Nginx_安装配置及常用命令，nginx安装配置

Nginx_安装配置及常用命令，nginx安装配置

Nginx启动关闭命令:

 

启动Nginx:

# cd /usr/local/nginx/sbin

# ./nginx

 

关闭nginx：

强制关闭: # ./nginx -s stop

快速关闭: # ./nginx -s quit

 

Nginx快速安装:

 

1. 安装 gcc

# yum install gcc-c++

2. 安装 PCRE pcre-devel 

# yum install -y pcre pcre-devel

3. 安装 zlib

# yum install -y zlib zlib-devel

4. 安装 OpenSSL

# yum install -y openssl openssl-devel

5. 查看最新版下载地址 (一般使用 Stable Version 稳定版)

https://nginx.org/en/download.html

6. 通过下载地址下载文件

# wget https://nginx.org/download/nginx-1.13.6.tar.gz

7. 解压文件

# tar -zxvf nginx-1.10.1.tar.gz

8. 进入解压后的文件目录

# cd nginx-1.13.6

9.执行配置. 

 

 

SSL证书模块, HTTP2 模块 (建议选这个, 模块比较齐全)

# ./configure --prefix=/usr/local/nginx --with-pcre --with-stream --with-stream_ssl_module --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-threads

 

安装时附带SSL证书模块, 如果没有ssl不能配置HTTPS

# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

 

 

10. 编译文件

# make

11.安装文件

# make install

12.启动nginx

# cd /usr/local/nginx/sbin/

# ./nginx
         

Nginx配置文件详解:

配置HTTPS 以及 HTTP 2.0

 

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    
    #配置Buffer大小
    proxy_buffer_size 128k;
    proxy_buffers   32 128k;
    proxy_busy_buffers_size 128k;

    #gzip  on;
    #配置缓存.
    proxy_temp_path /mnt/nginx_temp;
    proxy_cache_path /mnt/nginx_cache levels=1:2 keys_zone=cache_one:200m inactive=5d max_size=400m;
    proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;


    //配置大小
	proxy_buffer_size 128k;
	proxy_buffers   32 128k;
	proxy_busy_buffers_size 128k;

	server {
		listen 80;
		server_name www.brando.cn admin.brando.cn;	#访问域名
		rewrite ^(.*)$  https://$host$1 permanent;
	}
	server {
		listen 443 ssl http2;
		server_name www.brando.cn admin.brando.cn;
		
		ssl on;
		ssl_certificate /alidata/server/ssl/brando.cn.crt;	#ssl文件目录
		ssl_certificate_key /alidata/server/ssl/brando.cn.key;	#ssl文件目录

		#ssl优化配置.
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
		ssl_stapling on;
		ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
		ssl_prefer_server_ciphers on;
		ssl_session_cache shared:SSL:50m;
		ssl_session_timeout 10m;

		location / {
			proxy_set_header   X-Forwarded-Proto https;
			proxy_set_header   X-Real-IP $remote_addr;
			proxy_set_header   Host      $http_host;
			proxy_pass         http://127.0.0.1:8080;
			proxy_connect_timeout 1800s;
			proxy_send_timeout 1800s;
			proxy_read_timeout 1800s;
		}
	}
}

 

 

 

 

 

 

Nginx配置文件模板: