nginx安装部署
目录说明:
包目录:/usr/local/src
安装目录: /usr/local/nginx
日志目录:/data/wwwlogs/nginx/
安装步骤:
1、创建用户
groupadd www
useradd -r -g www www -s /sbin/nologin
2、导入安装包
cd /usr/local/src
rz nginx-1.20.1.tar.gz
tar zxf nginx-1.20.1.tar.gz
3、安装依赖
yum install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y
4、安装前检查
mkdir -p /data/wwwlogs/nginx/log
cd nginx-1.20.1
./configure \
--prefix=/usr/local/nginx \
--sbin-path=/usr/local/nginx/sbin/nginx \
--conf-path=/usr/local/nginx/conf/nginx.conf \
--error-log-path=/data/wwwlogs/nginx/log/error.log \
--http-log-path=/data/wwwlogs/nginx/log/access.log \
--pid-path=/usr/local/nginx/var/nginx.pid \
--lock-path=/usr/local/nginx/var/nginx.lock \
--http-client-body-temp-path=/tmp/clientbody \
--http-proxy-temp-path=/tmp/proxy \
--http-fastcgi-temp-path=/tmp/fastcgi \
--http-uwsgi-temp-path=/tmp/uwsgi \
--http-scgi-temp-path=/tmp/scgi \
--user=www \
--group=www \
--with-file-aio \
--with-http_realip_module \
--with-http_ssl_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-pcre \
--without-select_module \
--without-poll_module \
--without-http_ssi_module \
--without-http_userid_module \
--without-http_geo_module \
--without-http_empty_gif_module \
--without-http_map_module \
--without-mail_pop3_module \
--without-mail_imap_module \
--with-pcre --with-stream \
--without-mail_smtp_module
5、安装:
make && make install
ln -s /usr/local/nginx/sbin/nginx /sbin/nginx
6、配置文件模板:
Server配置文件目录:/usr/local/nginx/conf/vhosts
主配置文件:nginx.conf
user www; worker_processes 4; error_log /data/wwwlogs/nginx/log/error .log error; pid /var/run/nginx/nginx .pid; worker_rlimit_nofile 65535; events { worker_connections 65535; use epoll; multi_accept on; } http { include mime.types; default_type application /octet-stream ; client_body_buffer_size 8k; client_body_temp_path /tmp/client_body_temp ; client_body_timeout 30; client_header_buffer_size 64k; large_client_header_buffers 4 64k; client_header_timeout 30; client_max_body_size 100m; #keepalive_disable msie6 safari; keepalive_timeout 30; tcp_nodelay on; send_timeout 60; sendfile on; tcp_nopush on; server_names_hash_max_size 512; server_names_hash_bucket_size 128; server_tokens off; open_file_cache off; #index index index.php index.html index.htm; #fastcgi fastcgi_connect_timeout 300; fastcgi_read_timeout 300; fastcgi_send_timeout 300; fastcgi_temp_path /tmp/fastcgi_temp 1 2; fastcgi_buffer_size 64k; fastcgi_buffers 256 4k; fastcgi_max_temp_file_size 256k; fastcgi_intercept_errors on; fastcgi_index index.php; #proxy proxy_temp_path /tmp/proxy_temp ; proxy_buffer_size 4k; proxy_buffering on; proxy_buffers 256 4k; proxy_busy_buffers_size 8k; #gzip gzip on; gzip_buffers 16 4k; gzip_comp_level 5; gzip_http_version 1.1; gzip_min_length 1024; gzip_types text /css text /xml text /plain text /javascript application /javascript application /x-javascript application /xml application /rss +xml; #realip module #web-firewall回源地址 set_real_ip_from 121.43.18.0 /24 ; set_real_ip_from 120.55.177.0 /24 ; set_real_ip_from 123.57.117.0 /24 ; set_real_ip_from 60.205.193.64 /27 ; set_real_ip_from 118.178.15.0 /24 ; set_real_ip_from 47.101.16.64 /27 ; set_real_ip_from 47.97.242.96 /27 ; set_real_ip_from 39.96.119.0 /24 ; set_real_ip_from 47.108.23.192 /26 ; set_real_ip_from 120.25.115.0 /24 ; set_real_ip_from 120.27.173.0 /24 ; set_real_ip_from 120.76.16.0 /24 ; set_real_ip_from 60.205.193.96 /27 ; set_real_ip_from 39.106.237.192 /26 ; set_real_ip_from 47.106.31.0 /24 ; set_real_ip_from 112.124.159.0 /24 ; set_real_ip_from 47.99.20.0 /24 ; set_real_ip_from 39.104.199.128 /26 ; set_real_ip_from 101.200.106.0 /24 ; set_real_ip_from 120.55.107.0 /24 ; set_real_ip_from 182.92.253.32 /27 ; set_real_ip_from 120.78.44.128 /26 ; set_real_ip_from 106.15.101.96 /27 ; set_real_ip_from 47.98.74.0 /25 ; set_real_ip_from 39.96.130.0 /24 ; set_real_ip_from 47.104.53.0 /26 ; #SLB代理回源地址 set_real_ip_from 100.116.236.0 /24 ; set_real_ip_from 100.116.251.0 /24 ; set_real_ip_from 100.116.226.0 /24 ; #本地回源地址 set_real_ip_from 10.0.0.0 /8 ; set_real_ip_from 172.16.0.0 /16 ; set_real_ip_from 192.168.0.0 /16 ; real_ip_header X-Forwarded-For; real_ip_recursive on; #log log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$upstream_response_time" "$request_time" ' ; access_log off; #virtualhost include vhosts/*.conf; } |