一、下载配置安装Nginx
1.1 前言:
进入官网下载nginx安装包,截止到目前最新版为nginx1.12.1,本站使用的nginx版本为1.12也属于新版!
二、下载编译
cd /usr/local/src
wget http://nginx.org/download/nginx-1.12.1.tar.gz //下载地址会随时更新,建议直接到官网下载
tar zxf nginx-1.12.1.tar.gz
./configure --prefix=/usr/local/nginx
make && make install
echo $?
2.1 Nginx目录
我们在安装完成后有如下四个目录: conf , html , logs , sbin
conf:nginx配置文件
html:主页样例文件
logs:站点日志
sbin:核心进程文件
/usr/local/nginx/sbin/nginx -t //测试配置语法错误
三、配置
3.1 制作启动脚本
vim /etc/init.d/nginx
拷贝如下内容:
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
3.2 更改权限
chmod 755 /etc/init.d/nginx
3.3 配置开机启动
chkconfig --add nginx
chkconfig nginx on
3.4 编辑配置文件
cd /usr/local/nginx/conf/
mv nginx.conf nginx.conf.bak //不使用系统自带的配置模板,把自带的备份下
vim nginx.conf
//拷贝如下配置文件:
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
3.5 配置详解(详解参照另外一篇文章):
user nobody nobody; 运行服务的用户是谁
worker_processes 2;定义子进程的数量
worker_rlimit_nofile 51200;最多可以打开多少个文件
worker_connections 6000;允许最大的连接数
server; 下面对应的就是虚拟主机配置
server_name localhost;定义网站的域名
root /usr/local/nginx/html;定义网站的根目录
location ~ \.php$;配置解析PHP
fastcgi_pass unix:/tmp/php-fcgi.sock;监听端口或者监听socket,通过此命令去执行
fastcgi_pass 127.0.0.1:9000;(或者携程这种方式,服务器IP地址+端口)
3.6 启动nginx服务
/usr/local/nginx/sbin/nginx -t
/etc/init.d/nginx start
curl localhost //本地测试 nginx
[[email protected]03 conf]# vim /usr/local/nginx/html/1.php //编辑一个测试php页面
[[email protected]03 conf]# curl localhost/1.php
this is a test php page.
四、Nginx默认主机
4.1 编辑配置文件:
vim /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/conf
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include vhost/*.conf;
}
4.2 创建虚拟server
cd /usr/local/nginx/conf
mkdir vhost
cd vhost/
vim haha.com.conf
//增加如下配置:
server
{
listen 80 default_server;
server_name haha.com;
index index.html index.htm index.php;
root /data/wwwroot/www.haha.com;
}
listen 80 default_server; // 有这个标记的就是默认虚拟主机
4.3 创建测试页面
vim haha.com.conf
完整目录为:牢记
(/usr/local/nginx/conf/vhost/haha.com.conf
)
mkdir -p /data/wwwroot/www.haha.com
cd /data/wwwroot/www.haha.com
vim index.html
4.4 重载并测试
[root@zhdy-03 www.haha.com]# /usr/local/nginx/sbin/nginx -t
[root@zhdy-03 www.haha.com]# /usr/local/nginx/sbin/nginx -s reload
[root@zhdy-03 www.haha.com]# curl localhost
this is a test website www.haha.com
4.5 添加PHP解析
在我们没有添加PHP文件解析前,访问一个PHP文件会直接全部输出:
[[email protected]03 www.haha.com]# curl -x127.0.0.1:80 www.haha.com/admin.php -uzhdy:asd9577
<?php
echo "this is test page which test if you needs key or not!";
在配置文件中(haha.com.conf)添加如下:
##添加PHP解析
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/www.haha.com$fastcgi_script_name;
}
测试+重载 (-t && -s reload)
再次访问:
[[email protected]03 www.haha.com]# curl -x127.0.0.1:80 www.haha.com/admin.php -uzhdy:asd9577
this is test page which test if you needs key or not!
五、Nginx用户认证
5.1 配置
vim /usr/local/nginx/conf/vhost/haha.com.conf
server
{
listen 80 default_server;
server_name haha.com;
index index.html index.htm index.php;
root /data/wwwroot/www.haha.com;
##配置用户认证
location /
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
5.2 安装配置密钥
yum install -y httpd
配置密钥存放位置:
[[email protected]03 sbin]# htpasswd -c /usr/local/nginx/conf/htpasswd zhdy
New password:
Re-type new password:
Adding password for user zhdy
5.3 测试并重载配置
/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx -s reload
[root@zhdy-03 sbin]# curl -x127.0.0.1:80 haha.com
<html>
<head><title>401 Authorization Required</title></head>
出现401认证
再次使用咱们创建的用户和密码访问即可:
[[email protected] sbin]# curl -uzhdy:asd9577 -x127.0.0.1:80 haha.com
this is a test website www.haha.com
5.4 针对某个访问目录进行认证
有时候我们需要对某个访问目录或者页面进行认证,而不是全站。所以我们需要对配置文件进行更改:
##配置用户认证
location /admin/
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
如上当用户访问/admin/的时候会进行认证。
mkdir admin
cd admin/
vim index.html
不要忘记 -t && -s reload
测试:
[root@zhdy-03 admin]# curl -x127.0.0.1:80 haha.com
this is a test website www.haha.com
[root@zhdy-03 admin]# curl -x127.0.0.1:80 haha.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
[root@zhdy-03 admin]# curl -uzhdy:asd9577 -x127.0.0.1:80 haha.com/admin/index.html
this is test page which test admin dir
成功访问!
5.5 针对某个特殊页面进行认证:
##配置用户认证
location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
vim admin.php
-t && -s reload //重载配置文件
测试:
[root@zhdy-03 www.haha.com]# curl -x127.0.0.1:80 haha.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
[root@zhdy-03 www.haha.com]# curl -uzhdy:asd9577 -x127.0.0.1:80 haha.com/admin.php
this is test page which test if you needs key or not!
成功访问!
六、Nginx域名重定向
其实我认为只要Apache能实现的功能,Nginx也全部可以实现。不然也不会有那么多企业使用nginx服务。
当我们站点有多个域名的时候,权重降低了,但是之前的域名已经被一部分人所依赖了,也不可能一一去通知大家新的站点,所以我们就会选择一个主域名其它的均302跳转过来!
6.1 配置haha.com.conf
vim /usr/local/nginx/conf/vhost/haha.com.conf
配置如下:
server
{
listen 80 default_server;
server_name haha.com hehe.com gg.com;
index index.html index.htm index.php;
root /data/wwwroot/www.haha.com;
if ($host != 'haha.com' ) {
rewrite ^/(.*)$ http://haha.com/$1 permanent;
}
}
permanent:301 永久性跳转
redirect:302 临时性跳转
6.2 测试:
-t && -s reload 测试并重载配置
[[email protected]03 ~]# curl -x127.0.0.1:80 www.hehe.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Thu, 10 Aug 2017 14:48:26 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://haha.com/index.html
成功实现跳转