12.6 Nginx安装
安装:
[root@test ~]# cd /usr/local/src/
下载
[root@test src]# wget http://nginx.org/download/nginx-1.14.2.tar.gz
解压
[root@test src]# tar -zxvf nginx-1.14.2.tar.gz
[root@test src]# cd ./nginx-1.14.2/
编译
[root@test nginx-1.14.2]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE man README src
[root@test nginx-1.14.2]# ./configure --prefix=/usr/local/nginx
[root@test nginx-1.14.2]# make
[root@test nginx-1.14.2]# make install
[root@test nginx-1.14.2]# ls /usr/local/nginx/
conf html logs sbin
配置文件目录
[root@test nginx-1.14.2]# ls /usr/local/nginx/conf/
fastcgi.conf fastcgi_params.default mime.types nginx.conf.default uwsgi_params
fastcgi.conf.default koi-utf mime.types.default scgi_params uwsgi_params.default
fastcgi_params koi-win nginx.conf scgi_params.default win-utf
样例文件,访问Nginx调用
[root@test nginx-1.14.2]# ls /usr/local/nginx/html/
50x.html index.html
日志目录
[root@test nginx-1.14.2]# ls /usr/local/nginx/logs/
Nginx进程(核心文件)
[root@test nginx-1.14.2]# ls /usr/local/nginx/sbin/
nginx
查看配置文件是否报错
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Nginx创建启动脚本
[root@test nginx-1.14.2]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
更改启动脚本权限
[root@test nginx-1.14.2]# chmod 755 /etc/init.d/nginx
[root@test nginx-1.14.2]# chkconfig --add nginx
[root@test nginx-1.14.2]# chkconfig nginx on
配置Nginx配置文件
[root@test nginx-1.14.2]# ls /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/conf/nginx.conf (Nginx自带)
重新自己配置
[root@test nginx-1.14.2]# mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.1
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
检测
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
启动Nginx
[root@test nginx-1.14.2]# /etc/init.d/nginx start
Starting nginx (via systemctl): [ 确定 ]
[root@test nginx-1.14.2]# ps aux |grep nginx
root 12312 0.0 0.0 20548 624 ? Ss(父进程、主进程用户root) 12:44 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 12313 0.2 0.0 22992 3208 ? S(子进程 用户是定义的普通用户) 12:44 0:00 nginx: worker process
nobody 12314 0.2 0.0 22992 3208 ? S 12:44 0:00 nginx: worker process
root 12316 0.0 0.0 112720 980 pts/0 S+ 12:44 0:00 grep --color=auto nginx
测试:
[root@test nginx-1.14.2]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
欢迎页面位置
[root@test nginx-1.14.2]# ls /usr/local/nginx/html/index.html
/usr/local/nginx/html/index.html
配置文件定义访问目录
[root@test nginx-1.14.2]# cat /usr/local/nginx/conf/nginx.conf
测试解析PHP
[root@test nginx-1.14.2]# vim /usr/local/nginx/html/1.php
<?php
echo "this is nginx";
[root@test nginx-1.14.2]# curl localhost/1.php
this is nginx[root@test nginx-1.14.2]#
12.7 默认虚拟主机
配置主机主配置文件
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include vhost/*.conf;
}
创建vhost目录
[root@test nginx-1.14.2]# mkdir /usr/local/nginx/conf/vhost
创建虚拟主机配置文件
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/vhost/1.com.conf
server
{
listen 80 default_server; // 有这个标记的就是默认虚拟主机(default_serve)
server_name 1.com;
index index.html index.htm index.php;
root /data/wwwroot/default; (网站目录位置)
}
[root@test nginx-1.14.2]# mkdir /data/wwwroot/default
[root@test nginx-1.14.2]# vim /data/wwwroot/default/index.html
hello !! nginx!!
检查
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
重新加载Nginx服务
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -s reload
[root@test nginx-1.14.2]# curl localhost
hello !! nginx!!
12.8 Nginx用户认证
限定全站
创建虚拟主机
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/vhost/2.com.conf
server
{
listen 80;
server_name 2.com;
index index.html index.htm index.php;
root /data/wwwroot/2.com;
location / (用户认证相关配置)
{
auth_basic "Auth"; (用户认证名字)
auth_basic_user_file /usr/local/nginx/conf/htpasswd; (用户名密码文件存储路径)
}
}
生成密码文件
[root@test nginx-1.14.2]# yum install -y httpd
指定存储密码文件位置,指定生成用户名
[root@test nginx-1.14.2]# htpasswd -c /usr/local/nginx/conf/htpasswd test
New password:
Re-type new password:
Adding password for user test
再次创建新的用户
[root@test nginx-1.14.2]# htpasswd /usr/local/nginx/conf/htpasswd test1
New password:
Re-type new password:
Adding password for user test1
[root@test nginx-1.14.2]# cat /usr/local/nginx/conf/htpasswd
test:$apr1$32ZASueb$7S53AJK2j53sX8HVTUkon0
test1:$apr1$qEKb/pEJ$QAGccTBCqA1aHCJhniSlv/
检测加载
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -s reload
检测
[root@test nginx-1.14.2]# curl -x127.0.0.1:80 2.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.14.2
Date: Thu, 20 Dec 2018 05:22:20 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
[root@test nginx-1.14.2]# curl -utest:test -x127.0.0.1:80 2.com -I
HTTP/1.1 404 Not Found
Server: nginx/1.14.2
Date: Thu, 20 Dec 2018 05:24:11 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
[root@test nginx-1.14.2]# mkdir /data/wwwroot/2.com
[root@test nginx-1.14.2]# echo "2.com" > /data/wwwroot/2.com/index.html
[root@test nginx-1.14.2]# curl -utest:test -x127.0.0.1:80 2.com -I
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Thu, 20 Dec 2018 05:26:19 GMT
Content-Type: text/html
Content-Length: 6
Last-Modified: Thu, 20 Dec 2018 05:26:01 GMT
Connection: keep-alive
ETag: "5c1b27e9-6"
Accept-Ranges: bytes
[root@test nginx-1.14.2]# curl -utest:test -x127.0.0.1:80 2.com
2.com
限定访问指定目录认证
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/vhost/2.com.conf
server
{
listen 80;
server_name 2.com;
index index.html index.htm index.php;
root /data/wwwroot/2.com;
location /admin/
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -s reload
[root@test nginx-1.14.2]# curl -x127.0.0.1:80 2.com
2.com
[root@test nginx-1.14.2]# curl -x127.0.0.1:80 2.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
针对UIL
[root@test nginx-1.14.2]# vim /usr/local/nginx/conf/vhost/2.com.conf
server
{
listen 80;
server_name 2.com;
index index.html index.htm index.php;
root /data/wwwroot/2.com;
location ~ admin.html (匹配)
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@test nginx-1.14.2]# /usr/local/nginx/sbin/nginx -s reload
[root@test nginx-1.14.2]# curl -x127.0.0.1:80 2.com/admin.html
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
12.9 Nginx域名重定向