2018-04-24 Linux学习

原创

wenlong2022 2018-04-24 21:08:48 ©著作权

文章标签 2018-04-24 Linux 学习 文章分类 运维

©著作权归作者所有：来自51CTO博客作者wenlong2022的原创作品，请联系作者获取转载授权，否则将追究法律责任

12.6 Nginx安装

Nginx安装

cd /usr/local/src
wget http://nginx.org/download/nginx-1.12.1.tar.gz
tar zxf nginx-1.12.1.tar.gz
./configure --prefix=/usr/local/nginx
make &&  make install
vim /etc/init.d/nginx //复制如下内容（参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/etc_init.d_nginx ）

chmod 755 /etc/init.d/nginx
chkconfig --add nginx 
chkconfig nginx on 
cd /usr/local/nginx/conf/; mv nginx.conf nginx.conf.bak
vim nginx.conf //写入如下内容（参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/nginx.conf）
/usr/local/nginx/sbin/nginx -t
/etc/init.d/nginx  start
netstat -lntp |grep 80

测试解析

vi /usr/local/nginx/html/1.php //加入如下内容
<?php
echo "test php scripts.";
?>
curl localhost/1.php


	http://nginx.org/download/nginx-1.13.10.tar.gz

	http://nginx.org/download/nginx-1.12.2.tar.gz

	http://nginx.org/download/nginx-1.14.0.tar.gz

	http://nginx.org/download/nginx-1.13.12.tar.gz

安装过程

[root@linux01 ~]# cd /usr/local/src/
[root@linux01 src]# wget http://nginx.org/download/nginx-1.14.0.tar.gz

[root@linux01 src]# tar zxvf nginx-1.14.0.tar.gz 

[root@linux01 src]# cd nginx-1.14.0
[root@linux01 nginx-1.14.0]# ./configure --prefix=/usr/local/nginx


[root@linux01 nginx-1.14.0]# make

[root@linux01 nginx-1.14.0]# make install


[root@linux-01 nginx-1.12.2]# vim /etc/init.d/nginx

#!/bin/bash

chkconfig: - 30 21

description: http service.

Source Function Library

. /etc/init.d/functions

Nginx Settings

NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload() { echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart() { stop start } configtest() { $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL

[root@linux01 nginx-1.14.0]# chmod 755 /etc/init.d/nginx 
[root@linux01 nginx-1.14.0]# chkconfig --add nginx
[root@linux01 nginx-1.14.0]# chkconfig nginx on

[root@linux01 nginx-1.14.0]# cd /usr/local/nginx/conf/
[root@linux01 conf]# mv nginx.conf nginx.conf.bak

[root@linux01 conf]# vim nginx.conf user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server { listen 80; server_name localhost; index index.html index.htm index.php; root /usr/local/nginx/html; location ~ .php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; }
} }

[root@linux01 conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@linux01 conf]# /etc/init.d/nginx start
Starting nginx (via systemctl):                            [  OK  ]

[root@linux01 conf]# ps aux|grep nginx
root     100016  0.0  0.0  20504   624 ?        Ss   17:55   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody   100018  0.0  0.3  22948  3220 ?        S    17:55   0:00 nginx: worker process
nobody   100019  0.0  0.3  22948  3220 ?        S    17:55   0:00 nginx: worker process
root     100369  0.0  0.0 112660   976 pts/0    R+   17:55   0:00 grep --color=auto nginx


[root@linux01 ~]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      100016/nginx: maste 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      856/sshd            
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      961/master          
tcp6       0      0 :::22                   :::*                    LISTEN      856/sshd            
tcp6       0      0 ::1:25                  :::*                    LISTEN      961/master          
tcp6       0      0 :::3306                 :::*                    LISTEN      11557/mysqld  

[root@linux01 conf]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...................

