nginx源码编译安装,第三方模块扩展,功能实现

实验环境

iptables和selinux关闭
redhat6.5
nginx:server2 172.25.254.2
服务器:
server1:172.25.254.1
server3:172.25.254.3

安装nginx

[root@server2 ~]# ls
nginx-1.14.0.tar.gz
[root@server2 ~]# tar zxf nginx-1.14.0.tar.gz
[root@server2 ~]# cd nginx-1.14.0/src/core
[root@server2 core]# vim nginx.h  //改变显示
#define NGINX_VER       "nginx"
[root@server2 core]# cd ..
[root@server2 src]# cd ..
[root@server2 nginx-1.14.0]# cd auto/cc
[root@server2 cc]# vim gcc  //注释
172 #CFLAGS="$CFLAGS -g"
[root@server2 cc]# ./configure --help
[root@server2 nginx-1.14.0]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio  //检测编译环境是否完善
[root@server2 nginx-1.14.0]# make
[root@server2 nginx-1.14.0]# make install
[root@server2 nginx-1.14.0]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio
[root@server2 nginx-1.14.0]# cd /usr/local/nginx/sbin/
[root@server2 sbin]# ln -s /usr/local/nginx/sbin/nginx /sbin/
[root@server2 sbin]# nginx -t   //检测语法错误
[root@server2 sbin]# nginx  //打开nginx
[root@server2 sbin]# nginx -s reload  //重新加载
[root@server2 sbin]# nginx -s stop  //关闭nginx
[root@server2 sbin]# cd ..
[root@server2 nginx]# cd html
[root@server2 html]# vim index.html

www.westos.org


[root@server2 html]# nginx

nginx做调度器 

[root@server2 ~]# cd /usr/local/nginx/conf
[root@server2 conf]# lscpu
CPU(s):                2
[root@server2 conf]# vim nginx.conf
user  nginx nginx;
worker_processes  2;
worker_cpu_affinity 01 10;
events {
    worker_connections  65535;
}
http {
        upstream ying {
#ip_hash;  //Ip不变后端服务器不变,持续的后端连接(默认为轮询)
        server 172.25.254.1:80;
        server 172.25.254.4:80;
        server 127.0.0.1;
        }
server{
                listen 80;
                server_name www.westos.org;  //域名访问
                location / {
                proxy_pass http://westos;  //调度westos
        }
        }
[root@server2 conf]# vim /etc/security/limits.conf
 nginx   -       nofile 65536
[root@server2 conf]# useradd -M -d /usr/local/nginx/ nginx
[root@server2 conf]# id nginx
uid=500(nginx) gid=500(nginx) groups=500(nginx)
[root@server2 conf]# nginx -t
[root@server2 conf]# nginx
[root@server2 conf]# nginx -s reload

打开服务器的httpd服务:
[root@server1 ~]# cat /var/www/html/index.html
www.westos.org -server1

[root@server4 ~]# cat /var/www/html/index.html
www.westos.org-server4

扩展模块

[root@server2 ~]# nginx -s stop
[root@server2 ~]# tar zxf nginx-1.10.1.tar.gz
[root@server2 ~]# tar zxf nginx-sticky-module-ng.tar.gz
[root@server2 ~]# cd nginx-1.10.1
[root@server2 nginx-1.10.1]# ./configure --prefix=/opt/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio --add-module=/root/nginx-sticky-module-ng//添加模块指定路径
[root@server2 nginx-1.10.1]# make
[root@server2 nginx-1.10.1]# make install
[root@server2 conf]# cd /opt/nginx/conf
[root@server2 conf]# cp /usr/local/nginx/conf/nginx.conf .
[root@server2 conf]# vim nginx.conf
http {
        upstream ying {
        sticky;  //上面14版本不支持本算法
        server 172.25.254.1:80;
        server 172.25.254.4:80;
        #server 127.0.0.1;
        }
[root@server2 conf]# /opt/nginx/sbin/nginx -t
[root@server2 conf]# /opt/nginx/sbin/nginx

虚拟主机的配置

[root@server2 conf]# vim nginx.conf
 server{
         listen 80;
         server_name www.westos.org;
         location / {
                 root /www1;
                 index index.html;
         }
 }
 server{
         listen 80;
         server_name www.linux.org;
         location / {
                 root /www2;
                 index index.html;
         }
 }

