【Linux】 06.Nginx安装配置及使用

1.安装nginx

apt-get install nginx
或
yum install nginx

2. nginx配置服务

2.1 编写nginx文件，放入/etc/init.d/

#!/bin/sh
#chkconfig: 2345  85 15   
# 2345 表示在2345模式下,开机自启动
# Simple Redis init.d script conceived to work on Linux systems
# as it does use of the /proc filesystem.
 
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/usr/local/nginx/logs/nginx.pid
RETVAL=0
prog="nginx"
 
 
#source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
  [ ${NETWORKING} = "no" ] && exit 0
  [ -x $nginxd ] || exit 0
 
 
# Start nginx daemons functions.
 start() {
    if [ -e $nginx_pid ];then
      echo "nginx already running...."
      exit 1
    fi
      echo -n $"Starting $prog: "
      daemon $nginxd -c ${nginx_config}
      RETVAL=$?
     echo
      [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
    return $RETVAL
}
# Stop nginx daemons functions.
stop() {
        echo -n $"Stopping $prog: "
        killproc $nginxd
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid
}
# reload nginx service functions.
reload() {
    echo -n $"Reloading $prog: "
     #kill -HUP `cat ${nginx_pid}`
     killproc $nginxd -HUP
     RETVAL=$?
     echo
}
# See how we were called.
case "$1" in
 start)
     start
     ;;
 stop)
     stop
     ;;
 reload)
     reload
     ;;
 restart)
     stop
     start
     ;;
 status)
     status $prog
     RETVAL=$?
     ;;
 *)
    echo $"Usage: $prog {start|stop|restart|reload|status|help}"
    exit 1
esac
exit $RETVAL

2.2 添加进系统服务

# 给添加权限
chmod a+x /etc/init.d/nginx

# 将nginx加入到系统服务
chkconfig --add nginx

# 设置开机自启动
chkconfig nginx on

3.nginx常用命令

service nginx start     # 启动
service nginx stop      # 停止
service nginx reload    # 重启
service nginx status    # 查看nginx状态
nginx -v    # 查看版本

4.处理配置文件

cd到安装目录，一般是/etc/nginx，里面有个nginx.conf文件
补充内容如下

# 首部
user nginx;
改为
user root nginx;

# 中部  搭配proxy_pass使用
upstream zs{
    server 127.0.0.1:8000;
}

# 底部 http
server {
    listen       80;                # nginx的监听端口
    server_name  zs.com;     # 可以直接写域名或者IP

    location / {
        # proxy_pass  http://zs;      # 负载均衡代理
        uwsgi_pass  127.0.0.1:8000;         # 监听成功后请求的ip端口，与uwsgi中socket的IP端口一致
        include     uwsgi_params;
    }
    
    # 配置静态文件
    location /static {
        autoindex on;
        alias /root/mysite/WebSite/static; 
        # 要与之前django的setting.py中添加的static静态文件转移目录一致
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

# 底部 https
server {
   listen 443 ssl;
    #填写绑定证书的域名
    server_name cloud.tencent.com; 
    #证书文件名称
    ssl_certificate  1_cloud.tencent.com_bundle.crt; 
    #私钥文件名称
    ssl_certificate_key 2_cloud.tencent.com.key; 
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        #网站主页路径。此路径仅供参考，具体请您按照实际目录操作。  
        root html;
        index index.html index.htm;
    }
}
server {
    listen 80;
    #填写绑定证书的域名
    server_name cloud.tencent.com; 
    #把http的域名请求转成https
    return 301 https://$host$request_uri; 
}

注：首部是为了解决304无法访问的问题

底部的修改是配置信息

配置https -> SSL证书需要向防火墙添加端口

添加防火墙开放端口
firewall-cmd --zone=public --add-port=443/tcp --permanent

重启防火墙
firewall-cmd --reload