Nginx安装、默认虚拟主机、Nginx用户认证和域名重定向
6月7日任务
12.6 Nginx安装
12.7 默认虚拟主机
12.8 Nginx用户认证
12.9 Nginx域名重定向
扩展
nginx.conf 配置详解 http://www.ha97.com/5194.htmlhttp://my.oschina.net/duxuefeng/blog/34880
nginx rewrite四种flag http://www.netingcn.com/nginx-rewrite-flag.htmlhttp://unixman.blog.51cto.com/10163040/1711943
12.6 Nginx安装
安装步骤如下:
1、进入SRC目录并使用wget下载Nginx源码包
[root@jimmylinux-001 ~]# cd /usr/local/src [root@jimmylinux-001 src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz [root@jimmylinux-001 src]# ls mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz nginx-1.12.1.tar.gz php-5.6.30 php-5.6.30.tar.gz
2、解压源码包
[root@jimmylinux-001 src]# tar zxf nginx-1.12.1.tar.gz 解压源码包
3、进入到Nginx目录,然后配置文件。
[root@jimmylinux-001 src]# cd nginx-1.12.1 [root@jimmylinux-001 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx
4、编译及编译安装
[root@jimmylinux-001 nginx-1.12.1]# make && make install
[root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx conf html logs sbin [root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/conf 配置文件目录 fastcgi.conf koi-utf nginx.conf uwsgi_params fastcgi.conf.default koi-win nginx.conf.default uwsgi_params.default fastcgi_params mime.types scgi_params win-utf fastcgi_params.default mime.types.default scgi_params.default [root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/html 样例文件 50x.html index.html [root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/logs 日志目录 [root@jimmylinux-001 nginx-1.12.1]# ls /usr/local/nginx/sbin/ 核心进程文件 nginx
[root@jimmylinux-001 nginx-1.12.1]# /usr/local/nginx/sbin/nginx -t -t查看配置文件是否有错
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
5、创建配置文件做一个启动脚本
[root@jimmylinux-001 nginx-1.12.1]# vim /etc/init.d/nginx 添加以下内容 #!/bin/bash # chkconfig: - 30 21 # description: http service. # Source Function Library . /etc/init.d/functions # Nginx Settings NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload() { echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart() { stop start } configtest() { $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL
6、修改权限、把Nginx添加到服务列表、设置开机自启动。
[root@jimmylinux-001 nginx-1.12.1]# chmod 755 /etc/init.d/nginx 修改权限 [root@jimmylinux-001 nginx-1.12.1]# chkconfig --add nginx 添加到服务列表 [root@jimmylinux-001 nginx-1.12.1]# chkconfig nginx on 设置开机自启动
7、配置(编辑)配置文件
[root@jimmylinux-001 nginx-1.12.1]# cd /usr/local/nginx/conf/ [root@jimmylinux-001 conf]# ls fastcgi.conf koi-utf nginx.conf uwsgi_params fastcgi.conf.default koi-win nginx.conf.default uwsgi_params.default fastcgi_params mime.types scgi_params win-utf fastcgi_params.default mime.types.default scgi_params.default [root@jimmylinux-001 conf]# mv nginx.conf nginx.cof.bak 备份自带的Nginx.conf文件 [root@jimmylinux-001 conf]# vim nginx.conf 新建并编辑配置文件 添加以下内容 user nobody nobody; 指定运行用户 worker_processes 2; 指定子进程数量 error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; 指定进程最大连接数 } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server 定义每一个Server对应一个虚拟主机 { listen 80; 监听80端口 server_name localhost; 主机域名 index index.html index.htm index.php; 主页路径 root /usr/local/nginx/html; location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } } }
8、启动Nginx服务
[root@jimmylinux-001 conf]# /usr/local/nginx/sbin/nginx -t 检查语法是否有错 nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@jimmylinux-001 conf]# /etc/init.d/nginx start 启动Nginx Starting nginx (via systemctl): [ 确定 ] [root@jimmylinux-001 conf]# ps aux |grep nginx 查看Nginx服务进程,有小写字母s表示有父进程。 root 1001 0.0 0.0 20540 628 ? Ss 21:52 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 1002 0.0 0.0 22984 3208 ? S 21:52 0:00 nginx: worker process nobody 1003 0.0 0.0 22984 3208 ? S 21:52 0:00 nginx: worker process root 1503 0.0 0.0 112720 980 pts/0 S+ 22:04 0:00 grep --color=auto nginx
Nginx配置完成后localhost测试一下
访问IP地址也同样可以显示欢迎界面
Nginx同样也支持PHP解析
[root@jimmylinux-001 conf]# vim /usr/local/nginx/html/1.php 新建1.php文件
加入以下内容
<?php
echo "This is Nginx test php parsing page.";
?>
12.7 默认虚拟主机
1、编辑Nginx配置文件nginx.conf
[root@jimmylinux-001 conf]# vim nginx.conf
在http最下面的地方加入以下内容
include vhost/*.conf
2、创建子目录并新建配置文件
[root@jimmylinux-001 conf]# mkdir vhost 创建子目录
[root@jimmylinux-001 conf]# cd vhost/
[root@jimmylinux-001 vhost]# vim aaa.com.conf 新建配置文件
加入以下内容
server
{
listen 80 default_server;
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}
3、创建目录并新建一个index.html文件
[root@jimmylinux-001 vhost]# mkdir -p /data/wwwroot/default/
[root@jimmylinux-001 vhost]# cd /data/wwwroot/default/
[root@jimmylinux-001 default]# vim index.html
加入以下内容
This is the default site.
