nginx 和 mysql 安装

先附上大云资料：

安装nginx。

登录弹性云服务器。
执行以下命令，下载对应当前系统版本的nginx包。
wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
执行以下命令，建立Nginx的yum仓库。
rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm
执行以下命令，安装Nginx。
yum -y install nginx
执行以下命令，启动Nginx并设置开机启动。
systemctl start nginx

systemctl enable nginx
查看启动状态。
systemctl status nginx.service
使用浏览器访问 “http://服务器IP地址”，显示如下页面，说明nginx安装成功。
图1 测试访问nginx

以下是自己公司安装更为详细的资料

查看服务器上安装的nginx版本号，主要是通过nginx的-v或-V选项，查看方法如下图所示

-v 显示 nginx 的版本。

-V 显示 nginx 的版本，编译器版本和配置参数

安装

--with-http_v2_module

[root@zq ~]# nginx -V

nginx version: nginx/1.16.1

built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)

built with OpenSSL 1.0.2k-fips 26 Jan 2017

TLS SNI support enabled

configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

上面是多媒体的nginx模块配置

一般配置【ssl】：

创建虚拟用户：

# useradd -M -s /sbin/nologin arik

tar -xf nginx-1.20.1.tar.gz

[root@ecs-81eb nginx-1.20.1]# pwd

/ArikEnv/nginx-1.20.1

yum install gcc gcc-c++ automake pcre pcre-devel zlip zlib-devel openssl openssl-devel

查看是否存在/usr/local/nginx目录

[root@ecs-81eb nginx-1.20.1]# ls /usr/local/nginx

ls: cannot access /usr/local/nginx: No such file or directory

[root@ecs-81eb nginx-1.20.1]# ./configure --prefix=/usr/local/nginx --user=arik --group=arik --with-http_ssl_module --with-http_v2_module

>>>>>>>>

Configuration summary

+ using system PCRE library

+ using system OpenSSL library

+ using system zlib library

nginx path prefix: "/usr/local/nginx"

nginx binary file: "/usr/local/nginx/sbin/nginx"

nginx modules path: "/usr/local/nginx/modules"

nginx configuration prefix: "/usr/local/nginx/conf"

nginx configuration file: "/usr/local/nginx/conf/nginx.conf"

nginx pid file: "/usr/local/nginx/logs/nginx.pid"

nginx error log file: "/usr/local/nginx/logs/error.log"

nginx http access log file: "/usr/local/nginx/logs/access.log"

nginx http client request body temporary files: "client_body_temp"

nginx http proxy temporary files: "proxy_temp"

nginx http fastcgi temporary files: "fastcgi_temp"

nginx http uwsgi temporary files: "uwsgi_temp"

nginx http scgi temporary files: "scgi_temp"

[root@ecs-81eb nginx-1.20.1]#make

objs/ngx_modules.o \

-ldl -lpthread -lcrypt -lpcre -lssl -lcrypto -ldl -lpthread -lz \

-Wl,-E

sed -e "s|%%PREFIX%%|/usr/local/nginx|" \

-e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \

-e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \

-e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \

< man/nginx.8 > objs/nginx.8

make[1]: Leaving directory `/ArikEnv/nginx-1.20.1'

[root@ecs-81eb nginx-1.20.1]#make install

/usr/local/nginx/sbin/nginx

启动服务后，nginx默认是在80端口启动的，在浏览器输入http://10.0.0.122:80/ (80端口默认可以省略),能正常访问到页面，说明服务启动成功

[root@ecs-81eb nginx-1.20.1]# /usr/local/nginx/sbin/nginx -V

nginx version: nginx/1.20.1

built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)

built with OpenSSL 1.0.2k-fips 26 Jan 2017

TLS SNI support enabled

configure arguments: --prefix=/usr/local/nginx --user=arik --group=arik --with-http_ssl_module

制作成systemctl统一管理Nginx

[root@nglv ~]# cd /etc/systemd/system/

[root@nglv system]# vim nginx.service

[UNIT]


Deion=nginx - high performance web server


Documentation=http://nginx.org/en/docs/


After=network-online.target remote-fs.target nss-lookup.target


Wants=network-online.target


[Service]


Type=forking


PIDFile=/usr/local/nginx/logs/nginx.pid


ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf


ExecReload=/bin/kill -s HUP $MAINPID


ExecStop=/bin/kill -s TERM $MAINPID


[Install]


WantedBy=multi-user.target

切记上面的配置都是以安装目录：/usr/local/nginx

[root@nglv system]# systemctl enable nginx

>>>>>>>

Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /etc/systemd/system/nginx.service.

操作

先cd到/usr/local/nginx/sbin/

1.启动服务

./nginx

2.停止服务,此方式停止步骤是待nginx进程处理任务完毕进行停止。

./nginx -s stop

3.退出服务,此方式相当于先查出nginx进程id再使用kill命令强制杀掉进程。

./nginx -s quit

4.重新加载,当 ngin x的配置文件 nginx.conf 修改后，要想让配置生效需要重启 nginx，使用-s reload不用先停止 ngin x再启动 nginx 即可将配置信息在 nginx 中生效

./nginx -s reload

5.查询nginx进程

ps aux|grep nginx

检查是否启动成功：

打开浏览器访问此机器的 IP，如果浏览器出现 Welcome to nginx! 则表示 Nginx 已经安装并运行成功。

部分命令如下：

重启：

$ /usr/local/nginx/sbin/nginx –s reload

停止：

$ /usr/local/nginx/sbin/nginx –s stop

测试配置文件是否正常：

$ /usr/local/nginx/sbin/nginx –t

强制关闭：

$ pkill nginx

软链接

[root@nglv system]# ln -s /usr/local/nginx/sbin/nginx /usr/bin

[root@nglv system]# ll /usr/bin/ |grep nginx

lrwxrwxrwx 1 root root 27 Jun 15 01:02 nginx -> /usr/local/nginx/sbin/nginx

nginx.conf配置

systemctl配置

nginx启动命令以及与配置systemctl - 简书 (jianshu.com)

接收请求的服务器需要将不同的请求按规则转发到不同的后端服务器上，

在 nginx 中我们可以通过构建虚拟主机（server）的概念来将这些不同的服务配置隔离。

server {
    listen       80;
    server_name  localhost;
    root   html;
    index  index.html index.htm;
}

例如我的两个子项目 passport 和 wan 就可以通过在 nginx 的配置文件中，配置两个 server，server_name 分别为 passport.bigertech.com 和 wan.bigertech.com。

这样的话不同的 url 请求就会对应到 nginx 相应的设置，转发到不同的后端服务器上。

这里的 listen 指监听端口，server_name 用来指定IP或域名，多个域名对应统一规则可以空格分开，

index 用于设定访问的默认首页地址，root 指令用于指定虚拟主机的网页跟目录，

这个地方可以是相对地址也可以是绝对地址。

通常情况下我们可以在 nginx.conf 中配置多个server，对不同的请求进行设置。就像这样：

server {
    listen       80;
    server_name  host1;
    root   html;
    index  index.html index.htm;
}
server {
    listen       80;
    server_name  host2;
    root   /data/www/html;
    index  index.html index.htm;
}

但是当 server 超过2个时，建议将不同对虚拟主机的配置放在另一个文件中，

然后通过在主配置文件 nginx.conf 加上 include 指令包含进来。更便于管理。

include vhosts/*.conf;

就可以把vhosts的文件都包含进去啦。

Localtion

每个 url 请求都会对应的一个服务，nginx 进行处理转发或者是本地的一个文件路径，

或者是其他服务器的一个服务路径。而这个路径的匹配是通过 location 来进行的。

我们可以将 server 当做对应一个域名进行的配置，而 location 是在一个域名下对更精细的路径进行配置。

以上面的例子，可以将root和index指令放到一个location中，那么只有在匹配到这个location时才会访问root后的内容：

    location / {
        root   /data/www/host2;
        index  index.html index.htm;
    }

location 匹配规则

~      波浪线表示执行一个正则匹配，区分大小写
~*    表示执行一个正则匹配，不区分大小写
^~    ^~表示普通字符匹配，如果该选项匹配，只匹配该选项，不匹配别的选项，一般用来匹配目录
=      进行普通字符精确匹配

