linux系统LNMP的nginx、php配置(nginx部分),lnmpnginx
linux系统LNMP的nginx、php配置(nginx部分),lnmpnginx
LNMP的nginx、php配置(nginx部分)
一、nginx配置文件/usr/local/nginx/conf/nginx.conf
清空nginx.conf,将下面的配置拷贝进去:
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip 'remote_addr $http_x_forwarded_for [$time_local]' '$host "$request_uri" $status' '"$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm applicationxml;
##配置虚拟机
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
虚拟机配置server可以单独在conf/vhosts/下单独建vhosts.conf进行配置,然后在nginx.conf里加入:
include /vhosts/*.conf
验证、重新加载nginx:
/usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload
此时,在浏览器里进行访问:
二、将之前lamp搭建的discuz迁移到nginx上运行:
cd /usr/local/nginx/conf/vhosts cp vhosts.conf discuz.conf vi discuz.conf /usr/local/nginx/sbin/nginx -t /usr/local/nginx/sbin/nginx -s reload
此时就可以访问原来的discuz了:
三、php-fpm的配置
配置文件路径:/usr/local/php-fpm/etc/php-fpm.conf,清空后,粘贴下面的代码:
[global] pid = /usr/local/php-fpm/var/run/php-fpm.pid error_log = /usr/local/php-fpm/var/log/php-fpm.log [www] //一个站点对应一个池子,监听端口也不同 listen = 127.0.0.1:9000 ;listen = /tmp/php-fcgi.sock user = php-fpm group = php-fpm listen.owner = nobody listen.group = nobody pm = dynamic //动态进程数,如指定static,则有pm.max_children指定固定子进程数 pm.max_children = 50 //子进程最大数 pm.start_servers = 20 //启动时,子进程数 pm.min_spare_servers = 5 //保证空闲进程最小值,空闲进程低于此值则增加新子进程 pm.max_spare_servers = 35 //保证空闲进程最大值,空闲进程高于此值则进行 清理 pm.max_requests = 500 rlimit_files = 1024 slowlog = /usr/local/php-fpm/var/log/slow.log //定义慢查询日志路径 request_slowlog_timeout = 1 //定义超时时间 php_admin_value[open_basedir]=/data/www:/tmp/ //定义opne_basedir [www1] listen = 127.0.0.1:9001 ;listen = /tmp/php-fcgi.sock user = php-fpm group = php-fpm listen.owner = nobody listen.group = nobody pm = dynamic pm.max_children = 50 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 rlimit_files = 1024
四、nginx高级配置
1.配置第二个虚拟主机
可以直接在nginx.conf加入
include vhosts/*.conf;
这样,就可以直接在/conf/vhosts目录下创建其他的虚拟主机配置文件。
2.设置默认虚拟主机
虚拟主机配置文件中修改这一行就可以了,在浏览器中输入ip访问,会直接访问这个默认虚拟主机;
listen 80 default_server;
3.用户认证
因为要使用htpasswd,所以首先要安装apache,直接使用yum install httpd安装,就可以使用htpasswd:
/usr/bin/htpasswd -c /usr/local/nginx/conf/.htpasswd weix
在nginx的配置文件增加:
location / {
root /data/www;
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/.htpasswd;
}
4、域名重定向
在nginx的配置文件增加:
if ($host != 'www.1.com'){
rewrite ^/(.*)$ http://www.1.com/$1 permanent;
}
5、日志切割
配置日志:
在对应虚拟服务器配置文件discuz.conf中加入:
access_log /home/logs/discuz.log combined_realip;
其中combined_realip是已经在nginx.conf中定义的日志格式;
编写shell:
vim /usr/local/sbin/logrotate.sh
#!/bin/bash d=`date -d "-1 day" +%Y%m%d` /bin/mv /home/logs/discuz.log /home/logs/discuz_$d.log /etc/init.d/nginx - reload >/dev/null 2>/dev/null cd /home/logs gzip discuz_$d.log
将脚本加入计划任务,就可以每天分割日志并进行压缩了;
6、静态文件不记录日志,配置缓存
编辑对应的虚拟机配置文件,加入如下代码:
loation ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$
{
expires 12h;
access_log off;
}
7、防盗链
编辑虚拟主机配置文件,加入如下代码,注意,location只会匹配一次,gif、jpg等如果另外定义了不记录日志,防盗链如果在后面会导致防盗链失效,所以,配置的时候要和其他针对这些文件操作的写在一起,例如截图中,就多加了两行对日志和缓存时间的定义;
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls|)$ {
valid_referers none blocked server_names *.1.com *.a.com *.b.com *.baidu.com *.soso.com *.google.com *.google.cn ;
if ($invalid_referer){
return 403;
#rewrite ^/ http:/www.example.com/nophoto.gif;
}
}
评论暂时关闭