Nginx (engine x) 是一个高性能的HTTP和反向代理web服务器,同时也提供了IMAP/POP3/SMTP服务。
$ wget http://nginx.org/download/nginx-1.14.2.tar.gz
# 解压源码
$ tar -zxvf nginx-1.14.2.tar.gz
# 进入源码目录
$ cd nginx-1.14.2
$ ./configure
--prefix=/usr/local/nginx --with-http_ssl_module --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --add-module=/usr/local/src/ModSecurity-nginx
$ make
$ make install
要把证书放入到上诉目录
user www www;
worker_processes 8;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65535;
events {
worker_connections 65535;
}
http {
charset utf-8;
include mime.types;
default_type Application/octet-stream;
log_format main escape=json '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time" "$request_body" "$host"';
error_log logs/nginx_error.log error;
#proxy_ignore_client_abort on;
proxy_buffering off;
server_names_hash_bucket_size 128;
client_header_buffer_size 128k;
large_client_header_buffers 4 128k;
client_max_body_size 100m;
client_body_buffer_size 1024k;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
fastcgi_intercept_errors on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-JAVAscript text/css application/xml image/jpeg image/gif image/png;
gzip_vary on;
server_tokens off;
proxy_hide_header X-Powered-By;
proxy_hide_header Server;
fastcgi_hide_header X-Powered-By;
include conf.d/*.conf;
}
初期调试时,请不要调整到指定的5xx页面
error_page 500 502 503 504 /50x.html;
server {
listen 80;
listen 443 ssl;
#域名配置
server_name subdomain.domain.com;
#根目录
root /www/domain/public;
index index.php index.html;
# 没搞明白这里为啥是关闭
ssl off;
# 证书
ssl_certificate /usr/local/nginx/ssl/domain.com.pem;
ssl_certificate_key /usr/local/nginx/ssl/domain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
if ($host !~* ^(.*).domain.com$) {
return 403;
}
# enable HSTS
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;preload" always;
#if ($scheme = http) {
# return 301 https://$host$request_uri;
#}
if ($time_iso8601 ~ "^(d{4}-d{2}-d{2})") {
set $year $1;
set $month $2;
set $day $3;
}
access_log /www/logs/nginx/domain_access_$year-$month-$day.log main;
error_log /www/logs/nginx/domain_error.log error;
# 配置php部分
location / {
try_files $uri $uri/ /index.php?$query_string;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location ~* .php$ {
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
}
#启动
$ /usr/local/nginx/sbin/nginx
#停止
$ /usr/local/nginx/sbin/nginx -s stop
#重启
$ /usr/local/nginx/sbin/nginx -s reload
需要配置服务管理文件
vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After.NETwork.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SElinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
启动
systemctl start nginx
关闭nginx
systemctl stop nginx
重启nginx
systemctl restart nginx
systemctl enable nginx
[root@zjt-baidu nginx-1.14.2]# /usr/local/nginx/sbin/nginx
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
使用ps axf 看看
[root@zjt-baidu ~]# ps axf | grep nginx
2969 pts/2 S+ 0:00 _ grep --color=auto nginx
1295 ? Ss 0:00 nginx: master process /usr/sbin/nginx
1296 ? S 0:00 _ nginx: worker process
1297 ? S 0:00 _ nginx: worker process
不过这个是不严谨的,因为有的时候,会是别的应用程序占用了80的服务端口
那查看端口占用情况
[root@zjt-baidu ~]# netstat -ntlup | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1295/nginx: master
tcp6 0 0 :::80 :::* LISTEN 1295/nginx: master
结束掉相应的进程
[root@zjt-baidu ~]# /usr/local/nginx/sbin/nginx -s stop
nginx: [emerg] unexpected "}" in /usr/local/nginx/conf/nginx.conf:149
缺少分号
#}
include conf.d/*.conf
}
感谢 点赞,收藏,转发。关注我,了解更多软件资讯~!