web服务的部署及高级优化方案
要求
搭建web服务器要求如下:
1.web服务器的主机ip:172.25.254.100
2.web服务器的默认访问目录为/var/www/html
默认发布内容为default‘s page
3.站点news.timinglee.org默认发布目录为/var/www/virtual/timinglee.org/news
默认发布内容为 news.timinglee.org
4.站点login.timinglee.org在被访问时必须强制走加密协议,其默认发布目录为/var/www/virtual/timinglee.org/login
默认发布内容为login.timinglee.org
具体实现
准备操作以及修改主配置文件
# 查看IP
[root@server200 ~]# ifconfig | tr -s " " | grep broadcast | cut -d " " -f3
172.25.254.100
# 修改主配置文件
[root@server200 ~]# vim /etc/nginx/nginx.conf
server {
listen 80;
listen [::]:80;
server_name _;
# root /usr/share/nginx/html;
# 修改网页默认发布页面
root /var/www/html;
# 网页的默认html页面
index index.html
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# 配置语法检错
[root@server200 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# 新建网页目录以及写入内容
[root@server200 ~]# mkdir -p /var/www/html
[root@server200 ~]# echo "default‘s page" > /var/www/html/index.html
[root@server200 ~]# cat /var/www/html/index.html
default‘s page
# 测试访问
[root@server200 ~]# curl 172.25.254.100
default‘s page
修改自定义配置文件
[root@server200 ~]# vim /etc/nginx/nginx.conf
server {
listen 80;
listen [::]:80;
server_name _;
# root /usr/share/nginx/html;
root /var/www/html;
index index.html
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# 将这一行内容放在server部分之后
# 使其先加载server中的内容
include /etc/nginx/conf.d/*.conf;
[root@server200 ~]# mkdir -p /etc/nginx/certs
# 制作数字证书
[root@server200 certs]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shannxi
Locality Name (eg, city) [Default City]:xian
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:RHCE
Common Name (eg, your name or your server's hostname) []:shanxin
Email Address []:123@alis.com
# 修改自定义配置文件
[root@server200 ~]# vim /etc/nginx/conf.d/vhosts.conf
server{
listen 80;
server_name news.timinglee.org;
root /var/www/virtual/timinglee.org/news;
index index.html;
}
# 进行强制加密协议登录
server{
listen 80;
server_name login.timinglee.org;
rewrite ^/(.*)$ https://login.timinglee.org/$1 permanent;
}
server{
listen 443 ssl;
server_name login.timinglee.org;
ssl_certificate "/etc/nginx/certs/timinglee.org.crt"
ssl_certificate_key "/etc/nginx/certs/timinglee.org.key"
root /var/www/virtual/timinglee.org/login;
index index.html;
}
# 新建网页目录以及写入内容
[root@server200 ~]# mkdir -p /var/www/virtual/timinglee.org/{news,login}
[root@server200 ~]# echo 'news.timinglee.org' > /var/www/virtual/timinglee.org/news/index.html
[root@server200 ~]# echo 'login.timinglee.org' > /var/www/virtual/timinglee.org/login/index.html
[root@server200 ~]# cat /var/www/virtual/timinglee.org/news/index.html
news.timinglee.org
[root@server200 ~]# cat /var/www/virtual/timinglee.org/login/index.html
login.timinglee.org
[root@server200 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server200 ~]# systemctl restart nginx.service
# 制作本地域名解析
[root@server200 ~]# vim /etc/hosts
172.25.254.100 news.timinglee.org login.timinglee.org
# 测试访问
[root@server200 ~]# curl news.timinglee.org
news.timinglee.org
[root@server200 ~]# curl 172.25.254.100
default‘s page