提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档
nginx是一款高性能、轻量级Web服务软件,剧透稳定性高,系统资源消耗低,以及对HTTP并发连接的处理能力高的优点,单台物理服务器可支持30000 ~ 50000个并发请求;从而逐渐取代了apache的位置
systemctl stop fi rewalld. service . systemctl disable fi rewalld. service setenforce 0 vim resolv.conf nameserver 114.114.114.114
上传至/opt目录下
cd /opt yum -y install gcc gcc-c++ pcre-devel zlib-devel make
tar zxvf nginx-1.12.2.tar.gz cd /opt/nginx-1.12.2/ ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module make && make install useradd -M -s /sbin/nologin nginx ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
常用命令
停止nginx 服务
重载
选项
方式一:添加Nginx 系统服务(service管理)
vim /etc/init.d/nginx #!/bin/bash # chkconfig: - 99 20 ## chkcofig - “-” 表示不启用开机启动管理 (同时 若不加“#”, chkconfig add nginx 会加载不到配置) # description: Nginx Service Control Script ##启动信息 COM="/usr/local/nginx/sbin/nginx" ##命令程序文件位置(nginx) PID="/usr/local/nginx/logs/nginx.pid" ##pid文件 case "$1" in ##$1指的是nginx的stop和start start) $COM ;; stop) kill -s QUIT $(cat $PID) ;; restart) $0 stop ##用$0执行stop $0 start ##用$0调用start ;; reload) kill -s HUP $(cat $PID) ;; *) echo "Usage: $0 {start|stop|restart|reload}" exit 1 esac exit 0 chmod +x /etc/init.d/nginx chkconfig --add nginx ##添加为系统服务 systemctl stop nginx systemctl start nginx 可在/etc/rc.d/init.d目录下查看到nginx服务
vim /usr/lib/systemd/system/nginx.service [Unit] Description=nginx ##描述 After=network.target ##描述服务类别 [Service] Type=forking ##后台运行类型 PIDFile =/usr/local/nginx/logs/nginx.pid ##PID文件位置 ExecStart=/usr/local/nginx/sbin/nginx ##启动服务 ExecReload=/bin/kill -s HUP $MAINPID ##根据PID重载配置 ExecStop=/bin/kill -s QUIT $MAINPID ##根据PID终止进程 PrivateTmp=true ##开启 [Install] WantedBy=multi-user.targe ##启动级别 chmod 754 /lib/systemd/system/nginx.service #设置754权限是一种安全优化 systemctl start nginx.service systemctl enable nginx.service
cp /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak ##备份 cat /usr/local/nginx/conf/nginx.conf ##查看nginx配置文件 #user nobody; ##默认运行/管理用户 worker processes1; #工作进程运行数量,可配置成服务器内核数*2,如果网站访问量不大,一般设为1 #error_ log logs/error .log; ##错误日志文件路径/级别 #error_ log logs/error. log notice; ##相对路径/usr/local/nginx #error_ log logs|/error. log info; #pid logs/ nginx.pid; #pid文件位置 events { ## 事件 worker connections 1024; #每个进程最多处理的连接数量
在Linux平台上,在进行高并发TCP连接处理时,最高的并发数量都要受到系统对用户单一进程同时可打开文件数量的限制,可使用ulimit-a命令查看系统允许当前用户进程打开的文件数限制
vim /usr/local/nginx/conf/nginx.conf ##查看nginx配置文件 --------------------------------------------->http协议的配置模块<------------------------------------------------------------------------------------------------- http { #http协议的配置 include mime. types; #文件扩展名与文件类型映射表 default_ type application/octet-stream; #默认文件类型 #log_ format main ' $remote_ addr - $remote_user [$time_ local] "$request" ' #日志格式设置(日志主要支持的格式) # '$status $body_bytes_sent "$http referer" # ' "Shttp_ user_ agent" "$http_ x_ forwarded_ for" '; #access_ log logs/access.log main; #访问日志位置,默认注释 sendfile on; ##支持文件发送(下载) #tcp_ nopush on; #此项允许或禁止使用socket的 TCP_CORK的选项(发送数据包前先缓存数据),此选项仅在使用 sendfile的时候使用 #keepalive_ timeout 0; ##连接保持超时时间,单位:秒 keepalive_timeout 65; #gzip on; #压缩模块on表示开启 ------------------------------------------->server端的配置模块<-------------------------------------------------------------------------------------------------- server { ##web服务相关的一些配置 listen 80; ##默认监听端口 server name localhost; ##站点域名;在本地没有dns服务下,可以支持域名访问 #charset koi8-r; ##字符集支持( 修改为中文) UTF-8 #access_ log logs/host.access.1og main; ##此web服务的主访问日志只保存htpd服务的访问日志 location / { ##“/"根目录配置( 浏览器中,www. baidu. com./ root html; ##网页的目录文件;网站根目录的位置/usr/local/nginx/html ( 相对路径) index index.html index. htm; ##支持的首页文件格式 #error_ page 404 / 404.html; # redirect server error pages to the static page /50x.html error_ page 500 502 503 504 /50x. html; ##当发生错误的时候能够显示一个预定义的错误页面 location = /50x.html { ##错误页面配置 root html ; } ---------------------------------------->支持php跳转的配置<--------------------------------------------------------------------------------------------------- # proxy(代理) the PHP scripts to Apache listening on 127.0.0.1:80 ##以下是支持PHP及跳转的配置 # #location ~ \.php$ { # proxy_ _pass http; L /127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127 .0.0.1 : 9000 # #location ~ \. php$ { # root html ; # fastcgi pass 127.0.0.1: 9000; # fastcgi_ index index . php; # fastcgi_ param SCRIPT_ FILENAME / scripts$fastcgi_ script_ name; # include fastcgi_ params ; #} # deny access to . htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { deny all ; #} } ---------------------------------------------------->虚拟主机配置<------------------------------------------------------------------------------------------------- # another virtual host using mix of IP-, name-, and port- -based conf iguration #server{ ##虚拟主机的配置 # listen 8000; # listen somename: 8080; server name somename alias another .alias; # location / { # root html; # index index.html index. htm; # #} ---------------------------------------------->nginx加密模块:以注释的方式给出模板<----------------------------------------------------------------------- # HTTPS server ##HTTPS的配置 # #server { # listen 443 ssl; # server name localhost; # ssl certi ficate cert . pem; # ssl_ certificate key cert. key; # ssl session cache shared: SSL: 1m; # ssl session timeout 5m; # ssl_ ciphers HIGH: ! aNULL: !MD5; # ssl_ prefer_ server_ ciphers . on; # location / { # root html ; # index index .html index. htm; # } #}
