[size=large]
要求 :
1 nginx 1.9版本以上。
2 openssl
3 pcre
[/size]
[size=large]
1 sudo apt-get install openssl libssl-dev
2 tar -zxvf pcre-8.36.tar.gz
cd pcre-8.36
./configure
make && make install
以上准备工作已经完成。以下开始进入安装。
3 安装openssl
一、解压
tar -xzvf ./openssl-1.0.1t.tar.gz
二、配置
cd openssl-1.0.1t/
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
三、编译&&安装
make && make install
# 查看安装版本
# openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Mon Jun 29 12:45:07 UTC 2015
platform: linux-x86_64
出现 POD document had syntax errors at /usr/bin/pod2man line 69.
make: *** [install_docs] Error 1
直接 rm -f /usr/bin/pod2man 重新编译安装即可
如果出现openssl版本不对,请安装对应的版本OPENSSL,
cd openssl-1.0.2/
./config --prefix=/opt/robustlink/openssl/ssl
make && make install
创建软连接
ln -s /opt/robustlink/openssl/ssl/bin/openssl /usr/bin/openssl
ln -s /opt/robustlink/openssl/ssl/include/openssl /usr/include/openssl
并检查相应版本 openssl version -a
如果确认openssl安装成功,并且版本检查也正确,但是还是提示版本太低 请直接删除 /usr/bin/openssl /usr/include/openssl 这两个软连接
如果相关路径权限不允许 请chown 一下
4 编译 nginx
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-stream --with-http_ssl_module --with-openssl=/opt/robustlink/openssl/ssl --conf-path=/usr/local/nginx/nginx.conf
nginx 安装出错
打开nginx源文件下的/usr/local/src/nginx-1.9.9/auto/lib/openssl/conf文件:
找到以下代码
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
修改为如下
CORE_INCS="$CORE_INCS $OPENSSL/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libcrypto.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
[/size]
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
stream{
upstream MQTT_1883 {
#hash $remote_addr consistent;
server 172.16.18.205:1883;
server 172.16.18.206:1883;
server 172.16.18.207:1883;
}
upstream MQTT_1884 {
#hash $remote_addr consistent;
server 172.16.18.205:1884;
server 172.16.18.206:1884;
server 172.16.18.207:1884;
}
server {
listen 1883;
proxy_pass MQTT_1883;
proxy_connect_timeout 5s;
#快速故障检查
proxy_timeout 6s;
#设置超时时间,连接将超时断开。
proxy_download_rate 1k;
#限制下载速度为1k
proxy_upload_rate 1000k;
#限制上传速度为10k
#limit_conn ip_addr 1;
##是限制每个IP只能发起1个连接 (addr 要跟 limit_conn_zone 的变量对应)
#allow 0.0.0.0;
#acl,设置允许访问IP地址;
#deny all;
}
server {
listen 1884;
proxy_pass MQTT_1884;
proxy_connect_timeout 1s;
#快速故障检查
proxy_timeout 3s;
#设置超时时间,连接将超时断开。
proxy_download_rate 1k;
#限制下载速度为1k
proxy_upload_rate 1000k;
#限制上传速度为10k
#limit_conn ip_addr 1;
##是限制每个IP只能发起1个连接 (addr 要跟 limit_conn_zone 的变量对应)
#allow 0.0.0.0;
#acl,设置允许访问IP地址;
#deny all;
}
}
http {
include mime.types;
default_type application/octet-stream;
client_max_body_size 500M;
sendfile on;
keepalive_timeout 65;
upstream link.robustel.com.iot{
server 172.16.18.250:8080 ;
}
server {
listen 80;
server_name localhost;
location / {
root html;
index login.html index.html index.htm;
}
location /iot {
proxy_pass http://link.robustel.com.iot/iot;
root html;
index index.html index.htm;
}
location /pl {
proxy_pass http://link.robustel.com.iot/pl;
root html;
index index.html index.htm;
}
location /link {
proxy_pass http://link.robustel.com.iot/link;
root html;
index index.html index.htm;
}
location /rlink {
proxy_pass http://link.robustel.com.iot/rlink;
root html;
index index.html index.htm;
}
error_page 404 = login.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}