查看服务器上安装的nginx版本号,主要是通过nginx的-v或-V选项,查看方法如下图所示
-v 显示 nginx 的版本。
-V 显示 nginx 的版本,编译器版本和配置参数
安装--with-http_v2_module
[root@zq ~]# nginx -V
nginx version: nginx/1.16.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
上面是多媒体的nginx模块配置
一般配置【ssl】:
创建虚拟用户:
# useradd -M -s /sbin/nologin arik
tar -xf nginx-1.20.1.tar.gz
[root@ecs-81eb nginx-1.20.1]# pwd
/ArikEnv/nginx-1.20.1
yum install gcc gcc-c++ automake pcre pcre-devel zlip zlib-devel openssl openssl-devel
查看是否存在/usr/local/nginx目录
[root@ecs-81eb nginx-1.20.1]# ls /usr/local/nginx
ls: cannot access /usr/local/nginx: No such file or directory
[root@ecs-81eb nginx-1.20.1]# ./configure --prefix=/usr/local/nginx --user=arik --group=arik --with-http_ssl_module --with-http_v2_module
>>>>>>>>
Configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ using system zlib library
nginx path prefix: "/usr/local/nginx"
nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx modules path: "/usr/local/nginx/modules"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"
[root@ecs-81eb nginx-1.20.1]#make
objs/ngx_modules.o \
-ldl -lpthread -lcrypt -lpcre -lssl -lcrypto -ldl -lpthread -lz \
-Wl,-E
sed -e "s|%%PREFIX%%|/usr/local/nginx|" \
-e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \
-e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \
-e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \
< man/nginx.8 > objs/nginx.8
make[1]: Leaving directory `/ArikEnv/nginx-1.20.1'
[root@ecs-81eb nginx-1.20.1]#make install
/usr/local/nginx/sbin/nginx
启动服务后,nginx默认是在80端口启动的,在浏览器输入http://10.0.0.122:80/ (80端口默认可以省略),能正常访问到页面,说明服务启动成功
[root@ecs-81eb nginx-1.20.1]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.20.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=arik --group=arik --with-http_ssl_module
制作成systemctl统一管理Nginx
[root@nglv ~]# cd /etc/systemd/system/
[root@nglv system]# vim nginx.service
[UNIT] Deion=nginx - high performance web server Documentation=http://nginx.org/en/docs/ After=network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] Type=forking PIDFile=/usr/local/nginx/logs/nginx.pid ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID [Install] WantedBy=multi-user.target
切记上面的配置都是以安装目录:/usr/local/nginx
[root@nglv system]# systemctl enable nginx
>>>>>>>
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /etc/systemd/system/nginx.service.
操作
先cd到/usr/local/nginx/sbin/
1.启动服务
./nginx
2.停止服务,此方式停止步骤是待nginx进程处理任务完毕进行停止。
./nginx -s stop
3.退出服务,此方式相当于先查出nginx进程id再使用kill命令强制杀掉进程。
./nginx -s quit
4.重新加载,当 ngin x的配置文件 nginx.conf 修改后,要想让配置生效需要重启 nginx,使用-s reload不用先停止 ngin x再启动 nginx 即可将配置信息在 nginx 中生效
./nginx -s reload
5.查询nginx进程
ps aux|grep nginx
检查是否启动成功:
打开浏览器访问此机器的 IP,如果浏览器出现 Welcome to nginx! 则表示 Nginx 已经安装并运行成功。
部分命令如下:
重启:
$ /usr/local/nginx/sbin/nginx –s reload
停止:
$ /usr/local/nginx/sbin/nginx –s stop
测试配置文件是否正常:
$ /usr/local/nginx/sbin/nginx –t
强制关闭:
$ pkill nginx
软链接
[root@nglv system]# ln -s /usr/local/nginx/sbin/nginx /usr/bin
[root@nglv system]# ll /usr/bin/ |grep nginx
lrwxrwxrwx 1 root root 27 Jun 15 01:02 nginx -> /usr/local/nginx/sbin/nginx
nginx.conf配置
systemctl配置
nginx启动命令以及与配置systemctl - 简书 (jianshu.com)
接收请求的服务器需要将不同的请求按规则转发到不同的后端服务器上,
在 nginx 中我们可以通过构建虚拟主机(server)的概念来将这些不同的服务配置隔离。
server {
listen 80;
server_name localhost;
root html;
index index.html index.htm;
}
例如我的两个子项目 passport 和 wan 就可以通过在 nginx 的配置文件中,配置两个 server,server_name 分别为 passport.bigertech.com 和 wan.bigertech.com。
这样的话不同的 url 请求就会对应到 nginx 相应的设置,转发到不同的后端服务器上。
这里的 listen 指监听端口,server_name 用来指定IP或域名,多个域名对应统一规则可以空格分开,
index 用于设定访问的默认首页地址,root 指令用于指定虚拟主机的网页跟目录,
