( 每日一记)nginx编译三部曲
Nginx安装
1.下载文件
mkdir nginx && cd nginx
wget https://nginx.org/download/nginx-1.15.8.tar.gz
wget https://github.com/FRiCKLE/ngx_cache_purge/archive/2.3.tar.gz
2.安装依赖包
yum install -y gcc gcc-c++ openssl openssl-devel \
gd-devel pcre-devel libcurl-devel \
libunwind gperftools
3.解压缩文件
tar xvf 2.3.tar.gz
tar xvf nginx-1.15.8.tar.gz
cd nginx-1.15.8
4.编译nginx
useradd -s /sbin/nologin www
./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_auth_request_module \
--with-http_realip_module --with-http_v2_module --with-http_random_index_module \
--with-http_sub_module --with-http_addition_module --with-http_secure_link_module \
--with-http_ssl_module --with-stream_ssl_module --with-stream_realip_module \
--with-stream_ssl_preread_module --with-stream --add-module=../ngx_cache_purge-2.3 \
--with-http_slice_module --with-google_perftools_module --with-threads \
--with-ld-opt=-ltcmalloc --with-http_gzip_static_module \
--with-http_gunzip_module --with-http_stub_status_module
make && make install
5.nginx测试配置文件
/usr/local/nginx/sbin/nginx -t
6.启动nginx
/usr/local/nginx/sbin/nginx
查看端口
netstat -ntlp|grep nginx
7.nginx重载配置文件
/usr/local/nginx/sbin/nginx -s reload
8.nginx.conf 主配置文件模板
user www;
worker_processes 2;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format wizlog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
sendfile on;
keepalive_timeout 300;
gzip on;
client_max_body_size 2048m;
server_tokens off;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_read_timeout 3000;
include /usr/local/nginx/conf/sites/*.conf;
}
9.站点配置文件模板---基于IP
为站点单独写配置文件,目录地址为sites,创建目录: mkdir /usr/local/nginx/conf/sites
plant.ip.conf
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
#web
upstream web_wiz_top {
server 192.168.80.44:8880;
}
#webapi
upstream webapi_wiz_top {
server 192.168.80.44:2000;
}
#easc
upstream easc_wiz_top {
server 192.168.80.44:3002;
}
#wizplayer
upstream player_wiz_top {
server 192.168.80.44:9000;
}
log_format plantlog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
#web 8880 ssl
server {
listen 8880 ssl;
server_name 192.168.66.100;
access_log /data/logs/web.wiz.log plantlog;
error_log /data/logs/error.web.dev.top.log;
#ssl configure
ssl_certificate /root/cert/nw.pem;
ssl_certificate_key /root/cert/nw-key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#error
error_page 404 403 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
index index.html index.htm index.php;
proxy_pass http://web_wiz_top;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $remote_addr;
}
}
#webapi 2000 ssl
server {
listen 2000 ssl;
server_name 192.168.66.100;
#ssl configure
ssl_certificate /etc/letsencrypt/live/show.dev.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/show.dev.top/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#error
error_page 404 403 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
index index.html index.htm index.php;
proxy_pass http://webapi_wiz_top;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $remote_addr;
}
}
#easc 3002 ssl
server {
listen 3002 ssl;
server_name 192.168.66.100;
#ssl configure
ssl_certificate /etc/letsencrypt/live/show.dev.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/show.dev.top/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#error
error_page 404 403 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
index index.html index.htm index.php;
proxy_pass http://easc_wiz_top;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $remote_addr;
}
}
#wizplayer socket
server {
listen 9000 ssl;
server_name 192.168.66.100;
#ssl configure
ssl_certificate /etc/letsencrypt/live/show.dev.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/show.dev.top/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#error
error_page 404 403 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
index index.html index.htm index.php;
proxy_pass http://player_wiz_top;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $remote_addr;
#websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 360s;
}
}
浙公网安备 33010602011771号