12.Nginx介绍,安装,配置默认虚拟主机,重定向

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了12.Nginx介绍,安装,配置默认虚拟主机,重定向相关的知识,希望对你有一定的参考价值。

[toc]

12.5 nginx介绍

官网:nginx.org

因为nginx处理静态文件的能力要比apache好很多,所以很多企业在建站的时候一般都是用java写的,然后会选择tomcat,但是tomcat处理静态文件的能力不是太好就会叠加选择nginx。

nginx特点:

体积小
处理能力强
并发高
可扩展性好
Nginx应用场景:
web服务
反向代理
负载均衡
Nginx著名分支,淘宝基于Nginx开发的Tengine,使用上和Nginx一致,服务名,配置文件名都一样,和Nginx的最大区别在于Tenging增加了一些定制化模块,在安全限速方面表现突出,另外它支持对js,css合并
Nginx核心+lua(开发语言)相关的组件和模块组成了一个支持lua的高性能web容器openresty,参考http://jinnianshilongnian.iteye.com/blog/2280928 

12.6 下载配置安装Nginx

1.下载解压

[[email protected] php-5.6.30]# cd /usr/local/src
[[email protected] src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz
[[email protected] src]# tar zvxf nginx-1.12.1.tar.gz

2.进入安装源码包,配置,make&make install

[[email protected] src]# cd nginx-1.12.1/
[[email protected] nginx-1.12.1]# ./configure --prefix=/usr/local/nginx

Nginx目录,四个目录: conf , html , logs , sbin

  • [ ] conf:nginx配置文件

  • [ ] html:主页样例文件

  • [ ] logs:站点日志

  • [ ] sbin:核心进程文件
[[email protected] nginx-1.12.1]# ls /usr/local/nginx
conf  html  logs  sbin

[[email protected] nginx-1.12.1]# ls /usr/local/nginx/conf
fastcgi.conf            koi-utf             nginx.conf           uwsgi_params
fastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.default
fastcgi_params          mime.types          scgi_params          win-utf
fastcgi_params.default  mime.types.default  scgi_params.default

[[email protected] nginx-1.12.1]# ls /usr/local/nginx/html
50x.html  index.html

[[email protected] nginx-1.12.1]# ls /usr/local/nginx/logs/

[[email protected] nginx-1.12.1]# ls /usr/local/nginx/sbin/
nginx
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx
/usr/local/nginx/sbin/nginx

测试配置语法错误nginx -t

[[email protected] nginx-1.12.1]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

3.Nginx配置

3.1 制作启动脚本

[[email protected] nginx-1.12.1]# vim /etc/init.d/nginx
//增加以下内容:

#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() 
{
    echo -n $"Starting $prog: "
    mkdir -p /dev/shm/nginx_temp
    daemon $NGINX_SBIN -c $NGINX_CONF
    RETVAL=$?
    echo
    return $RETVAL
}
stop() 
{
    echo -n $"Stopping $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -TERM
    rm -rf /dev/shm/nginx_temp
    RETVAL=$?
    echo
    return $RETVAL
}
reload()
{
    echo -n $"Reloading $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -HUP
    RETVAL=$?
    echo
    return $RETVAL
}
restart()
{
    stop
    start
}
configtest()
{
    $NGINX_SBIN -c $NGINX_CONF -t
    return 0
}
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  reload)
        reload
        ;;
  restart)
        restart
        ;;
  configtest)
        configtest
        ;;
  *)
        echo $"Usage: $0 {start|stop|reload|restart|configtest}"
        RETVAL=1
esac
exit $RETVAL

3.2 更改权限

chmod 755 /etc/init.d/nginx

3.3 配置开机启动

chkconfig --add nginx

chkconfig nginx on

[[email protected] nginx-1.12.1]# chmod 755 /etc/init.d/nginx

[[email protected] nginx-1.12.1]# chkconfig --add nginx

[[email protected] nginx-1.12.1]# chkconfig nginx on

3.4 编辑配置文件

cd /usr/local/nginx/conf/

mv nginx.conf nginx.conf.bak //不使用系统自带的配置模板,把自带的备份下

vim nginx.conf
//拷贝如下配置文件:

user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
    use epoll;
    worker_connections 6000;
}
http
{
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 3526;
    server_names_hash_max_size 4096;
    log_format combined_realip ‘$remote_addr $http_x_forwarded_for [$time_local]‘
    ‘ $host "$request_uri" $status‘
    ‘ "$http_referer" "$http_user_agent"‘;
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 30;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 8 4k;
    request_pool_size 4k;
    output_buffers 4 32k;
    postpone_output 1460;
    client_max_body_size 10m;
    client_body_buffer_size 256k;
    client_body_temp_path /usr/local/nginx/client_body_temp;
    proxy_temp_path /usr/local/nginx/proxy_temp;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    fastcgi_intercept_errors on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm 
    application/xml;
    server
    {
        listen 80;
        server_name localhost;
        index index.html index.htm index.php;
        root /usr/local/nginx/html;
        location ~ \.php$ 
        {
            include fastcgi_params;
            fastcgi_pass unix:/tmp/php-fcgi.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
        }    
    }
}

