1.安装依赖项
yum install -y openssl* pcre* gcc unzip gcc-c++ patch
2.下载nginx安装包
cd /usr/local
wget http://nginx.org/download/nginx-1.12.1.tar.gz
tar -xvf nginx-1.12.1.tar.gz
3.下载upstream相关
浏览器打开 https://codeload.github.com/yaoweibin/nginx_upstream_check_module/zip/master
将下载后的nginx_upstream_check_module放到服务器/usr/local下
4.开始安装nginx
cd nginx-1.12.1
patch -p1 < /usr/local/nginx_upstream_check_module-master/check_1.12.1+.patch
./configure --add-module=/usr/local/nginx_upstream_check_module-master --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module
make
make install
5.测试安装
/usr/local/nginx/sbin/nginx -t
6.启动命令
//启动
/usr/local/nginx/sbin/nginx
//关闭
/usr/local/nginx/sbin/nginx -s stop
或者 : nginx -s quit
//重启
/usr/local/nginx/sbin/nginx -s reload
7.修改防火墙端口配置
//打开防火墙文件
sudo vim /etc/sysconfig/iptables
//新增行 开放80端口
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
//保存退出
:wq
//重启防火墙
sudo service iptables restart
8.nginx配置讲解
//编辑nginx.conf
sudo vim /usr/local/nginx/conf/nginx.conf
//增加行
include nghost/*.conf
//保存退出
:wq
//在/usr/local/nginx/conf目录新建nghost文件夹
mkdir nghost
cd nghost
mkdir test.com.conf
//创建每个域名的配置
vim test.com.conf
//节点中增加入响应的配置 端口转发 或者访问文件系统
upstream wxapi {
server 192.168.0.163:80;
}
server {
listen 80;
server_name wxapi.test.com;
location / {
proxy_set_header Host wxapi.test.com;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://wxapi;
fastcgi_buffers 8 128k;
send_timeout 120;
}
}
https相关配置如下
upstream userapi {
server 机器ip1:端口;
server 机器ip2:端口;
check interval=5000 rise=1 fall=3 timeout=3000
keepalive 50;
}
server {
listen 443 ssl;
server_name userapi.xxx.com;
ssl on;
ssl_certificate sslkey/user/userapi.xxx.com.pem;
ssl_certificate_key sslkey/user/userapi.xxx.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!aNULL:!eNULL;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Remote_Addr $http_true_client_ip;
proxy_redirect off;
proxy_pass http://userapi;
fastcgi_buffers 8 128k;
send_timeout 60;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128M;
}
}
//重启nginx
/usr/local/nginx/sbin/nginx -s reload
//输入ip或域名测试配置是否成功