Nginx安装、默认虚拟主机、Nginx用户认证和域名重定向

6月7日任务

12.6 Nginx安装
12.7 默认虚拟主机
12.8 Nginx用户认证
12.9 Nginx域名重定向

扩展
nginx.conf 配置详解 http://www.ha97.com/5194.htmlhttp://my.oschina.net/duxuefeng/blog/34880
nginx rewrite四种flag http://www.netingcn.com/nginx-rewrite-flag.htmlhttp://unixman.blog.51cto.com/10163040/1711943

 

12.6 Nginx安装

安装步骤如下:

1、进入SRC目录并使用wget下载Nginx源码包

[root@jimmylinux-001 ~]# cd /usr/local/src

[root@jimmylinux-001 src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz

[root@jimmylinux-001 src]# ls
mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz  nginx-1.12.1.tar.gz  php-5.6.30  php-5.6.30.tar.gz

2、解压源码包

[root@jimmylinux-001 src]# tar zxf nginx-1.12.1.tar.gz  解压源码包

3、进入到Nginx目录,然后配置文件。

[root@jimmylinux-001 src]# cd nginx-1.12.1

[root@jimmylinux-001 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx

4、编译及编译安装

[root@jimmylinux-001 nginx-1.12.1]# make && make install
[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx
conf  html  logs  sbin

[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/conf  配置文件目录
fastcgi.conf            koi-utf             nginx.conf           uwsgi_params
fastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.default
fastcgi_params          mime.types          scgi_params          win-utf
fastcgi_params.default  mime.types.default  scgi_params.default

[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/html  样例文件
50x.html  index.html

[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/logs  日志目录

[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/sbin/  核心进程文件
nginx

  [root@jimmylinux-001 nginx-1.12.1]# /usr/local/nginx/sbin/nginx -t  -t查看配置文件是否有错
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

5、创建配置文件做一个启动脚本

[root@jimmylinux-001 nginx-1.12.1]# vim /etc/init.d/nginx

添加以下内容

#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() 
{
    echo -n $"Starting $prog: "
    mkdir -p /dev/shm/nginx_temp
    daemon $NGINX_SBIN -c $NGINX_CONF
    RETVAL=$?
    echo
    return $RETVAL
}
stop() 
{
    echo -n $"Stopping $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -TERM
    rm -rf /dev/shm/nginx_temp
    RETVAL=$?
    echo
    return $RETVAL
}
reload()
{
    echo -n $"Reloading $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -HUP
    RETVAL=$?
    echo
    return $RETVAL
}
restart()
{
    stop
    start
}
configtest()
{
    $NGINX_SBIN -c $NGINX_CONF -t
    return 0
}
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  reload)
        reload
        ;;
  restart)
        restart
        ;;
  configtest)
        configtest
        ;;
  *)
        echo $"Usage: $0 {start|stop|reload|restart|configtest}"
        RETVAL=1
esac
exit $RETVAL

6、修改权限、把Nginx添加到服务列表、设置开机自启动。

[root@jimmylinux-001 nginx-1.12.1]# chmod 755 /etc/init.d/nginx  修改权限

[root@jimmylinux-001 nginx-1.12.1]# chkconfig --add nginx  添加到服务列表

[root@jimmylinux-001 nginx-1.12.1]# chkconfig nginx on  设置开机自启动

7、配置(编辑)配置文件

[root@jimmylinux-001 nginx-1.12.1]# cd /usr/local/nginx/conf/

[root@jimmylinux-001 conf]# ls
fastcgi.conf            koi-utf             nginx.conf           uwsgi_params
fastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.default
fastcgi_params          mime.types          scgi_params          win-utf
fastcgi_params.default  mime.types.default  scgi_params.default

