logo头像
ICQL

430_nginx

yum安装nginx

  • 1.yum install nginx
  • 2.配置文件在 /etc/nginx/nginx.conf
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;

    # Load dynamic modules. See /usr/share/nginx/README.dynamic.
    include /usr/share/nginx/modules/*.conf;

    events {
    worker_connections 1024;
    }

    http {
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;


    include /etc/nginx/conf.d/*.conf;

    # index
    server {
    listen 80;
    listen 443 ssl;
    server_name icql.work;

    ssl_certificate /icql.work/sslcert/icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    charset utf-8;

    location / {
    root /icql.work/index;
    index index.html index.htm;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    # file
    server {
    listen 80;
    listen 443 ssl;
    server_name file.icql.work;

    ssl_certificate /icql.work/sslcert/file.icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/file.icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    charset utf-8;
    location / {
    root /icql.work/file;
    index index.html index.htm;
    }
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    # blog
    server {
    listen 80;
    listen 443 ssl;
    server_name blog.icql.work;

    ssl_certificate /icql.work/sslcert/blog.icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/blog.icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    charset utf-8;
    location / {
    root /icql.work/blog;
    index index.html index.htm;
    }
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    # doc
    server {
    listen 80;
    listen 443 ssl;
    server_name doc.icql.work;

    ssl_certificate /icql.work/sslcert/doc.icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/doc.icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    charset utf-8;
    location / {
    root /icql.work/doc;
    index index.html index.htm;
    }
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    # git
    server {
    listen 80;
    listen 443 ssl;
    server_name git.icql.work;

    ssl_certificate /icql.work/sslcert/git.icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/git.icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    charset utf-8;
    client_max_body_size 500m;

    location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    proxy_pass https://127.0.0.1:3000;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    # api
    server {
    listen 80;
    listen 443 ssl;
    server_name api.icql.work;

    ssl_certificate /icql.work/sslcert/api.icql.work.pem;
    ssl_certificate_key /icql.work/sslcert/api.icql.work.key;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    charset utf-8;
    client_max_body_size 500m;

    location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    proxy_pass https://127.0.0.1:10001;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    if ($server_port = 80){
    return 301 https://$server_name$request_uri;
    }
    }
    }

源码安装nginx

  • 1.依赖安装
    1
    2
    3
    4
    yum install gcc-c++
    yum install -y pcre pcre-devel
    yum install -y zlib zlib-devel
    yum install -y openssl openssl-devel
    2、把nginx的源码上传到linux系统
    • 使用 notepad++插件操作文件
    • XShell 可直接拖拽文件上传到linux当前目录
      3、把压缩包解压缩 tar -zxvf nginx-1.8.0.tar.gz
      4、进行configure
      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      ./configure \
      --prefix=/usr/local/nginx \
      --pid-path=/usr/local/nginx/logs/nginx.pid \
      --lock-path=/usr/local/nginx/lock/nginx.lock \
      --error-log-path=/usr/local/nginx/logs/error.log \
      --http-log-path=/usr/local/nginx/logs/access.log \
      --http-client-body-temp-path=/usr/local/nginx/tmp/client \
      --http-proxy-temp-path=/usr/local/nginx/tmp/proxy \
      --http-fastcgi-temp-path=/usr/local/nginx/tmp/fastcgi \
      --http-uwsgi-temp-path=/usr/local/nginx/tmp/uwsgi \
      --http-scgi-temp-path=/usr/local/nginx/tmp/scgi \
      --with-http_gzip_static_module \
      --with-http_stub_status_module \
      --with-http_ssl_module \
      --with-openssl=/data/package/openssl-1.1.1
    • 后2行是 ssl 模块
    • 注意:上边将临时文件目录指定为/usr/local/nginx/tmp,需要mkdir /usr/local/nginx/tmp
      1
      mkdir /var/tmp/nginx
      5、make
      6、make install
      7、进入 /usr/local/nginx/sbin
      8、打开80端口:查看 firewall-cmd –zone=public –query-port=80/tcp 和 重启防火墙firewall-cmd –reload
      9、启动/停止nginx:
      • /usr/local/nginx/sbin/nginx
      • /usr/local/nginx/sbin/nginx -s stop
      • /usr/local/nginx/sbin/nginx -s reload
        10、浏览器输入 ip 查看是否成功

配置nginx(/usr/local/nginx/conf/nginx.conf)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
server {
listen 80;
listen 443 ssl;
server_name icql.work;

ssl_certificate cert/1541656533632.pem;
ssl_certificate_key cert/1541656533632.key;

ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;


charset utf-8;

location / {
root html;
index index.html index.htm;
}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

if ($server_port = 80){
return 301 https://$server_name$request_uri;
}
}

配置nginx开机自启

* Systemd服务文件以.service结尾,比如现在要建立nginx为开机启动,如果用yum install命令安装的,yum命令会自动创建nginx.service文件,直接用命令systemctl enable nginx.service 设置开机启动即可。
* 在这里我是用源码编译安装的,所以要手动创建nginx.service服务文件。开机没有登陆情况下就能运行的程序,存在系统服务(system)里,即:/lib/systemd/system/
* 在系统服务目录里创建nginx.service文件  vi /lib/systemd/system/nginx.service 内容如下
1
2
3
4
5
6
7
8
9
10
11
12
13
[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target
[Unit]:服务的说明 Description:描述服务 After:描述服务类别 [Service]服务运行参数的设置 Type=forking是后台运行的形式 ExecStart为服务的具体运行命令 ExecReload为重启命令 ExecStop为停止命令 PrivateTmp=True表示给服务分配独立的临时空间 注意:[Service]的启动、重启、停止命令全部要求使用绝对路径 [Install]运行级别下服务安装的相关设置,可设置为多用户,即系统运行级别为3 * 保存退出 * 设置开机启动 systemctl enable nginx.service * 其他命令 启动nginx服务 systemctl start nginx.service  设置开机自启动 systemctl enable nginx.service 停止开机自启动 systemctl disable nginx.service 查看服务当前状态 systemctl status nginx.service 重新启动服务 systemctl restart nginx.service  查看所有已启动的服务 systemctl list-units --type=service
微信打赏

赞赏是不耍流氓的鼓励

den-lg">上一篇