nginx 升级安装模块
[root@server ~]# wget https://github.com/openresty/echo-nginx-module/archive/master.zip
[root@server ~]# unzip master.zip
[root@server ~]# ls
anaconda-ks.cfg echo-nginx-module-master master.zip
[root@server ~]# nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
[root@server ~]# mv /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx-backup
[root@server ~]# ls
anaconda-ks.cfg echo-nginx-module-master master.zip nginx-1.14.2.tar.gz
[root@server ~]# tar xf nginx-1.14.2.tar.gz
[root@server nginx-1.14.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --add-module=../echo-nginx-module-master
[root@server nginx-1.14.2]# make
[root@server nginx-1.14.2]# ls
auto CHANGES.ru configure html Makefile objs src
CHANGES conf contrib LICENSE man README
[root@server nginx-1.14.2]# cd objs/
[root@server objs]# ls
addon Makefile nginx.8 ngx_auto_headers.h ngx_modules.o
autoconf.err nginx ngx_auto_config.h ngx_modules.c src
[root@server objs]# cp -a nginx /usr/local/nginx/sbin/
[root@server objs]# nginx -s stop
[root@server objs]# /usr/local/nginx/sbin/nginx
[root@server objs]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
location
常用修饰符说明:
修饰符 | 功能 |
---|---|
= | 精确匹配 |
~ | 正则表达模式匹配,区分大小写 |
~* | 正则表达模式匹配,不区分大小写 |
^~ | 前缀匹配,类似于无修饰符的行为,也是以指定模块开始,不同的是,如果模式匹配,那么就停止搜索其他模式了,不支持正则表达式 |
@ | 定义命名location区段,这些区段客户端不能访问,只可以由内部产生的请求来访问,如try_files或error_page等 |
没有修饰符表示必须以指定模式开始
[root@server ~]# cd /usr/local/nginx/conf/
[root@server conf]# vim nginx.conf
local /test {
echo '666'
}
[root@server conf]# nginx -s stop
[root@server conf]# nginx
[root@server conf]# curl 192.168.129.138:/test
666
[root@server conf]# curl 192.168.129.138:/testasd
666
[root@server conf]# curl 192.168.129.138:/test/
666
= :表示必须与指定模式精确匹配
location = /test {
echo '666';
}
[root@server conf]# nginx -s reload
[root@server conf]# curl 192.168.129.138:/test
666
[root@server conf]# curl 192.168.129.138:/test/
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
~:区别大小写
location ~ /test {
echo '666';
}
[root@server ~]# curl 192.168.129.137:/test
666
[root@server ~]# curl 192.168.129.137:/Test
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
~*:不区分大小写
location ~* /test {
echo '666';
}
[root@server ~]# curl 192.168.129.137:/test
666
[root@server ~]# curl 192.168.129.137:/Test
666
#访问控制
用于location段
allow:设定允许哪台或哪些主机访问,多个参数间用空格隔开
deny:设定禁止哪台或哪些主机访问,多个参数间用空格隔开
示例:
allow 192.168.1.1/32;
deny all;
基于用户认证
auth_basic "欢迎信息";
auth_basic_user_file "/path/to/user_auth_file"
user_auth_file内容格式为:
username:password
这里的密码为加密后的密码串,建议用htpasswd来创建此文件:
htpasswd -c -m /path/to/.user_auth_file USERNAME
location / {
auth_basic ""
auth_basic_user_file "/usr/local/nginx/conf/.htpass"
root html
index index.html
}
[root@server ~]# yum -y install httpd-tools
[root@server ~]# htpasswd -c -m /usr/local/nginx/conf/.pass sh
New password:
Re-type new password:
Adding password for user sh
#开启状态界面
开启status:
location /status {
stub_status {on | off};
allow 172.16.0.0/16;
deny all;
}
nginx配置
[root@server scripts]# tail -2 /usr/local/etc/zabbix_agentd.conf
UserParameter=check_accpt,/bin/bash /scripts/accept.sh
UserParameter=chek_require,/bin/bash /scripts/require.sh
[root@server scripts]# ll -d /scripts/
drwxr-xr-x. 2 zabbix zabbix 41 1月 2 12:14 /scripts/
[root@server scripts]# ll /scripts/
总用量 8
-rwxr-xr-x. 1 zabbix zabbix 106 1月 2 11:49 accept.sh
-rwxr-xr-x. 1 zabbix zabbix 111 1月 2 11:56 require.sh
[root@server scripts]# cat /scripts/accept.sh
#!/bin/bash
accpt=$(curl http://192.168.129.137/status 2>/dev/null |awk NR==3'{print $1}')
echo "$accpt"
[root@localhost scripts]# cat /scripts/require.sh
#!/bin/bash
require=$(curl http://192.168.129.137/status 2>/dev/null |awk NR==3'{print $3}')
echo "$require"