安装nginx

  1. 安装前的准备

     yum install \
     vim \
     gcc \
     gcc-c++ \
     wget \
     make \
     libtool \
     automake \
     autoconf \
     -y \
    
  2. 安装PCRE库点击下载

     cd /root
     wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.39.tar.gz
     或者(第三方):wget https://fossies.org/linux/misc/pcre-8.39.tar.gz
     tar -zxvf pcre-8.39.tar.gz
     cd pcre-8.39
     ./configure
     make
     make install
    
  3. 安装zlib库

     cd /root
     wget http://zlib.net/zlib-1.2.11.tar.gz
     tar -zxvf zlib-1.2.11.tar.gz
     cd zlib-1.2.11
     ./configure
     make
     make install
    
  4. 安装openssl

     # openssl从1.0.2开始支持http2
     cd /root
     wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz
     tar -zxvf openssl-1.0.2l.tar.gz
    
  5. 安装nginx点击下载

     # nginx在1.9.5开始支持http2
     cd /root
     wget http://nginx.org/download/nginx-1.13.2.tar.gz
     tar -zxvf nginx-1.13.2.tar.gz
     cd nginx-1.13.2
    
     # 安装前小提示:如果要隐藏Web服务名称'nginx',可以使用以下方法,但该方法会导致不兼容certbot免费证书生成工具
    
     |——————————————————————————————————————
     | vim ./src/core/nginx.h
     | 
     | #define NGINX_VERSION "x.x.x"
     | #define NGINX_VER     "nginx/" NGINX_VERSION
     | # 改为
     | #define NGINX_VERSION "1.0.0"
     | #define NGINX_VER     "FastWeb/" NGINX_VERSION
     | 
     | ESC
     | :wq
     |——————————————————————————————————————
    
     |——————————————————————————————————————
     | vim ./src/http/ngx_http_header_filter_module.c
     | 
     | ngx_http_server_string[] = "Server: nginx" CRLF;
     | # 改为
     | ngx_http_server_string[] = "Server: FastWeb" CRLF;
     | 
     | ESC
     | :wq
     |——————————————————————————————————————
    
     |——————————————————————————————————————
     | vim ./src/http/ngx_http_special_response.c
     | <hr><center>nginx</center>
     | # 改为
     | <center><h1>FastWeb</h1></center>
     |
     | # 并且
     |
     | static u_char ngx_http_msie_padding[] =
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF
     | "<!-- a padding to disable MSIE and Chrome friendly error page -->" CRLF;
     | # 改为
     | static u_char ngx_http_msie_padding[] = "<!-- FastWeb -->" CRLF;
     |
     | # 并且
     |
     | static u_char ngx_http_error_tail[] =
     | "<center><h1>nginx</h1></center>" CRLF
     | "</body>" CRLF
     | "</html>" CRLF;
     | # 改为
     | static u_char ngx_http_error_tail[] =
     | "<center><h1>FastWeb</h1></center>" CRLF
     | "</body>" CRLF
     | "</html>" CRLF;
     |
     | ESC
     | :wq
     |——————————————————————————————————————
    
     ./configure \
     --prefix=/usr/local/nginx/ \
     --with-http_v2_module \
     --with-http_ssl_module \
     --with-http_realip_module \
     --with-http_stub_status_module \
     --with-pcre=../pcre-8.39/ \
     --with-zlib=../zlib-1.2.11/ \
     --with-openssl=../openssl-1.0.2l/
    
     make
     make install
    
  6. 开启80端口(方式1)

     netstat -ano|grep 80
     iptables -t filter -A INPUT -p tcp -j ACCEPT
    
  7. 开启80端口(方式2)

     yum install firewalld
     systemctl enable firewalld
     systemctl start firewalld
     firewall-cmd --zone=public --add-port=80/tcp --permanent
     firewall-cmd --zone=public --add-port=443/tcp --permanent
     firewall-cmd --reload
    
