CentOS 安装nginx 过程记录

硬件环境：

云端：

阿里云轻量应用服务器
地区：香港
CPU：1核
内存：1G
带宽：30Mbps的码
操作系统：Centos7.6

nextcloud服务器

树莓派3B
操作系统：nextcloudPi 14
内网穿透组件
frp0.21

部署

下面开始在Centos下的上部署的nginx的

创建一个文件参考：https：//www.nginx.com/resources/wiki/start/topics/tutorials/install/

# vim /etc/yum.repos.d/nginx.repo 
 
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

notereleasever 需要替换为7

开始安装

参考：http：//blog.51cto.com/liqingbiao/2286134

# yum install nginx -y
.....................省略
Installed:
  nginx.x86_64 1:1.14.0-1.el7_4.ngx                                                                                                     
 
Complete!
 
# systemctl enable nginx
# systemctl start  nginx
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
# systemctl status nginx.service -l  //执行这行命令查看错误信息
● nginx.service - nginx - high performance web server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2018-12-13 19:29:44 CST; 1min 44s ago
     Docs: http://nginx.org/en/docs/
  Process: 16958 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)
 
Dec 13 19:29:41 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:42 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:42 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:43 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:43 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:44 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] still could not bind()
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: nginx.service: control process exited, code=exited status=1
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: Failed to start nginx - high performance web server.
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: Unit nginx.service entered failed state.
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: nginx.service failed.

可能出现的问题

执行 #systemctl start nginx会报错，报错信息提示80端口已经被占用，但是我们应该不能直接去关闭80端口，而应该把配置修改一下换一个端口再进行启动nginx，* 修改配置方法如下：

这里参考：https：//blog.csdn.net/xie_xiansheng/article/details/78028051

# vim /etc/nginx/conf.d/default.conf
//文件开头
server {
    listen       80;
    server_name  localhost;
 
    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;
 
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
 
    #error_page  404              /404.html;
 
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
.......................省略
 
//--------------------需要把 listen   80; 改成 8080--------------------
server {
    listen       8080;
    server_name  localhost;
 
    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;
 
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
 
    #error_page  404              /404.html;
 
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
.......................省略

启动

改完之后执行的nginx的的启动

# systemctl start nginx     //启动nginx

到这里就启动成功了。

nginx相关配置文件/etc/nginx/nginx.conf

# vim /etc/nginx/conf.d/default.conf

后面的过程可以参考别的博客，有要补充的我再补充。以上2018-12-13日修改

// ------------------------------------------------- 2018-12-14日晚上补充--------------------------------------------------------------------

安装证书

参考：

https://www.jianshu.com/p/226d99e96a1a

https://blog.csdn.net/fengcai0123/article/details/80540386

以上2篇文章结合着看
我的步骤：

//创建目录
# cd /etc/nginx/
# mkdir cert
//把阿里云下载的证书压缩包解压到/etc/nginx/cert/目录下
# ls cert/
1614607_www.mryarnell.top.key  1614607_www.mryarnell.top.pem
//然后在conf.d/目录下创建一个文件
# cd conf.d/
# vim ssl
//以下内容复制到文件中
server{
    listen       443;
    server_name  www.mryarnell.top;
 
    ssl                  on;
    ssl_certificate      cert/1614607_www.mryarnell.top.pem;
    ssl_certificate_key  cert/1614607_www.mryarnell.top.key;
 
    ssl_session_timeout  5m;
 
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;
 
    location /images {
       root /usr/share/nginx;
    }
 
    location / {
		proxy_ssl_server_name on;
		proxy_pass https://www.mryarnell.top:8643;
    }
 
    error_page  404              /404.html;
    location = /404.html {
       root   /usr/share/nginx/html;
    }
 
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
      root   /usr/share/nginx/html;
    }
}
 
//:wq 保存

最后重启nginx

$ service nginx restart 

反向代理

以下过程要实现nginx反向代理frp - >树莓派
参考：
http：//www.wangxianfeng.cn/wordpress/2018/06/10/nginx%E5%8F%8D%E5%90%91%E4%BB%A3%E7%90%86frp%E7%BC% 93％E5％AD％98％E5％8A％A0％E9％80％9Fhttphttps /

主要要改变的是SSL文件中的位置{}中的内容
参照上面贴出来的！

location / {
		proxy_ssl_server_name on;
		proxy_pass https://www.mryarnell.top:8643;
    }

解决URL中带端口号的问题

//----------------------------------- 2018-12-24日更新 --------------------------------------------------------------------
解决了访问网页时URL中会带有端口号，导致https SSL证书失效，访问失败的问题。
参考：https://blog.csdn.net/hejun1218/article/details/73385437

在nginx中配置server侦听非443端口时，我们在访问时会在url中加入对应的端口号，如http://xxx.xxx.xxx:8643但如果在nginx服务器前有另一台服务器作为用户首先访问的web服务器，这台服务器设置了端口转发，将443端口获得的请求转发到nginx中的对应端口中，如8643，这时用户使用的url是没有端口号，但nginx会自动增加端口号到url上，很可能导致用户访问失败，可以将location 中增加 proxy_set_header Host $host; ，即可解决此问题（在实际工作遇到，特此记下）