Nginx-1.12.2编译安装

Nginx的概述

Nginx是一个高性能的HTTP和反向代理服务器，也是一个IMAP/POP3/SMTP服务器。Nginx是由伊戈尔·赛索耶夫为俄罗斯访问量第二的Rambler.ru站点开发的，第一个公开版本0.1.0发布于2004年10月4日。

Nginx是一款轻量级的Web服务器/反向代理服务器及电子邮件（IMAP/POP3）代理服务器，并在一个BSD-like协议下发行。其特点是占有内存少，并发能力强，事实上Nginx的并发能力确实在同类型的网页服务器中表现较好，中国大陆使用Nginx网站用户有：百度、京东、新浪、网易、腾讯、淘宝等。

Nginx官方网站
Nginx官方文档

Nginx安装配置

环境规划

序号	主机名	IP地址	描述	系统版本
1	linux-node1	eth0:192.168.56.11	Web服务器	CentOS Linux release 7.2

系统优化

• 关闭selinux和iptables

[root@linux-node1 ~]# setenforce 0
[root@linux-node1 ~]# getenforce
Disabled
[root@linux-node1 ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux

[root@linux-node1 ~]# systemctl disable firewalld
[root@linux-node1 ~]# systemctl stop firewalld

• 同步网络时间服务器

[root@linux-node1 ~]# ntpdate 0.pool.ntp.org
10 Jan 12:38:28 ntpdate[2446]: adjust time server 120.25.115.20 offset 0.048309 sec
[root@linux-node1 ~]# hwclock
Wed 10 Jan 2018 08:31:31 PM CST -0.944430 seconds
[root@linux-node1 ~]# crontab -e
####Synchronization Network Time Server####
*/5 * * * * /usr/sbin/ntpdate 0.pool.ntp.org &>/dev/null
[root@linux-node1 ~]# crontab -l
####Synchronization Network Time Server####
*/5 * * * * /usr/sbin/ntpdate 0.pool.ntp.org &>/dev/null

• 安装相关依赖包

[root@linux-node1 ~]# yum -y install gcc gcc-c++ zlib-devel gd-devel

安装依赖软件

• 安装pcre支持正则表达式

[root@linux-node1 ~]# tar xvfz pcre-8.39.tar.gz -C /usr/local/src/
[root@linux-node1 ~]# cd /usr/local/src/pcre-8.39/
[root@linux-node1 pcre-8.39]# ./configure --prefix=/usr/local/pcre-8.39
[root@linux-node1 pcre-8.39]# make && make install
[root@linux-node1 pcre-8.39]# ln -s /usr/local/pcre-8.39/ /usr/local/pcre
[root@linux-node1 pcre-8.39]# ls -l /usr/local/pcre
lrwxrwxrwx 1 root root 21 Feb  9 16:57 /usr/local/pcre -> /usr/local/pcre-8.39/

• 安装openssl支持加密访问

[root@linux-node1 ~]# tar xvfz openssl-1.0.2a.tar.gz -C /usr/local/src/
[root@linux-node1 ~]# cd /usr/local/src/openssl-1.0.2a/
[root@linux-node1 openssl-1.0.2a]# ./config --prefix=/usr/local/openssl-1.0.2a
[root@linux-node1 openssl-1.0.2a]# make && make install
[root@linux-node1 openssl-1.0.2a]# ln -s /usr/local/openssl-1.0.2a/ /usr/local/openssl
[root@linux-node1 openssl-1.0.2a]# ls -l /usr/local/openssl
lrwxrwxrwx 1 root root 26 Feb  9 17:01 /usr/local/openssl -> /usr/local/openssl-1.0.2a/