[root@jimmylinux-001 default]# /usr/local/nginx/sbin/nginx -t 检查语法是否有错
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
4、重启Nginx服务
[root@jimmylinux-001 default]# /etc/init.d/nginx restart 重启Nginx服务或重新加载都行
[root@jimmylinux-001 default]# /usr/local/nginx/sbin/nginx -s reload 重新加载配置文件
5、curl命令访问测试
[root@jimmylinux-001 default]# curl localhost
This is the default site.
[root@jimmylinux-001 default]# curl 127.0.0.1
This is the default site.
[root@jimmylinux-001 default]# curl -x127.0.0.1:80 aaa.com
This is the default site.
12.8 Nginx用户认证
1、创建一个虚拟主机
[root@jimmylinux-001 conf]# cd vhost/
[root@jimmylinux-001 vhost]# vim test.com.conf 新建配置文件
增加以下内容
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location /
{
auth_basic "Auth"; 定义用户名
auth_basic_user_file /usr/local/nginx/conf/htpasswd; 用户名密码文件
}
}
2、生成密码文件,可以使用Apache自带的htpasswd工具,如果没有就yum安装后再生成。
[root@jimmylinux-001 vhost]# yum install -y httpd
[root@jimmylinux-001 vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd jimmy -c表示创建用户名为jimmy
New password: 输入密码
Re-type new password: 再次输入相同的密码
Adding password for user jimmy 生成用户jimmy对应的密码
[root@jimmylinux-001 vhost]# cat /usr/local/nginx/conf/htpasswd 查看密码
jimmy:$apr1$VGQQYHsB$8hpeYxjew5BwrzuGJ5APc/
[root@jimmylinux-001 vhost]# htpasswd /usr/local/nginx/conf/htpasswd user1 如果创建第二个用户,这个时候不需要加-c
New password:
Re-type new password:
Adding password for user user1
[root@jimmylinux-001 vhost]# !cat
cat /usr/local/nginx/conf/htpasswd
jimmy:$apr1$VGQQYHsB$8hpeYxjew5BwrzuGJ5APc/
user1:$apr1$yN8V9Tv/$M9H.YcEMHMUR4pD6vl//d/
3、测试配置并重新加载
[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload
重新加载的好处,当你配置文件有问题时,重新加载是不会生效的,不会破坏原来Nginx的服务,万一配置文件有问题,一重启服务停了,那问题就大了,所以还是使用-s加载比较好。 [root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com <html> <head><title>401 Authorization Required</title></head> 401报错说明没有指定用户,需要指定用户验证。 <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.1</center> </body> </html> [root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com -I HTTP/1.1 401 Unauthorized Server: nginx/1.12.1 Date: Thu, 07 Jun 2018 16:05:19 GMT Content-Type: text/html Content-Length: 195 Connection: keep-alive WWW-Authenticate: Basic realm="Auth"
[root@jimmylinux-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com <html> <head><title>404 Not Found</title></head> 404报错,因为访问的index还没有创建,所以会提示404。 <body bgcolor="white"> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.12.1</center> </body> </html>
[root@jimmylinux-001 vhost]# mkdir /data/wwwroot/test.com/ 创建目录
[root@jimmylinux-001 vhost]# echo "test.com" > /data/wwwroot/test.com/index.html 指定index.html文件
[root@jimmylinux-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com 重新测试就可以访问了
test.com
这种认证是针对整个站点进行认证
如果需要对目录进行认证,编辑配置文件指定目录即可。
[root@jimmylinux-001 vhost]# vim test.com.conf
[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com
test.com
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@jimmylinux-001 vhost]# mkdir /data/wwwroot/test.com/admin 创建目录
[root@jimmylinux-001 vhost]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html 创建测试页面
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@jimmylinux-001 vhost]# curl -ujimmy:abcd1234 -x127.0.0.1:80 test.com/admin/ 指定用户名和密码,访问成功。
test.com admin dir
还可以针对URL匹配指定的访问路径,同样是编辑配置文件。
[root@jimmylinux-001 vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location ~ admin.php 匹配php的访问路径
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
12.9 Nginx域名重定向
1、更改配置文件test.com.conf
[root@jimmylinux-001 vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com test2.com test3.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
if ($host != 'test.com' ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
}
2、curl测试
[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@jimmylinux-001 vhost]# /usr/local/nginx/sbin/nginx -s reload
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test2.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:47:36 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/index.html
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test2.com/admin/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:08 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/index.html
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test3.com/admin/index.html/adjlfj -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:35 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/index.html/adjlfj
[root@jimmylinux-001 vhost]# curl -x127.0.0.1:80 test4.com/admin/index.html/adjlfj -I
HTTP/1.1 404 Not Found
Server: nginx/1.12.1
Date: Thu, 07 Jun 2018 16:48:43 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive