云服務(wù)器:阿里云CentOS7.3 64
Nginx的安裝有兩種方式芍瑞,一種通過(guò)yum安裝,一種通過(guò)下載Redis源代碼編譯安裝褐墅。
一拆檬、yum安裝Nginx
1、添加官方rpm源妥凳,在進(jìn)行安裝
[root@sihan ~]# rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
Retrieving http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
warning: /var/tmp/rpm-tmp.myR0Nv: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:nginx-release-centos-7-0.el7.ngx ################################# [100%]
[root@sihan ~]# yum install -y nginx
Loaded plugins: fastestmirror
nginx | 2.9 kB 00:00:00
nginx/x86_64/primary_db | 42 kB 00:00:01
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 1:1.14.2-1.el7_4.ngx will be installed
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================
Installing:
nginx x86_64 1:1.14.2-1.el7_4.ngx nginx 754 k
Transaction Summary
========================================================================================================================================
Install 1 Package
Total download size: 754 k
Installed size: 2.6 M
Downloading packages:
nginx-1.14.2-1.el7_4.ngx.x86_64.rpm | 754 kB 00:00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : 1:nginx-1.14.2-1.el7_4.ngx.x86_64 1/1
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* http://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* http://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* http://nginx.com/products/
----------------------------------------------------------------------
Verifying : 1:nginx-1.14.2-1.el7_4.ngx.x86_64 1/1
Installed:
nginx.x86_64 1:1.14.2-1.el7_4.ngx
Complete!
[root@sihan ~]#
2竟贯、了解yum安裝的nginx路徑
一般來(lái)說(shuō)我們只需要關(guān)注兩個(gè)東西即可,一個(gè)是nginx.conf文件猾封,一個(gè)是靜態(tài)資源存放路徑
[root@sihan ~]# whereis nginx
nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz
[root@sihan ~]# ls /usr/share/nginx/
html
[root@sihan ~]# ls /etc/nginx/
conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf scgi_params uwsgi_params win-utf
3澄耍、啟動(dòng)nginx
[root@sihan ~]# service nginx start
Redirecting to /bin/systemctl start nginx.service
nginx歡迎頁(yè)
4、配置nginx.conf轉(zhuǎn)將請(qǐng)求轉(zhuǎn)發(fā)到tomcat首頁(yè)
[root@sihan ~]# vi /etc/nginx/nginx.conf
添加upstream模塊晌缘,并在根目錄設(shè)置proxy_pass齐莲。設(shè)置好保存之后需要重啟nginx。
http {
upstream localhost {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://localhost;
root html;
index index.html index.htm;
}
}
效果如圖所示
5磷箕、配置https
- 1选酗、首先你得擁有一個(gè)自己的域名并解析到服務(wù)器上,這是前提條件岳枷。
-
2芒填、這邊我們選擇阿里云提供的免費(fèi)證書(shū)服務(wù)呜叫,這個(gè)只能指向一個(gè)域名。
找到ssl證書(shū)
點(diǎn)擊購(gòu)買(mǎi)證書(shū)
選擇免費(fèi)證書(shū)
購(gòu)買(mǎi)成功后進(jìn)入證書(shū)控制臺(tái)殿衰,進(jìn)行申請(qǐng)(證書(shū)為免費(fèi)版朱庆,只能寫(xiě)一個(gè)域名,而且不能使用通配符)
在域名解析中添加解析值(如果已經(jīng)存在該記錄類(lèi)型的主機(jī)記錄的解析闷祥,需要先刪除娱颊,待驗(yàn)證完畢后再添加),驗(yàn)證成功后即可將解析刪除凯砍。
進(jìn)入已簽發(fā)頁(yè)面箱硕,下載nginx版本的證書(shū)
查看幫助文檔,記錄下https的配置
server {
listen 443;
server_name localhost;
ssl on;
root html;
index index.html index.htm;
ssl_certificate cert/www.sihan1151.cn.pem;
ssl_certificate_key cert/www.sihan1151.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
在Nginx的安裝目錄(/etc/nginx)下創(chuàng)建cert目錄悟衩,并且將下載的全部文件拷貝到cert目錄中剧罩。并修改nginx.conf的配置文件。這邊我們做兼容http處理座泳,自動(dòng)將http請(qǐng)求轉(zhuǎn)發(fā)至https惠昔。配置如下:(注意:yum安裝的html目錄在/usr/share/nginx/下,所以這里的root需要修改為:root /usr/share/nginx/html;)
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream localhost {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name www.sihan1151.cn;
rewrite ^/(.*) https://$server_name$request_uri? permanent;
#charset koi8-r;
#access_log logs/host.access.log main;
#location / {
# root html;
# index index.html index.htm;
#}
}
# HTTPS server
#
server {
listen 443;
server_name www.sihan1151.cn;
ssl on;
root html;
index index.html index.htm;
ssl_certificate cert/www.sihan1151.cn.pem;
ssl_certificate_key cert/www.sihan1151.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}
至此挑势,https算完成舰罚,可輸入http請(qǐng)求測(cè)試效果:
6、nginx配置多域名轉(zhuǎn)發(fā)
這個(gè)其實(shí)很簡(jiǎn)單薛耻,在http節(jié)點(diǎn)下配置多個(gè)server,每個(gè)server_name指向不同域名即可實(shí)現(xiàn)赏陵。如果項(xiàng)目做了前后端分離饼齿,還可以配置location下的root指向不同的文件夾。
server {
listen 80;
server_name a.sihan1151.cn;
location / {
root html;
index index-a.html;
}
}
server {
listen 80;
server_name b.sihan1151.cn;
location / {
root html;
index index-b.html;
}
}
二蝙搔、下載Nginx源代碼編譯方式安裝
1缕溉、安裝依賴(lài)
- 1、編譯源碼依賴(lài) gcc 環(huán)境吃型。
- 2证鸥、PCRE(Perl Compatible Regular Expressions) 是一個(gè)Perl庫(kù),包括 perl 兼容的正則表達(dá)式庫(kù)勤晚。nginx 的 http 模塊使用 pcre 來(lái)解析正則表達(dá)式枉层,所以需要在 linux 上安裝 pcre 庫(kù),pcre-devel 是使用 pcre 開(kāi)發(fā)的一個(gè)二次開(kāi)發(fā)庫(kù)赐写。
- 3鸟蜡、zlib 庫(kù)提供了很多種壓縮和解壓縮的方式, nginx 使用 zlib 對(duì) http 包的內(nèi)容進(jìn)行 gzip 挺邀,所以需要在 Centos 上安裝 zlib 庫(kù)揉忘。
- 4跳座、OpenSSL 是一個(gè)強(qiáng)大的安全套接字層密碼庫(kù),囊括主要的密碼算法泣矛、常用的密鑰和證書(shū)封裝管理功能及 SSL 協(xié)議疲眷,并提供豐富的應(yīng)用程序供測(cè)試或其它目的使用。nginx 不僅支持 http 協(xié)議您朽,還支持 https(即在ssl協(xié)議上傳輸http)狂丝,所以需要在 Centos 安裝 OpenSSL 庫(kù)。
[root@sihan ~]# yum install -y gcc-c++
[root@sihan ~]# yum install -y pcre pcre-devel
[root@sihan ~]# yum install -y zlib zlib-devel
[root@sihan ~]# yum install -y openssl openssl-devel
檢查是否安裝某依賴(lài)
[root@sihan ~]# rpm -qa|grep -i openssl
openssl-libs-1.0.2k-16.el7.x86_64
openssl-1.0.2k-16.el7.x86_64
2虚倒、查看并下載美侦、解壓Nginx
Nginx版本查看:http://nginx.org/download/
[root@sihan ~]# wget http://nginx.org/download/nginx-1.9.15.tar.gz
--2019-02-01 14:53:43-- http://nginx.org/download/nginx-1.9.15.tar.gz
Resolving nginx.org (nginx.org)... 95.211.80.227, 62.210.92.35, 2001:1af8:4060:a004:21::e3
Connecting to nginx.org (nginx.org)|95.211.80.227|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 908984 (888K) [application/octet-stream]
Saving to: ‘nginx-1.9.15.tar.gz’
100%[==============================================================================================>] 908,984 373KB/s in 2.4s
2019-02-01 14:53:46 (373 KB/s) - ‘nginx-1.9.15.tar.gz’ saved [908984/908984]
[root@sihan ~]# tar -zxvf nginx-1.9.15.tar.gz -C /usr/local/
...
3、編譯安裝
進(jìn)入解壓目錄編譯安裝,安裝的默認(rèn)目錄是 /usr/local/bin/魂奥,需要root權(quán)限執(zhí)行命令菠剩。可以使用 PREFIX=/XXX 參數(shù)指定安裝目錄耻煤,那有這個(gè)目錄權(quán)限的普通用戶(hù)也可以執(zhí)行安裝命令
[root@sihan ~]# cd /usr/local/nginx-1.9.15/
[root@sihan nginx-1.9.15]# ./configure
[root@sihan nginx-1.9.15]# make
[root@sihan nginx-1.9.15]# mkdir /usr/local/nginx/
[root@sihan nginx-1.9.15]# make PREFIX=/usr/local/nginx install
4具壮、啟動(dòng)nginx
[root@sihan bin]# /usr/local/nginx/sbin/nginx
將nginx注冊(cè)服務(wù)啟動(dòng)等可參考redis環(huán)境配置,這里不再做說(shuō)明哈蝇。
三棺妓、yum安裝的nginx的卸載
如果是通過(guò)第二種方式安裝的,直接刪除以下文件夾即可炮赦。
[root@sihan init.d]# cd /usr/local/
[root@sihan local]# ls
aegis bin etc games include lib lib64 libexec nginx nginx-1.9.15 sbin share src tomcat-base tomcat-production
[root@sihan redis-5.0.3]# rm -rf /usr/local/nginx
[root@sihan redis-5.0.3]# rm -rf /usr/local/nginx-1.9.15
下面展示的是yum安裝的卸載
1怜跑、查看安裝的nginx
[root@sihan ~]# yum list installed | grep nginx
nginx.x86_64 1:1.14.2-1.el7_4.ngx @nginx
nginx-release-centos.noarch 7-0.el7.ngx installed
2、卸載nginx
[root@sihan ~]# yum remove nginx
Loaded plugins: fastestmirror
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 1:1.14.2-1.el7_4.ngx will be erased
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================
Removing:
nginx x86_64 1:1.14.2-1.el7_4.ngx @nginx 2.6 M
Transaction Summary
========================================================================================================================================
Remove 1 Package
Installed size: 2.6 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing : 1:nginx-1.14.2-1.el7_4.ngx.x86_64 1/1
Verifying : 1:nginx-1.14.2-1.el7_4.ngx.x86_64 1/1
Removed:
nginx.x86_64 1:1.14.2-1.el7_4.ngx
Complete!
3吠勘、驗(yàn)證
[root@sihan ~]# nginx -v
-bash: /usr/sbin/nginx: No such file or directory
