安装
' 启动防火墙 '
systemctl start firewalld
' 设置防火墙开机自启 '
systemctl enable firewalld
' 创建目录 '
mkdir -p /Data/tools /Data/app /SoftWare /Data/bin
' 安装依赖环境 '
yum install pcre pcreDevel openssl opensslDevel -y
' 创建运行用户 '
useradd -s /sbin/nologin nginx
' 编译安装 '
cd /Data/tools/
wget http://nginx.org/download/nginx-1.14.2.tar.gz
tar xzvf nginx-1.14.2.tar.gz
rm -rf nginx-1.14.2.tar.gz
cd nginx-1.14.2
mkdir -p /SoftWare/nginx-1.14.2
./configure \
--user=nginx \ # 指定用户名
--group=nginx \ # 知道组名
--with-http_ssl_module --with-http_stub_status_module \ # 启动模块以支持状态统计
--prefix=/SoftWare/nginx-1.14.2 # 指定 nginx安装路径
make && make install
chown -R nginx:nginx /SoftWare/nginx-1.14.2
' 创建软链接 '
ln -s /SoftWare/nginx-1.14.2/sbin/nginx /usr/local/sbin
' 启动 '
/SoftWare/nginx-1.14.2/sbin/nginx
/SoftWare/nginx-1.14.2/sbin/nginx -s stop
/SoftWare/nginx-1.14.2/sbin/nginx -s reload
' 创建nginx系统服务 '
vim /etc/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/SoftWare/nginx-1.14.2/logs/nginx.pid
ExecStart=/SoftWare/nginx-1.14.2/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
' 启动服务 '
chmod 754 /etc/systemd/system/nginx.service
systemctl start nginx.service
systemctl enable nginx.service
' 验证 '
netstat -nltp
ps -ef | grep nginx
### 防火墙
' 查看所有已开放端口 '
firewall-cmd --list-all | grep ports
' 开放端口 '
firewall-cmd --zone=public --add-port=80/tcp --permanent
' 关闭端口 '
firewall-cmd --zone=public --remove-port=80/tcp --permanent
' 生效 '
firewall-cmd --reload
' 查看端口是否开放成功 '
firewall-cmd --zone=public --query-port=80/tcp
将 nginx 监听端口改成 8080
vim /SoftWare/nginx-1.14.2/conf/nginx.con
' 重启 nginx 服务 '
systemctl stop nginx.service
systemctl start nginx.service
systemctl enable nginx.service
' 验证 '
netstat -nltp
' 开放8080端口 '
firewall-cmd --zone=public --add-port=8080/tcp --permanent
' 生效 '
firewall-cmd --reload
' 关闭80端口 '
firewall-cmd --zone=public --remove-port=80/tcp --permanent
' 生效 '
firewall-cmd --reload
' 查看所有已开放端口 '
firewall-cmd --list-all | grep ports
通过 8080 端口访问