  8. 修改nginx配置

     vim /usr/local/nginx/conf/nginx.conf
    
     user                    www;
     worker_processes        auto;
     worker_cpu_affinity     auto;
     pid                     logs/nginx.pid;
    
     events {
         worker_connections  102400;
     }
    
     http {
         charset             utf-8;
         server_tokens       off;
    
         log_format  main    '$remote_addr - $remote_user [$time_local] "$request" '
                             '$status $body_bytes_sent "$http_referer" '
                             '"$http_user_agent" "$http_x_forwarded_for"';
    
         include             mime.types;
         default_type        application/octet-stream;
    
         client_max_body_size 20M;
    
         sendfile            on;
         keepalive_timeout   20;
    
         gzip                on;
         gzip_vary           on;
         gzip_comp_level     1;
         gzip_types          text/css application/javascript application/json image/png image/webp image/apng image/jpeg image/x-icon;
    
         # ssl_session_timeout         5m;
         # ssl_prefer_server_ciphers   on;
         # ssl_certificate             /www/fullchain.pem;
         # ssl_certificate_key         /www/privkey.pem;
         # ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
         # ssl_ciphers                 ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    
         error_log                   /www/z_error.log;
         access_log                  /www/z_$host.log main;
    
         server {
             listen      80;
             # listen      443 ssl;
             server_name localhost;
             root        /www;
    
             location / {
                 index   index.php index.html index.htm;
             }
    
             location ~* \.php {
                 include                 fastcgi_params;
                 fastcgi_index           index.php;
                 fastcgi_pass            127.0.0.1:9000;
                 fastcgi_split_path_info ^(.+\.php)(.*)$;
                 fastcgi_param           PATH_INFO       $fastcgi_path_info;
                 fastcgi_param           SCRIPT_NAME     $fastcgi_script_name;
                 fastcgi_param           SCRIPT_FILENAME $document_root$fastcgi_script_name;
             }
         }
     }
    
     ESC
     :wq
    
  9. 如果没有www用户,创建www用户

     useradd www
    
  10. 启动nginx并设置开机启动

     # 将nginx目录所属用户设置为www
     mkdir /www
     chown -R www:www /www
     chown -R www:www /usr/local/nginx
    
     # 进入单元文件目录
     cd /etc/systemd/system
    
     # 创建nginx单元文件,格式为: [单元文件名].[单元文件类型]
     vim nginx.service
    
     [Unit]
     Description=Start nginx on boot.
     After=default.target network.target
    
     [Service]
     User=root
     Group=root
     Type=forking
     ExecStart=/usr/local/nginx/sbin/nginx
     ExecReload=/usr/local/nginx/sbin/nginx -s reload
     ExecStop=/usr/local/nginx/sbin/nginx -s quit
     PrivateTmp=true
    
     [Install]
     WantedBy=multi-user.target
    
     ESC
     :wq
    
     # 修改文件权限为只有root用户可以编辑该文件
     chown -R root:root /etc/systemd/system/nginx.service
     chmod -R 644 /etc/systemd/system/nginx.service
    
     # 更新systemd
     systemctl daemon-reload
     systemctl enable nginx
     systemctl start nginx
    
  11. nginx操作

     /usr/local/nginx/sbin/nginx    启动
     /usr/local/nginx/sbin/nginx -t 检查当前配置错误
     /usr/local/nginx/sbin/nginx -s reload 重载配置
     /usr/local/nginx/sbin/nginx -s reopen 重开日志
     /usr/local/nginx/sbin/nginx -s quit   正常关闭
     /usr/local/nginx/sbin/nginx -s stop   强制关闭
    
  12. 使用fastdfs-nginx-module比直接使用nginx的优势在哪

     FastDFS通过Tracker服务器,将文件放在Storage服务器存储,但
     是同组之间的服务器需要复制文件,有延迟的问题.假设Tracker
     服务器将文件上传到了192.168.1.2,文件ID已经返回客户端,这
     时,后台会将这个文件复制到192.168.1.3,如果复制没有完成,
     客户端就用这个ID在192.168.1.3取文件,肯定会出现错误,这
     个fastdfs-nginx-module可以重定向连接到源服务器取文件,避
     免客户端由于复制延迟的问题,出现错误。
    

results matching ""

    No results matching ""