• 安装zlib支持压缩

[root@linux-node1 ~]# tar xvfz zlib-1.2.7.tar.gz -C /usr/local/src/
[root@linux-node1 ~]# cd /usr/local/src/zlib-1.2.7/
[root@linux-node1 zlib-1.2.7]# ./configure --prefix=/usr/local/zlib-1.2.7
[root@linux-node1 zlib-1.2.7]# make && make install
[root@linux-node1 zlib-1.2.7]# ln -s /usr/local/zlib-1.2.7/ /usr/local/zlib
[root@linux-node1 zlib-1.2.7]# ls -l /usr/local/zlib
lrwxrwxrwx 1 root root 22 Feb  9 17:03 /usr/local/zlib -> /usr/local/zlib-1.2.7/

• 安装geoip支持按地域访问

[root@linux-node1 ~]# tar xvfz GeoIP-1.6.11.tar.gz -C /usr/local/src/
[root@linux-node1 ~]# cd /usr/local/src/GeoIP-1.6.11/
[root@linux-node1 GeoIP-1.6.11]# ./configure
[root@linux-node1 GeoIP-1.6.11]# make && make install
[root@linux-node1 GeoIP-1.6.11]# echo "/usr/local/lib" > /etc/ld.so.conf.d/geoip.conf
[root@linux-node1 GeoIP-1.6.11]# tail -1 /etc/ld.so.conf.d/geoip.conf
/usr/local/lib
[root@linux-node1 GeoIP-1.6.11]# ldconfig

安装Nginx

• 创建nginx运行用户www

[root@linux-node1 ~]# groupadd -g 60000 www
[root@linux-node1 ~]# useradd -u 60000 -g www -c "Run The Nginx Service" -s /sbin/nologin -M www
[root@linux-node1 ~]# id www
uid=60000(www) gid=60000(www) groups=60000(www)
[root@linux-node1 ~]# grep "\bwww\b" /etc/passwd
www:x:60000:60000:Run The Nginx Service:/home/www:/sbin/nologin

• 安装nginx

[root@linux-node1 ~]# tar xvfz nginx-1.12.2.tar.gz -C /usr/local/src/
[root@linux-node1 ~]# cd /usr/local/src/nginx-1.12.2/
[root@linux-node1 nginx-1.12.2]# ./configure \
--prefix=/usr/local/nginx-1.12.2 \
--sbin-path=/usr/local/nginx-1.12.2/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=www \
--group=www \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_image_filter_module \
--with-http_geoip_module \
--with-pcre=/usr/local/src/pcre-8.39/ \
--with-zlib=/usr/local/src/zlib-1.2.7/ \
--with-openssl=/usr/local/src/openssl-1.0.2a/
[root@linux-node1 nginx-1.12.2]# make && make install
[root@linux-node1 nginx-1.12.2]# ln -s /usr/local/nginx-1.12.2/ /usr/local/nginx
[root@linux-node1 nginx-1.12.2]# ls -l /usr/local/nginx
lrwxrwxrwx 1 root root 24 Feb  9 17:27 /usr/local/nginx -> /usr/local/nginx-1.12.2/

• 配置文件支持语法检查

[root@linux-node1 ~]# mkdir -p ~/.vim/syntax
[root@linux-node1 ~]# ls -ld ~/.vim/syntax
drwxr-xr-x 2 root root 6 Feb  9 17:28 /root/.vim/syntax
[root@linux-node1 ~]# mv nginx.vim ~/.vim/syntax
[root@linux-node1 ~]# cat >> ~/.vim/filetype.vim<

编写Nginx控制脚本

[root@linux-node1 ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=Nginx High Performance Web Server
Documentation=http://nginx.org/en/docs
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/local/nginx/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

