linux系统LNMP的nginx、php配置(nginx部分),lnmpnginx
linux系统LNMP的nginx、php配置(nginx部分),lnmpnginx
LNMP的nginx、php配置(nginx部分)
一、nginx配置文件/usr/local/nginx/conf/nginx.conf
清空nginx.conf,将下面的配置拷贝进去:
user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip 'remote_addr $http_x_forwarded_for [$time_local]' '$host "$request_uri" $status' '"$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm applicationxml; ##配置虚拟机 server { listen 80; server_name localhost; index index.html index.htm index.php; root /usr/local/nginx/html; location ~ \.php$ { include fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } } }
虚拟机配置server可以单独在conf/vhosts/下单独建vhosts.conf进行配置,然后在nginx.conf里加入:
include /vhosts/*.conf
验证、重新加载nginx:
/usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload
此时,在浏览器里进行访问:
二、将之前lamp搭建的discuz迁移到nginx上运行:
cd /usr/local/nginx/conf/vhosts cp vhosts.conf discuz.conf vi discuz.conf /usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload
此时就可以访问原来的discuz了:
三、php-fpm的配置
配置文件路径:/usr/local/php-fpm/etc/php-fpm.conf,清空后,粘贴下面的代码:
[global] pid = /usr/local/php-fpm/var/run/php-fpm.pid error_log = /usr/local/php-fpm/var/log/php-fpm.log [www] //一个站点对应一个池子,监听端口也不同 listen = 127.0.0.1:9000 ;listen = /tmp/php-fcgi.sock user = php-fpm group = php-fpm listen.owner = nobody listen.group = nobody pm = dynamic //动态进程数,如指定static,则有pm.max_children指定固定子进程数 pm.max_children = 50 //子进程最大数 pm.start_servers = 20 //启动时,子进程数 pm.min_spare_servers = 5 //保证空闲进程最小值,空闲进程低于此值则增加新子进程 pm.max_spare_servers = 35 //保证空闲进程最大值,空闲进程高于此值则进行 清理 pm.max_requests = 500 rlimit_files = 1024 slowlog = /usr/local/php-fpm/var/log/slow.log //定义慢查询日志路径 request_slowlog_timeout = 1 //定义超时时间 php_admin_value[open_basedir]=/data/www:/tmp/ //定义opne_basedir [www1] listen = 127.0.0.1:9001 ;listen = /tmp/php-fcgi.sock user = php-fpm group = php-fpm listen.owner = nobody listen.group = nobody pm = dynamic pm.max_children = 50 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 rlimit_files = 1024
四、nginx高级配置
1.配置第二个虚拟主机
可以直接在nginx.conf加入
include vhosts/*.conf;
这样,就可以直接在/conf/vhosts目录下创建其他的虚拟主机配置文件。
2.设置默认虚拟主机
虚拟主机配置文件中修改这一行就可以了,在浏览器中输入ip访问,会直接访问这个默认虚拟主机;
listen 80 default_server;
3.用户认证
因为要使用htpasswd,所以首先要安装apache,直接使用yum install httpd安装,就可以使用htpasswd:
/usr/bin/htpasswd -c /usr/local/nginx/conf/.htpasswd weix
在nginx的配置文件增加:
location / { root /data/www; auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/.htpasswd; }
4、域名重定向
在nginx的配置文件增加:
if ($host != 'www.1.com'){ rewrite ^/(.*)$ http://www.1.com/$1 permanent; }
5、日志切割
配置日志:
在对应虚拟服务器配置文件discuz.conf中加入:
access_log /home/logs/discuz.log combined_realip;
其中combined_realip是已经在nginx.conf中定义的日志格式;
编写shell:
vim /usr/local/sbin/logrotate.sh
#!/bin/bash d=`date -d "-1 day" +%Y%m%d` /bin/mv /home/logs/discuz.log /home/logs/discuz_$d.log /etc/init.d/nginx - reload >/dev/null 2>/dev/null cd /home/logs gzip discuz_$d.log
将脚本加入计划任务,就可以每天分割日志并进行压缩了;
6、静态文件不记录日志,配置缓存
编辑对应的虚拟机配置文件,加入如下代码:
loation ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; access_log off; } location ~ .*\.(js|css)?$ { expires 12h; access_log off; }
7、防盗链
编辑虚拟主机配置文件,加入如下代码,注意,location只会匹配一次,gif、jpg等如果另外定义了不记录日志,防盗链如果在后面会导致防盗链失效,所以,配置的时候要和其他针对这些文件操作的写在一起,例如截图中,就多加了两行对日志和缓存时间的定义;
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls|)$ { valid_referers none blocked server_names *.1.com *.a.com *.b.com *.baidu.com *.soso.com *.google.com *.google.cn ; if ($invalid_referer){ return 403; #rewrite ^/ http:/www.example.com/nophoto.gif; } }
评论暂时关闭