nginx安装

前言：

Nginx是一个异步框架的Web服务器，也可以用作反向代理，负载平衡器 和 HTTP缓存。该软件由Igor Sysoev 创建，并于2004年首次公开发布。 同名公司成立于2011年，以提供支持。 Nginx是一款免费的开源软件，根据类BSD许可证的条款发布。

 

安装编译工具、依赖包

[root@Mike-VM-Node-172_31_225_214 ~]#  yum -y install gcc gcc-c++ autoconf automake make zlib zlib-devel openssl openssl-devel pcre pcre-devel wget vim tar curl gd-devel

以上安装的是一些主要的依赖包，具体可根据自己情况或者报错信息提示安装或修改

 

创建用户和组

[root@Mike-VM-Node-172_31_225_214 ~]# useradd -M -s /sbin/nologin nginx

新建的用户组和用户主要是在编译配置的时候指定nginx运行的用户和用户组,这样指定后以后配置使用也方便

 

下载解压nginx

[root@Mike-VM-Node-172_31_225_214 ~]# cd /usr/local/
[root@Mike-VM-Node-172_31_225_214 /usr/local]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@Mike-VM-Node-172_31_225_214 /usr/local]# tar zxvf nginx-1.18.0.tar.gz 
[root@Mike-VM-Node-172_31_225_214 /usr/local]# rm -rf nginx-1.18.0.tar.gz

 

编译安装

[root@Mike-VM-Node-172_31_225_214 /usr/local]# cd nginx-1.18.0/
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module  --with-http_realip_module --with-http_image_filter_module --with-stream
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# make && make install

 

添加环境变量

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# ln -sv /usr/local/nginx/sbin/nginx /usr/local/sbin

 

设置 systemctl 脚本启动

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx-1.18.0]# cd 
[root@Mike-VM-Node-172_31_225_214 ~]# vim /usr/lib/systemd/system/nginx.service

[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target

[root@Mike-VM-Node-172_31_225_214 ~]#

 

启动 NGINX和添加防火墙 80 443 端口

[root@Mike-VM-Node-172_31_225_214 ~]# systemctl start nginx
[root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
[root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --zone=public --add-port=443/tcp --permanent
[root@Mike-VM-Node-172_31_225_214 ~]# firewall-cmd --reload

如果iptables防火墙
[root@Mike-VM-Node-172_31_225_214 ~]# vim /etc/sysconfig/iptables

-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT

[root@Mike-VM-Node-172_31_225_214 ~]# systemctl restart iptables

 

修改nginx默认主配置文件

[root@Mike-VM-Node-172_31_225_214 ~]# 
[root@Mike-VM-Node-172_31_225_214 ~]# cd /usr/local/nginx/conf/
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# cat nginx.conf

user nginx nginx;
worker_processes auto;

error_log  logs/error.log ;
worker_rlimit_nofile 65535;
pid        logs/nginx.pid;

events {
    use epoll;
    worker_connections  65535;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format upstream2 '$proxy_add_x_forwarded_for $remote_user [$time_local] "$request" $http_host'
        '$body_bytes_sent "$http_referer" "$http_user_agent" $ssl_protocol $ssl_cipher'
        '$request_time [$status] [$upstream_status] [$upstream_response_time] "$upstream_addr"';
   
   access_log  logs/access.log;
   
   server_names_hash_bucket_size 128;
   server_names_hash_max_size    1024;
   client_header_buffer_size 32k;
   large_client_header_buffers 4 32k;
   client_max_body_size 50m;

   sendfile        on;
   tcp_nopush      on;
   server_tokens   off;
   tcp_nodelay     on;
   keepalive_timeout        120;

   proxy_connect_timeout    1000s;
   proxy_read_timeout       2000;
   proxy_send_timeout       2000;
   proxy_buffer_size        128k;
   proxy_buffers            4 256k;
   proxy_busy_buffers_size  256k;
   proxy_redirect           off;
   proxy_hide_header        Vary;
   proxy_set_header         Accept-Encoding '';
   proxy_set_header         Host   $host;
   proxy_set_header         Referer $http_referer;
   proxy_set_header         X-Real-IP  $remote_addr;
   proxy_set_header         X-Forwarded-For $proxy_add_x_forwarded_for;