[root@jimmylinux-001 conf]# mv nginx.conf nginx.cof.bak  备份自带的Nginx.conf文件

[root@jimmylinux-001 conf]# vim nginx.conf  新建并编辑配置文件

添加以下内容

user nobody nobody;   指定运行用户
worker_processes 2;    指定子进程数量
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
    use epoll;
    worker_connections 6000;  指定进程最大连接数
}
http
{
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 3526;
    server_names_hash_max_size 4096;
    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
    ' $host "$request_uri" $status'
    ' "$http_referer" "$http_user_agent"';
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 30;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 8 4k;
    request_pool_size 4k;
    output_buffers 4 32k;
    postpone_output 1460;
    client_max_body_size 10m;
    client_body_buffer_size 256k;
    client_body_temp_path /usr/local/nginx/client_body_temp;
    proxy_temp_path /usr/local/nginx/proxy_temp;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    fastcgi_intercept_errors on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm 
    application/xml;
    server                      定义每一个Server对应一个虚拟主机
    {
        listen 80;  监听80端口
        server_name localhost;  主机域名
        index index.html index.htm index.php;  主页路径
        root /usr/local/nginx/html;
        location ~ \.php$ 
        {
            include fastcgi_params;
            fastcgi_pass unix:/tmp/php-fcgi.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
        }    
    }
}

8、启动Nginx服务

[root@jimmylinux-001 conf]# /usr/local/nginx/sbin/nginx -t  检查语法是否有错
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@jimmylinux-001 conf]# /etc/init.d/nginx start  启动Nginx
Starting nginx (via systemctl):                            [  确定  ]

[root@jimmylinux-001 conf]# ps aux |grep nginx  查看Nginx服务进程,有小写字母s表示有父进程。
root       1001  0.0  0.0  20540   628 ?        Ss   21:52   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody     1002  0.0  0.0  22984  3208 ?        S    21:52   0:00 nginx: worker process
nobody     1003  0.0  0.0  22984  3208 ?        S    21:52   0:00 nginx: worker process
root       1503  0.0  0.0 112720   980 pts/0    S+   22:04   0:00 grep --color=auto nginx

 

Nginx配置完成后localhost测试一下

访问IP地址也同样可以显示欢迎界面

Nginx同样也支持PHP解析

[root@jimmylinux-001 conf]# vim /usr/local/nginx/html/1.php  新建1.php文件

加入以下内容

  <?php
  echo "This is Nginx test php parsing page.";
  ?>

 

12.7 默认虚拟主机

1、编辑Nginx配置文件nginx.conf

[root@jimmylinux-001 conf]# vim nginx.conf

在http最下面的地方加入以下内容

include vhost/*.conf

2、创建子目录并新建配置文件

[root@jimmylinux-001 conf]# mkdir vhost  创建子目录

[root@jimmylinux-001 conf]# cd vhost/

[root@jimmylinux-001 vhost]# vim aaa.com.conf  新建配置文件

加入以下内容

server
{
    listen 80 default_server;  
    server_name aaa.com;
    index index.html index.htm index.php;
    root /data/wwwroot/default;
}

3、创建目录并新建一个index.html文件

[root@jimmylinux-001 vhost]# mkdir -p /data/wwwroot/default/

[root@jimmylinux-001 vhost]# cd /data/wwwroot/default/

[root@jimmylinux-001 default]# vim index.html

加入以下内容

This is the default site.
[root@jimmylinux-001 default]# /usr/local/nginx/sbin/nginx -t  检查语法是否有错
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

4、重启Nginx服务

[root@jimmylinux-001 default]# /etc/init.d/nginx restart  重启Nginx服务或重新加载都行

[root@jimmylinux-001 default]# /usr/local/nginx/sbin/nginx -s reload  重新加载配置文件

5、curl命令访问测试

[root@jimmylinux-001 default]# curl localhost
This is the default site.

[root@jimmylinux-001 default]# curl 127.0.0.1
This is the default site.

[root@jimmylinux-001 default]# curl -x127.0.0.1:80 aaa.com
This is the default site.

