依赖的软件
nginx-1.13.5.tar.gz
spawn-fcgi-1.6.4.tar.gz
fcgi-2.4.0.tar.gz
编译安装
[root@Open×××-C ~]# tar xzvf nginx-1.13.5.tar.gz
[root@Open×××-C ~]# cd nginx-1.13.5
[root@Open×××-C nginx-1.13.5]# ./configure --prefix=/usr/local/nginx
./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.
[root@Open×××-C nginx-1.13.5]# yum -y install prce-devel
[root@Open×××-C nginx-1.13.5]# /usr/sbin/groupadd -f www
[root@Open×××-C nginx-1.13.5]# /usr/sbin/useradd -g www www
[root@Open×××-C nginx-1.13.5]# ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module
[root@Open×××-C nginx-1.13.5]# make
[root@Open×××-C nginx-1.13.5]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE Makefile man objs README src
[root@Open×××-C ]# tar xzvf spawn-fcgi-1.6.4.tar.gz
[root@Open×××-C spawn-fcgi-1.6.4]# ls
aclocal.m4 autom4te.cache config.h.in configure depcomp Makefile missing README stamp-h1
AUTHORS CMakeLists.txt config.log configure.ac doc Makefile.am NEWS spawn-fcgi.1
autogen.sh config.h config.status COPYING install-sh Makefile.in packdist.sh src
[root@Open×××-C spawn-fcgi-1.6.4]# ./autogen.sh
./autogen.sh: line 11: autoreconf: command not found
[root@Open×××-C spawn-fcgi-1.6.4]# yum install autoconf automake libtool
[root@Open×××-C spawn-fcgi-1.6.4]# ./autogen.sh
configure.ac:9: installing `./install-sh'
configure.ac:9: installing `./missing'
src/Makefile.am: installing `./depcomp'
Now type './configure ...' and 'make' to compile.
[root@Open×××-C spawn-fcgi-1.6.4]# ./configure
[root@Open×××-C spawn-fcgi-1.6.4]# make
[root@Open×××-C spawn-fcgi-1.6.4]# ls
aclocal.m4 autom4te.cache config.h.in configure depcomp Makefile missing README stamp-h1
AUTHORS CMakeLists.txt config.log configure.ac doc Makefile.am NEWS spawn-fcgi.1
autogen.sh config.h config.status COPYING install-sh Makefile.in packdist.sh src
[root@Open×××-C spawn-fcgi-1.6.4]# cp src/spawn-fcgi
spawn-fcgi spawn-fcgi.c spawn-fcgi.o
[root@Open×××-C spawn-fcgi-1.6.4]# cp src/spawn-fcgi /usr/local/nginx/sbin/
[root@Open×××-C ~]# tar xzvf fcgi-2.4.0.tar.gz
[root@Open×××-C ~]# cd fcgi-2.4.0
[root@Open×××-C fcgi-2.4.0~]# ./configure
[root@Open×××-C fcgi-2.4.0~]# make && make install
颁发证书
[root@Open×××-C ~]# cd /etc/pki/tls/certs
[root@Open×××-C certs]# make server.key
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > server.key
Generating RSA private key, 2048 bit long modulus
......................................................++++++
.............++++++
e is 61251 (0x10001)
Enter pass phrase: 654321 #设置密码
Verifying - Enter pass phrase: 654321
# remove passphrase from private key
[root@localhost certs]# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: 654321 #输入密码
writing RSA key
[root@Open×××-C certs]# make server.csr
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN #国家名称
State or Province Name (full name) [e]:Beijing #州或省的名称
Locality Name (eg, city) [Default City]:Beijing #地点名称(如城市)
Organization Name (eg, company) [Default Company Ltd]:Test 机构名称(如公司)
Organizational Unit Name (eg, section) []:Test Haha 组织单位名称(如部分)
Common Name (eg, your server's hostname) []:www.test.com #常见的名字(例如,您的服务器的主机名)
Email Address []:admin@test.com # 电子邮件地址