编辑Nginx主配置文件

[root@linux-node1 ~]# vim /etc/nginx/nginx.conf
user  www www;
worker_processes  8;
worker_cpu_affinity  00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
worker_rlimit_nofile  65535;
pid        /var/run/nginx.pid;

events {
    use epoll;
    worker_connections  65535;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    charset       utf-8;
    server_names_hash_bucket_size  128;
    server_names_hash_max_size  512;
    large_client_header_buffers  4 64k;
    client_max_body_size  64m;
    client_body_buffer_size  1024k;
    client_header_timeout  15;
    client_body_timeout  15;
    send_timeout  30;
    server_tokens  off;
    sendfile  on;
    tcp_nopush  on;
    tcp_nodelay  on;
    keepalive_timeout  60;

    log_format  json  '{"@timestamp":"$time_iso8601", '
                '"remote_addr": "$remote_addr", '
                '"remote_user": "$remote_user", '
                '"body_bytes_sent": "$body_bytes_sent", '
                '"bytes_sent": "$bytes_sent", '
                '"request_method": "$request_method", '
                '"request": "$request", '
                '"status": "$status", '
                '"request_time": "$request_time", '
                '"http_referrer": "$http_referer", '
                '"http_x_forwarded_for": "$http_x_forwarded_for", '
                '"http_user_agent": "$http_user_agent", '
                '"country_code": "$geoip_city_country_code", '
                '"country_code3": "$geoip_city_country_code3", '
                '"city_country_name": "$geoip_city_country_name", '
                '"region_name": "$geoip_region", '
                '"city_name": "$geoip_city", '
                '"city_continent_code": "$geoip_city_continent_code", '
                '"longitude": "$geoip_longitude", '
                '"latitude": "$geoip_latitude"} ';

    gzip  on;
    gzip_min_length  20k;
    gzip_buffers  8 32k;
    gzip_http_version  1.1;
    gzip_comp_level  6;
    gzip_types  text/plain application/x-javascript text/javascript application/javascript text/css application/x-httpd-php image/jpeg image/gif image/png application/xml text/xml application/rss+xml application/octet-stream application/x-rar-compressed;
    gzip_vary  on;
    gzip_disable  "MSIE [1-6]\.";

    geoip_country  /etc/nginx/conf.d/GeoIP.dat;
    fastcgi_param  GEOIP_COUNTRY_CODE $geoip_country_code;
    fastcgi_param  GEOIP_COUNTRY_CODE3 $geoip_country_code3;
    fastcgi_param  GEOIP_COUNTRY_NAME $geoip_country_name;

    geoip_city     /etc/nginx/conf.d/GeoLiteCity.dat;
    fastcgi_param  GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
    fastcgi_param  GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
    fastcgi_param  GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
    fastcgi_param  GEOIP_REGION $geoip_region;
    fastcgi_param  GEOIP_CITY $geoip_city;
    fastcgi_param  GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
    fastcgi_param  GEOIP_LONGITUDE $geoip_longitude;
    fastcgi_param  GEOIP_LATITUDE $geoip_latitude;

    fastcgi_connect_timeout  300;
    fastcgi_send_timeout  300;
    fastcgi_read_timeout  300;
    fastcgi_buffer_size  128k;
    fastcgi_buffers  8 128k;
    fastcgi_busy_buffers_size  256k;
    fastcgi_temp_file_write_size  256k;

    open_file_cache  max=65535 inactive=20s;
    open_file_cache_min_uses  1;
    open_file_cache_valid  60s;

    server {
        listen  80 default_server;
        server_name  _;
        return  500;
    }

    include  /etc/nginx/conf.d/vhost/*.conf;
}
[root@linux-node1 ~]# mkdir /etc/nginx/conf.d/vhost -p
[root@linux-node1 ~]# ls -ld /etc/nginx/conf.d/vhost/
drwxr-xr-x 2 root root 6 Mar 16 14:53 /etc/nginx/conf.d/vhost/
[root@linux-node1 ~]# gunzip GeoIP.dat.gz
[root@linux-node1 ~]# gunzip GeoLiteCity.dat.gz
[root@linux-node1 ~]# mv GeoIP.dat GeoLiteCity.dat /etc/nginx/conf.d/

启动Nginx并设置开机启动

[root@linux-node1 ~]# systemctl start nginx
[root@linux-node1 ~]# systemctl enable nginx
[root@linux-node1 ~]# systemctl status nginx