ubuntu18.04安装nginx并支持https和文件上传
在ubuntu10.4server下安装nginx并支持上传和https功能
环境:ubuntu18.04server
在root权限下操作
1. 安装编译环境
cd apt -y install make gcc libpcre3 libpcre3-dev openssl libssl-dev zlib1g-dev build-essential unzip
2. 下载并解压nginx源码
wget http://nginx.org/download/nginx-1.15.8.tar.gz tar -zxvf nginx-1.8.1.tar.gz
3. 下载并解压上传模块
wget https://github.com/fdintino/nginx-upload-module/archive/refs/heads/master.zip unzip master.zip
5. 移动nginx和上传模块到指定目录
mv nginx-1.8.1 /usr/local/nginx mv nginx-upload-module-master /usr/local/nginx/
6. 生成服务器密钥和证书用于https,
6.1 进入openssl下执行以下命令
openssl
6.2 生成CA私钥
openssl> genrsa -des3 -out ca.key 1024
6.3 去除CA私钥密码
openssl> rsa -in ca.key -out ca.key
6.3 生成CA
openssl> req -new -x509 -key ca.key -out ca.crt -days 365
6.4 重新进入openssl生成用户证书等
openssl> exit openssl
6.4 生成用户私钥
openssl> genrsa -des3 -out server.key 1024
6.5 去除用户私钥中的密码
openssl> rsa -in server.key -out server.key
6.5 生成证书申请文件
openssl> req -new -key server.key -out server.csr
6.6 通过CA生成证书
openssl> x509 -req -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -days 365
6.7 需要的文件为用户私钥server.key和用户证书server.crt,将用户私钥和用户证书移动到nginx下目录CA中
mkdir -p /usr/local/nginx/CA mv server.key /usr/local/nginx/CA mv server.crt /usr/local/nginx/CA
7. 编译nginx
cd /usr/local/nginx ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --with-http_ssl_module --add-module=./nginx-upload-module-master make
8. 修改配置文件/usr/local/nginx/conf/nginx.conf,替换为以下内容
user root;
worker_processes 1;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
server {
client_max_body_size 100g;
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
autoindex on;
listen 443 ssl;
listen [::]:443 default_server;
server_name localhost;
ssl_certificate /usr/local/nginx/CA/server.crt;
ssl_certificate_key /usr/local/nginx/CA/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /usr/local/nginx/html;
autoindex on;
}
location /upload {
upload_store /usr/local/nginx/html/upload;
upload_store_access user:rw;
upload_set_form_field $upload_field_name.name "$upload_file_name";
upload_set_form_field $upload_field_name.content_type "$upload_content_type";
upload_set_form_field $upload_field_name.path "$upload_tmp_path";
upload_pass_form_field "^submit$|^description$";
upload_pass @mock;
}
location @mock {
return 200 "ok\r\n";
}
}
}
9. 创建上传文件夹支持文件上传功能
mkdir /usr/local/nginx/html/upload chmod 777 /usr/local/nginx/upload/
10. 增加上传文件测试网页/usr/local/nginx/html/test_upload.html,内容如下
<html> <head> <title>Test upload</title> </head> <body> <h2>Select files to upload</h2> <form enctype="multipart/form-data" action="/upload" method="post"> <input type="file" name="file1"><br> <input type="submit" name="submit" value="Upload"> </form> </body> </html>
11. 安装nginx
make install
12. 检查nginx配置文件正确性
/usr/local/nginx/sbin/nginx -t
13. 开启nginx
/usr/local/nginx/sbin/nginx
14. 测试文件上传,访问http://127.0.0.1/upload,上传文件之后在/usr/local/nginx/html/upload下是否有文件存在
15. 测试https,访问https://127.0.0.1/
16 测试http,访问http://127.0.0.1/
浙公网安备 33010602011771号