1、安装Nginx:使用以下命令安装Nginx:
yum install -y nginx
2、配置Nginx:Nginx的配置文件位于/etc/nginx/nginx.conf。
[root@localhost acheck_pkg]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
解析:
user nginx;:指定Nginx进程的运行用户。
worker_processes auto;:自动设置工作进程的数量,通常设置为CPU核心数。
error_log /var/log/nginx/error.log;:指定错误日志文件的路径。
pid /run/nginx.pid;:指定Nginx进程ID文件的路径。
events:定义Nginx的事件模块配置。
worker_connections 1024;:指定每个工作进程的最大连接数。
http:定义HTTP模块配置。
log_format:定义日志格式。
access_log:指定访问日志文件的路径和格式。
sendfile、tcp_nopush、tcp_nodelay、keepalive_timeout、types_hash_max_size:一些性能优化的配置。
include /etc/nginx/mime.types;:包含MIME类型配置文件。
default_type:默认的MIME类型。
include /etc/nginx/conf.d/*.conf;:包含其他配置文件。
server:定义一个服务器块。
listen:指定服务器监听的端口。
server_name:指定服务器的域名。
root:指定服务器的根目录。
include /etc/nginx/default.d/*.conf;:包含默认服务器块的其他配置文件。
error_page:定义错误页面的处理方式。
location:定义特定URL路径的处理方式。
个人主要配置文件如下
server {
listen 9999;
server_name your_domain.com;
root /test;
location / {
autoindex on;
}
}
开放9999端口,根目录是:/test,此时需求是需要共享/test目录这个文件夹下的文件
3、启动Nginx:使用以下命令启动Nginx:
systemctl start nginx
启动之后得到,再浏览器输入your_domain.com,得到403 Forbidden错误,通过查看Nginx错误日志信息获取报错原因
3.1检查Nginx服务器
ps -ef | grep nginx
root 23462 1 0 10:23 ? 00:00:00 nginx: master process /usr/sbin/nginx
nginx 23463 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23464 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23465 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23466 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23468 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23469 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23471 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23473 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23474 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23475 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23476 23462 0 10:23 ? 00:00:00 nginx: worker process
nginx 23477 23462 0 10:23 ? 00:00:00 nginx: worker process
root 28952 28601 0 10:26 pts/0 00:00:00 grep --color=auto nginx
可以看到Nginx进程以nginx用户身份运行,权限问题可能不是导致403 Forbidden错误的原因
3.2检查Nginx错误日志
tail -f /var/log/nginx/error.log
2023/11/15 10:25:43 [error] 23474#23474: *6 directory index of "/test" is forbidden, client: 10.32.42.130, server: _, request: "GET / HTTP/1.1", host: "10.115.20.105:9999"
根据错误日志,Nginx服务器无法打开/qianliu-agent/workspace/acheck_pkg目录,因为权限被拒绝。 chmod -R 777 /test,
drwxrwxrwx. 11 root root 172 Nov 6 17:10 test
3.3已经确认Nginx进程以具有访问权限的用户身份运行,并且目录的权限设置正确,但仍然无法访问目录,检查下SElinux
[root@localhost test]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
SELinux处于启用状态,并且当前模式为强制执行,需要配置SELinux策略以允许Nginx访问目录
chcon -Rv --type=httpd_sys_content_t /test
完成修改后,重启Nginx
systemctl restart nginx
4\浏览器访问ip+端口号可以访问test文件夹,但是只能访问/test下的子目录,子目录下的文件就无法访问,比如/test/nginx就无法访问。
查看报错日志
tail -f /var/log/nginx/error.log
2023/11/15 10:34:35 [error] 13944#13944: *1 directory index of "/test/nginx" is forbidden, client: 10.32.42.130, server: _, request: "GET /develop/ HTTP/1.1", host: "10.115.20.105:9999", referrer: "http://10.115.20.105:9999/"
已经在Nginx配置文件中location = /块中添加了autoindex on;指令,以允许列出目录索引。
然而,这个配置需要每个每个子目录设置正确的location块,以允许访问子目录的索引
server {
listen 9999;
server_name _;
root /test;
location / {
autoindex on;
}
location /nginx{
autoindex on;
}
location /tomcat {
autoindex on;
}
location /dev{
autoindex on;
}
# 添加其他子目录的location块
# Load configuration files for the default server block.
location = / {
autoindex on;
}
}
设置完成后就可以访问每一个/test下的每一个子目录下的文件。
5、但是这个时候又遇到了乱码问题,
首先用ls命令检查是不是文件本身就是乱码
ls /test/nginx
文件名在终端中显示正常,但在浏览器中显示为乱码,可能是Nginx配置的问题。检查Nginx配置文件中的字符编码设置。在http块中添加指令来设置字符编码
vi /etc/nginx/nginx.conf
http {
charset utf-8
...
}
设置完成后重启nginx
systemctl restart nginx
报错 Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
可能是由于Nginx配置文件出错,先检查配置文件语法
nginx -t
[root@localhost test]# nginx -t
nginx: [emerg] invalid number of arguments in "charset" directive in /etc/nginx/nginx.conf:21
nginx: configuration file /etc/nginx/nginx.conf test failed
少了分号
http {
charset utf-8;
...
}
也可以用以下两个方式来排错
tail -f /var/log/nginx/error.log
或
journalctl -u nginx.service
最后重启nginx服务器
systemctl restart nginx