这个地方可以是相对地址也可以是绝对地址。
通常情况下我们可以在 nginx.conf 中配置多个server,对不同的请求进行设置。就像这样:
server {
listen 80;
server_name host1;
root html;
index index.html index.htm;
}
server {
listen 80;
server_name host2;
root /data/www/html;
index index.html index.htm;
}
但是当 server 超过2个时,建议将不同对虚拟主机的配置放在另一个文件中,
然后通过在主配置文件 nginx.conf 加上 include 指令包含进来。更便于管理。
include vhosts/*.conf;
就可以把vhosts的文件都包含进去啦。
Localtion
每个 url 请求都会对应的一个服务,nginx 进行处理转发或者是本地的一个文件路径,
或者是其他服务器的一个服务路径。而这个路径的匹配是通过 location 来进行的。
我们可以将 server 当做对应一个域名进行的配置,而 location 是在一个域名下对更精细的路径进行配置。
以上面的例子,可以将root和index指令放到一个location中,那么只有在匹配到这个location时才会访问root后的内容:
location / {
root /data/www/host2;
index index.html index.htm;
}
location 匹配规则
~ 波浪线表示执行一个正则匹配,区分大小写 ~* 表示执行一个正则匹配,不区分大小写 ^~ ^~表示普通字符匹配,如果该选项匹配,只匹配该选项,不匹配别的选项,一般用来匹配目录 = 进行普通字符精确匹配
匹配例子:
location = / {
# 只匹配"/".
[ configuration A ]
}
location / {
# 匹配任何请求,因为所有请求都是以"/"开始
# 但是更长字符匹配或者正则表达式匹配会优先匹配
[ configuration B ]
}
location ^~ /images/ {
# 匹配任何以 /images/ 开始的请求,并停止匹配 其它location
[ configuration C ]
}
location ~* \.(gif|jpg|jpeg)$ {
# 匹配以 gif, jpg, or jpeg结尾的请求.
# 但是所有 /images/ 目录的请求将由 [Configuration C]处理.
[ configuration D ]
}
请求:
/ -> 符合configuration A
/documents/document.html -> 符合configuration B
/images/1.gif -> 符合configuration C
/documents/1.jpg ->符合 configuration D
静态文件映射
访问文件的配置主要有 root 和 alias 两个指令。这两个指令的区别容易弄混:
alias
alias后跟的指定目录是准确的,并且末尾必须加 /。
location /c/ {
alias /a/;
}
如果访问站点http://location/c访问的就是/a/目录下的站点信息。
root
root后跟的指定目录是上级目录,并且该上级目录下要含有和location后指定名称的同名目录才行。
location /c/ {
root /a/;
}
这时访问站点http://location/c访问的就是/a/c目录下的站点信息。
如果你需要将这个目录展开,在这个location的末尾加上「autoindex on; 」就可以了
有时候一个nginx服务就是为了用来下载文件的,网上很多下载服务都是这样的
在http段加上以下参数,重启nginx就行。这样文件点击时是下载的
autoindex on; autoindex_exact_size off; autoindex_localtime on; charset utf-8;
如果要点击时是查看内容,加上default_type text/plain;
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type text/plain;
server {
listen 80;
server_name repo.e.com;
root /opt/repo;
location / {
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
转发
配置起来很简单比如我要将所有的请求到转移到真正提供服务的一台机器的 8001 端口,只要这样:
location / {
proxy_pass 172.16.1.1:8001;
}
这样访问host时,就都被转发到 172.16.1.1的8001端口去了。
负载均衡upstream myserver; {
ip_hash;
server 172.16.1.1:8001;
server 172.16.1.2:8002;
server 172.16.1.3;
server 172.16.1.4;
}
location / {
proxy_pass http://myserver;
}
我们在 upstream 中指定了一组机器,并将这个组命名为 myserver,
这样在 proxypass 中只要将请求转移到 myserver 这个 upstream 中我们就实现了在四台机器的反向代理加负载均衡。
其中的 ip_hash 指明了我们均衡的方式是按照用户的 ip 地址进行分配。另外还有轮询、指定权重轮询、fair、url_hash几种调度算法。
更详细配置参考下链接
Nginx的配置文件详解(超详细)_wangbin_0729的博客-CSDN博客_nginx配置文件
润生的配置实例:
相对默认nginx.conf配置变化的是:
默认:
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid;
变化:****************
user root rssit;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
旧:
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
新:
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
旧:
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
。。。。
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
新:
server {
listen 443;
server_name sit.gdrsgg.com;
ssl on;
#root html;
#证书文件
ssl_certificate cert/cert.crt;
#私钥文件
ssl_certificate_key cert/cert_private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
# root html;
# index index.html index.htm;
# }
location ~ \.php$ {
root /var/www; #指定php的根目录
fastcgi_pass 127.0.0.1:9000;#php-fpm的默认端口是9000
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /yfr/ {
root html;
index index.html;
try_files $uri $uri/ /yfr/index.html;
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
if_modified_since off;
expires off;
etag off;
}
location /frmall/ {
root html;
index index.html;
try_files $uri $uri/ /frmall/index.html;
}
location /card/ {
root html;
index index.html;
try_files $uri $uri/ /card/index.html;
}
location /oilVoice/ {
root html;
index index.html;
try_files $uri $uri/ /yfr/index.html;
}
location /frbqd/ {
root html;
index index.html;
}
location /csxqd/ {
root html;
index index.html;
}
location /mallqd/ {
root html;
index index.html;
}
location ~ .*/yfrapi/.*txt$ {
root /usr/local/nginx/html;
}
location /frbmems/ {
#root html;
proxy_pass http://localhost:8010/frbmems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /mallems/ {
#root html;
proxy_pass http://localhost:8050/mallems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /csxems/ {
#root html;
proxy_pass http://localhost:9020/csxems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /yfrapi/ {
proxy_pass http://localhost:8020/yfrapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /csxapi/ {
proxy_pass http://localhost:9010/csxapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /mallapi/ {
proxy_pass http://localhost:8040/mallapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /cardapi/ {
proxy_pass http://localhost:8060/cardapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /frschedule/ {
proxy_pass http://localhost:8030/frschedule/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
include /usr/local/nginx/conf/conf.d/*.conf;
润生完整配置
user root rssit;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
server {
listen 443;
server_name sit.gdrsgg.com;
ssl on;
#root html;
#证书文件
ssl_certificate cert/cert.crt;
#私钥文件
ssl_certificate_key cert/cert_private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
root /var/www; #指定php的根目录
fastcgi_pass 127.0.0.1:9000;#php-fpm的默认端口是9000
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /yfr/ {
root html;
index index.html;
try_files $uri $uri/ /yfr/index.html;
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
if_modified_since off;
expires off;
etag off;
}
location /frmall/ {
root html;
index index.html;
try_files $uri $uri/ /frmall/index.html;
}
location /card/ {
root html;
index index.html;
try_files $uri $uri/ /card/index.html;
}
location /oilVoice/ {
root html;
index index.html;
try_files $uri $uri/ /yfr/index.html;
}
location /frbqd/ {
root html;
index index.html;
}
location /csxqd/ {
root html;
index index.html;
}
location /mallqd/ {
root html;
index index.html;
}
location ~ .*/yfrapi/.*txt$ {
root /usr/local/nginx/html;
}
location /frbmems/ {
#root html;
proxy_pass http://localhost:8010/frbmems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /mallems/ {
#root html;
proxy_pass http://localhost:8050/mallems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /csxems/ {
#root html;
proxy_pass http://localhost:9020/csxems/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /yfrapi/ {
proxy_pass http://localhost:8020/yfrapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /csxapi/ {
proxy_pass http://localhost:9010/csxapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /mallapi/ {
proxy_pass http://localhost:8040/mallapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /cardapi/ {
proxy_pass http://localhost:8060/cardapi/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
location /frschedule/ {
proxy_pass http://localhost:8030/frschedule/;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1000m;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
}
include /usr/local/nginx/conf/conf.d/*.conf;
}
nginx配置检测:
# nginx -t -c /usr/local/nginx/conf/nginx.conf
一定要绝对路径
标签:index,http,nginx,html,proxy,root From: https://www.cnblogs.com/fgxwan/p/16906387.html