3.5 配置详解:

参考文章:http://www.okay686.cn/510.html

user nobody nobody; 运行服务的用户是谁

worker_processes 2;定义子进程的数量

worker_rlimit_nofile
51200;最多可以打开多少个文件

worker_connections 6000;允许最大的连接数

server; 下面对应的就是虚拟主机配置

server_name localhost;定义网站的域名

root /usr/local/nginx/html;定义网站的根目录

location ~ .php$;配置解析PHP

fastcgi_pass unix:/tmp/php-fcgi.sock;监听端口或者监听socket,通过此命令去执行

fastcgi_pass 127.0.0.1:9000;(或者携程这种方式,服务器IP地址+端口)

3.6 启动nginx服务

[[email protected] conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] conf]# /etc/init.d/nginx start
Starting nginx (via systemctl):                            [  确定  ]
[[email protected] conf]# ps aux |grep nginx
root     124541  0.0  0.0  20500   628 ?        Ss   00:11   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody   124542  0.0  0.1  25028  3508 ?        S    00:11   0:00 nginx: worker process
nobody   124543  0.0  0.1  25028  3248 ?        S    00:11   0:00 nginx: worker process
root     124553  0.0  0.0 112680   976 pts/0    S+   00:11   0:00 grep --color=auto nginx

3.7 curl localhost //本地测试 nginx

技术分享图片

vim /usr/local/nginx/html/1.php //编辑一个测试php页面

技术分享图片

[[email protected] conf]# curl localhost/1.php
this is nginx test page[[email protected] conf]# 

12.7 Nginx默认虚拟主机

在Nginx中也有默认虚拟主机,跟httpd类似,第一个被Nginx加载的虚拟主机就是默认主机,但和httpd不相同的地方是,它还有一个配置用来标记默认虚拟主机,也就是说,如果没有这个标记,第一个虚拟主机为默认虚拟主机。

1.编辑修改配置文件nginx.conf,增加一句: include vhost/*.conf;

[[email protected] ~]# cd /usr/local/nginx/conf/
[[email protected] conf]# vim /usr/local/nginx/conf/nginx.conf
 加入这行:include vhost/*.conf;

加入这行,意思是/usr/local/nginx/conf/vhost/下面所有以.conf结尾的文件都会加载,这样可以把所有虚拟主机配置文件放到vhost目录下面了

2.把server的定义删除,为方便后续实验

技术分享图片

技术分享图片

3.创建一个vhost的子目录

技术分享图片

[[email protected] conf]# pwd
/usr/local/nginx/conf
[[email protected] conf]# mkdir vhost
[[email protected] conf]# cd vhost/
[[email protected] vhost]# ls

[[email protected] vhost]# vim aaa.com.conf

4 创建创建vhost目录及配置文件and虚拟server

有这个default_server标记的就是默认虚拟主机

server
    {
        listen 80 default_server; //有这个default_server标记的就是默认虚拟主机
        server_name aaa.com;
        index index.html index.htm index.php;
        root /data/wwwroot/default;
    }

技术分享图片

5. 创建测试页面 index.html

[[email protected] vhost]# cd /data/wwwroot/default/
[[email protected] default]# ls
[[email protected] default]# vim index.html
[[email protected] default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

技术分享图片

6. 重载并测试

[[email protected] default]# /usr/local/nginx/sbin/nginx -s reload
[[email protected] default]# curl localhost
this is the default site.

