nginx 的安装
- # 下载 Nginx
- wget http://nginx.org/download/nginx-1.16.1.tar.gz
- # 解压 Nginx
- tar xf nginx-1.16.1.tar.gz
- # 安装 gcc 模块 C 语言编译需要
- yum install gcc zlib2-devel pcre-devel openssl-devel
- # 进入到解压目录下面 进行编译
- ./configure --prefix=/opt/nginx --with-http_ssl_module --with-http_stub_status_module
- # 安装
- make && make install
Nginx 目录结构
conf 配置文件
html 存放静态文件 index.HTML 是默认的欢迎页面
logs 日志文件
sbin 二进制文件
Nginx 支持的命令格式 ./sbin/nginx -h
- [[email protected] nginx]# ./sbin/nginx -h
- nginx version: nginx/1.16.1
- Usage: nginx [-?hvVtTq] [-s signal] [-c filename] [-p prefix] [-g directives]
- Options:
- -?,-h : this help
-v : show version and exit 显示版本号
-V : show version and configure options then exit 显示版本 + 编译时选项
-t : test configuration and exit 测试配置文件
- -T : test configuration, dump it and exit
- -q : suppress non-error messages during configuration testing
- -s signal : send signal to a master process: stop, quit, reopen, reload # 发送信号指令
- -p prefix : set prefix path (default: /opt/nginx/)
- -c filename : set configuration file (default: conf/nginx.conf)
- -g directives : set global directives out of configuration file
启动 Nginx
- ./sbin/nginx
- # 关闭防火墙
- iptables -F
Nginx 配置详解 ./config/nginx.conf
- # nginx 启动后会生成一个主进程, 根据配置文件的选项生成子进程 (工作进程), 主进程不负责处理用户的请求, 用来转发用户的请求 (分给子进程)
- #user nobody; # 使用哪个用户来启动子进程
- worker_processes 1; # 工作进程的个数 , 一般配置成 CPU 核心的个数 - 1 或者 - 2
- # CPU 亲缘性绑定, 让 nginx 的子进程工作在哪个核心上
- #error_log logs/error.log; # 错误日志
- #error_log logs/error.log notice;
- #error_log logs/error.log info;
- #pid logs/nginx.pid;
- events {
- # use [epoll|select|poll]; # CPU 算法, 默认无
- worker_connections 1024; # 没一个子进程可以处理的连接数, 默认 1024
- }
- http {
- include mime.types; # 导入
- default_type application/octet-stream; # 默认的请求方式
- # 定义日志格式
- #log_format main '$remote_addr - $remote_user [$time_local]"$request" '
- # '$status $body_bytes_sent"$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
- # 定义日志存放位置
- #access_log logs/access.log main;
- sendfile on;
- #tcp_nopush on;
- #keepalive_timeout 0;
- keepalive_timeout 65; # 保持长连接的超时时间 秒
- #gzip on;
- server {
- listen 80; # 监听端口
- server_name localhost; # 域名
- #charset koi8-r;
- #access_log logs/host.access.log main;
- location / {
- root HTML; # 指定静态文件地址
- index index.HTML index.htm; # 指定默认的 index 页面
- }
- # 网页出错显示的页面 / 根目录
- #error_page 404 /404.HTML;
- # redirect server error pages to the static page /50x.HTML
- #
- # 错误页面 服务端错误
- error_page 500 502 503 504 /50x.HTML;
- location = /50x.HTML {
- root HTML;
- }
- # proxy the PHP scripts to Apache listening on 127.0.0.1:80
- #
- #location ~ \.PHP$ {
- # proxy_pass http://127.0.0.1;
- #}
- # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
- #
- #location ~ \.PHP$ {
- # root HTML;
- # fastcgi_pass 127.0.0.1:9000;
- # fastcgi_index index.PHP;
- # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
- # include fastcgi_params;
- #}
- # deny access to .htaccess files, if Apache's document root
- # concurs with nginx's one
- #
- #location ~ /\.ht {
- # deny all;
- #}
- }
- # another virtual host using mix of IP-, name-, and port-based configuration
- #
- #server {
- # listen 8000;
- # listen somename:8080;
- # server_name somename alias another.alias;
- # location / {
- # root HTML;
- # index index.HTML index.htm;
- # }
- #}
- # HTTPS server
- #
- #server {
- # listen 443 ssl;
- # server_name localhost;
- # ssl_certificate cert.pem;
- # ssl_certificate_key cert.key;
- # ssl_session_cache shared:SSL:1m;
- # ssl_session_timeout 5m;
- # ssl_ciphers HIGH:!aNULL:!MD5;
- # ssl_prefer_server_ciphers on;
- # location / {
- # root HTML;
- # index index.HTML index.htm;
- # }
- #}
- }
配置简单实例
- # 修改 conf 目录下的 nginx.conf 配置
- [[email protected] nginx]# VIM ./conf/nginx.conf
- location / {
- root /data/HTML; # 根路径 这里地址为手动创建
- index index.HTML;
- }
- location /img {
- root /data/img; # 文件存放为 mkdir /data/img/img
- # alias /data/img;
- }
- root /data/HTML;
- error_page 404 /404.HTML;
- # 修改完毕后检查是否有问题
- [[email protected]st nginx]# ./sbin/nginx -t
- # 没有问题的话重启 nginx 服务
- [[email protected] nginx]# ./sbin/nginx -s reload
root 和 alias 的区别
- location /img {
- root /data/img;
- }
root /data/img 存放路径里面必须有 / img (/data/img/img)
- location /img {
- alias /data/img;
- }
alias /data/img 存放路径里面不需要有 /img (/data/img)
域名操作
- listen 80; # 监听端口
- server_name www.catdexin.com catdexin.com; # 域名
- server_name www.catdexin.com www.baidu.com www.taobao.com; # 可以设置多个域名
- # 输入域名先去 dns 缓存和 dns 服务器寻找域名
- # 我们可以在 host 文件中设置一个作为测试用
可以配置多个 server
- server{
- listen 80 default_server; # 默认 server
- server_name www.baidu.com baidu.com;
- location / {
- root /data/baidu;
- index index.HTML;
- }
- }
- server{
- listen 80;
- server_name www.baidu.com baidu.com;
- location / {
- root /data/baidu;
- index index.HTML;
- }
- }
nginx 中的日志
- # 定义日志格式
- #log_format main '$remote_addr - $remote_user [$time_local]"$request" '
- # '$status $body_bytes_sent"$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
remote_addr 请求 ip 地址
remote_user 请求的用户
time_local 本地时间
request 包括请求方式 请求地址 请求协议版本
status 状态码
body_bytes_sent 发送的大小
http_user_agent 用户请求头
http_x_forwarded_for 真实 IP
为每个 server 配置自己的日志
- server {
- listen 80 default_server;
- server_name www.catdexin.com catdexin.com;
- access_log logs/catdexin.com main; # 路径
- location / {
- root /data/catdexin;
- index index.HTML;
- }
- }
- server {
- listen 80;
- server_name www.nayue.com nayue.com;
- access_log logs/nayue.com main; # 路径
- location / {
- root /data/nayue;
- index index.HTML;
- }
- }
禁止访问 (黑名单)
可以写在 server 或者 location 里面
- deny 192.168.21.1; # 黑名单 单 IP
- allow 192.168.21.131; # 白名单
- deny 192.168.21.0/24; # 黑名单 整个网段
- server{
- listen 80;
- server_name www.baidu.com baidu.com;
- location / {
- deny 192.168.21.1;
- root /data/baidu;
- index index.HTML;
- }
- }
来源: http://www.bubuko.com/infodetail-3557349.html