架构师必会,nginx服务的搭建(从入门到高手的第三步)
Posted 遙遙背影暖暖流星
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了架构师必会,nginx服务的搭建(从入门到高手的第三步)相关的知识,希望对你有一定的参考价值。
nginx的使用
一,安装部分
1、环境安装
yum -y install gcc gcc-c++ make pcre-devel zlib-devel
2、软件编译安装
tar zxf nginx-1.12.2.tar.gz -C /opt/
cd /opt/nginx-1.12.2/
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
make && make install
3、service和systemctl的优化
ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
useradd -M -s /sbin/nologin nginx
nginx -t #检查语法
nginx #启动
此时进程中有nginx服务
(1)接下进一步优化管理:systemctl
vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 99 20
# description: Nginx Service Control Script
COM="/usr/local/nginx/sbin/nginx"
PID="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$COM
;;
stop)
kill -s QUIT $(cat $PID)
;;
restart)
$0 stop
$0 start
;;
reload)
kill -s HUP $(cat $PID)
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit 0
chmod +x /etc/init.d/nginx
chkconfig --add nginx
systemctl stop nginx
systemctl start nginx #可以用该命令进行管理了
(2)优化管理:service
vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile =/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.targe
chmod 754 /lib/systemd/system/nginx.service #设置754权限,安全优化
systemctl start nginx.service
systemctl enable nginx.service
(如果开启失败,lsof -i:80,查看占用80零端口的服务,并杀死)
二,nginx文件配置
cp /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak #先做备份
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.mayun.com; #第37行修改
#charset UTF-8; #第39行 改成UTF-8中文字符
vim /etc/hosts添加映射
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.7 www.mayun.com #添加本行内容
登录www.mayun.com成功
三,设计访问状态统计
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.mayun.com;
#charset UTF-8;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /status { #在44行添加三行内容
stub_status on;
access_log off;
}
访问http://192.168.100.7/status或者是 www.mayun.com/status
四、访问控制
1、安装
yum -y install httpd-tools
2、设置登录需要账号和密码
htpasswd -c /usr/local/nginx/passwd.db zhangsan
#输入两次一样的密码
chown nginx /usr/local/nginx/passwd.db
chmod 400 /usr/local/nginx/passwd.db
nginx -t
systemctl restart nginx.service
vim /usr/local/nginx/conf/nginx.conf
location / {
auth_basic "secret";
auth_basic_user_file /usr/local/nginx/passwd.db; #添加这两行
root html;
index index.html index.htm;
}
输入zhangsan和密码
3、设置黑名单限制登录
原本192.168.100.6可以登录
服务端vim /usr/local/nginx/conf/nginx.conf
location / {
root html;
index index.html index.htm;
deny 192.168.100.6; #拒绝该ip
allow all;
}
systemctl stop nginx
systemctl start ngin
在客户端再次访问则直接被拒绝
五,虚拟主机
1、基于不同域名的
vim /etc/hosts
添加www.accp.com www.benet.com
vim nginx.conf
server {
listen 80;
server_name www.accp.com;
charset utf-8;
access_log logs/accp.access.log;
location / {
root /var/www/html/accp;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name www.benet.com;
charset utf-8;
access_log logs/benet.access.log;
location / {
root /var/www/html/benet;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
2、基于不同端口
mkdir -p /var/www/html/accp8080
vim /var/www/html/accp8080/index.html
<h1> www.accp8080.com</h1>
vim /usr/local/nginx/conf/nginx.conf
在原来基础上添加一下内容
server {
listen 192.168.100.7:8080;
server_name www.accp.com;
charset utf-8;
access_log logs/accp8080.access.log;
location / {
root /var/www/html/accp8080;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
nginx -t
netstat -antp |grep nginx
tcp 0 0 192.168.100.7:8080 0.0.0.0:* LISTEN 102009/nginx: maste
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 102009/nginx: maste
#出现两端口
3、基于不同ip
ifconfig ens32:0 192.168.100.100/24
mkdir -p /var/www/html/benet100
vim /var/www/html/benet100/index.html
<h1> www.benet100.com </h1>
vim /etc/hosts
192.168.100.100 www.benet.com #删除之前www.benet.com,新添加
vim /usr/local/nginx/conf/nginx.conf
设置以ip加端口的形式
server {
listen 192.168.100.7:80;
server_name www.accp.com;
charset utf-8;
access_log logs/accp.access.log;
location / {
root /var/www/html/accp;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 192.168.100.100:80;
server_name www.benet.com;
charset utf-8;
access_log logs/benet100.access.log;
location / {
root /var/www/html/benet100;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
nginx -t
systemctl restart nginx.service
实现两个网站的都能访问
以上是关于架构师必会,nginx服务的搭建(从入门到高手的第三步)的主要内容,如果未能解决你的问题,请参考以下文章