nginx1.12.1安装与配置以及Nginx相关配置
创建用户及相关目录
| mkdir nginx_install
cd nginx_install
useradd nginx -u 504 -c "Nginx user" -s /bin/false
echo "nginx - nofile 40960" >> /etc/security/limits.conf
mkdir -p /usr/local/nginx-1.12.1/tmp/client/
mkdir -p /var/usr/local/nginx-1.12.1/tmp/proxy/
mkdir -p /usr/local/nginx-1.12.1/tmp/fcgi/
|
安装依赖
| yum -y install gcc gcc-c++ make zlib-devel pcre-devel openssl-devel
|
安装ngx_small_light
ngx_small_light是用于图像转换的Nginx模块
由于假定这次仅使用ImageMagic,因此不会引入Imlib2 GD,但是如果需要,将根据上述Github README和Wiki以及参考文章进行介绍。请在这篇文章的结尾处描述。
获取并设置ngx_small_light
| cd /root/nginx_install/ngx_small_light
git clone https://github.com/cubicdaiya/ngx_small_light.git
sudo yum install -y ImageMagick ImageMagick-devel
cd ngx_small_light
./setup
|
下载及安装
|
wget http://nginx.org/download/nginx-1.12.1.tar.gz
tar -zxf nginx-1.12.1.tar.gz
cd nginx-1.12.1/
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
./configure --prefix=/usr/local/nginx-1.12.1 \
--conf-path=/usr/local/nginx-1.12.1/conf/nginx.conf \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--user=nginx --group=www \
--with-stream \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-mail --with-mail_ssl_module \
--with-pcre \
--with-sha1-asm \
--with-file-aio \
--with-http_realip_module \
--with-cc-opt='-O3' \
--with-http_sub_module \
--http-client-body-temp-path=/usr/local/nginx-1.12.1/tmp/client/ \
--http-proxy-temp-path=/usr/local/nginx-1.12.1/tmp/proxy/ \
--http-fastcgi-temp-path=/usr/local/nginx-1.12.1/tmp/fcgi/ \
--with-sha1-opt=/use/local/nginx-1.12.1/sha1-opt/ \
--with-sha1=/use/local/nginx-1.12.1/sha1 \
--add-module=/root/nginx_install/ngx_small_light/
|
配置nginx命令
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
| cat > /etc/init.d/nginx <<"EOF"
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx-1.12.1/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx-1.12.1/conf/nginx.conf"
lockfile=/var/lock/subsys/nginx
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
EOF
|
配置权限
| chmod +x /etc/init.d/nginx
|
创建用户及用户组
| groupadd www
useradd -g www -m www
groupadd service
useradd -g service -m service
usermod -a -G www nginx
|
nginx.conf默认配置
| mkdir /var/run/nginx/
chown nginx:www /var/run/nginx/
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
| cat > /usr/local/nginx-1.12.1/conf/nginx.conf << "EOF"
user nginx www;
error_log /var/log/nginx/error.log;
pid /var/run/nginx/nginx.pid;
worker_processes 12;
worker_rlimit_nofile 40960;
events {
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
add_header P3P 'CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"';
error_page 502 503 504 400 /public/error/busy.html;
error_page 404 =404 /public/error/404.shtml;
geo $CLICKSTRN_ID{default "-";}
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$http_host" "$remote_port" "$CLICKSTRN_ID" $request_time';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
client_header_buffer_size 2k;
large_client_header_buffers 4 16k;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Server-Addr $server_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 180;
proxy_buffers 32 4k;
gzip on;
gzip_min_length 512;
gzip_types text/css application/x-javascript text/plain text/xml application/json;
include website/*.conf;
server {
listen 80 default;
server_name _;
root /var/www/html;
location /nginx_status {
stub_status on;
access_log off;
}
location / {
}
}
}
EOF
|
日志轮转脚本
| cat > /etc/logrotate.d/nginx <<"EOF"
/var/log/nginx/*log {
daily
rotate 7
missingok
notifempty
compress
sharedscripts
postrotate
[ ! -f /var/run/nginx/nginx.pid ] || kill -USR1 `cat /var/run/nginx/nginx.pid`
endscript
}
EOF
|
检查配置是否正确
| /usr/local/nginx-1.12.1/sbin/nginx -t -c /usr/local/nginx-1.12.1/conf/nginx.conf
|
nginx启动命令
| /etc/init.d/nginx start
或
/usr/local/nginx-1.12.1/sbin/nginx -c /usr/local/nginx-1.12.1/conf/nginx.conf
|
nginx更新配置
| /usr/local/nginx-1.12.1/sbin/nginx -s reload
|
http密码登录认证
|
yum install httpd-tools -y
htpasswd -c -d /usr/local/nginx-1.12.1/conf/htpasswd/www.com admin
wget --http-user=admin --http-passwd=123456 http://res.yinnote.com/xxx.zip
curl -u admin:123456 -O http://res.yinnote.com/xxx.zip
|