gcc

1、查看gcc版本
gcc -v
2、gcc安装命令
yum -y install gcc

pcre和pcre-devel

nginx的http模块使用pcre来解析正则表达式
yum install -y pcre pcre-devel

zlib

nginx使用zlib对http包的内容进行gzip。
yum install -y zlib zlib-devel

openssl

openssl用于数据链路通信安全加密。
yum install -y openssl openssl-devel

安装nginx

1、去官网获取最新稳定版本下载链接,官网下载页面地址:http://nginx.org/en/download.html
image.png

2、在linux上,利用wget命令下载nginx
wget http://nginx.org/download/nginx-1.20.2.tar.gz

3、解压到你要存放的目标,我这里是放在/application。解压完毕,会看到对应的目录里面多出一个nginx-1.20.2的文件夹
tar -zxvf nginx-1.20.2.tar.gz -C /application[

4、切换到对应的解压目录,对nginx进行编译安装。按以下步骤执行命令](https://blog.csdn.net/lishuaipiao/article/details/116453998)

  1. # 不需要https模块的, 这里只输入./configure即可
  2. ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
  4. # 编译
  5. make
  7. # 安装
  8. make install

5、启动nginx。当make install命令执行完,我们会看到/usr/local会多出一个nginx文件夹。我们切换到/usr/local/nginx/sbin,进行启动nginx。如果需要修改端口等其他配置信息,进入/usr/local/nginx/conf修改nginx.conf的里面的信息。

  1. # 启动
  2. ./nginx -s start
  4. # 刷新配置
  5. ./nginx -s reload
  7. # 停止nginx
  8. ./nginx -s stop
  10. # 查看nginx是否启动成功
  11. ps -ef | grep nginx

配置nginx开机自启

1、在/etc/init.d下创建文件nginx,具体可参考官网的
https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/

  1. #!/bin/sh
  2. #
  3. # nginx - this script starts and stops the nginx daemon
  4. #
  5. # chkconfig:   - 85 15
  6. # description:  NGINX is an HTTP(S) server, HTTP(S) reverse \
  7. #               proxy and IMAP/POP3 proxy server
  8. # processname: nginx
  9. # config:      /etc/nginx/nginx.conf
  10. # config:      /etc/sysconfig/nginx
  11. # pidfile:     /var/run/nginx.pid
  13. # Source function library.
  14. . /etc/rc.d/init.d/functions
  16. # Source networking configuration.
  17. . /etc/sysconfig/network
  19. # Check that networking is up.
  20. [ "$NETWORKING" = "no" ] && exit 0
  22. # 特别注意,这里要调整你存放Nginx的目录
  23. nginx="/usr/local/nginx/sbin/nginx"
  24. prog=$(basename $nginx)
  26. # 特别注意,这里要调整你存放Nginx的目录
  27. NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
  29. [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
  31. lockfile=/var/lock/subsys/nginx
  33. make_dirs() {
  34.    # make required directories
  35.    user=`$nginx -V 2>&1 | grep "configure arguments:.*--user=" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
  36.    if [ -n "$user" ]; then
  37.       if [ -z "`grep $user /etc/passwd`" ]; then
  38.          useradd -M -s /bin/nologin $user
  39.       fi
  40.       options=`$nginx -V 2>&1 | grep 'configure arguments:'`
  41.       for opt in $options; do
  42.           if [ `echo $opt | grep '.*-temp-path'` ]; then
  43.               value=`echo $opt | cut -d "=" -f 2`
  44.               if [ ! -d "$value" ]; then
  45.                   # echo "creating" $value
  46.                   mkdir -p $value && chown -R $user $value
  47.               fi
  48.           fi
  49.        done
  50.     fi
  51. }
  53. start() {
  54.     [ -x $nginx ] || exit 5
  55.     [ -f $NGINX_CONF_FILE ] || exit 6
  56.     make_dirs
  57.     echo -n $"Starting $prog: "
  58.     daemon $nginx -c $NGINX_CONF_FILE
  59.     retval=$?
  60.     echo
  61.     [ $retval -eq 0 ] && touch $lockfile
  62.     return $retval
  63. }
  65. stop() {
  66.     echo -n $"Stopping $prog: "
  67.     killproc $prog -QUIT
  68.     retval=$?
  69.     echo
  70.     [ $retval -eq 0 ] && rm -f $lockfile
  71.     return $retval
  72. }
  74. restart() {
  75.     configtest || return $?
  76.     stop
  77.     sleep 1
  78.     start
  79. }
  81. reload() {
  82.     configtest || return $?
  83.     echo -n $"Reloading $prog: "
  84.     killproc $prog -HUP
  85.     retval=$?
  86.     echo
  87. }
  89. force_reload() {
  90.     restart
  91. }
  93. configtest() {
  94.   $nginx -t -c $NGINX_CONF_FILE
  95. }
  97. rh_status() {
  98.     status $prog
  99. }
  101. rh_status_q() {
  102.     rh_status >/dev/null 2>&1
  103. }
  105. case "$1" in
  106.     start)
  107.         rh_status_q && exit 0
  108.         $1
  109.         ;;
  110.     stop)
  111.         rh_status_q || exit 0
  112.         $1
  113.         ;;
  114.     restart|configtest)
  115.         $1
  116.         ;;
  117.     reload)
  118.         rh_status_q || exit 7
  119.         $1
  120.         ;;
  121.     force-reload)
  122.         force_reload
  123.         ;;
  124.     status)
  125.         rh_status
  126.         ;;
  127.     condrestart|try-restart)
  128.         rh_status_q || exit 0
  129.             ;;
  130.     *)
  131.         echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
  132.         exit 2
  133. esac