vim /etc/hosts 192.168.35.40 www.zyt.com
访问域名 www.zyt.com
nginx -V
cd /usr/local/nginx/conf/ #cp nginx.conf nginx.conf .bak vim /usr/local/nginx/conf/nginx.conf
server { listen 80; server_name www.zyt.com; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } ## 添加 stub_status配置 location /status{ ##访问位置为/status:www.zyt.com/status stub_status on; ##打开状态统计功能 access_log off; ##关闭此位置的日志记录 } systemctl restart nginx ##重启服务
浏览器访问http://192.168.35.40/status或www.zty.com/status
htpawwd : htpasswd是一个用于目录访问权限认证的一个工具。
-c :创建密码文件,如果文件存在,那么内容被清空重写
yum install -y httpd-tools htpasswd -c /usr/local/nginx/passwd.db wangwu ##passwd.db:表示密码数据文件;用户可以不是系统用户 chown nginx /usr/local/nginx/passwd.db ##添加nginx管理、 chmod 400 /usr/local/nginx/passwd.db ##给与400权限
vim /usr/local/nginx/conf/nginx.conf location / { auth_basic "secret"; #在主页配置项中添加认证 auth_basic_user_file /usr/local/nginx/passwd.db; #在主页配置项中添加认证 root html; index index.html index.htm; }
nginx -t systemctl restart nginx
测试:浏览器访问http:/ /www.zty.com,页面提示需要输入账号密码
auth_basic "secret"; auth_basic_user_file /usr/local/nginx/passwd.db;
vim /usr/local /nginx/ conf/ nginx. conf location / { root html ; index index.html index .htm; deny 192.168.35.1; #添加拒绝访问的客户端的IP,宿主机ip192.168.35.1 allow all; #添加允许其他IP客户端访问
测试:此时通过IP为192.168.35.100的虛拟Windows10主机访问192.168.35.40时就不能访问
----------------------------------->添加域名解析<----------------------------------------------------------------------------------------- vim /etc/hosts 192.168.35.40 www.zyt.com www.kljklj.com www.kjkj.com ----------------------------------->准备虚拟站点网页文档<--------------------------------------------------------------------------------- mkdir -p /var/www/html/kljklj mkdir -p /var/www/html/klkl echo "<h1> www.kljklj.com </h1>" > /var/www/html/kljklj/index.html echo "<h1> www.klkl.com </h1>" > /var/www/html/klkl/index.html -------------------------------->修改配置文件,删除pho跳转部分模板<---------------------------------------------------------------- ... http ... server { listen 80; server_name www.kljklj.com; charset utf-8; access_log logs/kljklj.access.log; location / { root /var/www/html/kljklj; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name www.klkl.com; charset utf-8; access_log logs/klkl.access.log; location / { root /var/www/html/klkl; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- systemctl restart nginx ##重启服务
------------------------------------->创建8080端口的网页文件<------------------------------------------------------------------------------------------------ mkdir -p /var/www/html/ll8080 echo "<h1> www.ll8080.com </h1>" > /var/www/html/ll8080/index.html -------------------------------------->进入配置文件复制www.kljklj.com的配置修改端口号<-------------------------------------------------------------- server { ##原kljklj配置 listen 192.168.35.40:80; ##指向监听端口 server_name www.kljklj.com; charset utf-8; access_log logs/kljklj.access.log; location / { root /var/www/html/kljklj; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 192.168.35.40:8080; server_name www.kljklj.com; charset utf-8; access_log logs/kljklj.access.log; location / { root /var/www/html/kljklj; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- nginx -t systemctl stop nginx systemctl start nginx netstat -antp | grep nginx
---------------------------->添加192.168.35.100的映射<--------------------------------------------------------------------------------------------------------- vim /etc/hosts 192.168.35.100 www.klkl.com --------------------------->创建网站根目录、创建192.168.226. 100的网站首页文件( index. html )<----------------------------------------------------- mkdir /var/www/html/klkl100 echo "<h1> www.klkl100.com </h1>" /var/www/html/klkl100/index.html <h1> www.klkl100.com </h1> /var/www/html/klkl100/index.html ----------------------------->临时创建虚拟网卡<------------------------------------------------------------------------------------------------------------------------ ifconfig ens33:0 192.168.35.100 netmask 255.255.255.0 ------------------------------>修改配置文件<----------------------------------------------------------------------------------------------------------------------------- server { listen 192.168.35.40:80; server_name www.kljklj.com; charset utf-8; access_log logs/kljklj.access.log; location / { root /var/www/html/kljklj; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 192.168.35.100:80; ##监听ip改为100 server_name www.klkl.com; charset utf-8; access_log logs/klkl.access.log; location / { root /var/www/html/klkl; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }