linux 安装配置nginx及常用命令，linux安装配置nginx

Nginx启动关闭命令:

 

启动Nginx:

# cd /usr/local/nginx/sbin

# ./nginx

 

关闭nginx：

强制关闭: # ./nginx -s stop

快速关闭: # ./nginx -s quit

 

Nginx快速安装:

1. 安装 gcc

# yum install gcc-c++

2. 安装 PCRE pcre-devel 

# yum install -y pcre pcre-devel

3. 安装 zlib

# yum install -y zlib zlib-devel

4. 安装 OpenSSL

# yum install -y openssl openssl-devel

5. 查看最新版下载地址 (一般使用 Stable Version 稳定版)

https://nginx.org/en/download.html

6. 通过下载地址下载文件

# wget https://nginx.org/download/nginx-1.13.6.tar.gz

7. 解压文件

# tar -zxvf nginx-1.10.1.tar.gz

8. 进入解压后的文件目录

# cd nginx-1.13.6

9.执行配置. 

 

SSL证书模块, HTTP2 模块 (建议选这个, 模块比较齐全)

# ./configure --prefix=/usr/local/nginx --with-pcre --with-stream --with-stream_ssl_module --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-threads

 

安装时附带SSL证书模块, 如果没有ssl不能配置HTTPS

# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

 

10. 编译文件

# make

11.安装文件

# make install

12.启动nginx

# cd /usr/local/nginx/sbin/

# ./nginx
         

Nginx配置文件详解:

配置HTTPS 以及 HTTP 2.0

server {

listen 80;

server_name www.brando.cn admin.brando.cn; #访问域名

rewrite ^(.*)$ https://$host$1 permanent;

}

server {

listen 443 ssl http2;

server_name www.brando.cn admin.brando.cn;


ssl on;

ssl_certificate /alidata/server/ssl/brando.cn.crt; #ssl文件目录

ssl_certificate_key /alidata/server/ssl/brando.cn.key; #ssl文件目录


#ssl优化配置.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_stapling on;

ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";

ssl_prefer_server_ciphers on;

ssl_session_cache shared:SSL:50m;

ssl_session_timeout 10m;


location / {

proxy_set_header X-Forwarded-Proto http;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header Host $http_host;

proxy_pass http://127.0.0.1:8080;

}

}

--------------------- 作者：BrandoLv 来源：CSDN 原文：https://blog.csdn.net/lyq19870515/article/details/78123106?utm_source=copy 版权声明：本文为博主原创文章，转载请附上博文链接！