2、赋值文件执行权限
chmod a+x /etc/init.d/nginx

3、将nginx服务加入chkconfig管理列表
chkconfig —add /etc/init.d/nginx

4、设置开机自启
chkconfig nginx on

5、其他操作命令

  1. # 启动nginx
  2. service nginx start
  4. # 停止nginx
  5. service nginx stop
  7. # 重启nginx
  8. service nginx restart
  10. #查看nginx服务是否启动成功
  11. ps -ef | grep nginx

nginx常见配置

静态网站

  1. server {
  2.    listen       80;
  3.    server_name  www.rocky.com;
  4.    return      301 https://$server_name$request_uri;
  5.    location / {
  6.          alias /web/rocky/;
  7.    }
  8.    error_page   500 502 503 504  /50x.html;
  9.    location = /50x.html {
  10.       root   html;
  11.    }
  13. }

SSL配置

  1. server {
  2.   listen       443 ssl;
  3.   server_name   www.rocky.com;
  4.   ssl_certificate       /web/cert/1_www.rocky.com_bundle.crt;
  5.   ssl_certificate_key  /web/cert/2_www.rocky.com.cn.key;
  6.   ssl_session_cache    shared:SSL:1m;
  7.   ssl_session_timeout  5m;
  8.   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  9.   ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
  10.   ssl_prefer_server_ciphers  on;
  12.   location / {
  13.      alias /web/rocky/;
  14.   }
  15. }

代理转发

  1. server {
  2.   listen       443 ssl;
  3.   server_name  api.rocky.com;
  4.   ssl_certificate      1_api.rocky.com_bundle.crt;
  5.   ssl_certificate_key  2_api.rocky.com.key;
  6.   ssl_session_cache    shared:SSL:1m;
  7.   ssl_session_timeout  5m;
  8.   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  9.   ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
  10.   ssl_prefer_server_ciphers  on;
  12.   location / {
  13.      proxy_pass http://127.0.0.1:8080/shop/;
  14.      # 转发cookie
  15.      proxy_cookie_path /shop /;
  16.      # 域名转发
  17.      proxy_set_header Host $host;   
  18.      proxy_redirect off;
  19.      # IP转发
  20.      proxy_set_header X-Real-IP $remote_addr; 
  21.      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  22.      proxy_connect_timeout 60;
  23.      proxy_read_timeout 600;
  24.      proxy_send_timeout 600;
  25.   }
  27. }

映射静态资源

  1. server {
  2.   listen       80;
  3.   server_name  localhost;
  5.   location / {
  6.      proxy_pass   http://127.0.0.1:8080/rocky/;
  7.      proxy_cookie_path /crazyandrew /;
  8.      client_max_body_size 1000m;
  9.    }
  11.   #  http://locahost/image/demo1.jpg映射到/upload/image/demo1.jpg
  12.   location /image/ {
  13.      root /upload/image/;
  14.      rewrite ^/image/(.*)$ \$1 break;
  15.   }
  17.  error_page   500 502 503 504  /50x.html;
  18.  location = /50x.html {
  19.    root   html;
  20.  }
  21. }

http和https共存

  1. server {
  2.   listen 80 default backlog=2048;
  3.   listen 443 ssl;
  4.   server_name www.rocky.com;
  5.   root /web/rocky;
  6.   ssl_certificate      1_api.rocky.com_bundle.crt;
  7.   ssl_certificate_key  2_api.rocky.com.key;
  8. }

游览器不能访问IP

执行ps aux | grep nginx,查看Nginx服务是否启动
执行netstat -ntlp,查看80端口是否分配给你Nginx
对80端口防火墙配置:firewall-cmd —zone=public —add-port=80/tcp —permanent
重启防火墙服务:systemctl restart firewalld.service

在服务器上执行 curl localhost 看是不是正常的,是正常的,就检查安全组(云服务器)、防火墙,selinux