Done is better than perfect

0%

Nginx安装与配置

发表于 更新于 分类于

简介

Nginx是个web,反向代理, 负载均衡, 邮件代理和HTTP缓存服务器.

安装

centos安装

1.安装准备 sudo yum install yum-utils

2.设置yum仓库,使用下面的内容创建一个/etc/yum.repos.d/nginx.repo文件 [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/\(releasever/\)basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true

[nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/\(releasever/\)basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true

3.安装Nginx sudo yum install nginx

配置

通常Nginx的配置放在下面几目录中: - /etc/nginx/nginx.conf , - /usr/local/etc/nginx/nginx.conf 或 - /usr/local/nginx/conf/nginx.conf

先看看默认的配置文件,如下: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
user  nginx;            #用户
worker_processes  1;    #工作进程数量

error_log  /var/log/nginx/error.log warn;   #错误日志
pid        /var/run/nginx.pid;              #定义一个存储主进程ID文件

events {
    worker_connections  1024;               #最大同时连接数
}

http {
    include       /etc/nginx/mime.types;    #扩展名对应的MIME类型
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main; #访问日志文件

    sendfile        on; #非阻塞磁盘IO
    #tcp_nopush     on;

    keepalive_timeout  65; #连接超时值

    #gzip  on;

    include /etc/nginx/conf.d/*.conf; #包含其他配置文件,在这目录下有一个default.conf文件,里面配置了服务器上下文
}
配置文件由上下文(模块)指令两部组成的树形结构指令集,子上下文的指令会覆盖父上下的指令。Nginx的核心上下文有: - 主上下文或全局上下文 - events上下文 - http上下文 - server上下文 - location上下文

其他上下文参见官网文档 ## 配置 ### 核心上下文 #### 主上下文 

1
2
3
4
5
# 最外层的上下文,者是主上下文
. . .
context {
    . . .
}

Events上下文

1
2
3
4
5
6
# main context
events {

    # events context
    . . .
}

HTTP上下文

1
2
3
4
5
6
7
8
9
10
11
# main context
. . .
events {
    # events context
    . . .
}

http {
    # http context
    . . .
}

Server上下文

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# main context

http {
    # http context

    server {
        # first server context
    }

    server {
        # second server context
    }

}

Location上下文

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# main context

server {
    # server context

    #location [modifier] path
    # =           - 精准匹配
    # ^~          - 优先匹配
    # ~ && ~*     - 正则匹配
    # no modifier - 前缀匹配
    location /match/criteria {s
        # first location context
    }

    location /other/criteria {
        # second location context

        location nested_match {
            # first nested location
        }

        location other_nested {
            # second nested location
        }
    }
}

核心配置指令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# 指定用户
user www www;

# 指定工作进程数量或者自动(根据cpu等相关信息自动选择)
worker_processes 2|auto;

# 指定日志文件
error_log /var/log/nginx-error.log info;

# 访问日志文件(http, server, location, if in location, limit_except)
access_log /var/log/nginx-access.log;

# 监听指令并为默认服务器
listen *:80 default_server;

# 服务器名字(域名)
server_name qilezaitu.top

# 指定根目录指令
root /var/www/qilezaitu;

# 指定首页文件
index index.html index.htm index.php;

# try_files指令,在try_files列表你查找文件 ,其中$uri就是用户请求的uri
try_files $uri index.html =404;

# 包含指令,包含其他配置或文件
include /etc/nginx/conf.d/*.conf;

# 返回指令
return 200 "Hello from netguru.co";

优化配置指令

1
2
3
4
5
6
7
#开启各类优化配置
tcp_nodelay on
tcp_nopush on
sendfile on
keepalive_timeout  65;
worker_connections 4096;
worker_rlimit_nofile 8192;

常用服务器配置

此节将简单的配置一下几种服务器,Web服务器,负载均衡服务器和代理服务器。 在/etc/nginx/nginx.conf文件中进行配置,如下: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
user  nginx;  
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

worker_rlimit_nofile 8192;

events {
    worker_connections  4096;
}

http {
    include     /etc/nginx/mime.types;

    index    index.html index.htm index.php;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    keepalive_timeout   65;

    server_names_hash_bucket_size 128;

    # 包含conf.d目录下的所有配置,后续的服务器配置都将在这个目录进行
    include /etc/nginx/conf.d/*.conf;
}
最后将/etc/nginx/conf.d/的默认配置文件备份,下面将在此目录下配置不同的服务器。

Web服务器配置

在/etc/nginx/conf.d/目录下新建一个配置文件命名为home.qilezaitu.top.conf 内容如下: 

1
2
3
4
5
6
7
8
9
10
server {
    listen       *:80;
    server_name  home.qilezaitu.top www.home.qilezaitu.top;
    access_log   /var/log/nginx/access.log  main;
    root         /usr/share/nginx/html/blog;

    location / {

    }
}

负载均衡服务器配置

在/etc/nginx/conf.d/目录下新建一个配置文件命名为balance.conf 内容如下: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
upstream big_server_com {
    server 127.0.0.3:8000 weight=5;
    server 127.0.0.3:8001 weight=5;
    server 192.168.0.1:8000;
    server 192.168.0.1:8001;
  }

  server { # simple load balancing
    listen          80;
    server_name     big.server.com;
    access_log      logs/big.server.access.log main;

    location / {
      proxy_pass      http://big_server_com;
    }
  }

代理服务器配置

在/etc/nginx/conf.d/目录下新建一个配置文件命名为proxy.conf 内容如下: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
proxy_redirect          off;
proxy_set_header        Host            $host;
proxy_set_header        X-Real-IP       $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size    10m;
client_body_buffer_size 128k;
proxy_connect_timeout   90;
proxy_send_timeout      90;
proxy_read_timeout      90;
proxy_buffers           32 4k;

server { # simple reverse-proxy
    listen       80;
    server_name  domain2.com www.domain2.com;
    access_log   logs/domain2.access.log  main;

    # serve static files
    location ~ ^/(images|javascript|js|css|flash|media|static)/  {
      root    /var/www/virtual/big.server.com/htdocs;
      expires 30d;
    }

    # pass requests for dynamic content to rails/turbogears/zope, et al
    location / {
      proxy_pass      http://127.0.0.1:8080;
    }
  }

SSL/STL配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
server {
    listen              443 ssl;
    server_name  qilezaitu.top www.qilezaitu.top;
    root         /var/www/html;
    index        index.html index.htm;

    ssl_certificate     /etc/nginx/ssl/qilezaitu.top.pem;
    ssl_certificate_key /etc/nginx/ssl/qilezaitu.top.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    location / {

    }
}

强制http到https

1
2
3
4
5
server {
    listen 80;
    server_name  qilezaitu.top;
    rewrite ^(.*)$   https://qilezaitu.top permanent;
}

启动

启动Nginx只需要简单的输入 

1
nginx

当启动了nginx启动后,可以通过发送信号的方式管理你的nginx,如下: 

1
nginx -s signal

可用的signal: - stop:快速关闭 - quit:等待工作进程完成了当前的请求后关闭 - reload:重载配置 - reopen:刷新日志文件

将Nginx加入到自启动,在/etc/rc.d/rc.local文件中追加一行,如下: 

1
nginx

记录各种问题

总结

参考

  1. Apache Vs NGINX – Which Is The Best Web Server for You?
  2. Nginx安装教程
  3. Nginx Tutorial #1: Basic Concepts
  4. Understanding the Nginx Configuration File Structure and Configuration Contexts
  5. Alphabetical index of directives
  6. nginx.conf