 

12.8 Nginx用户认证

1、创建一个虚拟主机

[root@jimmylinux-001 conf]# cd vhost/

[root@jimmylinux-001 vhost]# vim test.com.conf  新建配置文件

增加以下内容

server
{
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    
    location  /
    {
        auth_basic              "Auth";  定义用户名
        auth_basic_user_file   /usr/local/nginx/conf/htpasswd;  用户名密码文件
    }
}

2、生成密码文件,可以使用Apache自带的htpasswd工具,如果没有就yum安装后再生成。

[root@jimmylinux-001 vhost]# yum install -y httpd

[root@jimmylinux-001 vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd jimmy  -c表示创建用户名为jimmy
New password:  输入密码 
Re-type new password: 再次输入相同的密码
Adding password for user jimmy  生成用户jimmy对应的密码

[root@jimmylinux-001 vhost]# cat /usr/local/nginx/conf/htpasswd  查看密码
jimmy:$apr1$VGQQYHsB$8hpeYxjew5BwrzuGJ5APc/

[root@jimmylinux-001 vhost]# htpasswd /usr/local/nginx/conf/htpasswd user1  如果创建第二个用户,这个时候不需要加-c
New password: 
Re-type new password: 
Adding password for user user1

[root@jimmylinux-001 vhost]# !cat
cat /usr/local/nginx/conf/htpasswd
jimmy:$apr1$VGQQYHsB$8hpeYxjew5BwrzuGJ5APc/
user1:$apr1$yN8V9Tv/$M9H.YcEMHMUR4pD6vl//d/

3、测试配置并重新加载

[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload  
重新加载的好处,当你配置文件有问题时,重新加载是不会生效的,不会破坏原来Nginx的服务,万一配置文件有问题,一重启服务停了,那问题就大了,所以还是使用-s加载比较好。 [root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com <html> <head><title>401 Authorization Required</title></head> 401报错说明没有指定用户,需要指定用户验证。 <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.1</center> </body> </html> [root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com -I HTTP/1.1 401 Unauthorized Server: nginx/1.12.1 Date: Thu, 07 Jun 2018 16:05:19 GMT Content-Type: text/html Content-Length: 195 Connection: keep-alive WWW-Authenticate: Basic realm="Auth"
[root@jimmylinux-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com
<html>
<head><title>404 Not Found</title></head>  404报错,因为访问的index还没有创建,所以会提示404。
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

 [root@jimmylinux-001 vhost]# mkdir /data/wwwroot/test.com/  创建目录
 

 [root@jimmylinux-001 vhost]# echo "test.com" > /data/wwwroot/test.com/index.html 指定index.html文件
 

 [root@jimmylinux-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com  重新测试就可以访问了
 test.com

 

这种认证是针对整个站点进行认证

如果需要对目录进行认证,编辑配置文件指定目录即可。

[root@jimmylinux-001 vhost]# vim test.com.conf

[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload

[root@jimmylinux
-001 vhost]# curl -x127.0.0.1:80 test.com test.com
[root@jimmylinux
-001 vhost]# curl -x127.0.0.1:80 test.com/admin/ <html> <head><title>401 Authorization Required</title></head> <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.1</center> </body> </html>
[root@jimmylinux
-001 vhost]# mkdir /data/wwwroot/test.com/admin 创建目录
[root@jimmylinux
-001 vhost]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html 创建测试页面 [root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com/admin/ <html> <head><title>401 Authorization Required</title></head> <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.1</center> </body> </html>
[root@jimmylinux
-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com/admin/ 指定用户名和密码,访问成功。 test.com admin dir

还可以针对URL匹配指定的访问路径,同样是编辑配置文件。

[root@jimmylinux-001 vhost]# vim test.com.conf

server
{
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;

    location  ~ admin.php  匹配php的访问路径
    {
        auth_basic              "Auth";
        auth_basic_user_file   /usr/local/nginx/conf/htpasswd;
    }
}

 

12.9 Nginx域名重定向

1、更改配置文件test.com.conf

[root@jimmylinux-001 vhost]# vim test.com.conf

server
{
    listen 80;
    server_name test.com test2.com test3.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != 'test.com' ) {
        rewrite  ^/(.*)$  http://test.com/$1  permanent;
    }

}

2、curl测试

[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload

[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test2.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:47:36 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/index.html

[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test2.com/admin/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:08 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/index.html

[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test3.com/admin/index.html/adjlfj -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:35 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/index.html/adjlfj

[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test4.com/admin/index.html/adjlfj -I
HTTP/1.1 404 Not Found
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:43 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

 

 

 

 

 

 

posted @ 2018-06-07 18:01  吉米乐享驿站  阅读(954)  评论(0编辑  收藏  举报