12.6 Nginx安装
Nginx安装
cd /usr/local/src
wget http://nginx.org/download/nginx-1.12.1.tar.gz
tar zxf nginx-1.12.1.tar.gz
./configure --prefix=/usr/local/nginx
make && make install
vim /etc/init.d/nginx //复制如下内容(参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/etc_init.d_nginx )
chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
cd /usr/local/nginx/conf/; mv nginx.conf nginx.conf.bak
vim nginx.conf //写入如下内容(参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D15Z/nginx.conf)
/usr/local/nginx/sbin/nginx -t
/etc/init.d/nginx start
netstat -lntp |grep 80
测试解析
vi /usr/local/nginx/html/1.php //加入如下内容
<?php
echo "test php scripts.";
?>
curl localhost/1.php
http://nginx.org/download/nginx-1.13.10.tar.gz
http://nginx.org/download/nginx-1.12.2.tar.gz
http://nginx.org/download/nginx-1.14.0.tar.gz
http://nginx.org/download/nginx-1.13.12.tar.gz
安装过程
[root@linux01 ~]# cd /usr/local/src/
[root@linux01 src]# wget http://nginx.org/download/nginx-1.14.0.tar.gz
[root@linux01 src]# tar zxvf nginx-1.14.0.tar.gz
[root@linux01 src]# cd nginx-1.14.0
[root@linux01 nginx-1.14.0]# ./configure --prefix=/usr/local/nginx
[root@linux01 nginx-1.14.0]# make
[root@linux01 nginx-1.14.0]# make install
[root@linux-01 nginx-1.12.2]# vim /etc/init.d/nginx
#!/bin/bash
chkconfig: - 30 21
description: http service.
Source Function Library
. /etc/init.d/functions
Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload() { echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart() { stop start } configtest() { $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL
[root@linux01 nginx-1.14.0]# chmod 755 /etc/init.d/nginx
[root@linux01 nginx-1.14.0]# chkconfig --add nginx
[root@linux01 nginx-1.14.0]# chkconfig nginx on
[root@linux01 nginx-1.14.0]# cd /usr/local/nginx/conf/
[root@linux01 conf]# mv nginx.conf nginx.conf.bak
[root@linux01 conf]# vim nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ .php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
[root@linux01 conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 conf]# /etc/init.d/nginx start
Starting nginx (via systemctl): [ OK ]
[root@linux01 conf]# ps aux|grep nginx
root 100016 0.0 0.0 20504 624 ? Ss 17:55 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 100018 0.0 0.3 22948 3220 ? S 17:55 0:00 nginx: worker process
nobody 100019 0.0 0.3 22948 3220 ? S 17:55 0:00 nginx: worker process
root 100369 0.0 0.0 112660 976 pts/0 R+ 17:55 0:00 grep --color=auto nginx
[root@linux01 ~]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 100016/nginx: maste
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 856/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 961/master
tcp6 0 0 :::22 :::* LISTEN 856/sshd
tcp6 0 0 ::1:25 :::* LISTEN 961/master
tcp6 0 0 :::3306 :::* LISTEN 11557/mysqld
[root@linux01 conf]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...................
[root@linux01 conf]# vim /usr/local/nginx/html/1.php
<?php
echo "This is nginx test page";
[root@linux01 conf]# curl localhost/1.php
This is nginx test page
12.7 Nginx默认虚拟主机
vim /usr/local/nginx/conf/nginx.conf //增加 include vhost/*.conf
mkdir /usr/local/nginx/conf/vhost
cd !$;
vim default.conf //加入如下内容
server
{
listen 80 default_server; // 有这个标记的就是默认虚拟主机
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}
mkdir -p /data/wwwroot/default/ echo “This is a default site.”>/data/wwwroot/default/index.html /usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload curl localhost curl -x127.0.0.1:80 123.com
操作过程
添加虚拟机配置 include vhost/*.conf ,去掉默认访问server
[root@linux-01 conf]# vim /usr/local/nginx/conf/nginx.conf
user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; include vhost/*.conf; }
[root@linux-01 conf]# mkdir vhost
[root@linux-01 conf]# cd vhost
[root@linux-01 vhost]# vim aaa.com.conf
server { listen 80 default_server; // 有这个标记的就是默认虚拟主机 server_name aaa.com; index index.html index.htm index.php; root /data/wwwroot/default; }
[root@linux-01 vhost]# mkdir /data/wwwroot/default
[root@linux-01 vhost]# cd /data/wwwroot/default/
[root@linux-01 default]# vim index.html
This is default site.
[root@linux-01 default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux-01 default]# /usr/local/nginx/sbin/nginx -s reload
[root@linux-01 default]# curl localhost
This is default site.
12.8 Nginx用户认证
vim /usr/local/nginx/conf/vhost/test.com.conf//写入如下内容 server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;
location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } } yum install -y httpd htpasswd -c /usr/local/nginx/conf/htpasswd aming -t && -s reload //测试配置并重新加载
mkdir /data/wwwroot/test.com echo “test.com”>/data/wwwroot/test.com/index.html curl -x127.0.0.1:80 test.com -I//状态码为401说明需要验证 curl -uaming:passwd 访问状态码变为200 编辑windows的hosts文件,然后在浏览器中访问test.com会有输入用户、密码的弹窗 针对目录的用户认证 location /admin/ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; }
操作过程
针对文件夹下所有的网页认证
[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;
location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }
[root@linux01 ~]# yum install -y httpd
创建密码123456 [root@linux01 ~]# htpasswd -c /usr/local/nginx/conf/htpasswd aming New password: Re-type new password: Adding password for user aming [root@linux01 ~]# htpasswd /usr/local/nginx/conf/htpasswd user1 New password: Re-type new password: Adding password for user user1
[root@linux01 ~]# cat /usr/local/nginx/conf/htpasswd
aming:$apr1$HlC89eM5$CAigOmkGRhREudEADGe3z/
user1:$apr1$Lb9sk//a$UuTZ5AdDk5jeuVAcugTDQ.
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@linux01 ~]# mkdir /data/wwwroot/test.com
[root@linux01 ~]# vim /data/wwwroot/test.com/index.html
test.com
test.com
[root@linux01 ~]# curl -x127.0.0.1:80 test.com
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>
[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com
test.com
test.com
针对目录认证
[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;
location /admin/ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }
[root@linux01 ~]# mkdir /data/wwwroot/test.com/admin
[root@linux01 ~]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html
[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>
[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin/
test.com admin dir
针对一个URL认证
[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;
location ~ admin.php { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }
[root@linux01 ~]# vim /data/wwwroot/test.com/admin.php
<?php
echo "admin.php auth";
[root@linux01 ~]# curl -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center>401 Authorization Required</center>
<hr><center>nginx/1.14.0</center>
</body>
</html>
[root@linux01 ~]# curl -uaming:123456 -x127.0.0.1:80 test.com/admin.php
<?php
echo "admin.php auth";
12.9 Nginx域名重定向
更改test.com.conf server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/wwwroot/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent; } }
server_name后面支持写多个域名,这里要和httpd的做一个对比 permanent为永久重定向,状态码为301,如果写redirect则为302
操作过程
[root@linux01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test2.com test3.com; index index.html index.htm index.php; root /data/wwwroot/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent; } }
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@linux01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@linux01 ~]# curl -x127.0.0.1:80 test2.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0
Date: Thu, 19 Apr 2018 14:17:02 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/index.html
[root@linux01 ~]# curl -x127.0.0.1:80 test2.com/admin/666index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0
Date: Thu, 19 Apr 2018 14:17:56 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://test.com/admin/666index.html