- hosts: 172.16.1.88
tasks:
- name: install nginx depend pcre-devel
yum: name=pcre-devel state=installed
- name: install nginx depend openssl-devel
yum: name=openssl-devel state=installed
- name: create user www
user: name=www state=present createhome=no
perl 的依赖包pcre-devel
openssl-devel:使系统支持https方式访问
wget http://nginx.org/download/nginx-1.18.0.tar.gz
nginx.org
./configure --prefix=/application/nginx-18.0 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module
make
make install
创建nginx链接目录
[root@web01 ~]# /application/nginx/sbin/nginx -V
nginx version: nginx/1.18.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/application/nginx-18.0/ --user=www --group=www --with-http_ssl_module --with-http_stub_status_module
-t 检查配置是否正确
-s stop
reload
conf 目录
nginx.conf
组成
main 区块
event区块
http nginx http功能区块
server 网站主机区块
location nginx 匹配或者定位
worker进程处理服务
worker_processes 1;
events {
worker_connections 1024;#最大请求数
}
http {
include mime.types; #媒体资源库
default_type application/octet-stream;
sendfile on;#开启高校传输
keepalive_timeout 65;#链接超时 连接着不干事了就断开
server { #网站设置
listen 80;
server_name localhost; #服务域名主机名
location / {
root html;#站点目录用户要的文件信息
index index.html index.htm;#首页文件默认
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
访问日志:
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
remote_addr访问客户端源主机的地址
remote_user访问客户端用户认证信息
time_local 访问事件
request 请求行
status 状态码信息
bosy_bytes_sent 服务器响应客户端的数据大小信息
http_refer 记录连接到网站的域名信息
http_user_agent 客户端软件标识火狐手机端等
http_x_forward_for 反向代理
access_log logs/accesslog main
nginx.org/en/docs/http/ngx_http_access_module.html#deny
nginx_http_access_module
location /AV {
deney 10.0.0.0/24;
allow 172.16.1.0/24;
}
location
=精确匹配uri信息 优先级最高
location = / {
-
}
-
区分大小写匹配uri信息
~*不区分大小写匹配网站uri资源信息
/av/ 指定匹配网站资源目录信息
location /documents/{
}
^~ 优先匹配uri信息
location ^~ /images/{
}
/ 默认匹配网站资源信息
nginx rewrite功能
实现域名地址的重写。
伪静态的功能
redirect 暂时跳转
permant 永久跳转
server {
location {
server_name bbs.etiantian.org
if (
h
o
s
t
∗
"
e
t
i
a
n
t
i
a
n
.
o
r
g
host ~* "^etiantian.org
host ∗"etiantian.org"){
rewrite ^/(.*) http://bbs.etiantian.org/$1 permant;
}
}
}
nginx 反向代理负载均衡
webclient 反向代理 web服务器