编译安装

安装依赖
下载 Nginx
创建用户和组
配置编译选项
编译安装
启动 Nginx
测试 Nginx 服务器
开机启动配置
开机启动
配置文件

:::info 尽管市面上有很多Linux + Nginx + Mysql + PHP 的一健安装包，但在生产环境下，还是最好自己动手去编译。 :::

安装依赖

yum install gcc gcc-c++ automake pcre pcre-devel zlip zlib-devel openssl openssl-devel

下载 Nginx

cd /usr/local/src/
wget -cO nginx-1.16.0.tar.gz https://nginx.org/download/nginx-1.16.0.tar.gz
tar -zxvf nginx-1.16.0.tar.gz
cd nginx-1.16.0/

创建用户和组

groupadd nginx
useradd nginx -g nginx -s /sbin/nologin -M

配置编译选项

./configure --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_gunzip_module

make && make install

启动 Nginx

/usr/local/nginx/sbin/nginx            # 启动
/usr/local/nginx/sbin/nginx -s reload  # 重启
/usr/local/nginx/sbin/nginx -s stop    # 停止
ps -ef | grep nginx #查询nginx主进程号
/usr/local/nginx/sbin/nginx -s stop    #快速关闭 Nginx 先查出nginx进程id再使用kill命令强制杀掉进程
/usr/local/nginx/sbin/nginx -s quit    #关闭Nginx 待nginx进程处理任务完毕进行停止

:::danger 注意：启动时，如果 mkdir /var/tmp/nginx/client 报错，请手动创建改目录结构。mkdir /var/tmp/nginx/client -p :::

测试 Nginx 服务器

:::info 直接在浏览器访问服务器的 IP 地址，如果能看到 Welcome to nginx! 页面，说明安装成功，否则检查一下服务器防火墙。
在服务器上可以用 curl -I 127.0.0.1 检查，如果能看到 HTTP 的头部信息，基本可以确定是防火墙的问题。 :::

[root@ecs-4895 nginx-1.16.0]# curl -I localhost
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Thu, 30 May 2019 04:44:03 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Thu, 30 May 2019 04:17:17 GMT
Connection: keep-alive
ETag: "5cef594d-264"
Accept-Ranges: bytes
[root@ecs-4895 nginx-1.16.0]#

开机启动配置

vim /usr/lib/systemd/system/nginx.service

[Unit]
Description=nginx service
After=network.target 
[Service] 
Type=forking 
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true 
[Install] 
WantedBy=multi-user.target

:::info [Unit]：服务的说明

Description：描述服务
After：描述服务类别
[Service]：服务运行参数的设置

Type=forking：后台运行的形式
ExecStart：服务的具体运行命令
ExecReload：重启命令
ExecStop：停止命令
PrivateTmp=True：表示给服务分配独立的临时空间
注意：[Service]的启动、重启、停止命令全部要求使用绝对路径。
[Install]：
运行级别下服务安装的相关设置，可设置为多用户，即系统运行级别为3。

保存退出。 :::

开机启动

systemctl enable nginx

:::info 如果开机启动不了，很大可能就是nginx: [emerg] open() “/var/run/nginx/nginx.pid” failed (2: No such file or directory)，解决方案 :::

配置文件

server {
    listen 80;
    server_name dati-h5.xinpu8.com;
    return 301 https://$server_name$request_uri;
}
server {
    listen 443 ssl;
    server_name dati-h5.xinpu8.com;
    keepalive_timeout 0;
    ssl_certificate /etc/nginx/ssl/dati-h5.xinpu8.com/fullchain.cer;
    ssl_certificate_key /etc/nginx/ssl/dati-h5.xinpu8.com/dati-h5.xinpu8.com.key;
    # root /var/www/datilive/vue-Zhibo/dist;
    root /var/www/datilive-h5;
    index index.php index.htm index.html;
    location / {
        try_files $uri $uri/ @router;
        index index.php index.htm index.html;
    }
    location @router {
        rewrite ^.*$ /index.html last;
    }
}
server {
    listen 80;
    server_name dati.xinpu8.com;
    return 301 https://$server_name$request_uri;
}
server {
    listen 443 ssl;
    server_name dati.xinpu8.com;
    keepalive_timeout 0;
    ssl_certificate /etc/nginx/ssl/dati.xinpu8.com/fullchain.cer;
    ssl_certificate_key /etc/nginx/ssl/dati.xinpu8.com/dati.xinpu8.com.key;
    root /var/www/datilive/public;
    index index.php index.htm index.html;
    client_max_body_size 200M;
    location / {
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header "Access-Control-Allow-Credentials" "true";
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, PUT, DELETE';
            add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With';
            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            return 200;
        }
        if ($request_method = 'POST') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header "Access-Control-Allow-Credentials" "true";
            add_header 'Access-Control-Allow-Methods' 'GET, POST,DELET,PUT,OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Keep-Alive,User-Agent,X-Requested-With,Content-Type';
        }
        if ($request_method = 'GET') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header "Access-Control-Allow-Credentials" "true";
            add_header 'Access-Control-Allow-Methods' 'GET, POST,DELET,PUT,OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Keep-Alive,User-Agent,X-Requested-With,Content-Type';
        }
        if ($request_method = 'DELETE') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header "Access-Control-Allow-Credentials" "true";
            add_header 'Access-Control-Allow-Methods' 'GET, POST,DELET,PUT,OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Keep-Alive,User-Agent,X-Requested-With,Content-Type';
        }
        if ($request_method = 'put') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header "Access-Control-Allow-Credentials" "true";
            add_header 'Access-Control-Allow-Methods' 'GET, POST,DELET,PUT,OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Keep-Alive,User-Agent,X-Requested-With,Content-Type';
        }
        if (!-e $request_filename) {
            rewrite ^/(.*)$ /index.php?s=$1 last; break;
        }
        index  index.php;
        autoindex  off;
    }
    location ~ \.php($|/) {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
    # 配置设置图片格式文件
    location ~* \.(jpg|jpeg|gif|png|ico|swf)$ {
        # 过期时间为3年
        expires 3y;
        # 关闭日志记录
        access_log off;
        # 关闭gzip压缩，减少CPU消耗，因为图片的压缩率不高。
        gzip off;
    }
    location ~ /\.ht {
        deny all;
    }
}