Nginx安装启动 与配置 https
Nginx安装启动
安装必备插件
yum -y install gcc automake autoconf libtool make
yum install gcc gcc-c++
yum方式安装openssl、pcre、zlib
yum -y install openssl openssl-devel
yum -y install pcre pcre-devel
yum -y install zlib zlib-devel
下载安装Nginx(安装目录在/usr/local/nginx,安装ssl模块)
wget http://nginx.org/download/nginx-1.15.0.tar.gz
tar -zxvf nginx-1.15.0.tar.gz
cd nginx-1.15.0
./configure --sbin-path=/usr/local/nginx/nginx --with-http_ssl_module
make && make install
Nginx安全证书生成
openssl genrsa -out privkey.pem 1024/2038
openssl req -new -x509 -key privkey.pem -out server.pem -days 365
启动服务
cd /usr/local/nginx
启动服务
./nginx
重新加载
./nginx -s reload
检查服务
./nginx -t
停止服务
./nginx -s stop
测试本地是否启动成功,返回带有Welcome to nginx! 的代码即表示启动成功
curl http://127.0.0.1/
关闭防火墙,禁止自启动
service iptables stop
chkconfig iptables off
Nginx配置Https
Nginx配置Https和认证
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
# server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
server {
listen 3443 ssl; #监听3443接口
# server_name localhost;
ssl on;
#配置证书的路径
ssl_certificate /usr/local/nginx/conf/ssl/server.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#设置代理地址
location / {
proxy_pass http://192.168.1.110:18281;
# root html;
# index index.html index.htm;
}
#配置H5资源路径
location /dist/ {
root html;
index index.html;
autoindex on;
}
}
}
root 、alias指令区别(alias是一个目录别名的定义,root则是最上层目录的定义。alias后面必须要用“/”结束,否则会找不到文件的,而root则可有可无)
location /img/ {
alias /var/www/image/;
}
若按照上述配置的话,则访问/img/目录里面的文件时,ningx会自动去/var/www/image/目录找文件
location /img/ {
root /var/www/image;
}
location指令详解参考地址 Nginx作为代理需要访问Nginx所在的服务才可以发挥作用。就像黄牛买票,需要找到某个黄牛作为代理再买票。