7.访问aaa.com,访问没有定义过的域名,也会访问到aaa.com

[[email protected] default]# curl -x127.0.0.1:80 aaa.com
this is the default site.
[[email protected] default]# curl -x127.0.0.1:80 bbb.com
this is the default site.
[[email protected] default]# curl -x127.0.0.1:80 bbcb.com
this is the default site.
[[email protected] default]# tail /usr/local/nginx/conf/nginx.conf
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm 
    application/xml;
    include vhost/*.conf;
}

12.8 Nginx用户认证

1. 再创建一个新的虚拟主机

[[email protected] default]# cd /usr/local/nginx/conf/vhost/
[[email protected] vhost]# vim test.com.conf

server
{
   listen 80;                  
   server_name test.com;
   index index.html index.htm index.php;
   root /data/nginx/test.com;

   location /     //用户认证等信息
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;  //密码文件
     }
}

2. yum install -y httpd //安装httpd,也可以使用之前编译安装的apache2.4

[[email protected] vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd xavi //创建xavi用户
New password: 
Re-type new password: 
Adding password for user xavi

Apache方法:# /usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd xavi

再次创建一个新用户,不用再用-c了

[[email protected] vhost]# htpasswd /usr/local/nginx/conf/htpasswd user1
New password:
  • 查看密码文件
    [[email protected] vhost]# cat /usr/local/nginx/conf/htpasswd
    xavi:$apr1$mzzjFU/B$/il2XbQfytr2RPw/LuRdH0
    user1:$apr1$2tDxaHTk$Imu4zmH68YrUtK0h7l2.p.

    3.测试并重载配置

/usr/local/nginx/sbin/nginx -t

/usr/local/nginx/sbin/nginx -s reload

[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload

4.总结:两句核心配置语句,auth_basic打开认证,auth_basic_user_file指定用户密码文件。生成密码工具需要借助apache的htpasswd。Nginx不自带这个工具。

5.使用curl命令来验证

[[email protected] vhost]# curl -x127.0.0.1:80 test.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 13:47:04 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
//401状态码,说明访问需要验证

6.用户认证测试主机

[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

报错404,找到原料文件路径并未创建

[[email protected] vhost]# ls /data/nginx/test.com/
ls: 无法访问/data/nginx/test.com/: 没有那个文件或目录
[[email protected] vhost]# mkdir -p /data/nginx/test.com
[[email protected] vhost]# echo "test.com" > /data/nginx/test.com/index.html
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com

7.针对某个目录做用户认证,比如/admin,需要修改location后面的路径

有时候我们需要对某个访问目录或者页面进行认证,而不是全站。所以我们需要对配置文件进行更改:

[[email protected] vhost]# vim test.com.conf

server
{
   listen 80;
   server_name test.com;
   index index.html index.htm index.php;
   root /data/nginx/test.com;

   location /admin/
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

技术分享图片

[[email protected] vhost]# vim test.com.conf
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload

[[email protected] vhost]# curl -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

排故过程:对摸个目录做用户认证,该目录是有效的路径,实际存在,且目录下的测试文档index.html下需要编辑一定内容,方便查看测试结果

[[email protected] vhost]# curl -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# mkdir /data/nginx/test.com/admin
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# echo "test admin dir" > /data/nginx/test.com/admin/index.html
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
test admin dir

8. 针对某个特殊页面进行认证:


   location ~ admin.php
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

技术分享图片

* 重载配置文件 -t&-reload

[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload

测试

[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
test admin dir

排查错误:找到原因是没有创建admin.php文件

[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# vim /data/nginx/test.com/admin.php
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<?php
echo "this is a test for admin.php";

12.9 Nginx域名重定向

Nginx的域名重定向与httpd类似,但更容易理解
只要Apache能实现的功能,Nginx也全部可以实现。不然也不会有那么多企业使用nginx服务。

当我们站点有多个域名的时候,权重降低了,但是之前的域名已经被一部分人所依赖了,也不可能去通知大家新的站点,所以我们就会选择一个主域名其它的均302跳转过来!

1. 配置atorreid.com.conf

vim atorreid.com.conf

server
{
    listen 80 default_server;
    server_name atorreid.com xavi.com abc.com;
    index index.html index.htm index.php;
    root /data/nginx/www.torreid.com;
    if ($host != ‘torreid.com‘ ) {
        rewrite  ^/(.*)$  http://torreid.com/$1  permanent;

     location /
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

在Nginx配置在,server_name后面可以跟多个域名,permanent为永久重定向,相当于httpd的R=301.另外还有一个常用的redirect,相当于httpd的R=302.

-t && -s reload 测试并重载配置

[[email protected] vhost]# curl -x127.0.0.1:80 www.atorreid.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 15:03:15 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://torreid.com/index.html

以上是关于12.Nginx介绍,安装,配置默认虚拟主机,重定向的主要内容,如果未能解决你的问题,请参考以下文章

12.6 Nginx安装;12.7 Nginx默认虚拟主机;12.8 Nginx用户认证;12.9

12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.9 Nginx

十二周二次课 12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.

12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.9 Nginx

12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.9 Nginx域名重定向

Nginx安装默认虚拟主机用户认证nginx中PHP解析