[root@server2 ~]# mkdir /www1
[root@server2 ~]# mkdir /www2
[root@server2 ~]# cd /www1
[root@server2 www1]# cat index.html
www.westos.org
[root@server2 www1]# cd
[root@server2 ~]# cd /www2
[root@server2 www2]# cat index.html
www.linux.org

 https加密

[root@server2 conf]# vim nginx.conf
     server {
         listen       443 ssl;
         server_name  www.westos.org;

         ssl_certificate      cert.pem;
         ssl_certificate_key  cert.pem;

         ssl_session_cache    shared:SSL:1m;
         ssl_session_timeout  5m;

         ssl_ciphers  HIGH:!aNULL:!MD5;
         ssl_prefer_server_ciphers  on;

         location / {
             root   /www1;
             index  index.html;
         }
[root@server2 conf]# nginx -t
nginx: [emerg] BIO_new_file("/usr/local/lnmp/nginx/conf/cert.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/lnmp/nginx/conf/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test failed
[root@server2 conf]# cd /etc/pki/tls/certs/
[root@server2 certs]# make cert.pem
umask 77 ; \
    PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
    PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
    /usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
    cat $PEM1 >  cert.pem ; \
    echo ""    >> cert.pem ; \
    cat $PEM2 >> cert.pem ; \
    rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
.........................................+++
.............................+++
writing new private key to '/tmp/openssl.0egoLz'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:server2
Email Address []:root@localhost
[root@server5 certs]# ll cert.pem
-rw------- 1 root root 3088 Aug  7 08:14 cert.pem
[root@server2 certs]# cp cert.pem /usr/local/lnmp/nginx/conf/
[root@server2 certs]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server2 certs]# nginx -s reload

 重定向

[root@server2 conf]# vim nginx.conf
server{
        listen 80;
        server_name www.westos.org westos.org;
        rewrite ^(.*)$ https://www.westos.org$1 permanent//永久重定向;
}
[root@server2 conf]# nginx -s reload
[root@foundation71 kiosk]# curl -I www.westos.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date:  Sun, 07 Oct 2018 05:43:51 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.westos.org


[root@foundation71 kiosk]# curl -I westos.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date:  Sun, 07 Oct 2018 05:44:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.westos.org
[root@foundation71 kiosk]# curl -I westos.org/index.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:44:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.westos.org/index.org
[root@foundation71 kiosk]# curl -I www.westos.org/index.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:44:10 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.westos.org/index.org

[root@server2 conf]# vim nginx.conf
server{
        listen 80;
        server_name www.westos.org westos.org;
        rewrite ^/bbs$ http://bbs.westos.org permanent;
        rewrite ^/bbs/(.*)$ http://bbs.westos.org/$1 permanent;
}

[root@server2 conf]# nginx -s reload

[root@foundation71 kiosk]#  curl -I westos.org/bbs
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:50:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://bbs.westos.org
[root@foundation71 kiosk]#  curl -I www.westos.org/bbs
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:50:20 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://bbs.westos.org
[root@foundation71 kiosk]# curl -I www.westos.org/bbs/index.html
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:50:50 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://bbs.westos.org/index.html
[root@foundation71 kiosk]# curl -I bbs.westos.org
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 07 Oct 2018 05:51:07 GMT
Content-Type: text/html
Content-Length: 15
Last-Modified: Sun, 07 Oct 2018 05:50:50 GMT
Connection: keep-alive
ETag: "5b68ed1c-f"
Accept-Ranges: bytes


[root@server2 conf]# vim nginx.conf
server{
        listen 80;
        server_name www.westos.org westos.org bbs.westos.org;
        if ($host = "bbs.westos.org"){
        rewrite ^/(.*)$ http://www.westos.org/bbs/$1 permanent;
        }
        location / {
                root /www1;
                index index.html;
        }
}

[root@server2 conf]# nginx -s reload


[root@foundation71 kiosk]# curl -I bbs.westos.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:55:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.westos.org/bbs/
[root@foundation71 kiosk]# curl -I bbs.westos.org/index.html
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 07 Oct 2018 05:55:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.westos.org/bbs/index.html
301永久重定向
302临时重定向


[root@server2 conf]# mkdir /www1/bbs
[root@server2 conf]# cd /www1/bbs
[root@server2 bbs]# vim index.html
bbs.westos.org

防盗链 

[root@server2 ~]# vim /usr/local/lnmp/nginx/conf/nginx.conf
server{
        listen 80;
        server_name www.westos.org westos.org;
location / {
        root /www1;
        index index.html;
       }
location ~ \.(gif|jpg|png)$ {
        root /www1;
        valid_referers none blocked www.westos.org;
        if ($invalid_referer){
                #return 403;
                rewrite ^/ http://bbs.westos.org/daolian.jpg;
                }
        }
server{
        listen 80;
        server_name bbs.westos.org;
        location / {
                root /www2;
                index index.html;
        }
[root@server2 ~]# nginx -s reload
 
 

你可能感兴趣的:(nginx源码编译安装,第三方模块扩展,功能实现)