匹配例子：

location  = / {
  # 只匹配"/".
  [ configuration A ] 
}
location  / {
  # 匹配任何请求，因为所有请求都是以"/"开始
  # 但是更长字符匹配或者正则表达式匹配会优先匹配
  [ configuration B ] 
}
location ^~ /images/ {
  # 匹配任何以 /images/ 开始的请求，并停止匹配 其它location
  [ configuration C ] 
}
location ~* \.(gif|jpg|jpeg)$ {
  # 匹配以 gif, jpg, or jpeg结尾的请求. 
  # 但是所有 /images/ 目录的请求将由 [Configuration C]处理.   
  [ configuration D ] 
}


请求:
/ -> 符合configuration A
/documents/document.html -> 符合configuration B
/images/1.gif -> 符合configuration C
/documents/1.jpg ->符合 configuration D

静态文件映射

访问文件的配置主要有 root 和 alias 两个指令。这两个指令的区别容易弄混：

alias

alias后跟的指定目录是准确的，并且末尾必须加 /。

    location /c/ {
        alias /a/;
    }

如果访问站点http://location/c访问的就是/a/目录下的站点信息。

root

root后跟的指定目录是上级目录，并且该上级目录下要含有和location后指定名称的同名目录才行。

    location /c/ {
        root /a/;
    }

这时访问站点http://location/c访问的就是/a/c目录下的站点信息。

如果你需要将这个目录展开，在这个location的末尾加上「autoindex on; 」就可以了

有时候一个nginx服务就是为了用来下载文件的，网上很多下载服务都是这样的

在http段加上以下参数，重启nginx就行。这样文件点击时是下载的

autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
charset utf-8;

如果要点击时是查看内容，加上default_type text/plain;

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
 
    access_log  /var/log/nginx/access.log  main;
 
    autoindex on;
    autoindex_exact_size off;
    autoindex_localtime on;
    charset utf-8;
 
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;
 
    include             /etc/nginx/mime.types;
    default_type text/plain;
 
 
    server {
        listen       80;
        server_name  repo.e.com;
        root         /opt/repo;
 
        location / {
        }
 
        error_page 404 /404.html;
        location = /404.html {
        }
 
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }
}

配置起来很简单比如我要将所有的请求到转移到真正提供服务的一台机器的 8001 端口，只要这样：

location / {
    proxy_pass 172.16.1.1:8001;
}

这样访问host时，就都被转发到 172.16.1.1的8001端口去了。

负载均衡

upstream myserver; {
    ip_hash;    
    server 172.16.1.1:8001;
    server 172.16.1.2:8002;
    server 172.16.1.3;
    server 172.16.1.4;
}
location / {
    proxy_pass http://myserver;
}

我们在 upstream 中指定了一组机器，并将这个组命名为 myserver，

这样在 proxypass 中只要将请求转移到 myserver 这个 upstream 中我们就实现了在四台机器的反向代理加负载均衡。

其中的 ip_hash 指明了我们均衡的方式是按照用户的 ip 地址进行分配。另外还有轮询、指定权重轮询、fair、url_hash几种调度算法。

更详细配置参考下链接

Nginx的配置文件详解（超详细）_wangbin_0729的博客-CSDN博客_nginx配置文件

润生的配置实例：

相对默认nginx.conf配置变化的是：

默认：

#user  nobody;
worker_processes  1;


#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;


#pid        logs/nginx.pid;

变化：****************

user root rssit;

worker_processes 4;

error_log /var/log/nginx/error.log warn;

pid /var/run/nginx.pid;

events {

worker_connections 1024;

}

旧：

http {
    include       mime.types;
    default_type  application/octet-stream;


    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';


    #access_log  logs/access.log  main;


    sendfile        on;
    #tcp_nopush     on;


    #keepalive_timeout  0;
    keepalive_timeout  65;


    #gzip  on;

新：

http {

include mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;

#tcp_nopush on;

keepalive_timeout 65;

旧：

    server {
        listen       80;
        server_name  localhost;


        #charset koi8-r;


