Nginx_安装配置及常用命令,nginx安装配置
Nginx_安装配置及常用命令,nginx安装配置
Nginx启动关闭命令:
启动Nginx:
# cd /usr/local/nginx/sbin
# ./nginx
关闭nginx:
强制关闭: # ./nginx -s stop
快速关闭: # ./nginx -s quit
Nginx快速安装:
1. 安装 gcc
# yum install gcc-c++
2. 安装 PCRE pcre-devel
# yum install -y pcre pcre-devel
3. 安装 zlib
# yum install -y zlib zlib-devel
4. 安装 OpenSSL
# yum install -y openssl openssl-devel
5. 查看最新版下载地址 (一般使用 Stable Version 稳定版)
https://nginx.org/en/download.html
6. 通过下载地址下载文件
# wget https://nginx.org/download/nginx-1.13.6.tar.gz
7. 解压文件
# tar -zxvf nginx-1.10.1.tar.gz
8. 进入解压后的文件目录
# cd nginx-1.13.6
9.执行配置.
SSL证书模块, HTTP2 模块 (建议选这个, 模块比较齐全)
# ./configure --prefix=/usr/local/nginx --with-pcre --with-stream --with-stream_ssl_module --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-threads
安装时附带SSL证书模块, 如果没有ssl不能配置HTTPS
# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
10. 编译文件
# make
11.安装文件
# make install
12.启动nginx
# cd /usr/local/nginx/sbin/
# ./nginx
Nginx配置文件详解:
配置HTTPS 以及 HTTP 2.0
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#配置Buffer大小
proxy_buffer_size 128k;
proxy_buffers 32 128k;
proxy_busy_buffers_size 128k;
#gzip on;
#配置缓存.
proxy_temp_path /mnt/nginx_temp;
proxy_cache_path /mnt/nginx_cache levels=1:2 keys_zone=cache_one:200m inactive=5d max_size=400m;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
//配置大小
proxy_buffer_size 128k;
proxy_buffers 32 128k;
proxy_busy_buffers_size 128k;
server {
listen 80;
server_name www.brando.cn admin.brando.cn; #访问域名
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl http2;
server_name www.brando.cn admin.brando.cn;
ssl on;
ssl_certificate /alidata/server/ssl/brando.cn.crt; #ssl文件目录
ssl_certificate_key /alidata/server/ssl/brando.cn.key; #ssl文件目录
#ssl优化配置.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_stapling on;
ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 10m;
location / {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8080;
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
}
}
}
Nginx配置文件模板:
评论暂时关闭