四十七、Nginx安装、Nginx默认虚拟主机、Nginx用户认证、Nginx域名重定向
一、Nginx安装
# cd /usr/local/src/
# wget http://nginx.org/download/nginx-1.8.0.tar.gz
# tar zxf nginx-1.8.0.tar.gz
# cd nginx-1.8.0/
# ./configure --prefix=/usr/local/nginx //根据需求编译
# make && make install
# ls /usr/local/nginx/
conf html logs sbin
conf:配置文件目录。
html:样例文件。
logs:存放日志。
sbin:存放的nginx。nginx:核心进程文件,绿色。
检查配置文件是否错误:-t:/usr/local/nginx/sbin/nginx -t
# vim /etc/init.d/nginx 做一个启动脚本
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
# chmod 755 /etc/init.d/nginx
# chkconfig --add nginx
# chkconfig nginx on
# mv nginx.conf nginx.conf.1
[root@MRX conf]# vim nginx.conf
user nobody nobody; //启动用户
worker_processes 2; //定义子进程数量
error_log /usr/local/nginx/logs/nginx_error.log crit; //错误日志
pid /usr/local/nginx/logs/nginx.pid; //pid
worker_rlimit_nofile 51200; //定义nginx最多打开多少个文件
events
{
use epoll; //使用epoll模式
worker_connections 6000; //进程最大连接数
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server //每个server对应着 一个虚拟主机
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html; //网站根目录
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock; //指定监听的端口或者socket
#fastcql_pass 127.0.0.1:9000
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
# /usr/local/nginx/sbin/nginx -t //检查错误
# /etc/init.d/nginx start
二、Nginx默认虚拟主机
进入配置文件# vim /usr/local/nginx/conf/nginx.conf
先将application/xml;下的server一段删除
application/xml;
include vhost/*.conf; 再加上这行,定义默认虚拟主机根目录
# pwd
▽usr/local/nginx/conf
[root@MRX conf]# mkdir vhost
[root@MRX conf]# cd vhost/
[root@MRX vhost]# vim aaa.com.conf
server
{
listen 80 default_server; //有default_server标记的就代表默认虚拟主机
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default; 定义它的位置
}
# mkdir /data/wwwroot/default
[root@MRX vhost]# cd /data/wwwroot/default/
[root@MRX default]# vim index.html
This is the defaule site.
# /usr/local/nginx/sbin/nginx -t
检查如果有错误会显示emerg,正确会显示is ok。更改完以后就做个-t的操作。
# /etc/init.d/nginx restart //重启Nginx
# /usr/local/nginx/sbin/nginx -s reload //重新加载配置文件
# curl localhost
This is the defaule site.
[root@MRX default]# curl -x 127.0.0.1:80 aaa.com 随便域名
This is the defaule site.
[root@MRX vhost]# ls
aaa.com.conf abc.conf
1.Nginx在找默认虚拟主机的时候,会找这个目录下靠前的,谁是第一个,谁就是默认虚拟主机
2.加上default_server标记位,谁就是默认虚拟主机。
知识点:Nginx支持include这样的语法。
三、Nginx用户认证
[root@MRX vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location /
{
auth_basic "Auth"; 定义用户认证的名字
auth_basic_user_file /usr/local/nginx/conf/htpasswd; 用户名密码文件
}
}
# /usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd MRX
New password:
Re-type new password:
Adding password for user MRX
/usr/local/apache2.4/bin/htpasswd 用Apache的这个htpasswd工具可以生成,如果没安装,就安装一个httpd就可以使用这个工具了。yum install -y httpd。
[root@MRX vhost]# cat /usr/local/nginx/conf/htpasswd
MRX:$apr1$D/EbdvHc$mPWRNLjYlZClwbQa407j6/
[root@MRX vhost]# /usr/local/apache2.4/bin/htpasswd /usr/local/nginx/conf/htpasswd user1 //第二次不加-c,否则会重置
New password:
Re-type new password:
Adding password for user user1
[root@MRX vhost]# !cat
cat /usr/local/nginx/conf/htpasswd
MRX:$apr1$D/EbdvHc$mPWRNLjYlZClwbQa407j6/
user1:$apr1$s9KlfZPl$gYV/6BqT/6OaCneRuYknb0
[root@MRX vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@MRX vhost]# /usr/local/nginx/sbin/nginx -s reload
# curl -u MRX -x127.0.0.1:80 test.com
Enter host password for user 'MRX':
404 Not Found
[root@MRX vhost]# mkdir /data/wwwroot/test.com
[root@MRX vhost]# echo "test.com" > /data/wwwroot/test.com/index.html
[root@MRX vhost]# curl -u MRX -x127.0.0.1:80 test.com
Enter host password for user 'MRX':
test.com
如果想定义哪个文件或者目录,直接在配置文件test.com.conf里的location后增加,location /admin/。
# mkdir /data/wwwroot/test.com/admin
[root@MRX vhost]# echo "test com dir" > /data/wwwroot/test.com/admin/index.html
# curl -x127.0.0.1:80 test.com/admin/
401 Authorization Required
# curl -uMRX -x127.0.0.1:80 test.com/admin/
Enter host password for user 'MRX':
test com dir
如果想定义哪个URL,在配置文件test.com.conf里的location后更改为location ~ admin.php
[root@MRX vhost]# vim test.com.conf
location ~ admin.php
# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@MRX vhost]# /usr/local/nginx/sbin/nginx -s reload
[root@MRX vhost]# curl -x127.0.0.1:80 test.com/admin/
test com dir
[root@MRX vhost]# curl -x127.0.0.1:80 test.com/admin.php
401 Authorization Required
总结:
location / 全部
location /admin/ 针对一个目录
location ~ admin.php 匹配,针对一个URL
四、Nginx域名重定向
更改test.com.conf,红色为新增。
server
{
listen 80;
server_name test.com test2.com test3.com; //Nginx的这个选项可以跟多个别的域名
index index.html index.htm index.php;
root /data/wwwroot/test.com;
if ($host != 'test.com' ) {
rewrite http://$host/(.*)$ http://test.com/$1 permanent;
} //这条规则是将权重改变
location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
http://$host/(.*)$ http://test.com/$1这句可以改为^/(.*)$ http://test.com/$1
表示以什么什么开头。
$1表示第一个括号内。
permanent是301的意思。
redirect:可改为这选项,302的意思。
此处先将用户认证的段删除了。
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
[root@MRX vhost]# curl -x 127.0.0.1:80 test2.com/admin/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.8.0
Date: Wed, 25 Apr 2018 01:11:52 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://test.com/admin/index.html
[root@MRX vhost]# curl -x 127.0.0.1:80 test4.com/admin/index.html -I
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Wed, 25 Apr 2018 01:14:26 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
扩展
nginx.conf 配置详解 http://www.ha97.com/5194.htmlhttp://my.oschina.net/duxuefeng/blog/34880
nginx rewrite四种flag http://www.netingcn.com/nginx-rewrite-flag.htmlhttp://unixman.blog.51cto.com/10163040/1711943