添加 nginx 仓库配置文件
sudo vi /etc/yum.repos.d/nginx.repo
添加内容:
nginx]
name=nginx repo
baseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/
gpgcheck=0
enabled=1
其中 OS
替换成 rhel
或者 centos
, OSRELEASE
替换成 6
或者 7
. 例如:
nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
安装
sudo yum clean all
sudo yum makecache
查看 nginx
有那些可以安装
sudo yum provides nginx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
1:nginx-1.8.0-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.8.1-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.10.0-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.10.1-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.10.2-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.10.3-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.12.0-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.12.1-1.el7.ngx.x86_64 : High performance web server
Repo : nginx
1:nginx-1.12.2-1.el7_4.ngx.x86_64 : High performance web server
Repo : nginx
安装最新的稳定版:
sudo yum install nginx-1.12.2-1.el7_4.ngx.x86_64 -y
设置开机启动
sudo systemctl daemon-reload
sudo systemctl enable nginx
系统调优
配置 nginx
查看 /etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
user : nginx 启动的用户, 如果是静态资源,需要该用户有权限访问才可以.
worker_processes: 子进程数
待续。。。
开放端口
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --list-ports
如果出现 403
的错误
如果开启了 selinux
, 就首先排除 selinux
导致的错误,
先把 selinux
设置为 disabled
, 如果依然有问题,查看防火墙是否添加了端口,如果添加了,
检查 nginx
是配置有问题。 如果一切正常, 那么考虑是 selinux
导致的错误, 再次开启 selinux
,
如果还有错,就参考下面的解决方法:
sudo yum install setroubleshoot
sudo sealert -a /var/log/audit/audit.log
根据日志对应的处理, 如果还解决不了, 继续
sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -m nginxlocalconf
如果有 httpd_t
的问题, 执行:
sudo semanage permissive -a httpd_t
继续:
sudo ausearch -c 'nginx' --raw | audit2allow -M my-nginx
根据提示处理…
参考:
Using Apache and SELinux Together