12.Nginx介绍,安装,配置默认虚拟主机,重定向
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了12.Nginx介绍,安装,配置默认虚拟主机,重定向相关的知识,希望对你有一定的参考价值。
[toc]
12.5 nginx介绍
官网:nginx.org
因为nginx处理静态文件的能力要比apache好很多,所以很多企业在建站的时候一般都是用java写的,然后会选择tomcat,但是tomcat处理静态文件的能力不是太好就会叠加选择nginx。
nginx特点:
体积小
处理能力强
并发高
可扩展性好
Nginx应用场景:
web服务
反向代理
负载均衡
Nginx著名分支,淘宝基于Nginx开发的Tengine,使用上和Nginx一致,服务名,配置文件名都一样,和Nginx的最大区别在于Tenging增加了一些定制化模块,在安全限速方面表现突出,另外它支持对js,css合并
Nginx核心+lua(开发语言)相关的组件和模块组成了一个支持lua的高性能web容器openresty,参考http://jinnianshilongnian.iteye.com/blog/2280928
12.6 下载配置安装Nginx
1.下载解压
[[email protected] php-5.6.30]# cd /usr/local/src
[[email protected] src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz
[[email protected] src]# tar zvxf nginx-1.12.1.tar.gz
2.进入安装源码包,配置,make&make install
[[email protected] src]# cd nginx-1.12.1/
[[email protected] nginx-1.12.1]# ./configure --prefix=/usr/local/nginx
Nginx目录,四个目录: conf , html , logs , sbin
-
[ ] conf:nginx配置文件
-
[ ] html:主页样例文件
-
[ ] logs:站点日志
- [ ] sbin:核心进程文件
[[email protected] nginx-1.12.1]# ls /usr/local/nginx
conf html logs sbin
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/conf
fastcgi.conf koi-utf nginx.conf uwsgi_params
fastcgi.conf.default koi-win nginx.conf.default uwsgi_params.default
fastcgi_params mime.types scgi_params win-utf
fastcgi_params.default mime.types.default scgi_params.default
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/html
50x.html index.html
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/logs/
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/sbin/
nginx
[[email protected] nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx
/usr/local/nginx/sbin/nginx
测试配置语法错误nginx -t
[[email protected] nginx-1.12.1]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
3.Nginx配置
3.1 制作启动脚本
[[email protected] nginx-1.12.1]# vim /etc/init.d/nginx
//增加以下内容:
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
3.2 更改权限
chmod 755 /etc/init.d/nginx
3.3 配置开机启动
chkconfig --add nginx
chkconfig nginx on
[[email protected] nginx-1.12.1]# chmod 755 /etc/init.d/nginx
[[email protected] nginx-1.12.1]# chkconfig --add nginx
[[email protected] nginx-1.12.1]# chkconfig nginx on
3.4 编辑配置文件
cd /usr/local/nginx/conf/
mv nginx.conf nginx.conf.bak //不使用系统自带的配置模板,把自带的备份下
vim nginx.conf
//拷贝如下配置文件:
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip ‘$remote_addr $http_x_forwarded_for [$time_local]‘
‘ $host "$request_uri" $status‘
‘ "$http_referer" "$http_user_agent"‘;
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
3.5 配置详解:
参考文章:http://www.okay686.cn/510.html
user nobody nobody; 运行服务的用户是谁
worker_processes 2;定义子进程的数量
worker_rlimit_nofile
51200;最多可以打开多少个文件worker_connections 6000;允许最大的连接数
server; 下面对应的就是虚拟主机配置
server_name localhost;定义网站的域名
root /usr/local/nginx/html;定义网站的根目录
location ~ .php$;配置解析PHP
fastcgi_pass unix:/tmp/php-fcgi.sock;监听端口或者监听socket,通过此命令去执行
fastcgi_pass 127.0.0.1:9000;(或者携程这种方式,服务器IP地址+端口)
3.6 启动nginx服务
[[email protected] conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] conf]# /etc/init.d/nginx start
Starting nginx (via systemctl): [ 确定 ]
[[email protected] conf]# ps aux |grep nginx
root 124541 0.0 0.0 20500 628 ? Ss 00:11 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 124542 0.0 0.1 25028 3508 ? S 00:11 0:00 nginx: worker process
nobody 124543 0.0 0.1 25028 3248 ? S 00:11 0:00 nginx: worker process
root 124553 0.0 0.0 112680 976 pts/0 S+ 00:11 0:00 grep --color=auto nginx
3.7 curl localhost //本地测试 nginx
vim /usr/local/nginx/html/1.php //编辑一个测试php页面
[[email protected] conf]# curl localhost/1.php
this is nginx test page[[email protected] conf]#
12.7 Nginx默认虚拟主机
在Nginx中也有默认虚拟主机,跟httpd类似,第一个被Nginx加载的虚拟主机就是默认主机,但和httpd不相同的地方是,它还有一个配置用来标记默认虚拟主机,也就是说,如果没有这个标记,第一个虚拟主机为默认虚拟主机。
1.编辑修改配置文件nginx.conf,增加一句: include vhost/*.conf;
[[email protected] ~]# cd /usr/local/nginx/conf/
[[email protected] conf]# vim /usr/local/nginx/conf/nginx.conf
加入这行:include vhost/*.conf;
加入这行,意思是/usr/local/nginx/conf/vhost/下面所有以.conf结尾的文件都会加载,这样可以把所有虚拟主机配置文件放到vhost目录下面了
2.把server的定义删除,为方便后续实验
3.创建一个vhost的子目录
[[email protected] conf]# pwd
/usr/local/nginx/conf
[[email protected] conf]# mkdir vhost
[[email protected] conf]# cd vhost/
[[email protected] vhost]# ls
[[email protected] vhost]# vim aaa.com.conf
4 创建创建vhost目录及配置文件and虚拟server
有这个default_server标记的就是默认虚拟主机
server
{
listen 80 default_server; //有这个default_server标记的就是默认虚拟主机
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}
5. 创建测试页面 index.html
[[email protected] vhost]# cd /data/wwwroot/default/
[[email protected] default]# ls
[[email protected] default]# vim index.html
[[email protected] default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
6. 重载并测试
[[email protected] default]# /usr/local/nginx/sbin/nginx -s reload
[[email protected] default]# curl localhost
this is the default site.
