Linux 7 下安装Nginx

1.安装依赖

yum install gcc pcre-devel zlib zlib-devel openssl openssl-devel -y

[root@xag129 ~]# pcre-config --version
8.32

2.安装Nginx

[root@xag129 ~]# cd /usr/local/src
[root@xag129 src]# pwd
/usr/local/src

wget http://nginx.org/download/nginx-1.19.9.tar.gz
          http://nginx.org/download/nginx-1.19.6.tar.gz

#解压安装包
tar zxvf nginx-1.19.9.tar.gz

cd nginx-1.19.9

#编译安装
 ./configure --prefix=/usr/local/nginx 
 or 安装 ssl
 ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
 make
 make install

#查看Nginx版本
/usr/local/nginx/sbin/nginx -v
#启动nginx
/usr/local/nginx/sbin/nginx

#测试
http://192.168.40.129/

3.Nginx常用命令

/usr/local/nginx/sbin/nginx -v #查看 Nginx版本
/usr/local/nginx/sbin/nginx #启动 Nginx
/usr/local/nginx/sbin/nginx -t # 检查配置文件ngnix.conf的正确性
/usr/local/nginx/sbin/nginx -s reload #重新载入配置文件
/usr/local/nginx/sbin/nginx -s reopen #重启 Nginx
/usr/local/nginx/sbin/nginx -s stop #停止 Nginx

4.配置

cd /usr/local/nginx/conf

#在http{}节点之间 server 之前 添加upstream配置。（注意不要写localhost，不然访问速度会很慢）
upstream nginxDemo 
{
   server 127.0.0.1:81;   #服务器地址1 
   server 127.0.0.1:82; #服务器地址2
}

#用proxy_pass配置反向代理地址
#后面的地址要和第一步upstream定义的名称保持一致（也就是nginxDemo这个名称是自定义的，两个地方需要一致）
#在location\{}中，最后添加
proxy_pass http://nginxDemo; #配置方向代理地址

#重新载入配置文件
/usr/local/nginx/sbin/nginx -s reload

#测试
http://192.168.40.129/examples/

5.配置开机启动服务

在系统服务目录里创建nginx.service文件
vim /usr/lib/systemd/system/nginx.service
-----------------------------------------------------------
[Unit] 
Description=nginx 
After=network.target 

[Service] 
Type=forking 
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload 
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install] 
WantedBy=multi-user.target
-----------------------------------------------------------

启动nginx服务
systemctl start nginx.service

设置开机自启动
systemctl enable nginx.service

停止开机自启动(如不再需要开机重启）
systemctl disable nginx.service

查看服务当前状态
systemctl status nginx.service

重新启动服务
systemctl restart nginx.service

查看所有已启动的服务
systemctl list-units --type=service

6.开始Nginx的SSL模块
6.1 切换到源码包

#切换到源码包：
[root@xag129 server_cer]# cd /usr/local/src/nginx-1.9.9

#查看nginx原有的模块
[root@xag129 nginx-1.9.9]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.9.9
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44.0.3) (GCC) 
configure arguments: --prefix=/usr/local/nginx
#在configure arguments:后面显示的原有的configure参数如上

#我们的新配置信息就应该这样写
[root@xag129 nginx-1.9.9]# 
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

#配置完成后，运行命令（不要进行make install，否则就是覆盖安装）
[root@xag129 nginx-1.9.9]# make

#然后备份原有已安装好的nginx
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak

#然后将刚刚编译好的nginx覆盖掉原有的nginx（这个时候nginx要停止状态）
[root@xag129 nginx-1.9.9]# systemctl status nginx.service
   Active: active (running) 

[root@xag129 nginx-1.9.9]# systemctl stop nginx.service

[root@xag129 nginx-1.9.9]# cp ./objs/nginx /usr/local/nginx/sbin/

[root@xag129 nginx-1.9.9]# systemctl start nginx.service

[root@xag129 nginx-1.9.9]# /usr/local/nginx/sbin/nginx -V
-----------------------------------
nginx version: nginx/1.9.9
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44.0.3) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

6.2 https 证书配置

[root@xag129 nginx]# mkdir /usr/local/nginx/cer

[root@xag129 server_cer]# cp web129.key /usr/local/nginx/cer
[root@xag129 certs]# cp web129.cer /usr/local/nginx/cer
[root@xag129 certs]# cp web129.crt /usr/local/nginx/cer

6.3 vim nginx.conf

upstream xag129
    { 
      server 127.0.0.1:82 weight=8 max_fails=2 fail_timeout=30s;   #服务器地址1 
      server 127.0.0.1:81 weight=9 max_fails=2 fail_timeout=30s;   #服务器地址2
    }

    server {
        listen       80;
        server_name  192.168.40.129;
        listen       443 default ssl;
        ssl_certificate      /usr/local/nginx/cer/web129.crt;
        ssl_certificate_key  /usr/local/nginx/cer/web129.key;

        ssl_protocols TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm index.jsp;
            proxy_pass http://xag129; #配置方向代理地址
        }

7.升级openssl

wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz

tar -zxvf openssl-1.1.1k.tar.gz

cd openssl-1.1.1k

./config --prefix=/usr/local/openssl   
#如果此步骤报错,需要安装perl以及gcc包

make && make install

mv /usr/bin/openssl /usr/bin/openssl.bak

ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl

echo "/usr/local/openssl/lib" >> /etc/ld.so.conf

ldconfig -v  

# 查看openssl版本
openssl version

Linux 7 下安装Nginx

你可能感兴趣的:(Linux 7 下安装Nginx)