RedHat7安装Nginx及第三方模块
编译安装Nginx
- 先安装编译过程中所需依赖包
# yum -y install gcc pcre-devel openssl-devel zlib-devel - jemalloc(更好的内存管理)
# wget http://www.canonware.com/download/jemalloc/jemalloc-4.0.4.tar.bz2
# tar -jxvf jemalloc-4.0.4.tar.bz2 && cd jemalloc-4.0.4
# ./configure
# make && make install
# echo '/usr/local/lib' > /etc/ld.so.conf.d/local.conf
# ldconfig
备注:如果解压失败,遇到如下问题
解决方法:安装bzip2tar (child): lbzip2: Cannot exec: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error is not recoverable: exiting now
# yum install bzip2 - lua模块
lua-nginx-module来自大牛agentzh的开源项目,在Nginx中嵌入Lua语言,使之可以支持强大Lua语法
1. 下载LuaJIT2.0并安装
切换到上级目录 # cd ..
# wget http://luajit.org/download/LuaJIT-2.0.4.tar.gz
# tar -zxvf LuaJIT-2.0.4.tar.gz && cd LuaJIT-2.0.4
# make && make install
2. 下载并解压ngx_devel_kit和lua-nginx-module
切换到上级目录 # cd ..
下载ngx_devel_kit-0.2.19.tar.gz (https://codeload.github.com/simpl/ngx_devel_kit/tar.gz/v0.2.19)
解压 # tar -zxvf ngx_devel_kit-0.2.19.tar.gz
下载lua-nginx-module-0.9.20rc2.tar.gz (https://codeload.github.com/openresty/lua-nginx-module/tar.gz/v0.9.20rc2)
解压 # tar -zxvf lua-nginx-module-0.9.20rc2.tar.gz
3. 导入环境变量
# export LUAJIT_LIB=/usr/local/lib
# export LUAJIT_INC=/usr/local/include/luajit-2.0 - ngx_cache_purge模块(Nginx清除缓存模块)
切换到上级目录 # cd ..
下载 # wget http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz
解压 # tar -zxvf ngx_cache_purge-2.3.tar.gz - 下载Nginx源码包
# wget http://nginx.org/download/nginx-1.9.9.tar.gz - 解压Nginx源码包
# tar -zxvf nginx-1.9.9.tar.gz && cd nginx-1.9.9 - 编译安装Nginx
# ./configure \
--sbin-path=/usr/local/nginx/nginx \
--conf-path=/usr/local/nginx/nginx.conf \
--pid-path=/var/run/nginx.pid \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-ipv6 \
--with-http_v2_module \
--add-module=../ngx_cache_purge-2.3 \
--add-module=../lua-nginx-module-0.9.20rc2 \
--add-module=../ngx_devel_kit-0.2.19 \
--with-ld-opt='-ljemalloc' \
--with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'
# make -j2 && make install - 创建Nginx启动脚本
# vi /etc/init.d/nginx
#!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: NGINX is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/usr/local/nginx/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -` if [ -z "`grep $user /etc/passwd`" ]; then useradd -r -M -s /sbin/nologin $user fi options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac
- 设置Nginx服务开机自启动
# chmod +x /etc/init.d/nginx
# chkconfig nginx on - 开通防火墙
# firewall-cmd --permanent --add-service={http,https}
# firewall-cmd --reload - 新建网站根目录并更改SELinux类型
# mkdir -p /data/www && chcon -t httpd_sys_content_t -R /data/www/ - 创建conf目录,用于存放Nginx各类配置文件
# mkdir /usr/local/nginx/conf - 创建gzip.conf配置文件
# vi /usr/local/nginx/conf/gzip.conf
gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 3; gzip_proxied any; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
- 创建no-default配置文件
# vi /usr/local/nginx/conf/no-default.conf
# Drop requests for unknown hosts # # If no default server is defined, nginx will use the first found server. # To prevent host header attacks, or other potential problems when an unknown # servername is used in a request, it's recommended to drop the request # returning 444 "no response". server { listen 80 default_server; return 444; }
- 创建example.com配置文件(假设example.com的站点在这台服务器上)
# vi /usr/local/nginx/conf/example.com.conf
server { listen [::]:80; listen 80; server_name www.example.com; return 301 $scheme://example.com$request_uri; } server { listen [::]:80; listen 80; server_name example.com; root /data/www/example.com; error_page 404 /404.html; location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ \.jsp$ { proxy_set_header X-Real-IP $remote_addr; proxy_pass http://127.0.0.1:8080; } }
- 修改Nginx配置文件
# vi /usr/local/nginx/nginx.conf
user nginx nginx; worker_processes auto; error_log logs/error.log warn; pid /var/run/nginx.pid; worker_rlimit_nofile 8192; events { worker_connections 8000; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; charset utf-8; index index.html index.htm index.php index.jsp; sendfile on; tcp_nopush on; server_tokens off; keepalive_requests 20; keepalive_timeout 65; include conf/*.conf; }
- 启动Nginx
# service nginx start
备注:
详细编译选项:
./configure \ --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_stub_status_module \ --with-http_auth_request_module \ --with-mail \ --with-mail_ssl_module \ --with-file-aio \ --with-ipv6 \ --with-http_spdy_module \ --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'
yum安装Nginx
- 添加Nginx源
# wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
# rpm -Uvh nginx-release-centos-7-0.el7.ngx.noarch.rpm - 安装Nginx
# yum install nginx
对应不同系统的RPM包
RedHat6(64bit) http://nginx.org/packages/rhel/6/x86_64/RPMS/nginx-1.8.0-1.el6.ngx.x86_64.rpm
CentOS7(64bit) http://nginx.org/packages/centos/7/x86_64/RPMS/nginx-1.8.0-1.el7.ngx.x86_64.rpm