7.访问aaa.com,访问没有定义过的域名,也会访问到aaa.com
[[email protected] default]# curl -x127.0.0.1:80 aaa.com
this is the default site.
[[email protected] default]# curl -x127.0.0.1:80 bbb.com
this is the default site.
[[email protected] default]# curl -x127.0.0.1:80 bbcb.com
this is the default site.
[[email protected] default]# tail /usr/local/nginx/conf/nginx.conf
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include vhost/*.conf;
}
12.8 Nginx用户认证
1. 再创建一个新的虚拟主机
[[email protected] default]# cd /usr/local/nginx/conf/vhost/
[[email protected] vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
location / //用户认证等信息
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd; //密码文件
}
}
2. yum install -y httpd //安装httpd,也可以使用之前编译安装的apache2.4
[[email protected] vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd xavi //创建xavi用户
New password:
Re-type new password:
Adding password for user xavi
Apache方法:# /usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd xavi
再次创建一个新用户,不用再用-c了
[[email protected] vhost]# htpasswd /usr/local/nginx/conf/htpasswd user1
New password:
- 查看密码文件
[[email protected] vhost]# cat /usr/local/nginx/conf/htpasswd xavi:$apr1$mzzjFU/B$/il2XbQfytr2RPw/LuRdH0 user1:$apr1$2tDxaHTk$Imu4zmH68YrUtK0h7l2.p.
3.测试并重载配置
/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx -s reload
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
4.总结:两句核心配置语句,auth_basic打开认证,auth_basic_user_file指定用户密码文件。生成密码工具需要借助apache的htpasswd。Nginx不自带这个工具。
5.使用curl命令来验证
[[email protected] vhost]# curl -x127.0.0.1:80 test.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 13:47:04 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
//401状态码,说明访问需要验证
6.用户认证测试主机
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
报错404,找到原料文件路径并未创建
[[email protected] vhost]# ls /data/nginx/test.com/
ls: 无法访问/data/nginx/test.com/: 没有那个文件或目录
[[email protected] vhost]# mkdir -p /data/nginx/test.com
[[email protected] vhost]# echo "test.com" > /data/nginx/test.com/index.html
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
7.针对某个目录做用户认证,比如/admin,需要修改location后面的路径
有时候我们需要对某个访问目录或者页面进行认证,而不是全站。所以我们需要对配置文件进行更改:
[[email protected] vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
location /admin/
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
[[email protected] vhost]# vim test.com.conf
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
[[email protected] vhost]# curl -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
排故过程:对摸个目录做用户认证,该目录是有效的路径,实际存在,且目录下的测试文档index.html下需要编辑一定内容,方便查看测试结果
[[email protected] vhost]# curl -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# mkdir /data/nginx/test.com/admin
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# echo "test admin dir" > /data/nginx/test.com/admin/index.html
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
test admin dir
8. 针对某个特殊页面进行认证:
location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
* 重载配置文件 -t&-reload
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
测试
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/
test admin dir
排查错误:找到原因是没有创建admin.php文件
[[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[[email protected] vhost]# vim /data/nginx/test.com/admin.php
[[email protected] vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<?php
echo "this is a test for admin.php";
12.9 Nginx域名重定向
Nginx的域名重定向与httpd类似,但更容易理解
只要Apache能实现的功能,Nginx也全部可以实现。不然也不会有那么多企业使用nginx服务。
当我们站点有多个域名的时候,权重降低了,但是之前的域名已经被一部分人所依赖了,也不可能去通知大家新的站点,所以我们就会选择一个主域名其它的均302跳转过来!
1. 配置atorreid.com.conf
vim atorreid.com.conf
server
{
listen 80 default_server;
server_name atorreid.com xavi.com abc.com;
index index.html index.htm index.php;
root /data/nginx/www.torreid.com;
if ($host != ‘torreid.com‘ ) {
rewrite ^/(.*)$ http://torreid.com/$1 permanent;
location /
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
在Nginx配置在,server_name后面可以跟多个域名,permanent为永久重定向,相当于httpd的R=301.另外还有一个常用的redirect,相当于httpd的R=302.
-t && -s reload 测试并重载配置
[[email protected] vhost]# curl -x127.0.0.1:80 www.atorreid.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 15:03:15 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://torreid.com/index.html
以上是关于12.Nginx介绍,安装,配置默认虚拟主机,重定向的主要内容,如果未能解决你的问题,请参考以下文章
12.6 Nginx安装;12.7 Nginx默认虚拟主机;12.8 Nginx用户认证;12.9
12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.9 Nginx
十二周二次课 12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.
12.6 Nginx安装 12.7 默认虚拟主机 12.8 Nginx用户认证 12.9 Nginx