[root@linux01 conf]# vim /usr/local/nginx/html/1.php
<?php
echo "This is nginx test page";

[root@linux01 conf]# curl localhost/1.php
This is nginx test page

12.7 Nginx默认虚拟主机

vim /usr/local/nginx/conf/nginx.conf //增加 include vhost/*.conf

mkdir /usr/local/nginx/conf/vhost cd !$;
vim default.conf //加入如下内容 server { listen 80 default_server; // 有这个标记的就是默认虚拟主机 server_name aaa.com; index index.html index.htm index.php; root /data/wwwroot/default; }

mkdir -p /data/wwwroot/default/ echo “This is a default site.”>/data/wwwroot/default/index.html /usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload curl localhost curl -x127.0.0.1:80 123.com

操作过程

添加虚拟机配置 include vhost/*.conf ，去掉默认访问server

[root@linux-01 conf]# vim /usr/local/nginx/conf/nginx.conf

user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; include vhost/*.conf; }

[root@linux-01 conf]# mkdir vhost
[root@linux-01 conf]# cd vhost
[root@linux-01 vhost]# vim aaa.com.conf

server { listen 80 default_server; // 有这个标记的就是默认虚拟主机 server_name aaa.com; index index.html index.htm index.php; root /data/wwwroot/default; }

[root@linux-01 vhost]# mkdir /data/wwwroot/default
[root@linux-01 vhost]# cd /data/wwwroot/default/
[root@linux-01 default]# vim index.html
This is default site.


[root@linux-01 default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@linux-01 default]# /usr/local/nginx/sbin/nginx -s reload

[root@linux-01 default]# curl localhost
This is default site.

12.8 Nginx用户认证

vim /usr/local/nginx/conf/vhost/test.com.conf//写入如下内容 server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;

location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } } yum install -y httpd htpasswd -c /usr/local/nginx/conf/htpasswd aming -t && -s reload //测试配置并重新加载

mkdir /data/wwwroot/test.com echo “test.com”>/data/wwwroot/test.com/index.html curl -x127.0.0.1:80 test.com -I//状态码为401说明需要验证 curl -uaming:passwd 访问状态码变为200 编辑windows的hosts文件，然后在浏览器中访问test.com会有输入用户、密码的弹窗针对目录的用户认证 location /admin/ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; }

操作过程

针对文件夹下所有的网页认证

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf

server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;

location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }

[root@linux01 ~]# yum install -y httpd

创建密码123456 [root@linux01 ~]# htpasswd -c /usr/local/nginx/conf/htpasswd aming New password: Re-type new password: Adding password for user aming [root@linux01 ~]# htpasswd /usr/local/nginx/conf/htpasswd user1 New password: Re-type new password: Adding password for user user1

[root@linux01 ~]# cat /usr/local/nginx/conf/htpasswd 
aming:$apr1$HlC89eM5$CAigOmkGRhREudEADGe3z/
user1:$apr1$Lb9sk//a$UuTZ5AdDk5jeuVAcugTDQ.


[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload


[root@linux01 ~]# mkdir /data/wwwroot/test.com
[root@linux01 ~]# vim /data/wwwroot/test.com/index.html
test.com
test.com

[root@linux01 ~]# curl -x127.0.0.1:80 test.com
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com
test.com
test.com

针对目录认证

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf

server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;

location /admin/ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }

[root@linux01 ~]# mkdir /data/wwwroot/test.com/admin
[root@linux01 ~]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html

[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin/
test.com admin dir

针对一个URL认证

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf

server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;

location ~ admin.php { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }

[root@linux01 ~]# vim /data/wwwroot/test.com/admin.php
<?php
echo "admin.php auth";

[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>

[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin.php
<?php
echo "admin.php auth";

12.9 Nginx域名重定向

更改test.com.conf server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/wwwroot/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent; } }

server_name后面支持写多个域名，这里要和httpd的做一个对比 permanent为永久重定向，状态码为301，如果写redirect则为302

操作过程

[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf

server { listen 80; server_name test.com test2.com test3.com; index index.html index.htm index.php; root /data/wwwroot/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent; } }

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload



[root@linux01 ~]# curl -x127.0.0.1:80 test2.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0
Date: Thu, 19 Apr 2018 14:17:02 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/index.html

[root@linux01 ~]# curl -x127.0.0.1:80 test2.com/admin/666index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0
Date: Thu, 19 Apr 2018 14:17:56 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/666index.html