        #access_log  logs/host.access.log  main;
。。。。


# HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;


    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;


    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;


    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;


    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

新：

server {

listen 443;

server_name sit.gdrsgg.com;

ssl on;

#root html;

#证书文件

ssl_certificate cert/cert.crt;

#私钥文件

ssl_certificate_key cert/cert_private.key;

ssl_session_timeout 5m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }

location ~ \.php$ {

root /var/www; #指定php的根目录

fastcgi_pass 127.0.0.1:9000;#php-fpm的默认端口是9000

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include fastcgi_params;

}

location /yfr/ {

root html;

index index.html;

try_files $uri $uri/ /yfr/index.html;

add_header Last-Modified $date_gmt;

add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';

if_modified_since off;

expires off;

etag off;

}

location /frmall/ {

root html;

index index.html;

try_files $uri $uri/ /frmall/index.html;

}

location /card/ {

root html;

index index.html;

try_files $uri $uri/ /card/index.html;

}

location /oilVoice/ {

root html;

index index.html;

try_files $uri $uri/ /yfr/index.html;

}

location /frbqd/ {

root html;

index index.html;

}

location /csxqd/ {

root html;

index index.html;

}

location /mallqd/ {

root html;

index index.html;

}

location ~ .*/yfrapi/.*txt$ {

root /usr/local/nginx/html;

}

location /frbmems/ {

#root html;

proxy_pass http://localhost:8010/frbmems/;

proxy_set_header Host $host;

proxy_redirect http:// https://;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /mallems/ {

#root html;

proxy_pass http://localhost:8050/mallems/;

proxy_set_header Host $host;

proxy_redirect http:// https://;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /csxems/ {

#root html;

proxy_pass http://localhost:9020/csxems/;

proxy_set_header Host $host;

proxy_redirect http:// https://;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /yfrapi/ {

proxy_pass http://localhost:8020/yfrapi/;

proxy_set_header Host $host;

proxy_redirect off;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /csxapi/ {

proxy_pass http://localhost:9010/csxapi/;

proxy_set_header Host $host;

proxy_redirect off;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /mallapi/ {

proxy_pass http://localhost:8040/mallapi/;

proxy_set_header Host $host;

proxy_redirect off;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /cardapi/ {

proxy_pass http://localhost:8060/cardapi/;

proxy_set_header Host $host;

proxy_redirect off;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

location /frschedule/ {

proxy_pass http://localhost:8030/frschedule/;

proxy_set_header Host $host;

proxy_redirect off;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 1000m;

}

error_page 404 /404.html;

location = /404.html {

root /usr/share/nginx/html;

}

include /usr/local/nginx/conf/conf.d/*.conf;

润生完整配置

user  root rssit;
worker_processes  4;


error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;




events {
    worker_connections  1024;
}




http {
    include       mime.types;
    default_type  application/octet-stream;


    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';


    access_log  /var/log/nginx/access.log  main;


    sendfile        on;
    #tcp_nopush     on;


    keepalive_timeout  65;


    server {
   	listen 443;
    	server_name sit.gdrsgg.com;
    	ssl on;
	#root html;
	#证书文件
    	ssl_certificate   cert/cert.crt;
	#私钥文件
    	ssl_certificate_key  cert/cert_private.key;
    	ssl_session_timeout 5m;
    	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    	ssl_prefer_server_ciphers on;






	 location ~ \.php$ {
                        root /var/www; #指定php的根目录
                        fastcgi_pass 127.0.0.1:9000;#php-fpm的默认端口是9000
                        fastcgi_index index.php;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                        include fastcgi_params;
         }


	location /yfr/ {
		root html;
		index index.html;
		try_files $uri $uri/ /yfr/index.html;


		add_header Last-Modified $date_gmt;
          add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
          if_modified_since off;
          expires off;
          etag off;
	}


	location /frmall/ {
                root html;
                index index.html;
                try_files $uri $uri/ /frmall/index.html;
        }


	location /card/ {
                root html;
                index index.html;
                try_files $uri $uri/ /card/index.html;
        }


	 location /oilVoice/ {
                root html;
                index index.html;
                try_files $uri $uri/ /yfr/index.html;
        }


