

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload

创建访问目录:

[root@linux01 test.com]# mkdir admin
[root@linux01 test.com]# echo "hello world" > admin/index.html

curl测试:

[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin/ -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:22:34 GMT
Content-Type: text/html
Content-Length: 179
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"

返回状态码401,需要用户认证

加上用户和密码测试:

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin/ -I
HTTP/1.1 200 OK
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:23:35 GMT
Content-Type: text/html
Content-Length: 12
Last-Modified: Sun, 18 Nov 2018 16:20:10 GMT
Connection: keep-alive
ETag: "5bf1913a-c"
Accept-Ranges: bytes

返回状态码200,成功访问

匹配单个网页认证,修改配置文件:

 [root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
    server
    {
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    location ~ admin.php
    {
    auth_basic "Auth";
    auth_basic_user_file /usr/local/nginx/conf/htpasswd;
    }
    }

重新加载配置文件:

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload

创建访问文件:

[root@linux01 test.com]# vim admin.php
<?php
echo hello;
?>

curl测试:

[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin.php -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:28:03 GMT
Content-Type: text/html
Content-Length: 179
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"

返回状态码401,需要用户认证

加上用户和密码测试:

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin.php -I
HTTP/1.1 200 OK
Server: nginx/1.15.5
Date: Sun, 18 Nov 2018 16:28:57 GMT
Content-Type: application/octet-stream
Content-Length: 21
Last-Modified: Sun, 18 Nov 2018 16:25:47 GMT
Connection: keep-alive
ETag: "5bf1928b-15"
Accept-Ranges: bytes

返回状态码200,成功访问



4 nginx域名重定向

更改test.com.conf配置文件:

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.comtest1.comtest2.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
if ($host != 'test.com' ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;  //permanent永久重定向
}

location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}

server_name后面支持写多个域名,这里要和httpd的做一个对比,Apache不支持跟多个域名,不过servernamealias可以跟多个

permanent为永久重定向,状态码为301,如果写redirect则为302

重新加载配置文件:

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload

curl测试:

[root@linux01 ~]# curl -x127.0.0.1:80 test1.com -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.15.5
Date: Mon, 19 Nov 2018 01:31:43 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: http://test.com/

状态码为301,表示永久重定向



扩展
nginx.conf 配置详解 http://www.ha97.com/5194.html http://my.oschina.net/duxuefeng/blog/34880
nginx rewrite四种flag http://www.netingcn.com/nginx-rewrite-flag.html http://unixman.blog.51cto.com/10163040/1711943

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值