date: 2020-09-27title: nginx安装 #标题
tags: nginx安装 #标签
categories: nginx # 分类
安装
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repoyum makecache fastyum -y install pcre pcre-devel openssl openssl-devel zlib-devel zlib git gccwget http://mirrors.sohu.com/nginx/nginx-1.18.0.tar.gztar zxf nginx-1.18.0.tar.gz && cd nginx-1.18.0# 修改源码,隐藏版本信息$ vim src/core/nginx.h源码如下:#define nginx_version 1001018#define NGINX_VERSION "1.18.0"#define NGINX_VER "nginx/" NGINX_VERSION改为:#define nginx_version 1001018#define NGINX_VERSION "unknown"#define NGINX_VER "unknown/" NGINX_VERSION$ vim src/http/ngx_http_header_filter_module.c源码如下:static char ngx_http_server_string[] = "Server: nginx" CRLF;改为:static char ngx_http_server_string[] = "Server: unknown" CRLF;$ vim src/http/ngx_http_special_response.c源码如下(有很多相似的字段,千万别改错了,注意!):static u_char ngx_http_error_tail[] ="<hr><center>nginx</center>" CRLF"</body>" CRLF"</html>" CRLF;改为:static u_char ngx_http_error_tail[] ="<hr><center>unknown</center>" CRLF"</body>" CRLF"</html>" CRLF;mkdir /apps/usr -p# 为了支持sticky调度算法基于cookie会话保持,增加第三方模块stickygit clone https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng.gitsticky_path=$(readlink -f nginx-sticky-module-ng/)./configure --prefix=/apps/usr/nginx-1.18.0 --with-http_ssl_module \--with-http_addition_module --with-pcre \--with-http_stub_status_module --with-debug \--add-module=${sticky_path} --with-stream --with-http_realip_modulemakemake install
安装后的优化
cd /apps/usr/nginx-1.18.0/conf/$ vim nginx.conf# 全局字段配置如下:worker_processes auto;worker_cpu_affinity auto;worker_rlimit_nofile 65535;events {worker_connections 65535;}# http{ }字段配置如下:http {server_tokens off;sendfile on;keepalive_timeout 65;proxy_buffer_size 128k;proxy_buffers 32 32k;proxy_busy_buffers_size 256k;server_names_hash_bucket_size 256;client_header_buffer_size 256k;large_client_header_buffers 4 256k;reset_timedout_connection on;client_max_body_size 50m;client_header_timeout 10;client_body_timeout 10;send_timeout 10;open_file_cache max=1000 inactive=20s;open_file_cache_errors on;open_file_cache_min_uses 2;keepalive_requests 100;tcp_nodelay on;tcp_nopush on;gzip on;gzip_min_length 10k;gzip_comp_level 5;gzip_buffers 4 16k;gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css text/js application/json;gzip_http_version 1.1;gzip_proxied any;gzip_vary on;gzip_disable "MSIE [1-6].";.........}# 若使用反向代理,location字段添加如下,使后端应用获取客户端真实IPlocation / {.........proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}# 修改系统最多可打开文件数限制$ ulimit -n # 查看当前限制1024cat >> /etc/security/limits.conf << EOF* soft nofile 65535* hard nofile 65535EOF# 重新登录后生效
检测配置文件并启动nginx
$ ../sbin/nginx -tnginx: the configuration file /apps/usr/nginx-1.18.0/conf/nginx.conf syntax is oknginx: configuration file /apps/usr/nginx-1.18.0/conf/nginx.conf test is successful$ ../sbin/nginx$ curl -I 127.0.0.1 # 访问测试HTTP/1.1 200 OKServer: unknownDate: Tue, 07 Jul 2020 15:13:53 GMTContent-Type: text/htmlContent-Length: 151Last-Modified: Tue, 07 Jul 2020 14:43:35 GMTConnection: keep-aliveAccept-Ranges: bytes
若有收获,就点个赞吧
0 人点赞