	
	location /frbqd/ {
                root html;
                index index.html;
        }


	location /csxqd/ {
                root html;
                index index.html;
        }     
	location /mallqd/ {
                root html;
                index index.html;
        }
	


	location ~ .*/yfrapi/.*txt$ {
		root /usr/local/nginx/html;
	}


	location /frbmems/ {
		#root	html;
                proxy_pass  http://localhost:8010/frbmems/;
                proxy_set_header Host $host;
                proxy_redirect http:// https://;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;
        }


	location /mallems/ {
                #root   html;
                proxy_pass  http://localhost:8050/mallems/;
                proxy_set_header Host $host;
                proxy_redirect http:// https://;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;
        }


	location /csxems/ {
                #root   html;
                proxy_pass  http://localhost:9020/csxems/;
                proxy_set_header Host $host;
                proxy_redirect http:// https://;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;
        }


	
	location /yfrapi/ {
                proxy_pass  http://localhost:8020/yfrapi/;
                proxy_set_header Host $host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;
                
        }


	location /csxapi/ {
                proxy_pass  http://localhost:9010/csxapi/;
                proxy_set_header Host $host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;


        }


	 location /mallapi/ {
                proxy_pass  http://localhost:8040/mallapi/;
                proxy_set_header Host $host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;


        }


	location /cardapi/ {
                proxy_pass  http://localhost:8060/cardapi/;
                proxy_set_header Host $host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;


        }    
	


	location /frschedule/ {
                proxy_pass  http://localhost:8030/frschedule/;
                proxy_set_header Host $host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                client_max_body_size 1000m;
        }


        error_page  404              /404.html;


        location = /404.html {
            root   /usr/share/nginx/html;
        }
    }


    include /usr/local/nginx/conf/conf.d/*.conf;
}

nginx配置检测：

# nginx -t -c /usr/local/nginx/conf/nginx.conf

一定要绝对路径

安装sql 本资料来源于华为技术精简化流程：

安装MySQL。

依次执行以下命令，安装MySQL。
wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql57-community-release-el7-10.noarch.rpm

yum -y install mysql-community-server --nogpgcheck
依次执行以下命令，启动MySQL服务并设置开机自启动。
systemctl start mysqld

systemctl enable mysqld

查看MySQL运行状态。

systemctl status mysqld.service

[root@ecs-adc3 ~]# systemctl status mysqld.service
● mysqld.service - MySQL Server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2021-08-16 19:33:40 CST; 36s ago
     Docs: man:mysqld(8)
           http://dev.mysql.com/doc/refman/en/using-systemd.html
 Main PID: 7916 (mysqld)
   CGroup: /system.slice/mysqld.service
           └─7916 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid

Aug 16 19:33:35 ecs-adc3 systemd[1]: Starting MySQL Server...
Aug 16 19:33:40 ecs-adc3 systemd[1]: Started MySQL Server.

执行以下命令，获取安装MySQL时自动设置的root用户密码。
grep 'temporary password' /var/log/mysqld.log
回显如下类似信息。
```
2018-08-29T07:27:37.541944Z 1 [Note] A temporary password is generated for root@localhost: 2YY?3uHUA?Ys
```

执行以下命令，并按照回显提示信息进行操作，加固MySQL。

mysql_secure_installation

Securing the MySQL server deployment.

Enter password for user root: #输入上一步骤中获取的安装MySQL时自动设置的root用户密码
The existing password for the user account root has expired. Please set a new password.

New password: #设置新的root用户密码

Re-enter new password: #再次输入密码
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration of the plugin.
Using existing password for root.

Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : N #是否更改root用户密码，输入N

... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y #是否删除匿名用户，输入Y
Success.

Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y #禁止root远程登录，输入Y
Success.

By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y #是否删除test库和对它的访问权限，输入Y
- Dropping test database...
Success.

- Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y #是否重新加载授权表，输入Y
Success.

All done!

posted @ 2022-11-19 16:33 稷下元歌阅读(216) 评论(0) 编辑收藏举报

刷新页面返回顶部

法师-谢双元

nginx 和 mysql 安装

公告