   fastcgi_connect_timeout 300;
   fastcgi_send_timeout 300;
   fastcgi_read_timeout 300;
   fastcgi_buffer_size 64k;
   fastcgi_buffers 4 64k;
   fastcgi_busy_buffers_size 128k;
   fastcgi_temp_file_write_size 128k;

   gzip on;
   gzip_buffers 16 8k;
   gzip_comp_level 6;
   gzip_http_version 1.1;
   gzip_min_length 256;
   gzip_proxied any;
   gzip_vary on;
   gzip_types
   text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
   text/javascript application/javascript application/x-javascript
   text/x-json application/json application/x-web-app-manifest+json
   text/css text/plain text/x-component
   font/opentype application/x-font-ttf application/vnd.ms-fontobject
   image/x-icon image/jpeg image/gif image/png;
   gzip_disable  "msie6";


   #If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
   #open_file_cache max=1000 inactive=20s;
   #open_file_cache_valid 30s;
   #open_file_cache_min_uses 2;
   #open_file_cache_errors on;



    server {
        listen   80;
        server_name  _;
        rewrite ^(.*) https://www.baidu.com/$1 permanent;

    ####跨域问题##################################    
        location ~* \.(eot|ttf|woff|svg|otf)$ {
          add_header Access-Control-Allow-Origin *;
        }

    ####PHP虚拟配置###############################
        #location ~ [^/]\.php(/|$) {
        #    root html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        #    include        fastcgi.conf;
        #}
    }

   ####默认配置SSL证书#############################
   #server {
   #
   #     listen   443 default_server;
   #     server_name  _;
   #     ssl on;
   #     ssl_certificate ssl/test.com/chao.crt;
   #     ssl_certificate_key ssl/test.com/chao.key;
   #     ssl_session_timeout 1d;
   #     ssl_session_cache shared:SSL:50m;
   #     ssl_session_tickets off;
   #     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   #     rewrite ^(.*) https://www.baidu.com/$1 permanent;
   #}

##########################vhost#####################################
include  conf.d/*.conf;
}

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# 
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# nginx -s reload

默认80端口已经被我重定向到百度首页，创建网站站点需要新建虚拟文件如下

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# mkdir conf.d
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf]# cd conf.d/
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# 
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# vim test.conf

server
    {
        listen 80;
        server_name test.com;
        index index.html index.php index.htm default.html default.htm default.php;
        root  /www/nginx/html;

         error_log  /data/logs/nginx_log/test.com/error.log;
         access_log  /data/logs/nginx_logs/test.com/access.log;
        

        location ~* \.(eot|otf|ttf|woff|woff2|svg)$ {
        add_header Access-Control-Allow-Origin *;
        }


        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }


    }

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -s reload
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#

 

如果有使用PHP代码是这样配置，如下

[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# vim php.conf

server
    {
        listen 80;
        server_name php.com;
        index index.html index.php index.htm default.html default.htm default.php;
        root  /www/nginx/html;

         error_log  /data/logs/nginx_log/php.com/error.log;
         access_log  /data/logs/nginx_logs/php.com/access.log;
        
        
       location ~ [^/]\.php(/|$)
        {
            try_files $uri =404;
            fastcgi_pass  127.0.0.1:9000;
            fastcgi_index index.php;
            include fastcgi.conf;
        set $real_script_name $fastcgi_script_name;
        if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
        set $real_script_name $1;
        set $path_info $2;
       }
      fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
      fastcgi_param SCRIPT_NAME $real_script_name;
      fastcgi_param PATH_INFO $path_info;
      }

        location ~* \.(eot|otf|ttf|woff|woff2|svg)$ {
        add_header Access-Control-Allow-Origin *;
        }


        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }


    }
    
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]# nginx -s reload
[root@Mike-VM-Node-172_31_225_214 /usr/local/nginx/conf/conf.d]#

主配置文件下要把PHP虚拟配置注释打开（nginx.conf）不然不生效哦！！！！

 

本文分享完毕，感谢支持点赞~~