1Nginx安装-2搭建基于域名的多虚拟机主机-3基于端口的多虚拟主机-4解决恶意域名绑定配置-5日志切割

一  Nginx安装

1.安装依赖库和下载安装包（指定编译参数需要安装gcc编译器）
yum -y install pcre pcre-devel openssl-devel openssh gcc gcc-c++
rpm -qa pcre pcre-devel openssl openssl-devel gcc gcc-c++
yum -y install wget
wget http://nginx.org/download/nginx-1.17.4.tar.gz
tar zxvf nginx-1.17.4.tar.gz

sed -i 's/1.17.4/ /;s/nginx\//nginx/' src/core/nginx.h   隐藏版本号
cd zxvf nginx-1.17.4
useradd -s /sbin/nologin nginx

2.预编译
 ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module
结果输出0则说明命令执行成功
echo $?

3.编译安装
make && make install
结果输出0则说明命令执行成功
echo $?

4.启动Nginx
/usr/local/nginx/sbin/nginx -t 测试
/usr/local/nginx/sbin/nginx   启动
/usr/local/nginx/sbin/nginx -s reload （平滑重启）
#查看编译参数
/usr/local/nginx/sbin/nginx -V 

5.打开浏览器输入本机ip测试
192.168.67.8

_______________________________________________________________________

二 搭建基于域名的多虚拟机主机

1 过滤#及空行，编辑nginx.conf主配文件
egrep -v "#|^$" nginx.conf.default >nginx.conf   
vim /usr/local/nginx/conf/nginx.conf

worker_processes  1;
error_log logs/error.log error;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    #nginx vhosts config
    include extra/www.conf;
    include extra/bbs.conf;
    include extra/blog.conf;
}

2.创建配置文件目录及配置文件
mkdir /usr/local/nginx/conf/extra
touch extra/{www,bbs,blog}.conf
vim /usr/local/nginx/conf/extra/www.conf

server {
    listen       80;
    server_name  www.tangbin.com;
    location / {
        root   /var/html/www;
        index  index.html index.htm;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
    access_log logs/www_access.log main;
}

vim /usr/local/nginx/conf/extra/bbs.conf

server {
    listen       80;
    server_name  bbs.tangbin.com;
    location / {
        root   /var/html/bbs;
        index  index.html index.htm;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
    access_log logs/bbs_access.log main;
}

vim /usr/local/nginx/conf/extra/blog.conf

server {
    listen       80;
    server_name  blog.tangbin.com;
    location / {
        root   /var/html/blog;
        index  index.html index.htm;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
    access_log logs/blog_access.log main;
}

3.创建站点目录
mkdir -p /var/html/{www,bbs,blog}
touch /var/html/{www,bbs,blog}/index.html
for name in www bbs blog;do echo "http:$name.tangbin.com" >/var/html/$name/index.html;done

4.重启web服务

/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx 

/usr/local/nginx/sbin/nginx -s reload

如果配置基于域名的多虚拟机主机，使用IP地址访问默认访问第一个server

_______________________________________________________________________________

三 基于端口的多虚拟主机

在基于域名的多虚拟机主机的基础上，修改两个server使用同一个域名，不同的端口，重启，使用不同的端口访问。
vim /usr/local/nginx/conf/extra/www.conf

server {
    listen       8000;
    server_name  www.tangbin.com;
    location / {
        root   /var/html/www;
        index  index.html index.htm;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
    access_log logs/www_access.log main;
}

vim /usr/local/nginx/conf/extra/bbs.conf

server {
    listen       8001;
    server_name  www.tangbin.com;
    location / {
        root   /var/html/bbs;
        index  index.html index.htm;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
    access_log logs/bbs_access.log main;
}

/usr/local/nginx/sbin/nginx  -t

/usr/local/nginx/sbin/nginx  -s reload

预览

______________________________________________________________________________

四  解决恶意域名绑定配置

vim  /usr/local/nginx/conf/nginx.conf

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';


    server {
                listen 80;
                location / {
                deny all;
                }
          }
    #nginx vhosts config
    include extra/www.conf;
    include extra/bbs.conf;
    include extra/blog.conf;
}

添加了

server {
                listen 80;
                location / {
                deny all;
                }
          }

浏览器访问

——————————————————————————————————————————

五  日志切割
ll  /usr/local/nginx/logs

mkdir -p /server/scripts

编辑脚本

vim  /server/scripts/auto_cutting_nginx_log.sh

mv  /usr/local/nginx/logs/www_access.log  /usr/local/nginx/logs/www_access_$(date +%Y%m%d).log
/usr/local/nginx/sbin/nginx -s reload

chmod +x /server/scripts/auto_cutting_nginx_log.sh

测试
date -s "2019/10/22"
/bin/sh /server/scripts/auto_cutting_nginx_log.sh

定时任务每天切割
 crontab -e

#cutting nginx access log
00 00 * * * /bin/sh /server/scripts/auto_cutting_nginx_log.sh

每分钟切割
#cutting nginx access log
* * * * * /bin/sh /server/scripts/auto_cutting_nginx_log.sh

检查结果
crontab -l|tail -2

ll  /usr/local/nginx/logs 

生产脚本如下

#!/bin/bash
#Automatic Cutting of Nginx logs
nginx=(
    [0]=access.log
    [1]=/usr/local/nginx
    [2]=access_`date +%Y%m%d`.log
    [3]=error.log
    [4]=error_`date +%Y%m%d`.log
    [5]=`ps -ef |grep nginx|awk '/master/ {print $2}'`
)
#分割日志
mv ${nginx[1]}/logs/${nginx[0]} ${nginx[1]}/logs/${nginx[2]}
mv ${nginx[1]}/logs/${nginx[3]} ${nginx[1]}/logs/${nginx[4]}
#kill -USR1 PID向Nginx主进程发送USR1信号。USR1信号是重新打开日志文件
kill -USR1 ${nginx[5]}
if [ $? -eq 0 ]
then
echo -e "\033[32m The ${nginx[2]} Cutting Successfully \033[0m"
echo -e "\033[32m The ${nginx[4]} Cutting Successfully \033[0m"
fi