nginx相关配置

- hosts: 172.16.1.88
  tasks: 
    - name: install nginx depend pcre-devel
      yum: name=pcre-devel state=installed
    - name: install nginx depend openssl-devel
      yum: name=openssl-devel state=installed
    - name: create user www
      user: name=www state=present createhome=no
    

perl 的依赖包pcre-devel
openssl-devel:使系统支持https方式访问
wget http://nginx.org/download/nginx-1.18.0.tar.gz
nginx.org
./configure --prefix=/application/nginx-18.0 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module
make
make install
创建nginx链接目录

[root@web01 ~]# /application/nginx/sbin/nginx -V
nginx version: nginx/1.18.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/application/nginx-18.0/ --user=www --group=www --with-http_ssl_module --with-http_stub_status_module

-t 检查配置是否正确

-s stop
reload

conf 目录
nginx.conf
组成
main 区块
event区块
http nginx http功能区块
server 网站主机区块
location nginx 匹配或者定位

worker进程处理服务

worker_processes  1;
events {
    worker_connections  1024;#最大请求数
}
http {
    include       mime.types; #媒体资源库
    default_type  application/octet-stream;
    sendfile        on;#开启高校传输
    keepalive_timeout  65;#链接超时 连接着不干事了就断开
    server {   #网站设置
        listen       80;
        server_name  localhost; #服务域名主机名
        location / {
            root   html;#站点目录用户要的文件信息
            index  index.html index.htm;#首页文件默认
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

访问日志：

 #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
   remote_addr访问客户端源主机的地址
   remote_user访问客户端用户认证信息
   time_local 访问事件
   request 请求行
   status  状态码信息
   bosy_bytes_sent   服务器响应客户端的数据大小信息
   http_refer       记录连接到网站的域名信息
   http_user_agent 客户端软件标识火狐手机端等
   http_x_forward_for    反向代理

access_log logs/accesslog main

nginx.org/en/docs/http/ngx_http_access_module.html#deny

nginx_http_access_module
location /AV {
deney 10.0.0.0/24;
allow 172.16.1.0/24;
}
location
=精确匹配uri信息 优先级最高
location = / {

}

区分大小写匹配uri信息
~*不区分大小写匹配网站uri资源信息
/av/ 指定匹配网站资源目录信息
location /documents/{
}

^~ 优先匹配uri信息
location ^~ /images/{
}

/ 默认匹配网站资源信息
nginx rewrite功能
实现域名地址的重写。
伪静态的功能
redirect 暂时跳转
permant 永久跳转
server {
location {
server_name bbs.etiantian.org
if ($host\ast {"}^{e}tiantian.org$"){
rewrite ^/(.*) http://bbs.etiantian.org/$1 permant;
}

}

}
nginx 反向代理负载均衡
webclient 反向代理 web服务器