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:# 挑战密码
An optional company name []:#一个可选的公司名称
[root@Open×××-C certs]#
[root@Open×××-C certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=Test/OU=Test Haha/CN=www.test.com,/emailAddress=admin@test.com
Getting Private key
[root@Open×××-C certs]# chmod 400 server.*
Nginx配置文件
worker_processes 2;
worker_cpu_affinity 01 10;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
fastcgi_cache_path /usr/local/nginx/fastcgi_cache levels=1:2 keys_zone=cache_fcgi:10m inactive=5m;
server_names_hash_bucket_size 128;
client_header_buffer_size 2k;
large_client_header_buffers 4 4k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_cache cache_fcgi;
fastcgi_cache_key $host$request_uri;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_use_stale error timeout invalid_header http_500;
server {
listen 8088;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.cgi$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.cgi;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
include fastcgi_params;
}
}
}
fastcgi_cache_path /usr/local/nginx/fastcgi_cache levels=1:2 keys_zone=cache_fcgi:10m inactive=5m; #缓存路径文件,目录结构等级,关键字区域实际和非活动时间
fastcgi_connect_timeout=300; #连接到后端fastcgi超时时间
fastcgi_send_timeout=300; #向fastcgi请求超时时间(这个指定值已经完成两次握手后向fastcgi传送请求的超时时间)
fastcgi_rend_timeout=300; #接收fastcgi应答超时时间,同理也是2次握手后
fastcgi_buffer_size=64k; #读取fastcgi应答第一部分需要多大缓冲区,该值表示使用1个64kb的缓冲区读取应答第一部分(应答头),可以设置为fastcgi_buffers选项缓冲区大小
fastcgi_buffers 4 64k;#指定本地需要多少和多大的缓冲区来缓冲fastcgi应答请求,假设一个php或java脚本所产生页面大小为256kb,那么会为其分配4个64kb的缓冲来缓存;若页面大于256kb,那么大于的256kb的部分会缓存到fastcgi_temp指定路径中,这并非是个好办法,内存数据处理快于硬盘,一般该值应该为站点中php/java脚本所产生页面大小中间值,如果站点大部分脚本所产生的页面大小为256kb,那么可把值设置为16 16k,4 64k等
fastcgi_busy_buffers_size 128k; #默认值是fastcgi_buffer的2倍
fastcgi_temp_file_write_size 128k;#写入缓存文件使用多大的数据块,默认值是fastcgi_buffer的2倍
fastcgi_cache cache_fcgi;#开启fastcgi缓存并为其指定为TEST名称,降低cpu负载,防止502错误发生.
#应答代码缓存时间,200和302应答缓存为1个小时,301一天,其他1分钟
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_key $host$request_uri;定义fastcgi_cache的key,示例中就以请求的URI作为缓存的key,Nginx会取这个key的md5作为缓存文件,如果设置了缓存哈希目录,Nginx会从后往前取相应的位数做为目录
[root@Open×××-C nginx-1.13.5]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@Open×××-C nginx-1.13.5]# /usr/local/nginx/sbin/nginx
2)可用“kill -HUP 主进程id ”命令(如:kill -HUP 1)重新加载配置文件。
3)可用“kill -QUIT 主进程id” 命令(如:kill -QUIT 1)关闭Nginx。
测试Nginx
浏览器输入:https://IP:8088/
测试FastCGI
编写了如下的测试程序test.c,代码如下:
#include <stdio.h>
#include <fcgi_stdio.h>
#include <stdlib.h>
int main()
{
int count = 0;
while (FCGI_Accept() >= 0)
{
printf("Content-type: text/html\r\n"
"\r\n"
""
"FastCGI Hello!"
"Rrunning on host [%s] Get str is [%s] "
"Process ID: [%d]\n", getenv("SERVER_NAME"),getenv("QUERY_STRING"), getpid());
}
return 0;
}
[root@Open×××-C ~]#gcc -g -o test test.c -lfcgi
[root@Open×××-C ~]#mv test /usr/local/nginx/sbin/
[root@Open×××-C ~]#/usr/local/nginx/sbin/spawn-fcgi -a 127.0.0.1 -p 9000 -f /usr/local/nginx/sbin/test -n
浏览器输入:https://IP:8088/test.cgi?hellofcgi
FastCGI Hello!Rrunning on host [localhost] Get str is [hellofcgi] Process ID: [2645]
转载于:https://blog.51cto.com/linuxcgi/1969112